Who are we?
QSR International Pty Ltd A.C.N. 006 357 213 (“QSR International”) is a global organization. QSR International’s Head Office is located in Australia, with offices in the UK, US, and Japan.
The related entities of QSR International include the following:
- QSR International (UK) Limited – United Kingdom
- QSR International (Americas) Inc. – U.S.A.
- QSR International Japan K.K. – Japan
Consent needs to be free and informed. You must ensure you understand the purpose for the collection.
- Australia - The Australian Privacy Principles (“APPs”) are contained in schedule 1 of the Privacy Act 1988 (Cth). QSR International is considered to be an APP entity under the Australian Privacy Act and must comply with the Australian Privacy Act as to how to handle, use and manage personal information (as defined in the Australian Privacy Act 1988 (Cth)).
- UK - Your personal data is protected in the UK by the Data Protection Act 1998 which requires data controllers to ensure that your personal data is processed lawfully and fairly. The EU Directive 2016/679 for the General Data Protection Regulation (“GDPR”) came into force on 24 May 2016 and will apply from 25 May 2018. The GDPR intends to unify data protection laws within the EU and the export of personal data of EU residents outside the EU. It is likely that the GDPR will be implemented by the UK despite Brexit.
- U.S. - Data privacy is not currently highly regulated in the U.S. Although partial regulations exist, there is no all-encompassing law regulating the acquisition, storage, or use of personal data in the U.S. With the exception of California, very few states recognize an individual's right to privacy. The U.S. believes in self-regulation of data protection by companies.
- Japan – The Act on the Protection of Personal Information 2003 (“APPI”) handles the protection of personal data in Japan.
- the general categories of personal data we collect;
- why we collect an individual's personal data;
- how it will be used, and who it will be disclosed to;
- the legal basis of our processing that personal data; and
- your rights in relation to the personal data we collect.
What Type of Data is Collected?
QSR will collect, store, use, process and disclose personal data in the manner permitted by law. Personal data is any information or an opinion about an identified or identifiable natural person (“data subject”). The personal data collected, stored, used, processed and disclosed by QSR which is required for use of our website or software may include your name, an identification number, date of birth, gender, postal and email address, phone number, contact preferences, and credit and debit card information. When you apply for or we need to facilitate a specific product or service, we may also collect information from you related to that product or service.
If you are applying for employment with QSR, we may collect and process information about you such as employment history, qualifications, residency status, background check and other information required as part of the recruitment process. In that regard, we may also collect sensitive information or special categories of data such as health or medical information, racial or ethnic origin, and criminal convictions. You acknowledge and give your consent for QSR to collect, store, use, process and disclose any such information and personal data for the purpose of assessing your application for employment with QSR.
How does QSR Collect Your Personal Data?
QSR collects your personal data in various ways, such as over the phone, via email, over the internet if you transact with QSR online, when you register on our website, fill out a form, activate the QSR software etc. We may also collect personal data about you from third parties, including (but not limited to) from our partners, agents and resellers.
When ordering or registering on our website, as appropriate, you may be asked to enter your personal data such as your name or email address. We may ask for further personal data that identifies you, including your mailing address, phone number, contact preferences, and credit card information. QSR does not store your credit card information as payments are processed through third parties using external payment gateways.
In particular, your personal data will be collected when you participate in the following activities:
- Request for free trial software download.
- Purchase a product from QSR.
- Activate QSR software and e-demos (includes trial software).
- User testing community
- Register for QSR training, webinars, conferences, events or exclusive content.
- Subscribe to email communications and newsletters.
- Submit a product support request (including product crash report dialogues)
- Contact QSR about a query.
- Participate in an online survey and/or user testing activities.
- QSR marketing/ promotional activities.
- Surf the QSR website.
- Visit QSR Partner sites.
You may visit our website anonymously or choose not to give us your personal data. However, without your personal data, we will not be able to provide you with the products or services which you may request of us nor will we be able to respond to any of your queries.
How Your Personal Data may be Used by QSR
QSR may collect, store, use, process and disclose your personal data (and you consent to us doing so) for the following purposes:
- To personalize your experience as a user and to allow QSR to deliver the type of content and product offerings in which you are most interested.
- To improve the QSR website in order to better serve you.
- To enable QSR to respond promptly to your customer service requests.
- To administer a contest, promotion, marketing survey or other site feature.
- To facilitate payment transactions.
- To review QSR services or products.
- To communicate with you as a follow up to any queries via live chat, email or phone.
- To provide the service(s), information or products you have requested or to carry out the transaction(s) you have authorised (or we may disclose this information to authorised QSR partners to undertake this activity on our behalf).
- For research and development in order to improve QSR’s product offerings/solutions to you.
- For job applications within QSR, to review your skills and experience for employment.
- Where such use and process is required in order to ensure compliance with a legal obligation of QSR.
