Privacy Policy

Sine takes data privacy seriously. This privacy policy explains how we collect, share and use Personal Information, and how you can exercise your privacy rights.

1. Privacy

Sine Group Pty Ltd A.C.N. 167 296 219 (“Sine”, “we” or “us”) is committed to ensuring the privacy of all users’ information. We respect and protect your privacy and thank you for visiting our website and reviewing our Privacy Policy.

2. Application

This Privacy Policy applies to all authorised users (“Users” or “you”) of Sine’s website, Sine’s mobile applications, and any other services offered by Sine (collectively, “Services”) and all personal information submitted by Users to Sine or otherwise retrieved (or accessible) by Sine in providing the Services.

By accessing and/ or using the Services, or otherwise submitting your personal information, a User consents to the collection, holding, use and disclosure of their personal  information (and other non-personal information) in accordance with this Privacy Policy and our Privacy, Hosting and Security Whitepaper (“Security Whitepaper”) (a copy of which can be requested here), including holding by, using by and disclosure to any third party suppliers or service providers we use to make the Services function (as detailed below).

4. Changes to Privacy Policy

Sine may amend or update this Privacy Policy from time to time, with or without notice to Users. All Users agree to be bound by the Privacy Policy that is in effect at the time they access and/ or use the Services. The date of the last update of this Privacy Policy is listed below.

5. Kinds of Personal Information we collect and hold

In order to use the Services (including when checking in/ out of a Client’s site), a User will need to submit certain personal information such as their name, contact details, location, image (via photograph) and employer. Clients may also be asked to submit further information from time to time.

If Sine Face Check (“Face Check”) is enabled by a User when using the Services, a User’s biometric information will also be collected as part of using a check in /out mobile device. Once Face Check has been enabled by a User, the User may later elect when checking in/ out again to opt-out of (i.e. disable) Face Check and delete their biometric information and record. A User’s health information and other personal information may also be collected as part of any COVID-19 or similar contact tracing, health questionnaires, temperature scanning and/ or similar that a Client may have implemented with the assistance of our Services. It is not possible to list in this Privacy Policy all the kinds and extent of such health information and other personal information that will be collected as it will vary depending on the measures (including content of health questionnaires) implemented by the Client and any responses a User provides to the same.

If a Client uses Sine Workflows, or any other feature of the Services that allow a Client to upload content to Services for use by a User, other personal information may also be collected. Again, it is not possible to list in this Privacy Policy all the kinds and extent of such person information that will be collected as it will vary depending on the content uploaded by the Client and any responses a User provides to the same.

We may also collect, hold, use and disclose information about a User that is not necessarily personal information including data relating to the User’s activity on our website via tracking technologies such as analytic, cookie and session tools (which data can include the identity of the User’s internet browser, the type of operating system being used, the User’s IP address, the domain name of the User’s internet service provider, the pages accessed on our website, and the next website visited) and non-personal details of any survey responses the User provides. We may use this non-personal information for internal purposes including, administering our services, diagnosing problems, generating statistics and trends and improving the quality of our products and services

6. How we collect and hold Personal Information

We collect a User’s personal information directly from the User wherever it is reasonable and practical to do so. This includes when a User accesses and uses the Services (including inputting personal information into the Services, responding to any content or questionnaires provided as part of the Services, using the photo capture application on a check in/ out mobile device, and through the use of third party analytic, cookie and session tools), through applications or other forms that the User completes and provides to us, when a User posts about us on any blogs, forums, wikis and other social media applications and services, and any other means by which a User directly communicates or provides the information to us.

If Face Check is enabled, a User’s biometric information will be collected when using the photo capture application on a check in /out mobile device. If a Client has implemented any COVID-19 or similar contact tracing, health questionnaires, temperature scanning and/ or similar with the assistance of our Services, a User’s health information and other personal information may be collected by use of temperature scanning equipment when checking in to a Site and/ or from the responses the User provides to any health or similar questionnaires.

