LEGAL
Privacy Policy
Reading Time: 5 minutes
1. Purpose, scope and users
FMClarity respects your privacy and we are committed to protecting it through our compliance with this Privacy Policy. The intention of this policy is to give you confidence in the privacy and security of the personal information we obtain from you in order for us to provide our products and services to you.
This policy applies only to information we collect through our Services, in email, text and other electronic communications sent through or in connection with our Services. It does not apply to information that you provide to, or that is collected by, any third party, such as contractors you engage with through our Services or social networks that you use in connection with our Services. To obtain information about such third-party privacy practices you should contact them directly.
We receive and store any business-related or identifying information submitted during your use of our Service. This information may include business contact details (such as names, email addresses, and phone numbers of employees or contractors) or other information necessary to carry out business activities. While FMClarity is a B2B service, certain data collected may qualify as Personally Identifiable Information (PII) under Australian law, and we apply the necessary safeguards to ensure its protection. We also receive and store certain automated information about your usage and devices which helps us evaluate and improve our Service. We store this information for three main reasons:
To provide and maintain our Service to you
To evaluate and improve the effectiveness of our Service
To facilitate third-party communication
We treat all information, whether business-sensitive or personally identifiable (e.g., contact information of employees), as confidential. We retain information only as long as necessary to fulfill the purposes for which it was collected, for legitimate business purposes, or to meet legal and regulatory obligations. Our data retention schedule defines specific retention periods by category of information, after which it is securely deleted or anonymized in accordance with the Privacy Act 1988 and relevant retention policies. We use industry-standard technical and organisational security measures, such as encryption, access controls, and regular security audits, to protect business-sensitive data and any personally identifiable information (PII) that may be collected. These measures are designed to prevent unauthorized access, disclosure, alteration, or destruction of data. Our compliance is managed through an Information Security Management System (ISMS) and supporting procedures which include:
Maintaining a register of applicable legal, regulatory, and contractual privacy obligations to ensure they are identified and met.
Conducting Data Protection Impact Assessments (DPIAs/PIAs) for new or significant changes to processing activities, including assessments for any disclosure of personal information outside of its originating jurisdiction (e.g., outside of Québec).
A formal procedure for handling Data Subject Access Requests (DSARs), including requests for access, correction, or deletion, as detailed in Section 6.
An incident management procedure for logging and managing all data breaches and confidentiality incidents. This includes, where required by law (such as under PIPEDA or Québec Law 25), notifying the relevant regulator and affected individuals of any incident posing a 'real risk of significant harm' or 'confidentiality incident'.
We comply with all relevant Victorian and Australian Privacy and Data Security legislation, as well as applicable international laws identified in our legal register.
1.1. Data Privacy Officer and Responsibilities
FMClarity has designated a Data Privacy Officer (or equivalent role) responsible for overseeing compliance with this Privacy Policy and all applicable privacy legislation. The responsibilities of this role include, but are not limited to, advising on our data protection obligations, monitoring compliance, and acting as a point of contact for data subjects and supervisory authorities. Contact details for this role are provided in Section 7 of this policy.
2. What We Collect
This section serves as our Notice at Collection for residents of applicable jurisdictions (such as California). We collect the categories of information listed below. The business and commercial purposes for which we collect this information, and the categories of third parties to whom we disclose it, are described in Section 4 ('How we use and share the information we collect'). FMClarity collects a variety of information from our users which may differ depending on how you use the service. This may include:
2.1. Identity
Information that can identify you includes but is not limited to your full name, email address, postal code, password and other information you may provide with your account, such as your gender, mobile phone number and website. Your profile picture that will be publicly displayed as part of your account profile. You may optionally provide us with this information through third-party sign-in services such as Facebook, Azure and Google. In such cases, we fetch and store whatever information is made available to us by you through these sign-in services. Your preferences and settings such as time zone and language. Information you provide through our Services, including your facilities, reviews, documents, photographs, comments, contractors, and teams through our Services, names, and other information you provide on our Services, and other information in your account profile.
2.2. Messages
If you exchange messages with others through the Services, we may store them in order to process and deliver them, allow you to manage them, and investigate possible violations of our Terms of Service and wrongdoing in connection with the Services. If you send information from the Services to your mobile device via SMS text message, we may log your phone number, phone carrier, and the date and time that the message was processed. In compliance with Canada's Anti-Spam Legislation (CASL), any commercial electronic messages (CEMs) sent by FMClarity will be based on your consent (express or implied), will clearly identify us as the sender, and will include a readily available and functional unsubscribe mechanism.
2.3. Reviews
If you write reviews about businesses with which you conduct transactions through our Services, we may publicly display information that you transacted with those businesses. You also may provide information (such as ratings, reviews, tips, photos, comments, likes, bookmarks, friends, lists, etc.) to be published or displayed on publicly accessible areas of our Services, or transmitted to other users of our Services or third-parties.
2.4. Automatic Information
We automatically collect some information about your computer when you visit this website. Including but not limited to traffic data, real-time location data, logs and other communication data, and information about your computer, connection and mobile device including your IP address and Web browser software or operating system.
2.5. Location
When you use one of our location-enabled services, we may collect and process information about your mobile device’s GPS location to customise the Services with location-based information and features. Some of these services require your personal data for the feature to work and we may associate location data with your device ID and other information we hold about you. We keep this data for no longer than is reasonably necessary for providing services to you.
