Privacy policy

COPPA

Compliant

GDPR

Compliant

FERPA

Compliant

This privacy policy sets out how Loop Platform treats the privacy of users of Ziplet and others with whom we interact.  We regard protection of privacy as a fundamental part of our relationship with users and comply with GDPR (for EU users), COPPA and FERPA (for USA users) and the Privacy Act (for Australian users).

The privacy of students is particularly important to us. As explained in more detail below:

  • the only information that we collect from students to register for the Ziplet is their name, email address, and age (to determine if parental consent is required)
  • we do not sell or rent student information
  • we do not advertise on Ziplet

We do not collect, maintain, use or share student personal information beyond that authorized below or by the relevant student or their parent.

When do we collect and store personal information?

The circumstances in which we collect and store personal information about you may include:

  • when you sign up to become a Ziplet user and for the purpose of assigning a User ID to you
  • when you or another user interact via Ziplet in a way that involves providing personal information about you
  • when you or another user sends an enquiry to us or makes a comment or other post through Ziplet or via email or social media
  • when you enter into a financial transaction with us
  • when you respond to a customer survey from us
  • as part of automated analysis of your usage of Ziplet
  • if you are the parent of a student user under age 13 at time of registration and provide your consent to us regarding them using Ziplet

Use and disclosure of personal information

We use the personal information about you for the purposes for which it was provided or collected, including the following purposes:

  • to provide and support or improve Ziplet
  • to respond to enquiries or support requests received from you
  • to perform any financial transactions with us that are initiated by you
  • to verify your identity and to assist you if you have forgotten any user ID, user name or password
  • to report to the relevant Client regarding usage of Ziplet (subject to the restrictions described below about us disclosing personal information about you to the Client)
  • for our internal administrative, marketing, planning, product development and research requirements
  • if you are a student user - to communicate with you but only to notify you of a failure to respond to a communication to you by a teacher user or leader user, or to notify you of a password reset or any change to our Terms of Service or Privacy Policy
  • if you are teacher user or leader user (and subject to your right to opt-out below) - to communicate with you (including to encourage your use of Ziplet) and provide you with information (whether by email or via Zipet) about Ziplet
  • to seek and respond to user or Client comments on Ziplet
  • to receive and address complaints about us, Ziplet, or any user (including regarding alleged misuse of Ziplet or unacceptable Content)
  • to protect our legal interests and fulfill our regulatory obligations (if and to the extent necessary).

All users and others with whom we interact may opt-out of receiving communications from us except as necessary or desirable for the operation of Ziplet (including notification of any password reset or any change to our Terms of Service or Privacy Policy)

We do not:

  • sell or license any personal information about you to any person
  • send any marketing communication to you at the request of any person
  • include any advertising on Ziplet (except for advertising of our premium service to teacher category users by us).

We do not build any personal profile of you (other than your basic details contained in your registration for use of Ziplet).

We do not provide any bulletin board, forum or other facility to make personal information publicly available via Ziplet.

In relation to disclosure of personal information about you, this is separated into 3 cases:

  • disclosure to other users
  • disclosure to our service providers
  • overriding permitted disclosures.

Disclosure to other users

If you provide Content via Ziplet, then Ziplet will make it clear if you can provide it on an anonymous basis.

If you provide Content on an anonymous basis, then we do not provide your name to any user in connection with that Content.  However we do not vet the Content to prevent you disclosing personal information (including your identity or the identity of any other person) when you provide Content, which could occur in any of the following ways:

  • (express) by you expressly including personal information in the Content
  • (inferred from content) by you including other information in the Content from which your identity or personal information can be inferred or
  • (inferred from limited numbers) by reason of your identity being able to be inferred due to a single or low number of users having been sent a communication to which you are responding when providing the Content, and as a result in the above circumstances any such personal information (whether express or inferred) may be disclosed or apparent to a user.

Where you do not provide Content on an anonymous basis, then your name and Content may be disclosed to other users.

Where a Client pays for access to Ziplet for their teacher and student users, we do not disclose the teacher or student users’ Content to the Client (or to any associated leader user), but we may make reports (Client Reports) available to them that include the following information:

  • aggregate level of usage within a Client's environment, including the total number of teachers, students, responses, announcements and messages. None of this can be tracked to an individual user
  • whether or not a teacher user has asked student users particular questions preloaded on Ziplet (either by the Client or us) in a calendar year
  • whether or not a teacher has gathered responses on Ziplet in a calendar year
  • whether or not a student has provided responses on Ziplet in a calendar year

All information above is for the purpose of demonstrating the Ziplet's overall use to the Client.  This reporting does not include any user’s Content.

Note that we do not control the subsequent use or any disclosure (including to any Client) that may be made by any user of any Content (whether anonymous or non-anonymous) made available to them in accordance with the above.  A user may choose, or be required by law (e.g. where any form of mandatory reporting applies), to use or disclose all or part of the Content received from you, even if you have not agreed to that use or disclosure


Disclosure to our service providers

We may share your personal information with third parties who help us to provide the Ziplet (Service Providers).  All disclosures to Service Providers are subject to us being satisfied about their reputation, and the Service Provider agreeing to:

  • obligations to keep your personal information secure; and
  • confidentiality obligations that in practice prevent the Service Provider from:
    - using your personal information other than for the educational purposes that Ziplet    facilitates; and
    - doing anything else with your personal information that would be inconsistent with this    privacy policy

You can view our list of Service Providers here, including what information they collect.

