Last updated: 21st October 2024
We are Path of Trees Pty Ltd ACN 658 849 024 trading as both Path of Trees and Guide Plus Mentor (Path of Trees, Guide + Mentor, we, our, us and other similar terms). We consider privacy to be a fundamental human right and we take yours seriously. We will only collect your Personal Information with your consent and when it’s absolutely necessary.
Our Privacy Policy explains our ongoing obligations for how we manage your Personal Information. It’s detailed and thoughtful because it matters that we do this right.
This Privacy Policy (Policy) applies to our Path of Trees terms of use, Guide + Mentor coaching agreement and other agreements we may form with you.
When we talk about Personal Information, we mean information or an opinion about an identifiable individual (not a company), whether or not that information or opinion is true or in a material form (Personal Information).
If you have questions about how we use your Personal Information you can contact us about privacy.
This Privacy Policy does not constitute a voluntary opt-in to any privacy laws, anywhere in the world, which we are not statutorily bound to comply with.
We collect Personal Information in the ordinary course of our business, which is the provision of: software designed to work with the Atlassian suite which we make available via the Atlassian Marketplace; coaching, mentoring and training services, including individual sessions and public workshops in design craft, leadership and team effectiveness and other related services.
Personal Information is collected when you:
Information will only be collected directly from you unless you authorise another person to provide the information.
The types of Personal Information we collect include your name, address, telephone number, email, details about your business, payment information, photographs or video footage of you while attending our sessions or workshops, device identification, your social media details and any additional information you provide to us.
When you use our software to integrate with third party applications, security credentials are often shared. Those security credentials may also contain personal information such as a name associated with an email address or administrator login account. In those circumstances Personal Information may be collected and stored to enable the software.
Where you contact us on behalf of your employer, the information you provide often contains information about your employment, position and employers contact details. In those circumstances certain employment information is collected.
We collect your Personal Information for the primary purpose of providing our software and services to you. We may also use your Personal Information for secondary purposes closely related to the primary purpose, in circumstances where you would reasonably expect such use or disclosure.
Examples of when we may use your Personal Information include:
Where you provide us with consent to do so (e.g. if you have subscribed to our email lists or have indicated that you are interested in receiving offers or information from us), we may send you marketing communications by email about software and services that we feel may be of interest to you.
We (or an appointed third party) may also conduct surveys or market research and may seek other information from you on a periodic basis. These surveys will provide us with information that allows improvement in the type, quality and the manner in which our goods and services are offered to you.
You can opt-out of such communications if you would prefer not to receive them in the future by using the “unsubscribe” facility provided in the communication itself.
Generally, we store your Personal Information using secure servers protected from unauthorised access, modification and disclosure. However, like most businesses, we hold some information on our staff’s computers (such as emails from you) and where necessary as hard copy files (such as printed invoices).
Generally, our back office systems are located in Australia and the United States of America and are managed by us and our service providers. Personal Information that we store or transmit is protected by security and access controls, including username and password authentication, multi-factor authentication, and data encryption (such as SSL) where appropriate.
Our software is purchased through the Atlassian Marketplace and runs in Atlassian’s Cloud infrastructure. We have no access to Atlassian’s infrastructure and therefore no access to any customer data within their systems. When using our software, all information is transmitted directly between the user’s browser and their Atlassian Cloud site. Data stored in Atlassian Cloud is subject to the data storage and residency provisions provided by Atlassian.
In our dealings with third party service providers, we require our subcontractors and service providers to treat your data with the same standard of care we do.
We retain your Personal Information for as long as is necessary to provide our software and services to you, as required for our internal business operations, and to comply with our legal obligations.
If we hold Personal Information about you, and we do not need that information for any purpose, we will take reasonable steps to destroy or de-identify that information, in accordance with the Australian Privacy Principles (APP) and the European Union General Data Protection Regulation (GDPR), unless we are prevented from doing so by law.
Under Australian law, financial records, such as those relating to financial transactions, must be retained for 7 years after the transactions associated with those records are completed.
If you no longer want us to use your Personal Information, you can request that we erase it.
Where possible we will do so in accordance with the APPs and GDPR. However, where you request the erasure of your Personal Information we will retain information from deleted accounts as necessary for our legitimate business interests, to comply with the law, prevent fraud, collect fees, resolve disputes, troubleshoot problems, assist with investigations or requests by government, a court of law, or law enforcement authorities, enforce our terms of use and take other actions permitted by law. Any information we retain will be handled in accordance with this Policy.
Your Personal Information may be disclosed to:
We will not disclose your Personal Information other than in accordance with this Policy without your consent.
You acknowledge and agree that consent may be implied where you request services from us and those services require the use of your Personal Information.
We may disclose your Personal Information to third party contractors, service providers and suppliers with whom we have a business association who operate in the United Kingdom and the United States of America.
While we do not otherwise actively disclose your Personal Information to overseas entities, our engagement of service providers, such as those who operate cloud services, may have international data centres and disaster recovery sites. Consequently, these providers may have access to your information offshore. We rely solely on reputable organisations for such cloud services.
If you contact us with a general enquiry, we may interact with you anonymously or through the use of pseudonyms. However, you are required to provide true and accurate details when requesting the supply or provision of our software or services. You agree you will provide accurate information if we require it.
We endeavour to only hold Personal Information that is accurate, complete and up-to-date. You have the right to make a request to access Personal Information which we hold about you and to request corrections of any errors in that data. To make an access or correction request, contact us. You can also contact us using the details provided at the end of this Policy.
In order to protect your Personal Information, when you contact us, we may require identification from you before releasing the requested information or making the correction.
For the purposes of the GDPR, we are a ‘data controller’ of Personal Information. However, if, during the provision of our services, you require us to process Personal Information which you control, we may also act as ‘data processor’.
If you’re a citizen or resident of the European Economic Area, the following rights apply to you.
You are entitled to ask us to port your Personal Information (i.e. to transfer in a structured, commonly used and machine-readable format, to you), to erase it, or restrict its processing. You also have rights to object to some processing that is based on our legitimate interests, such as profiling that is performed for the purposes of direct marketing, and, where we have asked for your consent to process your data, to withdraw this consent.
These rights are limited in some situations – for example, where we can demonstrate that we have a legal requirement to process your Personal Information. In some instances, this means that we may retain some data even if you withdraw your consent.
Where we require your Personal Information to comply with legal or contractual obligations, then provision of such data is mandatory and if you do not provide it then we will not be able to manage our contractual relationship with you, or to meet obligations placed on us. In those cases, you must provide us with your Personal Information, otherwise the provision of requested Personal Information is optional.
If you have unresolved concerns, you also have the right to complain to data protection authorities. The relevant data protection authority will be the data protection authority in the country:
If you have questions, concerns or complaints about our handling of your Personal Information, we ask that you first contact our privacy officer.
In the case of a complaint, we will investigate and reply to you in writing if you provide us with contact details and request us to do so.
Alternatively, you can write to us at PO BOX 305 North Sydney NSW 2059.
If, after we have conducted our investigations, you are still not satisfied, then we ask you to consult with the Office of the Australian Information Commissioner:
We will need to change this Policy from time to time in order to make sure it stays up to date with the latest legal requirements and any changes to our privacy management practices.
When we do change the Policy, we’ll make sure to notify you about such changes, where required. A copy of the latest version of this Policy will always be available on this page.