1. What kinds of information are collected and stored by Sonder?
We collect “personal information”, being information that can be used to personally identify you. In general, we will only collect personal information such as your name, email address, phone number and information about the enquiries you make with us when you contact us using the “Contact Us” web form available on our Platform or by using the contact information in section 12 below.
We may also collect sensitive information from you. Sensitive information is defined in the Privacy Act 1988 (Cth) and is a subset of personal information and includes health information, information about a person’s racial or ethnic origin, religious beliefs or affiliations, membership of a professional or trade association, membership of a trade union, sexual orientation, or criminal record. If we collect “sensitive information” from you, we will seek your consent to do so. You may choose to withdraw your consent in respect of our collection and use of your sensitive information at any time by contacting us using the contact information in section 12 below.
We also collect non-identifying information when you use our Platform, such as “Log Data” (including, a record of the IP address of your device, the date and time of your visit to the Platform, the pages accessed and documents downloaded, and the referring web page) and “Cookies” (as explained below). This information does not usually contain personal information which can identify you.
2. Persons under 18 years of Age
Sonder maintains a strict position with respect to collecting personal information from children under the age of 18. If you are under the age of 18 and wish to provide personal information to us, you must obtain your parent’s or guardian’s consent before providing us with that information. Sonder reserves the right to delete your information, if appropriate.
3. Why Sonder collects, holds, uses and discloses personal information
We collect, store, use and disclose your personal information for various purposes relating to our business, including but not limited to the following purposes:
- managing your subscription to any alerts or mailing lists;
- sending you information about new updates and developments regarding our products and services that you have ordered or enquired about or that we believe may be of interest to you;
- assisting in any marketing, advertising and promotions relating to any of our products and services;
- sharing your information with specific third parties such as third party service providers to enable them to provide services to us and that relate directly to us providing services to you;
- providing such information to authorised third parties for research and marketing purposes;
- investigating complaints;
- for security purposes;
- to communicate with you in the event that there has been a data breach involving your personal information; and
- to comply with any other obligations that we may have under the law or otherwise.
We keep your personal information for as long as is reasonably necessary in order for us to provide our services to you. We may retain your personal information if it is necessary for us to comply with our legal obligations, to resolve disputes with you or third parties and/or to enforce our legal rights.
4. Will your personal information be disclosed to anyone else?
If you interact with us via any form of public posting on the Platform, then you acknowledge that you are disclosing information publicly to anyone else capable of accessing the Platform and you are responsible for that content or information. You should be aware that others may use, tag and re-publish your content or information in that context, including us.
5. What happens if we cannot collect your personal information?
If you do not provide us with your personal information as requested by us, some or all of the following may occur:
- we may not be able to communicate with you about our products and services;
- we may not be able to provide you with some or all aspects of our services (for example, if you do not establish an account with us, you will not be able to use and access our services);
- we may not be able to provide you with information about services that you may want, including information regarding any complaints you may have regarding our services; and/or
- we may be unable to tailor the content of our services to your preferences and your experience of our services may not be as enjoyable or useful.
A “cookie” is a small data file that many websites use in browsers to maintain user sessions from time to time. We use web logs and cookies to generate statistics and other anonymous data to assist us to gain a better understanding of visitor preferences to our Platform. Most Internet browsers automatically accept cookies; you can instruct your browser (via the options section) to stop accepting cookies or to prompt you before accepting a cookie from the websites you visit, however, doing so may mean you will not be able to use all or parts of our Platform.
7. How does Sonder protect and secure your personal information?
We take reasonable care to protect personal information that we collect and hold from misuse, loss, unauthorised access, unauthorised modification or unauthorised disclosure. We protect personal information by implementing reasonable and up to date security measures as well as through application of our relevant policies, practices and procedures.
8. What are your rights?
Subject to certain grounds for refusal under applicable privacy laws, you have the right to access your personal information that we hold. If you believe that your personal information that we hold is inaccurate or incomplete, you can contact us to request that we change, amend, update, correct or delete your personal information. Please note that we may hold multiple copies of your personal information in our systems and there may be some delay for your requests to be reflected across all of our systems.
In respect of a request for correction, if we think the correction is reasonable and we are reasonably able to change the personal information, we will make the correction. If we do not make the correction, we will take reasonable steps to note on the personal information that you requested the correction.
9. European Union General Data Protection Regulation (EU GDPR)
- Data protection officer
Our data protection officer can be contacted at [insert email address].
- Lawful basis for processing
Our processing (including collection, storage, use and disclosure) of your personal data is justified on the following lawful basis as the processing is:
- necessary in order for us to perform our contract with you and provide our services to you, or for us to take steps to enter into a contract with you and at your request;
- necessary for us to be able to comply with our legal obligations; and/or
you have provided your consent to the processing.
Rights under EU GDPR
If you are a resident of the EU you may have the right to:
- access your personal data that we hold;
- have inaccurate personal data that we hold corrected or rectified;
- request that we erase all copies of your personal information that we hold;
- request that we restrict the way that we process your personal data; and
- receive your personal information provided to us, or request that this data be provided to another controller.
You also have the right to withdraw your consent at any time in relation to our processing of your personal information. Please contact us using the contact information in section 12 below if you would like to withdraw your consent.
Please contact us if you would like us to take action in respect of any of these rights, or if you would like to make a complaint regarding how we have processed your personal information and we will respond to your request within 30 days.
You have the right to make a complaint to data protection supervisory authorities about how we have processed your personal data. You can access a list of data protection authorities by EU member state here: http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm
The European Data Protection Supervisor
Postal address: Rue Wiertz 60, B-1047 Brussels
Office address: Rue Montoyer 30, B-1000 Brussels
Telephone: +32 2 283 19 00
10. Your ability to opt out
If you wish to opt out of receiving our email newsletter from us, you can following the instructions to unsubscribe in our emails to you, or you can contact us by using the contact information in section 12 below.
If you are concerned about how we collect, hold, store, use or disclose your personal information, please contact us using the contact information in section 12 below. We will use reasonable endeavours to address your enquiry or complaint and will endeavour to respond to you within 30 days of receipt of your initial enquiry or complaint (to the extent that we feel your complaint is complex or that we require further time to provide a substantive response, we will send you a notice to that effect).
You must provide all reasonable assistance to us to allow us to address your enquiry or complaint, including providing us with all appropriate and relevant information and feedback on request.
If you feel your enquiry or complaint has not been adequately addressed by us, you may contact the regulator in your jurisdiction. However, we highly recommend that you notify us beforehand as to why you feel we have not adequately addressed your enquiry or complaint and to give us an opportunity to respond to you in that respect. If you would like any further information about your rights to privacy, please contact or visit the regulator in your jurisdiction.
The regulator in Australia is:
Office of the Australian Information Commissioner
GPO Box 5218
Sydney NSW 2001
Tel: 1300 363 992
The regulator in New Zealand is:
Office of the New Zealand Privacy Commissioner
PO Box 10 094,
The Terrace, Wellington 6143
Tel: 04 474 7590
12. Contact us
Tel: +61 2 8379 7739
Mailing: 834 Elizabeth Street, Waterloo NSW 2017, Australia
13. Further information
If you would like any further information about your rights to privacy, please contact or visit:
- if you are an Australian resident, the website of the Office of the Australian Privacy Commissioner: https://www.oaic.gov.au/;
- if you are a New Zealand resident, the Office of the New Zealand Privacy Commissioner: https://www.privacy.org.nz/; or
- if you are a European Resident, the European Data Protection Supervisor: https://edps.europa.eu/.