This policy (‘Privacy Policy’) explains how Future Friendly Team Pty Ltd (ACN 137 323 105) (‘Future Friendly’ or ‘us’) seeks to protect the Personal Information of individuals. Future Friendly is committed to protecting the safety and security of the Personal Information of individuals whose information Future Friendly has access to, including Clients, users of the FF Services and other persons with whom Future Friendly interacts (each a ‘User’ or ‘you’).

The Privacy Policy has been developed in accordance with the Privacy Act 1988 (Cth) (‘Act’), including the Australian Privacy Principles.

Under the Act, “Personal Information” is defined as: Information or an opinion about an identified individual, or an individual who is reasonably identifiable:

A. whether the information or opinion is true or not; and

B. whether the information or opinion is recorded in a material form or not.

Please read this Privacy Policy carefully in order to understand how your Personal Information is collected, held, used, or otherwise processed by us.

Future Friendly reserves the right to make changes or updates to this Privacy Policy from time to time. If this happens, we will update this Privacy Policy and notify you of any changes, most likely via email or website. However, you should also periodically check this Privacy Policy for any updates.

Future Friendly is a design and innovation studio. In delivering its services, Future Friendly provides a variety of strategy and design services primarily for Australian businesses, and offers digital interactive services, including a website and social media services (collectively ‘FF Services’).

In providing the FF Services, we are sensitive to Users’ concerns about the safety of their Personal Information. In essence, Future Friendly will typically only:

• collect, use or share your Personal Information with your consent (unless it is not reasonable in the circumstances to obtain your consent and it is legally permissible for us to do so) or when required by a legal obligation; and

• interact with your Personal Information in order to: (a) provide you with access to the FF Services, (b) help us improve and develop the FF Services, and (c) meet our obligations in respect of any agreement we have with you.

Future Friendly has developed a privacy framework to assist Users, and to comply with privacy legislation and regulations applicable to us and our management of your Personal Information.

Future Friendly collects Personal Information from individuals in one of three main ways:

A. Directly from Users, when they interact with Future Friendly or the FF Services (e.g. content or data generated by a User as they use a prototype, website, app, or platform controlled by Future Friendly or when Content or data is uploaded by a User to a prototype, website, app, or platform controlled by Future Friendly).

B. Passively from Users, when they interact with and use the FF Services (e.g. when content or data is recorded during a user testing session or provided by a user during a user testing session);

C. From third parties in certain, specific circumstances (e.g. a third-party service or platform may provide us with information you have consented to them sharing).

All teams and employees at Future Friendly have the shared responsibility of collecting, storing, and using Personal Information.

The types of Personal Information collected in each situation is discussed further below.

Personal Information collected directly 

We collect the following types of Personal Information directly and consensually:

• Basic User information, including your name, company name, address, and email; and

• User feedback gathered during a testing session, such as questionnaires and online forms. 

We will collect the following types of information from Users as they use the FF Services: 

• Content that you post and submit to us, including content you may post directly on our social media pages, which includes any content from third party platforms. 

When a User makes an enquiry or sends us unsolicited feedback, we may collect the following types of Personal Information directly and consensually:

• Basic contact information, including your name and email; and

• Feedback information and the details of your interactions with us, including communications with customer support or other Future Friendly personnel (e.g. the contents of an email an email sent to [email protected]) or other information provided by you regarding your enquiry.

When you respond to a survey we may directly and consensually collect the Personal Information disclaimed on the survey form.

When you submit an application for employment at Future Friendly, we may collect any Personal Information provided within that application, such as the contents of a personal statement made in support of your application.

Personal Information collected passively

As you interact with digital and interactive services, we may collect the following types of Personal Information about your usage: 

• Content that is posted about you by others over our social media accounts;

• Content or data that is entered into a prototype during a testing session.

• The following types of browser and system information regarding devices you use to access our digital content:

• Web data tracking information, such as your IP address and logs of your access of the Future Friendly website; and

• Browser information provided by the browser you use to access the Future Friendly website, such as cookies.

