Tiimely Privacy Policy

At Tiimely Pty Ltd ("Tiimely") we're committed to protecting the privacy of our Clients, their Users, Customers whose information is used by our products, and our Website Visitors.

The policy explains how we manage all personal information that is collected through our website and using Xapii products. It includes:

  • How we collect information
  • What information we collect
  • How and where information is held
  • Use and disclosure of information
  • Corrections and complaints
  • Changes to the Privacy Policy

The personal information collected by Tiimely will depend on the relationship you have with us and how you are engaging with our products:

  • Client – the entity that is licensed by Tiimely to use Xapii products including any authorised users of the Client.
  • Customer – the applicant or customer (or potential applicant or customer) of a Client
  • Website Visitor – any person visiting the Tiimely.com website

1. How we collect information

We collect Personal Information in four main ways:

  • When you provide it directly to us via Xapii products or related services.
  • Through trusted third parties, such as financial institutions using the services of data aggregators.
  • When you are a Customer and our Client uses our products or services to manage any part of its dealings with you (for example, where our Client uses our Xapii products to help it process or assess a credit application), we collect any personal information we receive about you in the course of providing our product or service to our Client.
  • Passively through technology, to obtain website data via cookies (see below) and analytics software.

2. What information we collect

The types of information we collect will depend on your relationship with us and how you’re engaging with our products or services e.g.

  • If you are a Client: :
    • When you use Xapii products and services, we may collect and store any personal information provided directly to us, such as name, emails address, phone number. We may also rely on a third-party payment processor to complete transactions, and all data shared with them falls under their own privacy policies.
  • If you are a Customer of a Client:
    • We may collect and store any personal information which we receive about you which occurs during the use of our products and services by our Clients, including but not limited to your name, contact details, bank account and financial information. This information is collected through our Clients’ use of our products or is generated through the processing of personal information by our products. While we store and process this personal information, access to that information is generally controlled by our Clients and their users and there is limited access by Tiimely employees who perform administrative or service support functions.
  • If you are a Website Visitor:
    • When you use the Tiimely Website, we may gather and store any information provided directly to use through the use of website features such as contact forms, such as name, email address, phone number and business you work for.

For all Clients and Website Visitors, we may also collect details about how you interact with our website and products, such as the activity you carry out when using Xapii products or using our website, technical information including your IP address, time-zone settings, browser versions and operating systems, as well as behavioural metrics. This may be linked to your account for fraud detection and prevention purposes.

Cookies

The Digital Transformation Office defines cookies as “small parcels of text-based data produced by the web server and exchanged with the user’s browser each time they access the website.” As with the information collected above, we use cookies to keep track of your activity and enhance your experience, and may also use them to fight fraud. You can disable cookies at any time by visiting the “settings” or “help” section of your browser.

If we inadvertently receive unsolicited personal information from you, and we determine that such information should not have been received, we shall, as soon as practicable, destroy the information, or ensure that the information is de-identified.

3. How and where information is held

We take all reasonable steps to ensure the personal information we collect, use or disclose is accurate, complete, up-to-date and relevant, and stored securely on Australian shores within the Sydney Amazon Web Services (AWS) environment.

We take our security responsibilities very seriously and employ appropriate measures to ensure the personal information we hold is protected from misuse, interference, loss, unauthorised access, modification or disclosure by using various best practice policies, processes and methods. These include logging of all messages and requests; access limitations (RBAC); secure encryption technology (TLS 1.2); and ensuring all data stored at rest is encryption though strong mechanisms. For more information on AWS Security and their compliance to relevant standards, please see https://aws.amazon.com/compliance/programs/.

4. Use and disclosure of information

Your information can be used in several ways, and in limited circumstances disclosed, depending on whether you are a Client, Customer or Website Visitor (see meanings above).

Clients

We use your information to facilitate your use of the features and functions of our products and services to operate and maintain our products and services. We also use your information to enhance and further develop our products and services, including but not limited to, creating new features or functions; refining or personalising the user experience; and increasing performance.

Customers

When we collect personal information through our Clients’ use of our products, that information is typically used in connection with an application and/or assessment process for a product or service being provided by the Client. Our Clients’ privacy policies will contain more detailed information about their collection and use of personal information in connection with their products and services. We may also use the information collected through use of our products to create anonymised, aggregated or de-identified information for the purposes of product analytics and insights, service and product improvement and feature development.

Website Visitors If you have used our website to make an enquiry with Tiimely, we will typically use your personal information to make contact with you in relation to Tiimely products and services. We may use your personal information or information captured automatically to understand website user behaviour and optimise website performance.

Security

Client information is used to authenticate and verify you, to detect and protect against security events and monitor violations or other illegal activity. This includes establishing identity and credentials to ensure access and use of our services and products.

Communications and marketing

Your information (other than sensitive information) may be used to send electronic communications and/or marketing about our products and services to Website Visitors, and Clients including but not limited to, updates on products, subscription renewals, payment reminders, alerts and other notices relating to our products and services. We will ensure a simple and clear means of opting-out is included in marketing communications. Alternatively, you may ask to opt-out of receiving marketing communications from us at any time by contacting us using the details in this policy.

Support services

We may use or disclose Client or Customer information to diagnose and resolve technical matters you may experience using this service, including sharing information with third parties to resolve these technical matters.

We may also disclose your personal information where required by law or we believe in good faith that the disclosure is necessary to prevent physical harm or financial loss, to report suspected illegal activity, or to investigate violations of our Terms of Service.

5. Corrections and complaints

In most cases you can gain access to and seek correction of your personal information. Should you wish to do so, please contact us at contact@tiimely.com.

If you ever have an issue or complaint regarding your privacy or the way we’re using your personal information, please contact us by emailing contact@tiimely.com, and we’ll address it as quickly as possible. We will aim to have your issue resolved within 30 days.

If you are dissatisfied with our response, you can contact an external body:

Office of the Australian Information Commissioner (OAIC).

If your complaint is about how we handle your personal information, you can contact the OAIC.

Australian Financial Complaints Authority (AFCA).

If you have a complaint about the way we handle your personal information, get in touch with AFCA.

6. Changes to the Privacy Policy

We will review this policy regularly to ensure it is up to date. Changes will be posted on this page, and you may be notified by email where appropriate. Please check back frequently for the latest updates.