Overriding permitted disclosures

Despite any other provision of this policy, we may (but are not obliged to) disclose personal information, including your name or any Content provided by you, to any third party (including, where applicable, another user or a Client):

  • where we have your express permission to do so
  • if required by law (including in relation to any freedom of information request)
  • if in our opinion it is necessary or desirable in order to respond to any allegation or query by any Client (or by any user not connected with a Client) of misuse of Ziplet (including any alleged unacceptable Content)
  • if in our opinion it is necessary or desirable in order to protect the health or safety of any person (including you) or to prevent, report or investigate the damage or destruction of any property or breach of any law
  • in order to enforce or apply our terms and conditions or to protect our rights, property, or safety of our personnel, customers or users (including exchanging information with other companies and organisations for the purposes of fraud protection and credit risk reduction)
  • in connection with a sale or proposed sale of Loop Platform, or substantially all of our assets, to a third party, in which case any personal information about you that we disclose will be subject to the same constraints on use and disclosure as under this policy.

Apart from Client Reports, we may provide to Clients, potential Clients, users or the public generally:

  • de-identified case studies and de-identified Content; and
  • information based on anonymized usage data and aggregated Content,

but in every case what is provided will not refer to any teacher or student user, or be able to be attributed to any teacher or student user.

Children under 13

Where a child under 13 wishes to become a student user and use Ziplet we require consent to them doing so from a parent (or other person with the relevant legal authority, which may include the child’s teacher if a parent has given them authority) in a form acceptable to us.

If you are a parent of a child under 13 who is a student user then you may request, or may authorize your child’s teacher or school to request, access and correction, or deletion, of personal information we hold in relation to your child and (subject to us verifying that you are a parent) we will respond in the same way as described below.  You may also withdraw your consent to further collection of your child’s personal information (in which case we will cancel your child’s registration and they will cease to be able to use Ziplet).

Disclosure and transfer of information overseas

We hold your personal information in our databases.  Unless agreed otherwise with your Client (if any), the database is stored on a secure server in Australia operated by a third party.

We do not disclose or transfer your personal information outside Australia, except:

  • where you use Ziplet outside Australia, in which case personal information may be sent to your device as a necessary part of your use of Ziplet;
  • in the course of sending emails to you, as the emails may be sent from a server in the United States; or
  • in the course of sending push notifications to you, as the notifications are sent from overseas servers as used by the providers of the Apple and Android platforms.  

Security

We treat the security of Ziplet and credit card transactions seriously and endeavour to provide a secure and safe way for you to use them.

We maintain a comprehensive security program that is reasonably designed to protect the security, privacy, confidentiality, and integrity of your personal information against risks – such as unauthorized access or use, or unintended or inappropriate disclosure – through the use of administrative, technological, and physical safeguards appropriate to the sensitivity of the information.

Access and correction

You may request access to personal information we hold about you by writing to Ziplet’s Privacy Officer at either below.  Please provide sufficient detail about the information in question to help us locate it.  

Except where we have reasonable grounds for refusing (e.g. it would involve disclosing personal information about somebody else), we will provide you with access within one month of receipt of your request, together with any other information required by law.  If we refuse your request then we will give you a written statement setting out the reasons for the refusal (unless unreasonable to give them), and the process we provide if you wish to complain about the refusal.

We will provide access in the form you request if it is reasonable and practicable to do so.  If your requested form of access is not reasonable and practicable then we will endeavour to provide you with a suitable range of choices as to how you access it (e.g. emailing or mailing it to you).

If you believe that personal information we hold about you is inaccurate, out of date, incomplete, irrelevant or misleading and provide a sufficient description of it (or the circumstances in which it was provided) in order to enable us to locate it readily, then you may request amendment of it.  We will consider if the information requires amendment and respond to you within one month of receipt of your request.  If we do not agree that it should be amended, then we will add a note to the personal information stating that you disagree with it and will also give you a written statement one month of receipt of your request setting out the reasons for the refusal (unless unreasonable to give them), and the process we provide if you wish to complain about the refusal.

Our contact details are:

Mail:
The Privacy Officer
Loop Platform Pty Ltd
Level 19, 567 Collins Street
Melbourne, Victoria 3000, Australia

Email:
help@ziplet.com

Deletion

We will delete or de-identify personal information that we hold about you when any of the following occurs:

  • when requested by you, unless by law we may retain it for a further period – and in either case we will notify you within one month of receipt of your request of any action taken
  • when it is no longer needed for any purpose for which we may use it
  • automatically 7 years after your last interaction with Ziplet.

Complaints

Any questions about this policy, or any complaint regarding treatment of your privacy by Ziplet, should also be made in writing to the address above.

If you lodge a complaint, we will let you know the name of the individual responsible for taking care of it, and will tell you when we will provide a full response.

Miscellaneous

In this policy:

  • “including” means “including but not limited to”.
  • “Loop Platform" (and “we” or “us”) means Loop Platform Pty Ltd (ACN 610 813 648)
  • “personal information” means information or an opinion about an identified individual, or an individual who is directly or indirectly identifiable.
  • “Ziplet” means our apps, website and related services.

Changes to our privacy policy

We may amend or replace this privacy policy from time to time, with or without prior notice to you, by posting the updated version on our website.  Subject to the following, any updated version becomes effective as soon as it is posted on the website (or on any later date indicated in the post).  If an updated version includes a material adverse change and you are a registered user, then the updated version will not apply to you until you consent to it via Ziplet (or, if you are under 13, parental/teacher consent is provided in accordance with section 4 above). Your continued use of Ziplet may be subject to that consent being provided.

Last update: 25 June 2021