1. Regatta Registers’ Services and Scope of this Privacy Policy

Regatta Registers’ Services
‍This Privacy Policy applies to:
‍
- Our corporate website located at www.regattaregisters.com, including its subdomains and any site that links to this Privacy Policy (the “Website”); and
- Our cloud-based asset inspection and compliance software platform accessible via our Website and mobile applications (collectively, the “Platform” or “Services”).
‍
References to “Services” in this Privacy Policy include the Website, Platform, mobile apps, and any other digital services, features, tools, or communications provided by Regatta Registers.

‍Personal data refers to information that identifies or could reasonably identify a natural person (e.g., name, email address, IP address, location). It excludes anonymous or de-identified data.
Our Services are intended for commercial and professional use by organisations and their authorised representatives. We do not offer services directly for personal, household, or family use.

‍Scope of this Privacy Policy
This Privacy Policy applies to personal data collected from:
- Visitors to our Website or social media pages (e.g., LinkedIn); Customers who have signed up for Regatta Registers’ Services under an agreement with us;
- Authorised Users, such as employees, contractors, or agents of Customers who access the Services on the Customer’s behalf.

2. Customer-Controlled Information
‍If you are an Authorised User of a Regatta Registers Customer, please note that your organisation is the “data controller” of your personal data submitted through the Platform. Regatta Registers acts as a “data processor” (or “service provider”) on their behalf.

If you have questions about how your data is handled, or wish to make a data access or deletion request, please contact your organisation directly. If such a request is submitted to us, we may forward it to the relevant Customer.

3. Changes to this Privacy Policy

We may update this Privacy Policy periodically. Non-material changes take effect when published on our Website. For material updates, we’ll notify you in advance by email (if available) and/or via an in-Service notice. Continued use of the Services after changes take effect indicates your agreement to the revised Privacy Policy

4. Information We Collect

4a. Information You Provide to Us
We collect personal data you provide directly, such as:
‍- Contact Details: Full name, email, phone number, job title, company name.
- Account Information: User credentials (username, password), role/access level within the Customer organisation.
- Support Requests & Feedback: Communications you send us, surveys you complete, or support tickets you submit.
- Payment Information: While Regatta Registers does not store payment details, our PCI-compliant payment providers collect relevant billing information (e.g., credit card or bank details).
- Promotions or Events: Information you submit when entering a promotion or registering for an event.
‍
4b. Information We Collect Automatically
‍We collect certain technical and usage data automatically through cookies and analytics tools, including:
IP address, browser type, operating system, device identifiers Site navigation patterns, usage frequency, crash data Location data inferred from IP Referral sources (e.g., search engines or advertisements)

‍4c. Information from Third Parties
We may receive personal data from: Your employer or organisation (if you are an Authorised User) Service providers (e.g., cloud hosting, analytics platforms) Social media platforms (e.g., public profiles and interactions) Marketing providers or public data sources

4d. Cookies and Similar Technologies
We use cookies and similar technologies to improve our Services and provide targeted advertising. You can manage cookie preferences in your browser settings. For more details, see our Cookie Policy.

‍4e. Aggregated & De-Identified Data
We may use and share de-identified or aggregated data for analytics, product development, and business insights, provided it cannot be used to identify individuals.  

5. Children’s Privacy
Regatta Registers does not knowingly collect or process personal data from individuals under the age of 18. Our services are not directed to individuals under 16. We do not knowingly collect personal data from children without verifiable parental consent. If we become aware that we have collected such data, we will promptly delete it and may terminate the associated account.

6. Sensitive Data
We do not intentionally collect sensitive data such as health information, political views, or biometric data. Please do not submit such information unless specifically requested and legally justified.

7. Security of Personal Data
‍ We implement appropriate technical and organizational security measures to protect your personal data from unauthorized access, disclosure, alteration, or destruction. These measures are designed to provide a level of security appropriate to the risk associated with the processing of your personal data.