Retaining your Personal Data
QSR will destroy or de-identify your personal data if it is no longer needed for the purpose for which it could be used or disclosed in terms of applicable law.
Types of Data not Collected by QSR
QSR does not collect any details of the data you are working with when you use our software products. This data is stored only in the projects or files into which you direct the software to save the data.
NCapture stores the data you capture only in the files you create. When using NCapture to capture data from social media sites, you may be asked by the site whether you wish to grant NCapture permission to collect particular kinds of data.
Choosing to grant these permissions to NCapture:
(a) Does not allow NCapture to capture any data that you, as a user of that social media site, do not yourself have access to.
(b) Does not cause NCapture to send any captured data to QSR.
When you import data captured using NCapture into NVivo, you have the option to exclude some unwanted information (such as location or bio). Refer to the Help documentation in NCapture and NVivo for further details.
Third Parties to whom QSR may Disclose your Personal Data
In providing the products and services to you, and insofar as reasonably necessary for those purposes, QSR may need to disclose your personal data to third parties including:
- QSR’s suppliers, subcontractors, agents, solicitors, professional advisers, government regulatory bodies, tribunals, courts of law, debt collection agents, insurers and to their respective related entities.
- Third parties engaged by QSR (who will be bound by confidentiality obligations) in your geographic region or able to communicate in your language, to ensure that you are better serviced.
- Third parties engaged by QSR to conduct customer satisfaction surveys (only with your prior consent).
- In the event of a re-organization, merger, or sale we may transfer your personal data to a third party (who will be bound by confidentiality obligations) during the due diligence process.
- Payment services providers in relation to financial transactions relating to our services, including processing payments.
- In relation to disclosure necessary for compliance with a legal obligation applicable to QSR, we may also disclose your personal data in circumstances where necessary in legal proceedings, whether in or out of court.
How does QSR keep your Personal Data Secure?
QSR has implemented security measures to protect personal data received from you. The following security measures are in place:
- QSR uses malware scanning. QSR’s website is scanned on a regular basis for security holes and known vulnerabilities in order to make your visit to QSR’s website as safe as possible.
- Your personal data is contained behind secured networks and is only accessible by a limited number of persons duly authorized by QSR, and required to keep the information confidential.
- If you make an online application or undertake a payment transaction using QSR’s website, QSR takes additional steps to protect the security of your personal data. Your personal data is encrypted via a Secure Socket Layer (SSL) technology (in your web browser, you can confirm that your session is encrypted by the appearance of a locked padlock symbol at the foot of the browser).
- All payment transactions are processed through a gateway provider and are not stored or processed on our servers.
Notwithstanding the security measures implemented by QSR, you should be aware that there are risks in transmitting information across the internet. While QSR takes measures to protect your personal data, we cannot warrant the security of any information transmitted to QSR online and users of our website do so at their own risk. QSR will remove your personal data from its system where it is no longer required unless QSR is required by law to store your personal data.
International Transfers of Personal Data
In certain circumstances we may need to transfer your personal data to countries outside the country in which the data was collected (or, in the case of personal data collected within the European Economic Area (“EEA”), to countries outside the EEA) including our offices around the world (currently located in Australia, USA and Japan). International transfers of your personal data will be protected by the appropriate safeguards, namely the standard data protection model clauses adopted by the European Commission or a supervisory authority, which we will incorporate into our agreements with such transferees of personal data. You can find a copy of model contract clauses for transferring personal data outside the EEA at: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-countries_en
As a customer or website user of QSR, you give your consent to QSR to transfer or grant access to your personal data between the companies in the QSR group. All data is transferred or accessed using either a secure transport layer or encrypted algorithm. A majority of the data collected is then centralized and imported into a central customer relationship management system, and housed within secure data centre facilities. This is available to staff across all regions within the QSR group by way of an encrypted secure transport layer and individual staff authentication is required.
Cloud Storage of Personal Data
We may store data on remote servers operated by a cloud service provider to QSR rather than storing it on our own servers. Regardless of where you use our online services or provide information to us, the information may be transferred to and maintained on servers located outside the country in which the data was collected (or, in the case of personal data collected within the EEA, to countries outside the EEA). By providing any data through the online services, you hereby expressly consent to such transferring and processing of your data in such third countries.
Transfers of personal data to servers operated by cloud service providers outside the EEA will be protected by the appropriate safeguards, namely the standard data protection clauses adopted by the European Commission or a supervisory authority, which we will incorporate into our agreements with such cloud service providers. You can find a copy of model contract clauses for transferring personal data outside the EEA at: https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-countries_en
All data is stored with secure methods and with limited/restricted access to persons authorized by QSR. Data from the various collection points with the QSR group are stored in Australia, USA, Singapore and Ireland.
