Privacy Policy

We take privacy seriously

Your privacy is important to us 

Superbly Pty Ltd (ACN668191240) (“Superbly”, “us”, “we” or “our”) respects the rights and preferences regarding the data privacy of our Users. We provide access to our software for our customers (each a “Customer”) in order to provide tools that, among other things, help provide a feedback loop among teachers, parents, guardians, and students (each a “Service”). Our users include our Customers, teachers, parents, guardians and students (each a “User”). All personal information that we receive from our Users is subject to the Privacy Act 1988 (Cth) (“Privacy Act”), is owned by the respective User, and is only processed by us as set out in this privacy policy (the “Privacy Policy”).

While any User may choose not to give us their personal information, if we do not collect a User’s personal information, we may not be able to provide such User with our Services.

This Privacy Policy is subject to change without prior or separate notification: any changes will be posted on our website.

Student’s Privacy

When enabled by the respective parent or guardian (each a “Primary User”), we may permit the use of our Services by Users under the age of 18 ( each a “Student”). We do not allow the creation of accounts for Students  without the consent of their respective Primary User. When a Primary User creates an account for a Student, we set out the type of information that we will collect from the Student. The Primary User will retain the ability to access the activity in the Student account, and may delete the Student account at any time. The Primary User may also delete the Student’s personal information and refuse to permit its further collection or use by contacting us, as set out in the contact details below. For those Services directed to Students, we do not allow the use of cookies or other tracking technologies, except as needed for the purpose of supporting our internal operations.

1.0 Collection of personal information

1.1. What kind of personal information do we collect and hold?

The types of personal information that we may collect, hold, use and disclose include:

  • student name
  • student email address(es)
  • student username/ID
  • student gender
  • student year group
  • parent names
  • parent email address(es)
  • student unique identifier (such as a student number)
  • class groups
  • teacher names
  • teacher email address(es)
  • IP address;
  • details of the school the Student attends;
  • information about any complaints; and
  • a record of the pages a User visits on our website.

    1.2 How do we collect personal information?

    We usually collect personal information directly from each User. However, we may collect some personal information about a User from our Customers.

    We may also collect personal information in connection with the use of our Services when:

    • a User requests us to provide you with a fee estimate or quote;
    • a User registers or completes an application form to use our Services;
    • a User enters details through our website;
    • a third party engaged by a User contacts us or provides information to us on behalf of a User;
    • a User uses software or any other electronic application which has been integrated with our software;
    • a User communicates with us via phone or email;
    • a User makes changes on their account with us;
    • a User provides feedback in a survey;
    • we engage a third party provider to perform checks on a User;
    • a User enters into a promotion run by us;
    • a User subscribes to our mailing list;
    • a User accepts or follows links to our website and mobile applications; and
    • a User follows us through social media or posts to one of our social media sites.

    If a User calls us, we may monitor and record those calls for quality, training, dispute resolution, and/or security purposes.

    1.3 Cookies

    A “cookie” is a small file used to uniquely identify a visitor’s browser or to store information or settings in the browser. Our site uses cookies, including cookies that are necessary to enable the features of the site, performance cookies to see how visitors use the site, and functionality cookies that enable our sites to ‘remember’ machines or devices, personalize website content, tailor a User’s experience, or to help us target advertisements to Users when they are browsing our website and other websites.

    Most browsers allow a User to customise or turn off cookies, however, if a User turns off cookies or changes their settings, some features of our website may not work correctly.

    2.0 Use and disclosure

    2.1 Why do we collect, hold, use and disclose personal information?

    If a User purchases or uses the Services that we provide, we collect the User’s personal information for the purpose of operating our business and providing our Services to such User in accordance with our legitimate and legally protected interests. These include:

    • Confirming the identity of a User;
    • Confirming the accuracy of information provided to us;
    • Confirming the authority from a User to act on an account;
    • Sending notices to a User;
    • Resolving disputes and addressing complaints;
    • Collecting fees;
    • Remedying fraud and other illegal activities; and
    • Marketing our other services and products to a User.

    Each User may opt out of marketing communications by selecting “unsubscribe” for email communications, or contacting us on the contact details set out below.

    No Personal Identifiable Information (PII) will be provided to parties outside Superbly without the explicit consent of the client of whom the data is owned.

    If you are a supplier or business partner, we might collect your personal information that is necessary for the purpose of operating our business and providing our services to our Users, as well as receiving products or services from you and conducting due diligence on you and your products or services.