Our safeguards include:
- Data encryption in transit and at rest;
- Access controls to systems and infrastructure;
- Regular security audits and risk assessments;
- Secure development and testing environments;
- Staff training in privacy and security best practices.
If you suspect any misuse or unauthorized access to your data, please contact us immediately at info@regattaregisters.com

8. Sharing of Personal Data
We do not sell your personal data. We may share personal data with:

- Service Providers: Such as cloud hosting, data analytics, and communication tools, to support our operations.
- Affiliates: Within the Regatta Registers group (if applicable), for business and operational purposes.
- Authorities: When required by law, regulation, legal process, or governmental request.
- Professional Advisors: Including lawyers, auditors, and insurers, in the course of legitimate business operations.
- Corporate Transactions: In the event of a merger, sale, or reorganization, personal data may be transferred as part of the transaction.

We require third parties to respect the security of your personal data and to process it in accordance with applicable law.

9. Cookies and Similar Technologies
We use cookies and similar tracking technologies to enhance your user experience, analyze website performance, and deliver targeted content.
Types of cookies we use:

- Strictly Necessary: For core functionality of our services.
- Performance: For analytics and site improvement.
- Functionality: To remember preferences.
- Targeting/Advertising: Where applicable and with your consent.

You can manage or disable cookies through your browser settings. For more information, refer to our Cookie Policy  

10. International Data Transfers
We are based in Australia and may process your personal data in other countries where we or our third-party service providers operate, including the United States, South America (including Brazil and Argentina), the United Kingdom, and the European Economic Area (EEA). Where required, we use legal mechanisms such as:

- Standard Contractual Clauses (SCCs) approved by the European Commission;
-  UK Addendum for transfers from the UK;
- Data Transfer Agreements under Brazil’s LGPD or Argentina’s Data Protection Act;
- Other recognized safeguards to ensure your data is protected regardless of where it is processed.

11. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which we collected it, including to comply with legal, regulatory, tax, accounting, or reporting requirements.

Retention periods may vary based on:
- The type of data;
- The nature of our relationship with you;
- Applicable legal requirements.

We securely delete or anonymize personal data when it is no longer required.

12. Your Rights and Choices
You may have the right to:

- Access and correct your personal data;
- Delete your personal data;
- Object to or restrict data processing;
- Withdraw consent where we rely on it;
- Port your personal data (where applicable);
- Lodge a complaint with a supervisory authority.

If you are located in the EEA, UK, Brazil, Argentina, or other jurisdictions with data protection laws, additional rights may apply (see Section 13 below). To exercise your rights, please contact us at info@regattaregisters.com.

13. Region-Specific Rights

Rights For EEA and UK Residents
‍ You have rights under the GDPR and UK GDPR, including:
- Right to lodge a complaint with a supervisory authority (e.g., ICO in the UK).
‍
‍For Brazilian Residents
Under LGPD, you may:
- Confirm processing;
- Access and correct your data;
- Anonymize, block, or delete unnecessary/excessive data;
- Request data portability;
- Revoke consent.

‍For Argentinian Residents
Under Argentina’s Law 25.326, you have rights to:
- Access, rectify, update, and delete personal data;
- File complaints with the Agencia de Acceso a la Información Pública.

14. Third-Party Links and Services
Our website and services may contain links to third-party sites or services. We are not responsible for the privacy practices of those third parties. We encourage you to review their privacy policies before providing them with your personal data.

15. Updates to This Privacy Notice
We may update this Privacy Notice at any time without prior notice. Any changes will become effective upon posting the revised notice on this page, with the “Last Updated” date updated accordingly. If we make material changes, we will provide prominent notice on our website or platform. Your continued use of our services after any changes become effective constitutes your acceptance of the revised Privacy Notice. If you do not agree to the changes, you should discontinue use of our services.

16. Complaints and Supervisory Authorities
‍ If you believe we have not handled your data in accordance with applicable privacy laws, you may contact:

- Office of the Australian Information Commissioner (OAIC): www.oaic.gov.au
- Brazil’s National Data Protection Authority (ANPD): www.gov.br/anpd
- UK Information Commissioner’s Office (ICO): www.ico.org.uk
- European Data Protection Authorities: See the EU Commission site for a full list
- Argentina's Agency for Access to Public Information: www.argentina.gob.ar/aaip
‍
We encourage you to contact us first so we can try to resolve your concerns directly.  

17. How to Contact Us
If you have questions, concerns, or wish to exercise your rights, you may contact us at:
‍
Regatta Registers Pty Ltd
Email: info@regattaregisters.com
Postal Address: Unit 3 12 Scott St, West End QLD