Current as of 28 August 2022
Under the Act, “Personal Information” is defined as: Information or an opinion about an identified individual, or an individual who is reasonably identifiable:
A. whether the information or opinion is true or not; and
B. whether the information or opinion is recorded in a material form or not.
Future Friendly is a design and innovation studio. In delivering its services, Future Friendly provides a variety of strategy and design services primarily for Australian businesses, and offers digital interactive services, including a website and social media services (collectively ‘FF Services’).
In providing the FF Services, we are sensitive to Users’ concerns about the safety of their Personal Information. In essence, Future Friendly will typically only:
collect, use or share your Personal Information with your consent (unless it is not reasonable in the circumstances to obtain your consent and it is legally permissible for us to do so) or when required by a legal obligation; and
interact with your Personal Information in order to: (a) provide you with access to the FF Services, (b) help us improve and develop the FF Services, and (c) meet our obligations in respect of any agreement we have with you.
Future Friendly has developed a privacy framework to assist Users, and to comply with privacy legislation and regulations applicable to us and our management of your Personal Information.
Future Friendly collects Personal Information from individuals in one of three main ways:
A. Directly from Users, when they interact with Future Friendly or the FF Services (e.g. content or data generated by a User as they use a prototype, website, app, or platform controlled by Future Friendly or when Content or data is uploaded by a User to a prototype, website, app, or platform controlled by Future Friendly).
B. Passively from Users, when they interact with and use the FF Services (e.g. when content or data is recorded during a user testing session or provided by a user during a user testing session);
C. From third parties in certain, specific circumstances (e.g. a third-party service or platform may provide us with information you have consented to them sharing).
All teams and employees at Future Friendly have the shared responsibility of collecting, storing, and using Personal Information.
The types of Personal Information collected in each situation is discussed further below.
We collect the following types of Personal Information directly and consensually:
Basic User information, including your name, company name, address, and email; and
User feedback gathered during a testing session, such as questionnaires and online forms.
We will collect the following types of information from Users as they use the FF Services:
Content that you post and submit to us, including content you may post directly on our social media pages, which includes any content from third party platforms.
When a User makes an enquiry or sends us unsolicited feedback, we may collect the following types of Personal Information directly and consensually:
Basic contact information, including your name and email; and
Feedback information and the details of your interactions with us, including communications with customer support or other Future Friendly personnel (e.g. the contents of an email an email sent to [email protected]) or other information provided by you regarding your enquiry.
When you respond to a survey we may directly and consensually collect the Personal Information disclaimed on the survey form.
When you submit an application for employment at Future Friendly, we may collect any Personal Information provided within that application, such as the contents of a personal statement made in support of your application.
As you interact with digital and interactive services, we may collect the following types of Personal Information about your usage:
Content that is posted about you by others over our social media accounts;
Content or data that is entered into a prototype during a testing session.
The following types of browser and system information regarding devices you use to access our digital content:
Web data tracking information, such as your IP address and logs of your access of the Future Friendly website; and
Browser information provided by the browser you use to access the Future Friendly website, such as cookies.
In certain specific situations, Future Friendly may collect Personal Information about you from third parties. For example, we may collect third party web data tracking information about Future Friendly Users (e.g. reports which track patterns of interactions with our web pages). You can generally control the information we receive from these sources by through your browser privacy settings, or through privacy settings on third party services or platforms.
Although Future Friendly collects Personal Information from Users in a number of circumstances, Future Friendly will only collect this information in order to provide you with access to the FF Services, improve and develop the FF Services, improve the User experience of FF Services, and to meet our obligations in respect of any agreement we have with you. Here are the main ways we use Personal Information to achieve these objectives:
Future Friendly will use basic User and contact information to communicate with individuals about their feedback or issues with the FF Services.
If Users have consented, Future Friendly will also use these types of Personal Information to share relevant news and updates about Future Friendly and the FF Services.
Future Friendly will use basic User information to provide you with the baseline experience of the FF Services and related services.
Future Friendly may use your Personal Information to learn more about you and provide you with a personalised and tailored experience when using the FF Services.
Future Friendly will also use any type of information collected to prevent and address risks to all Users.
Future Friendly will use the following types of information to develop, test and improve the FF Services:
Survey and feedback information, as well as any content that is submitted in relation to features of the FF Services;
Content you submit, either directly through the FF Services or through third party platforms or services;
Browser and system information; and
Third party web tracking information.
Together these types of Personal Information are used to provide us with an overview of how the FF Services is being used, any shortcomings it may have, and subsequently to highlight what will be the best means of improving the experience for all Users.
Future Friendly’s preference will be to de-identify these types information first, and then use it for this purpose in conjunction with de-identified browser and system information (see section 6 below for an explanation of what we mean by “de-identified”).
Where Users have consented, Future Friendly will use basic contact and enquiry information to provide Users with relevant marketing materials and offers. Users can always opt out of this through the functionality provided in each marketing communication (e.g. by clicking “unsubscribe” at the bottom of an email).