We may also collect a User’s personal information from external sources where it is unreasonable or impracticable to collect it from a User direct. These external sources may include, but are not limited, a Client, and third parties  that a Client has engaged to provide various services that integrate via API on an “as is” basis with the Services (each, an “Integration Party”). If you are an external source that provides us with the personal information of a third person, in doing so, you acknowledge and confirm that you are authorised by that person to do so, you have informed that person that you will be doing so, and that person has been directed to this Privacy Policy.

We will generally hold personal information as electronic records with Amazon Web Services (AWS) (Sydney region) and, in any case, in accordance with the security provisions detailed below.

7. Use and Disclosure of Personal Information

Personal information that Users provide is collected, held, used and disclosed by Sine: (a) to provide, maintain, support, and improve the Services; (b) to promote use of the Services; (c) for facial recognition purposes (if collected via Face Check ) including creating and maintaining lists for a Client to monitor (and be alerted to) a User’s future attendance (including checking-in/ out) at its site(s); (d) to send informational and promotional content (including direct marketing) to Clients about the Services; (e) to bill and collect money owed to us including sending emails, invoices, receipts, notices of delinquency, and alerting if we need a different credit card number; (f) to send System Alert messages, for example, informing of temporary or permanent changes to the Services, such as planned outages, new features, version updates, releases, abuse warnings, and changes to this Privacy Policy; (g) to communicate about Sine accounts and provide customer support; (h) to enforce compliance with our terms of use, enterprise agreements and applicable law including developing tools and algorithms that help us prevent violations; (i) to protect the rights and safety of Users and third parties, as well as our own; (j) to meet legal requirements, including complying with court orders, valid discovery requests, valid subpoenas, and other appropriate legal mechanisms; (k) to provide information to representatives and advisors, including attorneys and accountants, to help us comply with legal, accounting, or security requirements; (l) to prosecute and defend a court, arbitration, or similar legal proceeding; (m) to respond to lawful requests by government, public, industry or regulatory authorities, including to meet national security or law enforcement requirements; (n) to transfer in the case of a sale, merger, consolidation, liquidation, reorganization, or acquisition of us and/ or our assets.

Where Sine has connected to a Government’s Visitation API or similar contact tracing system (Contract Tracing System) in a particular State or other jurisdiction, and a Client has requested that Sine use the Contract Tracing System for the Client’s site(s) in that State/ jurisdiction, certain information that is collected for such site(s) for the primary purposes detailed immediately above may also be used and disclosed for the further ancillary purposes of contact tracing, the Client’s compliance with any applicable contact tracing law, regulation, Government or regulatory authority policy, rule, decree, direction or lawful request, and/ or similar (each, a Contact Tracing Obligation), and Sine’s compliance with its obligations under any licence terms for the Contract Tracing System. Such information may include a first name; contact phone number, date and time of attendance at the site, and any other records, business information or other contact tracing information required to be collected under the applicable Contact Tracing Obligation. If a request for information is received by Sine via the Contract Tracing System, Sine may disclose such requested information it holds to that the Government of that State/ jurisdiction.
States/ Jurisdictions where Sine has connected to a Contract Tracing System include:
(a) Victoria, Australia – via the Victorian Government’s Visitation API, further information on which can be found on the Victorian Government’s websites.

In providing the Services, Sine may from time to time in connection with the Services disclose a User’s personal information to our support centres, our third party suppliers and service providers (who provide us with necessary hardware, software, networking, connectivity, functionality, storage and related technology required to provide the Services) and to Integration Parties in accordance with this Privacy Policy and our Security Whitepaper. Such third party suppliers and services providers include those specified in the non-exhaustive list here. Our support centres, third party suppliers, service providers and Integration Parties may be located in countries outside Australia (or have branches, associated entities or use services, servers or facilities that are located in countries outside Australia) including England, Ireland, Philippines and the USA; however, it is not practicable to specify all of these countries. By accessing and/ or using the Services, a User consents to Sine disclosing their personal information in this manner (including to recipients outside Australia) and acknowledges that we have hereby informed the User that in providing such consent, subclause 8.1 of the Australian Privacy Principles will not apply to the disclosure. Sine will not disclose the User’s personal information to any other third party except where expressly authorised to do so by the relevant User or, where the disclosure relates to the purposes for which the information was collected (as stated above), or where required by law.