2.6. Cookies
We use cookies and similar tracking technologies. Where required by law (such as in Québec), we will not place non-essential cookies or trackers on your device without your explicit, opt-in consent. Essential cookies, which are strictly necessary for the functionality of our site, will be used to enable the service. You can manage your cookie preferences at any time through our cookie management tool or your browser settings. Third parties whose products or services are accessible or advertised through the Services, including social media services, may also use cookies or similar tools, and we advise you to check their privacy policies for information about their cookies and other practices. We do not control the practices of such partners and their privacy policies govern their interactions with you.
Legal Compliance
FMClarity complies with the Privacy Act 1988 and the Australian Privacy Principles (APPs), ensuring that all business-related data and any personally identifiable information (PII) are handled, processed, and stored in accordance with these legal requirements.
4. How we use and share the information we collect
We use the information we collect to provide and maintain our service, and to evaluate our service. We treat your information as confidential, use industry standard practices to protect it, and aim to collect no more than is required and to keep it for only as long as required. We use and share information for the following purposes.
4.1. To provide and maintain our service
We use the information we collect to provide, evaluate, improve and personalise our service to you. We, for example, use this information to prefill work orders, display relevant contractors, provide you with support, communicate with you, and comply with our legal obligations. We do not disclose any of your personal information, except as described below, or when we believe in good faith that the law requires it, or to protect the rights or property of FMClarity.
4.2. To evaluate and improve our service
We may anonymise and/or de-identify information collected from you through the Services or via other means, including via the use of third-party web analytic tools. We use this information to evaluate the quality and appropriateness of our service and to personalise your experience. Our use and disclosure of aggregated and/or de-identified information is not restricted by this Privacy Policy, and it may be used and disclosed to others.
4.3. To facilitate third-party communication
When you create or execute a work order through our Services, your information is provided to us and to the contractors with whom you choose to deal. In order to facilitate your order, we provide your information to that contractor in a similar manner as if you had made an order directly with the contractor. If you provide a mobile phone number, contractors or FMClarity may send you text messages regarding your work order’s status. Information you choose to share with a contractor when you make and/or pay an order through our Services may be used by the contractor for its own purposes. We do not control the privacy practices of contractors or any other third parties you may interact with in the course of using our Service. Please contact the contractor or third party directly if you want to learn about their privacy practices. As part of our vendor management process, FMClarity conducts due diligence on all third parties and sub-processors who may handle PII on our behalf. We ensure that appropriate contractual clauses (such as Data Processing Agreements or equivalent) are in place to require them to protect this information to a standard commensurate with our own legal and contractual obligations.
4.4 Data Hosting, Transfers, and Location
FMClarity provides data residency based on client jurisdiction. All primary production Client Data is hosted exclusively within the client's home country.
For Australian Clients: All primary production Client Data and encrypted backups are hosted exclusively within Australia (e.g., AWS Sydney and Melbourne regions).
For Canadian Clients: All primary production Client Data and encrypted backups are hosted exclusively within Canada (e.g., AWS Canada regions).
For United States Clients: All primary production Client Data and encrypted backups are hosted exclusively within the United States (e.g., AWS US regions).
We may engage third-party sub-processors (as described in Section 4.3) who are based overseas. We ensure appropriate contractual safeguards and legal mechanisms protect all such transfers.
Your Privacy Rights
Depending on your jurisdiction, you may have specific rights regarding your personal information.
5.1. Rights for Residents of Specific U.S. States
If you are a resident of a U.S. state with comprehensive privacy laws (such as California or Colorado), you may have the following rights, subject to legal exceptions:
Right to Know/Access: The right to request information about the categories and specific pieces of personal information we have collected about you, the categories of sources from which it was collected, the business or commercial purpose for collecting, selling, or sharing it, and the categories of third parties to whom we disclose it.
Right to Delete: The right to request the deletion of your personal information that we have collected.
Right to Correct: The right to request the correction of inaccurate personal information we maintain about you.
Right to Opt-Out of Sale/Sharing: You have the right to opt-out of the "sale" or "sharing" of your personal information (as defined by state law, which may include cross-context behavioral advertising). You can exercise this right at any time by clicking the "Do Not Sell or Share My Personal Information" link in our website footer.
Right to Limit Use of Sensitive Personal Information: You have the right to limit our use of your Sensitive Personal Information (if we collect any) to only that which is necessary to perform the services expected. You can exercise this right at any time by clicking the "Limit the Use of My Sensitive Personal Information" link in our website footer.
Universal Opt-Out Mechanisms: We recognize and honor Universal Opt-Out Mechanisms, such as the Global Privacy Control (GPC), as a valid request to opt out of the sale or sharing of your personal information.
Right to Non-Discrimination: We will not discriminate against you for exercising any of your privacy rights.
Right to Appeal (Colorado Residents): If we deny your request, you have the right to appeal our decision. We will provide you with instructions on how to submit an appeal. If your appeal is denied, you may contact the Colorado Attorney General to file a complaint.
How to Contact Us
To exercise any of the rights described above, challenge our compliance, or if you have questions about this Privacy Policy, please contact our Data Privacy Officer/ Person in Charge of Personal Information:
By Email: contact@fmclarity.com
By Mail: 8 Adolph Street, Suite 1.01, Cremorne, Victoria, 3121, Australia
We will respond to your request in accordance with applicable law.