You have certain rights under law regarding your personal data. These are set out in the table below:
||How you may exercise your rights
|Right to be informed
||You have the right to be informed about our collection and use of your personal data. It is important that we are transparent about this.
|Right of access
||You have the right to obtain confirmation as to whether your personal data is being processed, and where this is the case, access to your personal data (provided it does not adversely affect the rights and freedoms of others) and to obtain from us certain information relating thereto, including (but not limited to):
- the purposes of the processing;
- the categories of personal data concerned;
- the recipients of your personal data;
- the envisaged period which we will hold your personal data for.
|Right to request rectification
||You have the right to require us to:
- rectify any inaccurate personal data we hold about you without undue delay;
- complete any incomplete personal data, taking into account the purposes of the processing
|Right to request erasure ("right to be forgotten")
||You have the right to request that your personal data be erased without undue delay.
We will be required to comply with such request without undue delay in certain circumstances, including (but not limited to) where:
In certain circumstances, we will not be required to comply with such request, including (but not limited to) where the processing of such personal data is necessary for:
- the personal data is no longer necessary in relation to the purpose for which collected;
- you withdraw consent on which the processing of such personal data is based;
- the personal data has been unlawfully processed.
- compliance with a legal obligation;
- the establishment, exercise or defense of legal claims.
|Right to restrict processing
||In certain circumstances you have the right to restrict our processing of your personal data, including (but not limited to) where:
In such circumstances, we may continue to store your personal data, and may only process it with your consent:
- you contest the accuracy of such personal data;
- the processing of such personal data is unlawful, you object to the erasure thereof and prefer that the processing thereof be restricted instead;
- we no longer need the personal data for the purposes of processing, but you require it for the establishment, exercise or defense of legal claims.
- for the establishment, exercise or defense of legal claims;
- for the protection of the rights of another natural or legal person; or
- for reasons of important public interest of the European Union or of a member state.
|Right to data portability
||Provided it does not adversely affect the rights and freedoms of others, you have the right to obtain and reuse your personal data for your own purposes.
|Right to object
||You have the right to object, on grounds relating to your particular situation, to:
- processing your personal data based on legitimate interests or the performance of a task in the public interest/exercise of official authority;
- processing your data for direct marketing purposes; and
- processing your personal data for scientific, historical research or statistical purposes, unless the processing is necessary for the performance of a task carried out for reasons of public interest.
|Right to withdraw consent
||You have the right to withdraw your consent to us using and processing your personal data at any time.
The lawfulness of any processing based on consent before such withdrawal will not be affected.
|Right to lodge a complaint with a supervisory authority
||You have the right to lodge a complaint with a supervisory authority if you consider the processing of your personal data an infringement of your rights under applicable privacy laws.
If you wish to speak to us in relation to any of your rights, please contact our data protection officer at the address set out below.
Links to Third Party Sites
The QSR website may provide links to other sites for your convenience and information. These websites may be operated by companies other than QSR. Linked websites may have their own privacy policies. QSR is not responsible for the content or privacy practices of any linked websites that are not operated by QSR.
Blogs and Other Interactive Services
QSR may provide blogs, online forums or other interactive services on its website which enable users to post and share information. Any information posted or shared by users through blogs, online forums or other interactive services will become public information and will be available to other users who access the QSR website.
Cookies are small files that a site or its service provider transfers to your computer's hard drive through your web browser (if you allow) that enables the site's or service provider's systems to recognize your browser and capture and remember certain information.
You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser (like Internet Explorer) settings.
If you disable cookies, some features will be disabled. As a result, your site experience may be less efficient and some of our services will not function properly. However, you can still place orders.
You will have a choice to opt out of any of our marketing activities, and QSR will respect your request not to receive marketing material. We will implement your request to opt out of all marketing activities as soon as practicable upon receipt of your request.
Unsubscribe from Emails
If at any time you would like to unsubscribe from receiving future emails, you can email us at firstname.lastname@example.org
and we will promptly remove you from all correspondence from us.
QSR considers a child to be anyone under the age of 18. We do not knowingly seek or collect personal data from without the consent of a parent or guardian. If QSR becomes aware that personal data that has been submitted relates to a child without the consent of a parent or guardian, QSR will use reasonable efforts to delete that personal data from its files as soon as possible; and ensure, where deletion is not possible, such personal data is not used further for any purpose, nor disclosed further to any third party.
How to Contact Us
You can contact us in writing about how we have handled your personal data at any time. At all times, privacy complaints will be treated seriously and in a confidential manner without affecting your existing commercial arrangements between you and QSR.
Our data protection officer is responsible for all matters relating to privacy and data protection. He/she can be reached at the following address:
Data Protection Officer
QSR International Australia (Head Office)
2nd Floor, 651 Doncaster Road
Doncaster, Victoria 3108
Our data protection officer will commence an investigation into your complaint, and inform you of the outcome of your complaint within a reasonable time following the completion of the investigation, and otherwise in accordance with time frames set out in privacy laws.