8. Security

Sine takes reasonable steps in accordance with our Security Whitepaper to protect the personal information provided via the Services from misuse, interference, loss, and unauthorised access, modification or disclosure. However, no internet or email transmission is ever fully secure or error free. Therefore, a User should take special care in deciding what information they send to us via email, input into the Services or otherwise.

9. Access to and updates of Personal Information

Users may request at any time to see and correct the personal information that Sine holds on their behalf (to the extent that they are unable to do so themselves via the Services) by contacting Sine using the details below for our Privacy Officer. If you do not have a Sine account and have provided your personal information as part of checking-in or otherwise using the Services at a Client’s site, Sine will pass on your request to the Client who will be responsible for dealing with the request and providing you access to your personal information.

10. Storage of Personal Information

Users shall primarily have their personal information hosted on Amazon Web Services (AWS) (Sydney region). For Users from the European Union or other regions with laws governing data collection and use, such Users hereby consent to the transfer of their personal information to outside of the European Union (or from their country, as applicable), including to Australia. Specific terms of use apply to Users within the European Union. By providing their personal information, Users consent to any transfer and processing in accordance with this Privacy Policy and our Security Whitepaper. Clients are solely responsible for informing individuals and visitors with whom they interact that in connection with the use of the Services their personal information may be collected, held, used and disclosed in accordance with this Privacy Policy and our Security Whitepaper including outside the country of origin and that third party servers may be used. Further, Clients are solely responsible for establishing policies for, and ensuring compliance with, all applicable laws and regulations, as well as all privacy policies (including this Privacy Policy), agreements or other obligations, relating to the collection, holding, use and disclosure of personal information in connection with the use of the Services by individuals and visitors with whom the Client interacts.

11. Retention

Sine may hold personal information related to a Sine account both before and after the cancellation of the account, but only for as long as Sine is lawfully entitled to do so. We may be legally required to maintain some personal information for a significant period of time, however once we no longer need the personal information, subject to any legal requirement, we will take such steps as are reasonable in the circumstances to destroy the information or ensure that the information is de-identified.

12. Business transfers

If we (or substantially all of our assets) are sold, merged, consolidated, liquidated, re-organized, acquired, or if we go out of business, enter bankruptcy, or go through some other change of control, personal information may be transferred to or acquired by a third party as part of the same and by accessing and/ or using the Services you consent to such transfer.

13. European Union Users

For additional privacy policy terms applicable to Users within the European Union, please see here.

14. Non-Exhaustive List of Third Party Suppliers & Service Providers

Further information on how each of the below third party suppliers and service providers generally collect, hold, use and disclose personal information and other data may be available on such third party’s website and/ or privacy policy if you wish to review the same.

Third Party Supplier/ Service Provider Service
AWS Infrastructure
Intercom CRM/ Support
SendGrid Messaging/ Email
Twilio Messaging/ SMS
Stripe Billing
Xero Billing
Shopify Ecommerce
Unleashed Inventory
MongoAtlas Infrastructure/ DB
Cloudflare Infrastructure/ WAF
Slack Productivity
Gsuite Business Tools
JoinMe Business Tools
AirCall Business Tools
Calendly Business Tools
SimpleMDM Device Management

15. Privacy Officer & complaints

If you have any questions, concerns or requests regarding your privacy and personal information or, if you would like to make a complaint (including for any asserted breach of a privacy law or principle), please direct your correspondence or communication to our Privacy Officer at:

The Privacy Officer
Sine Group Pty Ltd
65 Magill Road | Stepney, South Australia, 5069
Telephone: +61 8 8121 5956
Email: [email protected]

If you wish to make a complaint to us regarding your privacy and personal information please do so in writing addressed to our Privacy Officer. If you need help lodging a complaint, please feel free to contact us. We take all complaints seriously, and will respond to your complaint within a reasonable period. We will determine what (if any) action we should take to resolve the complaint. If you are not satisfied with our response to the complaint, you may pursue it further with the relevant government or regulatory body. In Australia, this body is the Office of the Australian Information Commissioner.

Last updated 19 March 2021