Privacy Policy

Mindhive Data Privacy Protection Overview

At Mindhive, we understand that the trust our clients place in us is integral to our success. Protecting your data is not just about compliance; it's about safeguarding the foundation of our partnership. This document outlines our commitment to data privacy and the measures we take to protect your information.

Security Trust Centre:

Our Mindhive Security Trust Centre is a testament to our commitment to security and transparency. It is designed to give you peace of mind, offering detailed insights into our security policies, control environments, and the rigorous standards we uphold.

Data and Privacy Controls:

For an in-depth understanding of our internal security procedures, please refer to our Data and Privacy section. Here, you will find comprehensive information on the controls we implement to ensure the integrity and confidentiality of your data.

Our Commitment to Data Security

Mindhive is dedicated to maintaining the highest standards of data security. We leverage advanced technologies and practices to ensure that your data is secure and protected against unauthorised access or disclosure.

Data Collection and Use

We collect information necessary to provide our services, including Personal Information and Usage Information as defined in our Privacy Policy. This data is used strictly for service delivery and improvement, and we ensure transparency in our data processing activities.

Access and Control

Your data is yours. Mindhive implements robust access controls, giving you full control over your data. We practice the principle of least privilege, ensuring that only authorised personnel have access to your data, and only when necessary.

Data Retention

We retain personal data for as long as necessary to provide our services, as well as to comply with legal obligations. Our data retention policy is designed to respect your rights and minimise data storage.

Compliance and Certification

Mindhive complies with all applicable laws and regulations, including the GDPR and the Privacy Act 1988. We are actively pursuing ISO 27001 certification, reflecting our ongoing commitment to data security excellence.

Customisation and Flexibility

We offer a range of customisation options for data privacy, providing the flexibility to align with your internal policies. Our platform is designed to adapt to your data security preferences.

Security Measures

Our security measures include, but are not limited to, encryption, firewalls, and regular security audits. We are continually enhancing our security posture to meet the evolving challenges of the digital landscape.

Incident Response and Notification

In the unlikely event of a data breach, we have a robust incident response plan designed to mitigate risks and notify affected parties promptly, in compliance with GDPR and other relevant regulations.

Our dedicated team is committed to providing you with the support you need to manage and protect your data effectively.

Mindhive’s approach to data privacy and protection is rooted in a deep understanding of the importance of data security in building and maintaining trust. We are committed to partnering with you to meet your data privacy needs.

Mindhive is owned and operated by Mindhive Pty Ltd (ABN 83 618 732 862) (referred to in this policy as Mindhive, we, us or our). This Privacy Policy applies to any information supplied to us whilst using our services, whether that be in person, by phone, over email or through our website located at https://mindhive.org (Website) (we will refer to these collectively as the Services). 

We are committed to protecting the privacy of all our users. The Privacy Act (1988) (Cth) (Privacy Act) and the Australian Privacy Principles (Privacy Principles) set out in Schedule 1 of the Privacy Act, govern the collection, storage, use, and disclosure of information by which individuals may be identified. Further, we comply with EU General Data Protection Regulation 2016/679 (GDPR). 

We may update the privacy policy from time to time at our sole discretion. Any variations become effective on posting the updated privacy policy and we shall have no obligation to provide you with individual notice of such changes. Your continued use of the Services following the publication of any amended privacy policy shall signify your acceptance of that amended privacy policy, except where we are otherwise obliged by law to seek your direct consent. 

Please read this privacy policy carefully before using our Services.

If you do not agree with any part of this privacy policy, please do not use our Services. 

What information do we collect

This privacy policy covers all information collected via your use of the Services. The information we collect can be broken down into the following types: 

Personal Information’ means information that can be used to personally identify you such as your name, email address, contact number, profile pictures, and payment details. We do not collect or process the Personal Information of anyone under the age of 18 without the express consent of their parent or guardian. 

Usage Information’ means anonymous aggregate data that is automatically collected through your use of our Websites. This includes information that identifies your device, your operating system, your IP address and dates and times that you access and use the Website. This information is used for statistical analysis to help us to improve the Services to the benefit of all users. 

The GDPR recognises that Usage Information, whilst for the most part anonymous, can be cumulatively used to directly or indirectly identify you. Usage Information that can be used to identify you in any way, together with your Personal Information, shall collectively be referred to in this privacy policy as ‘Personal Data’. 

How do we collect your information 

Personal Information is collected directly from you when you: 

  • join as a Thought Leader or Mindhive Partner Organisation Member

    If you choose to register as a Thought Leader on our Website, we require you to provide your full legal name and email address. If you choose to register as a Mindhive Partner Organisation member on our Website, we require you to provide your full legal name, position title and email address. We ask you to provide these details for the purpose of creating your account and corresponding with you about your use of the Services. If you do not provide these details, you will not be able to register as a user and you may be limited in how you can access the Services. 

