Select Page

Privacy Policy

Last updated: 2 January 2020

Executive Pathway Pty Ltd [ABN 11 147 270 791] (“EP”), takes the privacy and protection of your Personal Information very seriously. When you visit the EP online store (“Store“) or the EP corporate website (“Site“), or order products and services (collectively, “Products“) from EP, EP is the controller of your Personal Information and will process data including your Personal Information as outlined in this privacy policy (“Privacy Policy”). Unless otherwise defined herein, capitalised terms shall have the meanings assigned to them in our General Terms and Conditions or in this Privacy Policy.

Scope of this Privacy Policy

This Privacy Policy describes EP’s use of Personal Information that we process when you visit the Site or the Store, or when you order a Product.

Personal Information” means any information, including personal data relating to an identified or identifiable natural person like names, addresses, email addresses, or phone numbers, as well as other non-public information that is associated with the foregoing.

This Privacy Policy does not apply to the processing of your Personal Information by third parties, unless such processing is controlled by EP. In particular, it does not apply to the processing of your Personal Information by Suppliers of the Products that you order.

Controller of Personal Information

EP is the controller of the Personal Information that is being processed when you visit the Site or the Store, or when you order Products.

Your rights as a data subject

As a data subject, you have different rights, including a right to access, rectification, erasure, restriction of processing and data portability concerning your Personal Information. Furthermore, you can withdraw your consent and object to our processing of your Personal Information based on our legitimate interests. You can also lodge a complaint with a supervisory authority.

These are your rights as a data subject:

  • You can withdraw your consent to the processing of your Personal Information by us at any time. In the case of a withdrawal, we may no longer process your Personal Information based on your consent in the future. The withdrawal of consent has no effect on the lawfulness of processing based on consent before its withdrawal.
  • You have the right to obtain access to your Personal Information that we process. In addition, you may request information on the purposes of the processing, the categories of Personal Information, the categories of recipient to whom the Personal Information have been or will be disclosed, the envisaged period for which the Personal Information will be stored or the criteria used to determine that period, the existence of the right to request rectification or erasure of Personal Information or restriction of processing of Personal Information or to object to such processing, the right to lodge a complaint with a supervisory authority, any available information as to the Personal Information’s source (if the Personal Information is not collected from you), the existence of automated decision making, including profiling and meaningful information about the logic involved, as well as the significance and the envisaged consequences of such processing for you. Please note that your right to access may be limited by national law.
  • You have the right to obtain from us the correction of inaccurate Personal Information concerning you. Taking into account the purposes of the processing, you have the right to have incomplete Personal Information completed, including by means of providing a supplementary statement.
  • You have the right to obtain from us the deletion of Personal Information concerning you, unless the processing is necessary for exercising the right of freedom of expression and information, for compliance with a legal obligation, for reasons of public interest, purposes of communication with you or for the establishment, exercise or defending of legal claims. Please note, that the right to deletion may be limited by law (e.g. our obligation to retain Personal Information relating to an e-commerce transaction for a certain time period).
  • You have the right to obtain from us the restriction of processing of Personal Information concerning you to the extent that
    • you contest the accuracy of the Personal Information,
    • the processing is unlawful, but you oppose the deletion of the Personal Information,
    • we no longer need the Personal Information, but you require it for the purposes of communication with you or for the establishment, exercise or defending of legal claims
    • you have objected to the processing.
  • You have the right to receive a copy of the Personal Information of you, that you have provided to us, in a structured, commonly used and machine-readable format and the right to transmit that Personal Information to another controller (“right to data portability“).
  • You have the right to lodge a complaint with a supervisory authority, such as the public authority, which is established in Australia

Where requests are manifestly unfounded or excessive, especially because of a given repetitive character, we may charge a reasonable fee (at the most our actual costs) in accordance with the applicable statutory regulations or refuse to act on the request.

Use of Personal Information you provide

In general, we process Personal Information you submit to us in order to provide you with the Products that you order, process payments, respond to requests that you make, for the purpose of registration (if any), and to offer you additional information, opportunities, and functionality related to the Products that you order. We also use Personal Information to prevent or detect fraud or abuse of our Site or Store and to better tailor the features, performance, and support of the Site or Store to our Customers’ needs, or to carry out technical, logistical, or other functions or improvements.

We process the following Personal Information that you provide by using the Site or the Store or by ordering the Products:

Requests and performance of the contract

In order to purchase Products through the Store, you have to provide and we will process your name, email address, Post Code, address (where required to fulfill your order), and all the financial information necessary for billing and recurring billing (where applicable) or a subset of the foregoing.

The information required for billing depends on the selected payment method and may include credit card number, card verification code, account number, account name, billing Post Code, or any other information required for the payment methods that you have selected.

We also collect your Post Code for the purpose of identifying tax calculation, transaction processing and support, and statistical purposes. We only transfer your Post Code to the Suppliers for purposes of fulfilling your order through our Store and for statistical purposes. We do not sell the Post Code information you provide us with in connection with other information, do not connect it with data sets external to the transaction, and do not use it ourselves for advertising purposes.

