The following parties are referred to in this document:

  1. The System Provider: McCloud Consulting Pty. Ltd. | ABN 94 161 776 692 | Sydney | Australia

  2. SIRA: Scotland Island Residents' Association, the owner of the SIRA Water Booking System and its committee members, officers and contractors (including water monitors and water manager(s)), authorised to perform work for the association in relation to the water booking system.

  3. The Customer: SIRA member who makes a water booking and pays for the water purchase.

 This policy does not replace the SIRA Privacy Policy; it should be read in conjunction.


SIRA WATER BOOKING SYSTEM PRIVACY STATEMENT

 

SECTION 1 - WHAT DO WE DO WITH YOUR INFORMATION?

 

When the Customer makes a water booking on our site or via the water manager/monitor, as part of the booking process, the System Provider and SIRA use the personal information the customer has entered in the SIRA membership database (or SIRA entered on the member's behalf) via a membership application form. This information includes names, addresses, phone numbers and email addresses.

When the Customer accesses the invoice payment form, the System Provider also automatically receives the used computer’s internet protocol (IP) address in order to provide information that helps the System Provider learn about the used browser and operating system.

Within the context of the SIRA Water Booking system, the information is used for processing of water bookings, collecting of payments and sending of information to the Customer regarding water bookings.

In addition, some of your information will be disclosed to other Customers, who have made water bookings. In the booking reminder email, your phone number and/or your mobile phone number will be included when sent to the member/s who have a booking before you and/or after you.


 
SECTION 2 - CONSENT
 
How do the SIRA and the System Provider get your consent?

 

When the Customer provides SIRA with personal information to complete the membership application and subsequently when making a water booking online or via a Water Monitor/Manager and optionally, verifies a credit card, this implies that the Customer consents to SIRA collecting such information and using it for the reason of managing water bookings in addition to regular membership administration.

 
How do you withdraw your consent?

 

If after you opt-in, you change your mind, you may withdraw your consent for SIRA to contact you, for the continued collection, use or disclosure of your information, at any time, by contacting the SIRA secretary. For contact details, refer to the SIRA website or email secretary@sira.org.au.

 

SECTION 3 - DISCLOSURE

 

SIRA and the System Provider may disclose the Customer’s personal information if they are required by law to do so or if the Customer violates the terms agreed to in the AGREEMENT FOR THE SALE OF NON-POTABLE WATER.

 

SECTION 4 - THE SIRA WATER BOOKING SYSTEM

 

The SIRA Water Booking System is hosted on an online platform, OutSystems.

The Customer’s data is stored through OutSystem's data storage, databases and application. OutSystems stores the Customer’s data on a secure server behind a firewall.

 

Payment:

The system uses Stripe or POLI to complete the Customer’s invoice payments. When payment is made by credit card, then Stripe stores the Customer’s credit card data. It is encrypted through the Payment Card Industry Data Security Standard (PCI-DSS). 

The payment gateway ‘Stripe’ adheres to the standards set by PCI-DSS as managed by the PCI Security Standards Council, which is a joint effort of brands like Visa, MasterCard, American Express and Discover. For more information see: https://stripe.com/docs/security/stripe

PCI-DSS requirements help ensure the secure handling of credit card information by the system provider and its service providers.

The bank transfer facilitator POLI, adheres to industry standards for security. For more details: https://www.polipayments.com/security


SECTION 5 - SECURITY

 

To protect the Customer’s personal information, the System Provider takes reasonable precautions and follow industry best practices to make sure it is not inappropriately lost, misused, accessed, disclosed, altered or destroyed. The SIRA Water Booking system is hosted on the OutsyStems platform which has the highest level of security standards and is compliant with SOC 2 and ISO 27001 and ISO 22301 Standards (Click for OutSystems Security Statement).

If you provide Stripe with your credit card information, the information is encrypted using secure socket layer technology (SSL) and stored with a AES-256 encryption.  Although no method of transmission over the Internet or electronic storage is 100% secure, we follow all PCI-DSS requirements and implement additional generally accepted industry standards.

 

SECTION 6 - COOKIES

 

To function as intended, the SIRA Water Booking System uses cookies that will be stored on the Customer’s device when the Customer uses the invoice payment form. These cookies are not used for anything other than the functioning of the payment form.

The SIRA Booking System also uses cookies to ensure the functioning of the administrative application which is used by SIRA to manage the water bookings. These cookies are not used for anything other than the functioning of the administration application.

 

SECTION 7 - AGE OF CONSENT

 

By using the SIRA Water Booking System, the Customer represent that they are at least the age of majority in their state of residence.

 

SECTION 8 - CHANGES TO THIS PRIVACY POLICY

 

SIRA and/or the System Provider reserve the right to modify this privacy policy at any time.

If the System Provider or its product and intellectual property are acquired or merged with another company, the Customer’s information may be transferred to the new owners.

 

QUESTIONS AND CONTACT INFORMATION

 

If the Customer would like to: access, correct, amend or delete any personal information the System Provider or SIRA have about the Customer, register a complaint, or simply want more information, contact SIRA at secretary@sira.org.au.



SCOTLAND ISLAND RESIDENTS’ ASSOCIATION
Incorporated under the Associations Incorporation Act 2009
P O Box 70, Church Point 2105
ABN 19 163 341 913

Privacy Statement: Personal information is collected for the purpose of administering the affairs of the Scotland Island Residents’ Association and communicating with members. It is handled in accordance with the National Privacy Principles (Privacy Act 1988 refers). Please refer to the SIRA Privacy Policy

Powered by Wild Apricot Membership Software