    Additional information you can provide on your account is a profile picture, your skills and interests, and a short bio. Whilst providing these details will enhance your user experience, it is not required to access the Services and you provide such information at your own election. 

  • post a comment

    As a Thought Leader or Mindhive Partnership Organisation member, you will be able to post, comment and interact with other users and content on the Website. Any information you publish on the Website where you are personally identifiable will be considered Personal Data. 

  • make a payment

    If you make a payment through the Website, including by upgrading to a premium account, we may collect credit card details, or otherwise see the details of any bank transaction processed by you. If you do not authorise us to have access to your payment details, you may not be able to retain our Services. 

  • opt into our mailing list

    From time to time you may be able to subscribe to mailing lists or other direct marketing communications. 

  • contact us

    We may collect information from you when you contact us via our website, email, telephone or otherwise. 

  • access, browse, or use our Website

    We may otherwise collect information from you when you access, browse, use, or otherwise interact with our Website. 

It is your choice to provide Personal Information to us. Wherever it is lawful and practicable, you have the option not to identify yourself when interacting with us. Please be aware that it may be necessary for us to collect your Personal Information to enable us to provide the Services to you. As such, if you do not wish to provide your Personal Information, we may not be able to provide the Services to you in a fully operational form. 

Cookies 

We collect anonymous Usage Data on our Website which utilises cookies, pixel tags and other tracking technologies (collectively Cookies). Cookies are small packets of data that are downloaded onto your device when you access a website. Cookies hold specific information that helps a website ‘remember’ your actions and preferences over time. These are the types of Cookies that we may use to operate our Services: 

Strictly Necessary Cookies – these Cookies are essential to ensure that the Website works correctly, and record information that allows you to move around the Website and navigate its features. 

Performance Cookies – these Cookies collect information about how you use the Website, such as how often you access the Website and if you encounter any errors. 

Functionality Cookies – these Cookies allow our Website to remember the choices you make to provide a more personalised experience. 

Cookies can stay on your device temporarily (Session Cookies) or until you manually delete them (Persistent Cookies). You can adjust your browser settings at any time to block Cookies, however please note that doing so may limit our ability to provide the Services to you. 

To request a full list of the individual Cookies we use, please email our privacy officer at privacy@mindhive.org

How do we use your information

Legitimate purposes that you agree we may use your Personal Data for include but are not limited to the following: 

  • to confirm your identity;

  • to provide the Services to you;

  • to respond to requests submitted by you;

  • to process any payment made by you in connection with the Services; 

  • to improve the functionality of the Website;

  • to prevent, detect and investigate potential illegal activities, security breaches and fraud; 

  • to contact you via email to provide you with periodical promotional emails about new products or other information which we think you may find interesting, only where you have opted in to receiving such communication and until you ‘opt out’ 

For the avoidance of doubt, we will only use your Personal Data for purposes that you would reasonably expect us to use your Personal Data for in connection with providing the Services to you, or where we are required by law to collect your Personal Data. We will not sell, rent, or licence your email address or any of your Personal Data. 

‘Opt Out’

We recognise your right under the Spam Act 2003 (Cth) and the GDPR to opt out from direct marketing, and as such these consents can be modified at any time by emailing us at privacy@mindhive.org or clicking unsubscribe on any direct marketing communications. 

Who we disclose your information to

You agree and consent to us disclosing your Personal Data to: 

  • employees, contractors, and officers of Mindhive and its related entities; 

  • authorities, including police, regulators or as otherwise required by law; 

  • third party Mindhive Partnership Organisations, provided that you are a member of a Mindhive Partnership Organisation that has approved public visibility of their members; or you are an individual Thought Leader. 

For the avoidance of doubt, all employees, consultants, contractors and agents of ours are bound by Australian privacy laws. 

You can withdraw your consent for us to share your Personal Data with third parties at any time by emailing us at privacy@mindhive.org, but please note that withdrawal of such consents may affect your ability to access and use the Services. 

Your rights to your information

In accordance with the GDPR, we acknowledge the right of EU citizens to: 

  • have their data erased that is no longer being used for a legitimate purpose; 

  • request a copy of all Personal Data held about you by us in a readable format; and 

  • request restricted processing of your Personal Data whilst any complaints or concerns are being resolved. 

To erase, request or restrict processing of your Personal Data, please email us at privacy@mindhive.org

Accessing, reviewing and changing your information

We cannot modify your Personal Information without your instruction.

You can update your details with us at any time by emailing us at support@mindhive.org or through your account settings. You acknowledge that it is your responsibility to maintain the truth, accuracy, and completeness of your information at all times and your failure to do so may inhibit our ability to provide the Services.