The legal basis for processing activities required for the purpose of identifying fraudulent activities and statistical purposes is our legitimate interest in the execution of our offers and services, the integrity of our systems, and in the analysis of the customer base.

On certain websites, we give users the option of providing us with account registration information. This information may include, among other things, your name, address, email address, and a password.

Without your prior explicit consent, we will only send you Product-related announcements that are not promotional in nature (for example, notices related to your purchase of Products or information regarding the renewal of subscriptions) and only when we believe it is necessary to do so.

When you contact us by email, fax, contact form or telephone, or if you are using any of the email addresses, fax, or telephone numbers provided on the Site or the Store, we will collect any Personal Information you choose to provide to us in connection with this communication. Unless your request pertains to the performance of a contract, the legal basis for processing of your request our legitimate interest is to process your request.

Prevention of Fraud and Anti-Money-Laundering, Payment Processing

EP collects and processes Personal Information for the following purposes:

  • Validation of the legitimacy of a transaction under applicable anti-money-laundering laws by using internal tools and external data providers
  • Confirmation that the intended transaction is not of fraudulent nature by using internal tools and external data providers
  • Performing the payment processing transaction

Newsletter and other promotional information

If you request promotional information via any of the forms of the Site or the Store, or sign up for a newsletter or blog updates, then we will process your Personal Information, subject to your consent, for advertising, market research and tailoring electronic services.

Your Personal Information will be processed on the basis of your consent and can withdraw your consent at any time for the future as described under Your rights as a data subject.

Unsubscribe instructions will accompany each newsletter or promotional communication you receive from us.

No requirement to provide Personal Information

There is no requirement for you to provide Personal Information to us. However, if you do not provide the information required for the performance of a contract, we cannot enter into a contract with you.

Automatic collection of Personal Information and analytical data

In addition to the information you provide, we automatically collect Personal Information through different technologies as described below:

IP address

We collect your IP address and transfer it to the Supplier for the purpose of identifying fraudulent activities, export compliance, calculation of tax, and transaction processing and support. Your IP address will be truncated by our systems before transmission to the Supplier.

Depending on the specific purpose, the processing of your IP address is based on our legitimate interests are the execution of our offers, contracts and services and the integrity of our systems.

Cookies, tracking and other analytics technologies

EP and our Suppliers use cookies or similar technologies to store content information, to recognise your personal preferences or login information (if any), analyse trends, administer the website, track users’ movements around the Site and Store, and to gather demographic information about our user base as a whole. You can control the use of and disable and delete cookies at the individual browser level, but if you choose to disable cookies, it may limit your use of certain features or functions on our Site or Store, including the ability to order Products.

We partner with third parties to either display advertising on the Site and Store or to manage advertising on other websites. These third parties may use technologies such as cookies to gather information about your activities on the Site and Store and other websites in order to provide you advertising based upon your browsing activities and interests. If you wish to not have this information used for the purpose of serving you interest based ads, you may opt-out. Please note this does not opt you out of being served ads. You will continue to receive generic ads. Also, the optout itself is stored in a cookie, which means that when you clear your cookies, switch to another browser, use a different device, or otherwise modify your cookies, you will have to opt out again.

Google Analytics

Our Site and Store use Google Analytics, a web analytics service provided by Google LLC, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States (“Google”).

Google uses cookies to help us analyse the use of the Site and Store and to help us improve the user experience and maintain performance of the Site and Store. The information generated by the cookie about your use of the Site is sent to a Google server in the United States and stored there.

Please note that your IP address will be truncated by our systems before sending the data to a Google server. Therefore, you will not be identified as an individual person in Google Analytics, but only as part of the user base.

Google will use this information to evaluate the use of the Site and Store, compile reports on Site and Store activity, and provide other Site and Store activity and internet related services

If you do not want Analytics to be used in your browser, you can install the Google Analytics browser add-on.  As Google uses cookies you can set your browser to refuse such cookies or to indicate when a cookie is being sent as described under Cookies, tracking and other analytics technologies.

Microsoft and Nitro Software

Our Products use Microsoft and Nitro Software software to enforce compliance with the terms of Use and Licence Conditions.  This includes limits on access, use copying and printing, use of password controls and tracking of use. Interference with these controls is dealt with under the General  Terms and Conditions.

Automatic analytical data processing

We receive and store certain types of information whenever you interact with us. This automatic exchange of data between your browser and our server upon accessing our Site or Store informs us of which browser you are using, the date and time of your visit, the name of your Internet Service Provider (ISP), device information, including device ID, the Site you are using to visit us, and which parts of our Site and Store you are visiting.

The information we collect automatically is called “Analytical Information.”

We use this Analytical Information in an aggregated form for internal purposes, such as determining certain settings for the Site or Store like language or location, for maintaining our operating ability, preventing fraudulent access to our Site or Store, or for analysing usage patterns so that we may enhance our Site and Store. We also reserve the right to use and disclose any aggregated Analytical Information at our discretion, as you will not be identified as an individual person.