Generally, Future Friendly does not disclose Personal Information to any third parties except:
Service providers Future Friendly engages to help us provide and develop the FF Services (e.g. cloud service providers); and
Law enforcement agencies, or another party that has a legitimate legal right to access the information.
Some of the third parties Future Friendly discloses Personal Information to are located overseas. This is particularly the case for our third-party software and cloud service providers which are currently located in the United States.
As with disclosures to third party service providers, overseas disclosures are always made once Future Friendly has taken all reasonable steps to determine the information will be treated at least as favourably under the Act and other applicable privacy laws.
Future Friendly will keep your Personal Information confidential and not sell or knowingly divulge User information to any external third parties, unless:
The disclosure is made in accordance with an agreement on foot with you, or to which you otherwise consented;
We believe, in good faith, that we are required to share the Personal Information with a third party in order to comply with legitimate legal obligations;
The disclosure is to a third-party processor of Personal Information that acts on our behalf and/or under our instruction in order to enable us to develop and deliver the FF Services (e.g. a cloud service provider or local marketing and development partner);
Other entities acquire ownership or operation of Future Friendly or the FF Services; and/or
We need to protect the safety of Users, and the security of the FF Services.
Users can always refuse or revoke this consent, but sometimes this will affect Future Friendly’s ability to provide them with the FF Services and other offerings. Future Friendly will advise Users if this is the case.
De-identified information refers to information that cannot reasonably be used to identify a particular individual.
De-identified information that will never be able to personally identify particular individuals is referred to as anonymised information (e.g. statistics that show 90% of Users were happy with the FF Services). Additionally, de-identified information that can identify individuals only if it is combined with another, separate piece of information is referred to as pseudonymised information (e.g. ID numbers).
Where possible Future Friendly will aim to collect, store and use anonymised information as a first preference, and if not, then pseudonymised information.
However, sometimes it will be impractical for User information to be de-identified or treated in this way, and in this case, Future Friendly will continue to use and hold the information in a personally identifiable state. For example, if Future Friendly needs to reply to a User enquiry we will have to use the contact information provided.
Future Friendly is committed to information security. We will use all reasonable endeavours to keep the Personal Information that we collect, hold and use in a secure environment. All information collected will be classified based on its sensitivity. Security controls and storage of the information will be dependent on the classification.
To this end we have implemented technical, organisational and physical security measures that are designed to protect Personal Information, and to respond appropriately if it is ever breached. For example, all Personal Information stored digitally is encrypted and all Personal Information stored in hard copy is stored in a closed locker with a padlock. Future Friendly has also developed an extensive Data Breach Response Plan which we use to prepare and respond to data breaches.
When information collected or used by Future Friendly is stored on third party service providers (e.g. AWS cloud servers), Future Friendly takes reasonable steps to ensure these third parties use industry standard security measures that meet the level of information security Future Friendly owes Users.
As part of our privacy framework we endeavour to routinely review these security procedures and consider the appropriateness of new technologies and methods.
With our advisors, we also train our staff in how to keep your information safe and secure.
In the circumstances where Future Friendly suffers a data breach that contains Personal Information, we will execute our Data Breach Response Plan and endeavour to take all necessary steps to comply with the Notifiable Data Breach Scheme outlined under the Act.
This means we will immediately make an objective assessment of whether a breach of Personal Information is likely to result in serious harm to individuals, and if this is the case, endeavour to notify the affected individual(s) and the Australian Information Commissioner.
Future Friendly retains Personal Information until it is no longer needed to provide or develop the FF Services.
However, Future Friendly will retain:
Personal Information in circumstances where we have legal and regulatory obligations to do so (e.g. for law enforcement purposes, employment law, corporate or tax record keeping, or where the information is relevant to legitimate legal proceedings); and
anonymised information for analytic and service development purposes.
Future Friendly takes reasonable steps to ensure that the Personal Information we collect and hold is accurate, up to date and complete.
Users have a right to access and request the correction of any of Personal Information we hold about them at any time. Any such requests should be made by directly contacting us at the details set out below. Future Friendly will grant access to the extent required or authorised by the Act and applicable laws, and will take all reasonable steps to correct the relevant Personal Information where appropriate.
There may be circumstances in which Future Friendly cannot provide Users with access to information. We will advise you of these reasons if this is the case.
Future Friendly has appointed a Privacy Officer to be the first point of contact for all privacy related matters and to assist in ensuring our compliance with our privacy obligations.
Email: [email protected]
199 Cleveland Street
Redfern, Sydney, NSW, 2016
The Privacy Officer will respond to your query or complaint as quickly as possible. Future Friendly will contact you if we require any additional information from you and will notify you in writing (which includes electronic communication via email) of the relevant determination. If you are not satisfied with the determination you can contact us to discuss your concerns or complain to the Australian Privacy Commissioner via www.oaic.gov.au.
Personal Information refers to information or an opinion about an identified, or reasonably identifiable individual, regardless of the truth of that information/opinion and regardless of whether it is in a recorded form.