    2.2 How do we hold personal information?

    We hold personal information in a database, that may be hosted on a cloud service, within Australia.

    We take reasonable steps to:

    • Protect a User’s personal information that we hold from misuse, interference and loss and from unauthorized access, modification or disclosure
    • Ensure our system is appropriately backed-up to prevent the loss of a User’s personal information
    • Destroy or de-identify personal information when it is no longer required for our purposes and is permitted by law

    Security measures that we have in place to protect a User’s personal information include the following:

    • where possible, we use Secure Sockets Layer (SSL) encryption when collecting or transferring sensitive information;
    • physical access to our premises is limited;
    • information access restrictions, including two factor authentication and different levels of security clearance, are maintained;
    • configurable account locking policies to lock out accounts are employed after failed login attempts;
    • all of our staff are required to sign confidentiality agreements and undergo relevant background and/or checks re working with children; and
    • we require third party providers to implement appropriate security safeguards to keep Personal Information secure.

    It is the responsibility of all Users to ensure that login details to our sites and applications are kept secret and secure.

    2.3 When do we disclose personal information?

    We may disclose a User’s personal information to third party contractors to facilitate the delivery of our software and services or improve the quality of our software or services, to confirm the identity of a User, to diagnose technical problems, to administer our website and/or to carry out maintenance, repairs and develop our computer software and hardware.

    A User’s account, financial and billing information (including any changes to or corrections of such) may also be made available to providers of payment services or any other electronic applications which have been integrated with our software to enable those service providers to process payments when instructed to do so, or to our intermediaries to manage accounts processing.

    We may also disclose a User’s personal information: to third parties, such as advisors, lawyers, accountants, and resellers, who sell our services, including to debt collection agencies for the purposes of collecting debts; to third parties for fraud prevention and risk management; to law enforcement agencies; or to government bodies.

    We may disclose personal information to our related companies for services they provide to us, for oversight of our operations and where it is of relevance to their own operations. We may also disclose a User’s personal information to acquirers (or potential acquirers) of all or any part of our business, or in order to run our business or the part of our business acquired.

    We may also disclose personal information to the extent required or authorised by any applicable law.

    We do not sell any User’s personal information.

    2.4 Third Party Websites

    Our websites may contain links to and from the websites of our partner networks, advertisers and affiliates. If a User follows a link to any of these websites, these websites may have their own privacy policies and we do not accept any responsibility or liability for those websites.

    2.5 Storage
    All personal information is stored by Superbly securely in electronic form within Linode Data Center (Akamai) located in Sydney, Australia.

    3.0 How a User can access or correct their personal information

    3.1 Access to personal information

    Except in circumstances where we are required or authorised by law to refuse a User access to their personal information, upon receipt of a written request, we will provide the respective User with access to their personal information held by us.

    To request access to the information held by us about a User, they must contact us using the contact details listed below. We will respond to each written request within a reasonable time after the request has been received, and, if it is the case, we will advise the User whether we will not, or cannot, provide them with access, together with the reason for not providing access.

    We reserve the right to charge a User for providing access to their personal information. We will notify the User of those costs prior to providing them with access to the information. We may require those costs to be paid prior to providing the User with such access.

    3.2 Correction of personal information

    We take reasonable steps to ensure that the personal information collected by us is accurate, complete, relevant and up to date. If a User believes that any of the personal information we hold about them requires correction, they should inform us in writing using the contact details set out below.

    4.0 Contact details

    Any correspondence in relation to a User’s personal information or this Privacy Policy should be directed to:

    Privacy Officer:  Jason Grier

    Email: jason@superbly.education

    Post:  notices@superbly.education

    5.0 How to make a complaint

    If a User has a complaint about how we have collected, used or disclosed their personal information, or if we have not corrected or provided a User with access to their personal information, they may contact our support team using the contact details above so that we can investigate the complaint and respond to their concerns.

    If a User is not satisfied with our response, they may submit a complaint to: the Office of the Australian Information Commissioner (see: http://www.oaic.gov.au/privacy/privacy-complaints).

    Additionally to the above options, if you believe that Superbly or one of its contracted service providers has not dealt with your personal information in accordance with an APP, you can make a privacy complaint to the Department of Education through the following options:
    by email to: privacy@education.gov.au (preferred modus operandi);

    by telephone to: 1300 566 046.

    Last updated: February 2024