Personal Information from other sources

We may collect Personal Information about you from other sources like the Suppliers of Products or third parties that provide services for us in connection with the Site or Store. We may add this information to the Personal Information we collect from you via the Site or Store for the purposes of preventing or detecting fraud or abuses of our Site or Store and to fulfill your order and to contact you regarding your order of Products. We do not process such information for marketing purposes.

The legal bases for these processing activities are to the extent that the information is necessary for the performance of the contract and for the prevention and detection of fraud and abuses.

In order to avoid defaults on payment, we reserve the right to obtain information on your creditworthiness (such as based on mathematic-statistical processes) from third parties for certain payment methods (such as direct debit and purchase orders)

Disclosure of Personal Information

Except as otherwise stated in this Privacy Policy, we do not use or share your Personal Information with third parties, unless you ask or authorise us to do so. We will not sell or rent any of your Personal Information to third parties for their marketing purposes and only share your Personal Information with third parties as described below:

Suppliers of the Products

We will provide Personal Information to the Suppliers of the Products sold through the Store to enable them to provide you with the Products, to register you as authorised users, to provide you with support and updates, and for similar purposes. The basis for such data transfers permits the processing of data for the performance of a contract or precontractual measures.

We will also provide analytical data collected through cookies or similar technologies to the Suppliers of the Products sold through the Store to enable them to analyse trends, track users’ movements around the Site and Store, and to gather demographic information about our user base as a whole as set forth in Cookies, tracking and other analytics technologies. We only transfer Analytical Information through such technologies.

Please note that Suppliers use such information as independent controllers according to their own privacy policies that may differ from our Privacy Policy. If you want to know how Suppliers process such information, please visit their websites and review their privacy policies.

Third party service providers

We may provide your Personal Information to third party service providers who work on our behalf to provide you with the Site, Store, and Products, related customer support, and to help us communicate with Customers and Suppliers and to operate the Site and Store. Insofar as we make use of the services of third parties to carry out our services, we process Personal Information according to the provisions of any other applicable laws and regulations. Categories of service providers who support us in providing our services to you include such services as communicating with you via email, processing payment transactions, performing strong customer authentication, shipping Products, screening orders for fraudulent activities, providing customer service or fulfillment services for us, and/or remaining compliant with applicable laws and regulations. Third party service providers who process data on our behalf do not have any right to use your Personal Information except as necessary to help us provide the Site, Store, related processes, and the Products. Transfers to subsequent third parties are covered by the provisions in this Privacy Policy regarding notice and choice and the agreements with our third party service providers and the Supplier.

We provide analytical data to providers of analytics and tracking technologies as described in Cookies, tracking and other analytics technologies.

In case of non-redemption of a direct debit transaction that is not caused by a revocation through the account holder, we reserve the right to report your account information (your account number and bank routing number) to a third party that saves these facts in a lock file and sends them to other companies that are affiliated with the direct debit procedure. The entry in the lock file is deleted after the amount invoiced has been settled. The legal basis for this processing of your Personal Information is our legitimate interest is to avoid future defaults on payment.

Data security and confidentiality

In order to maintain the highest level of Customer and Supplier protection, we adhere to the applicable industry rules and regulations. Thus, we maintain commercially reasonable and appropriate physical, technical, and organisational measures and procedures to safeguard and secure your Personal Information during processing, particularly collection, transmission, and storage. Your Personal Information is only accessible by authorised personnel familiar with EP’s data privacy policies.

Transport Layer Security (TLS)

All access to the Store’s ordering pages is granted using Transport Layer Security (TLS) technology, which encrypts Personal Information you provide during the ordering process. This protects confidential data from being intercepted by third parties and transfers your Personal Information through a secure channel. To ensure this level of security, our systems use a certificate in keeping with common ecommerce practice. This certificate is issued by a trusted security provider. All standard web browsers support this technology and accept the certificates from trusted security providers automatically.

Credit Card Data

EP maintains full compliance payment card industry data security standards to enhance payment card data security and provide a secure ecommerce environment for our Customers. This standard lays out requirements for network architecture, software development, security management, and other critical proactive measures to ensure the safety of payment card transactions.

Data Retention

EP will retain Personal Information for as long as needed to facilitate the sale of Products for which the Suppliers have engaged EP as well as to comply with legal obligations (statutory retention periods), resolve disputes, and enforce our agreements.

In general, we delete your Personal Information as soon as it is no longer required for the above-mentioned purposes, unless temporary storage is still necessary. We store your Personal Information on the basis of legal proof and storage obligations, which result among other things from the German Commercial Code and the German Tax Code, according to which the storage periods are up to ten full years. In addition, we keep your data for the period during which claims can be asserted against our company.

Upon your request, we will restrict the processing of your Personal Information based on applicable law. Once the statutory retention periods have expired, the data will be removed from our operative systems.

Changes in this Privacy Policy and Previous Versions

This Privacy Policy is a living document and is subject to occasional amendment. We may update this Privacy Policy to reflect changes to our information practices. We encourage you to periodically review this page for the latest information on our privacy practices.