Personal Information collected from third parties

In certain specific situations, Future Friendly may collect Personal Information about you from third parties. For example, we may collect third party web data tracking information about Future Friendly Users (e.g. reports which track patterns of interactions with our web pages). You can generally control the information we receive from these sources by through your browser privacy settings, or through privacy settings on third party services or platforms.

Although Future Friendly collects Personal Information from Users in a number of circumstances, Future Friendly will only collect this information in order to provide you with access to the FF Services, improve and develop the FF Services, improve the User experience of FF Services, and to meet our obligations in respect of any agreement we have with you. Here are the main ways we use Personal Information to achieve these objectives:

Communicating with Users

Future Friendly will use basic User and contact information to communicate with individuals about their feedback or issues with the FF Services.

If Users have consented, Future Friendly will also use these types of Personal Information to share relevant news and updates about Future Friendly and the FF Services.

Administration and delivery of FF Services

Future Friendly will use basic User information to provide you with the baseline experience of the FF Services and related services. 

Future Friendly may use your Personal Information to learn more about you and provide you with a personalised and tailored experience when using the FF Services.

Ensuring User safety

Future Friendly will also use any type of information collected to prevent and address risks to all Users.

Research and development

Future Friendly will use the following types of information to develop, test and improve the FF Services:

• Survey and feedback information, as well as any content that is submitted in relation to features of the FF Services;

• Content you submit, either directly through the FF Services or through third party platforms or services;

• Browser and system information; and

• Third party web tracking information.
  

Together these types of Personal Information are used to provide us with an overview of how the FF Services is being used, any shortcomings it may have, and subsequently to highlight what will be the best means of improving the experience for all Users.

Future Friendly’s preference will be to de-identify these types information first, and then use it for this purpose in conjunction with de-identified browser and system information (see section 6 below for an explanation of what we mean by “de-identified”).

Marketing

Where Users have consented, Future Friendly will use basic contact and enquiry information to provide Users with relevant marketing materials and offers. Users can always opt out of this through the functionality provided in each marketing communication (e.g. by clicking “unsubscribe” at the bottom of an email).

Generally, Future Friendly does not disclose Personal Information to any third parties except:

• Service providers Future Friendly engages to help us provide and develop the FF Services (e.g. cloud service providers); and

• Law enforcement agencies, or another party that has a legitimate legal right to access the information.

The above disclosures will only be made in circumstances where the recipient has provided an undertaking that they will maintain the confidentiality of the Personal Information and that they recognise the appropriate limitations placed on the use of the Personal Information. Disclosures will also always be in accordance with this Privacy Policy.

Overseas Disclosure

Some of the third parties Future Friendly discloses Personal Information to are located overseas. This is particularly the case for our third-party software and cloud service providers which are currently located in the United States.

As with disclosures to third party service providers, overseas disclosures are always made once Future Friendly has taken all reasonable steps to determine the information will be treated at least as favourably under the Act and other applicable privacy laws.

Future Friendly’s general approach

Future Friendly will keep your Personal Information confidential and not sell or knowingly divulge User information to any external third parties, unless:

• The disclosure is made in accordance with an agreement on foot with you, or to which you otherwise consented;

• We believe, in good faith, that we are required to share the Personal Information with a third party in order to comply with legitimate legal obligations; 

• The disclosure is to a third-party processor of Personal Information that acts on our behalf and/or under our instruction in order to enable us to develop and deliver the FF Services (e.g. a cloud service provider or local marketing and development partner);

• Other entities acquire ownership or operation of Future Friendly or the FF Services; and/or

• We need to protect the safety of Users, and the security of the FF Services.

Users can always refuse or revoke this consent, but sometimes this will affect Future Friendly’s ability to provide them with the FF Services and other offerings. Future Friendly will advise Users if this is the case.

De-identification

De-identified information refers to information that cannot reasonably be used to identify a particular individual.