We shall have no liability to you or any third party arising from your failure to keep your information up to date. 

Security

We protect your Personal Data through technical security measures i.e. firewalls, encryption that limit the risk of loss, disclosure, or unauthorised access. No security measures are, however, 100% secure so we cannot guarantee the security of your information or data at any time. To the extent permitted by law, we accept no liability for any breach of security, or direct hacking of our security measures, or any unintentional disclosure, loss or misuse of any information or data or for the actions of any third parties that may obtain any information or data. 

Notwithstanding the above, we acknowledge our obligation to report any data breach that is likely to risk the rights and freedoms of natural persons to the Australian Information Commissioner and, where our data breach involves the information of EU citizens, report to the European Data Protection Supervisor. We will also inform you, where possible, if your data has been breached in the circumstance where it poses a risk of serious harm or your rights and freedoms. 

We also train all staff who may have access to your Personal Data about this privacy policy and our obligations under the Privacy Act, Privacy Principles, and GDPR. For more information on our internal policies, email us at privacy@mindhive.org

Third-party links

Please note that this privacy policy does not cover the information practices of third party websites which may be linked to our Website. Notwithstanding our encouragement for third parties to adopt similar privacy policies as ours, we are not responsible for their collection and use of your Personal Data.

Please refer to the privacy policies and statements of the relevant third-party website to obtain information regarding their information collection, use and disclosure policies. 

Overseas disclosure

We may, in the course of providing the Services to you, transfer your Personal Data to overseas countries that are deemed by the EU Commission as having an ‘adequate’ level of Personal Data protection. Where we transfer data to a third party in a country where no adequacy decision has been made, we warrant that any person or entity handling your data in those countries are bound under contract to meet the requirements of the Privacy Act, Privacy Principles and GDPR. 

For the avoidance of doubt, all user data is stored in servers in Sydney, Australia, however, we may transfer any data to an overseas third party with your express or implied consent, and the above condition only applies in the case of a data transfer or transmission to our related business entities in other countries. 

Sensitive Information

We do not generally collect sensitive information, as defined under the Privacy Act 1988 (Cth) and GDPR, such as information on your racial or ethnic origin, political opinions, religious beliefs, or health information unless it is volunteered by you. In the event that we require such information, we will obtain your explicit consent to collect and use it. This information will be subject to stricter safeguards and handled confidentially according to the standards set out in the Australian Privacy Principles and GDPR.

Consent

When collecting your Personal Information, we will take reasonable steps to ensure that you are fully aware of why we are collecting your information, who will have access to that information, how it will be used, and any legal requirement which requires us to collect the information. This will be done through explicit consent boxes in our registration forms and any other data collection platforms, requiring an active click from users to give their consent.

Data Retention and Deletion

We will retain your Personal Data for the duration necessary to provide our Services, comply with our legal obligations, resolve disputes, and enforce our agreements. If you deactivate your account or request for your Personal Data to be deleted, we will adhere to this request but may retain certain information for legal or record-keeping purposes or to complete any transactions that you initiated prior to requesting such change or deletion.

Cross-border Disclosures

We may transfer your Personal Data to overseas countries in compliance with Principle 8 of the Australian Privacy Principles and the GDPR requirements. The countries where we may transfer your Personal Data will be those that provide an adequate level of protection as determined by the EU Commission. Appropriate measures will be put in place to ensure your Personal Data is handled in accordance with this Privacy Policy.

Data Breach

Notification In the unlikely event of a data breach, we will promptly identify and investigate the issue, taking all necessary steps to minimise any potential harm. If a breach is likely to result in a high risk to your rights and freedoms, we will notify you as well as the appropriate supervisory authorities within 72 hours of becoming aware of the breach in accordance with GDPR.

Contacting Minors

If you are under the age of 18, please ensure that you obtain your parent or guardian's consent before providing us with any of your Personal Data. If we learn that we have collected Personal Data from a minor without parental consent, we will promptly take steps to delete that information.

Data Portability

In accordance with the GDPR, users have the right to data portability. You have the right to receive your Personal Data in a structured, commonly used, machine-readable format, and you have the right to transmit those data to another controller without hindrance from us. To exercise this right, please contact us using the information provided in the "Contact" section.

Contact

Thank you for taking the time to read our privacy policy. If you have any questions regarding our privacy policy, you can reach our privacy officer at 

Mindhive Pty Ltd
ATT: Privacy Officer
Level 5, 200 Adelaide St, Brisbane, 4000
privacy@mindhive.ai

If you are not satisfied with our handling of your Personal Data, or have any other concern over our privacy policy, then you may lodge a formal complaint with the Office of the Australian Information Commissioner (for more information, please see www.oaic.gov.au) or with the European Data Protection Supervisor (for more information, please see https://edps.europa.eu).