De-identified information that will never be able to personally identify particular individuals is referred to as anonymised information (e.g. statistics that show 90% of Users were happy with the FF Services). Additionally, de-identified information that can identify individuals only if it is combined with another, separate piece of information is referred to as pseudonymised information (e.g. ID numbers).

Where possible Future Friendly will aim to collect, store and use anonymised information as a first preference, and if not, then pseudonymised information.

However, sometimes it will be impractical for User information to be de-identified or treated in this way, and in this case, Future Friendly will continue to use and hold the information in a personally identifiable state. For example, if Future Friendly needs to reply to a User enquiry we will have to use the contact information provided.

Security

Future Friendly is committed to information security. We will use all reasonable endeavours to keep the Personal Information that we collect, hold and use in a secure environment. All information collected will be classified based on its sensitivity. Security controls and storage of the information will be dependent on the classification. 

To this end we have implemented technical, organisational and physical security measures that are designed to protect Personal Information, and to respond appropriately if it is ever breached. For example, all Personal Information stored digitally is encrypted and all Personal Information stored in hard copy is stored in a closed locker with a padlock. Future Friendly has also developed an extensive Data Breach Response Plan which we use to prepare and respond to data breaches.

When information collected or used by Future Friendly is stored on third party service providers (e.g. AWS cloud servers), Future Friendly takes reasonable steps to ensure these third parties use industry standard security measures that meet the level of information security Future Friendly owes Users.

As part of our privacy framework we endeavour to routinely review these security procedures and consider the appropriateness of new technologies and methods. 

With our advisors, we also train our staff in how to keep your information safe and secure.

Data Breaches

In the circumstances where Future Friendly suffers a data breach that contains Personal Information, we will execute our Data Breach Response Plan and endeavour to take all necessary steps to comply with the Notifiable Data Breach Scheme outlined under the Act.

This means we will immediately make an objective assessment of whether a breach of Personal Information is likely to result in serious harm to individuals, and if this is the case, endeavour to notify the affected individual(s) and the Australian Information Commissioner.

Future Friendly retains Personal Information until it is no longer needed to provide or develop the FF Services.

However, Future Friendly will retain:

• Personal Information in circumstances where we have legal and regulatory obligations to do so (e.g. for law enforcement purposes, employment law, corporate or tax record keeping, or where the information is relevant to legitimate legal proceedings); and

• anonymised information for analytic and service development purposes.

The information we retain will be handled in accordance with this Privacy Policy.

Accessing and ensuring the accuracy of Personal Information

Future Friendly takes reasonable steps to ensure that the Personal Information we collect and hold is accurate, up to date and complete.

Users have a right to access and request the correction of any of Personal Information we hold about them at any time. Any such requests should be made by directly contacting us at the details set out below. Future Friendly will grant access to the extent required or authorised by the Act and applicable laws, and will take all reasonable steps to correct the relevant Personal Information where appropriate.

There may be circumstances in which Future Friendly cannot provide Users with access to information. We will advise you of these reasons if this is the case.

Contacting Future Friendly

Future Friendly has appointed a Privacy Officer to be the first point of contact for all privacy related matters and to assist in ensuring our compliance with our privacy obligations.

Privacy Officer

Privacy Officer 

Email: [email protected]

199 Cleveland Street

Redfern, Sydney, NSW, 2016

If you have any queries or wish to make a complaint about a breach of this Privacy Policy or the Act you can contact or lodge a complaint to our Privacy Officer using the contact details above. You will need to provide sufficient details regarding your complaint as well as any supporting evidence and/or information. 

The Privacy Officer will respond to your query or complaint as quickly as possible. Future Friendly will contact you if we require any additional information from you and will notify you in writing (which includes electronic communication via email) of the relevant determination.  If you are not satisfied with the determination you can contact us to discuss your concerns or complain to the Australian Privacy Commissioner via www.oaic.gov.au.

Personal Information refers to information or an opinion about an identified, or reasonably identifiable individual, regardless of the truth of that information/opinion and regardless of whether it is in a recorded form.