Theta Systems Limited (“Theta” “we or “us” or “our”) offers technology consultancy and software products designed and developed specifically for businesses. FAQ Bot is one of our products.
We collect information from you when you register on our site, register for a free trial of our Software through a third-party platform or from our website, subscribe to our newsletter or other forms of marketing communications, apply for a job with us, or respond to a survey or fill out a form.
When ordering or registering to use our Software, you may be asked to enter your name, email address, mailing address or phone number.
Theta will store information that is entered by you, or automatically imported on your instruction. The data entered or imported by you remains your property and Theta will not use this information without your permission. However, if you download, install or use our Software you will be bound by Theta’s standard terms and conditions for the Software. You grant Theta a licence to access, collect, compile and use your data for Theta’s own purposes provided that such data excludes any personally identifiable data, or information that identifies you, or your business.
Data entered or imported by you in order to use our Software and stored on Theta’s system will be stored securely and only accessible to persons you have authorised to use the Software. It is your responsibility to keep your login details safe. Theta and its staff do not have access to your password.
Theta support staff may have access to your Theta account and database for the purpose of providing you with customer service related to your account.
Any of the information we collect from you may be used in one of the following ways:
We will only collect, use and share your personal information where we are satisfied that we have an appropriate legal basis to do so(namely, that the processing is necessary for our legitimate interests and/or for compliance with a legal obligation to which we are subject). This is because:
We implement and maintain appropriate technical and organisational security measures, policies and procedures to maintain the safety of your personal information when you subscribe or enter, submit, or access your personal or business information.
Theta's servers have SSL Certificates issued by a leading certificate authority which enables encryption of data in transit. However, the internet is not in itself a secure environment. This means that your browser must support the encryption security with any web based communications with Theta.
Access and storage controls via the Software are administered by Theta in New Zealand as the custodian of that data. Where you access or input data from somewhere other than the country where the data is stored or to be stored, you consent to that data being transferred from one country to the other (including via any intermediate country) as a function of transmission across the internet.
Where your information is no longer needed, we will ensure that it is disposed of in a secure manner within 20 business days. In some circumstances we may store your personal information for longer periods of time, for instance: where we are required to do so in accordance with legal, regulatory, tax, or accounting requirements; so that we have an accurate record of your dealings with us in the event of any complaints or challenges; or if we reasonably believe there is a prospect of litigation relating to your personal information or dealings.
Theta does not store your credit card details
When you choose to pay for the Software or Theta services by credit card, your credit card details are not stored and cannot be accessed by Theta staff. Your credit card details are encrypted and securely stored by a PCI certified payment authority, to enable Theta to automatically bill your credit card on a recurring basis. Theta currently uses either Stripe Payments or Chargify as its PCI certified payment authority.
We share your personal information in the manner and for the purposes described below:
We use 3rd-party services to help advertise and promote our product. You can opt out of receiving targeted ads by following these links DAA, NAI, or EDAA (Europe only).
To protect privacy rights and to ensure you have control over how we manage marketing with you:
We recommend you routinely review the privacy policies and preference settings that are available to you on any social media platforms as well as your preferences within your account with us.
We operate on a global basis. Accordingly, your personal information may be transferred and stored in countries outside the European Union, including New Zealand, Australia and the United States of America, that are subject to different standards of data protection. We will take appropriate steps to ensure that transfers of personal information are in accordance with applicable law and carefully managed to protect your privacy rights and interests. To this end:
You have a right to contact us for more information about the safeguards we have in place (including a copy of relevant contractual commitments) to ensure the adequate protection of your personal information when this is transferred as mentioned above.
We are committed to protecting the security of your Personal Information and we take all reasonable precautions to protect it from Privacy Breaches, namely:
If your Personal Information is subject to a Privacy Breach which causes or is likely to cause serious harm, we will notify you and the New Zealand Privacy Commissioner in accordance with our obligations under New Zealand's Privacy Act 2020.
Your personal information may be transferred to our third party service providers in overseas countries. By providing your personal information to us, you acknowledge that some third party service providers may be located in countries which do not have the same level of privacy laws as New Zealand and you consent to the transfer of your personal information in these circumstances.
Subject to certain exemptions, and in some cases dependent upon the processing activity we are undertaking and where your Personal Information originates from, you have certain rights in relation to your personal information. If you are resident in the European Union, under European law you have the following rights in respect of your personal information:
If you wish to access any of the above rights, we may ask you for additional information to confirm your identity and for security purposes, in particular before disclosing personal information to you. We reserve the right to charge a fee where permitted by law, for instance if your request is manifestly unfounded or excessive. You can exercise your rights by contacting us at firstname.lastname@example.org. Subject to legal and other permissible considerations, we will make every reasonable effort to respond to your request promptly or inform you if we require further information in order to fulfil your request.
We may not always be able to fully address your request, for example if it would impact the duty of confidentiality we owe to others, or if we are legally entitled to deal with the request in a different way. Residents in other jurisdictions may also have similar rights to the above. Please contact us at email@example.com if you would like to exercise one of these rights, and we will comply with any request to the extent required under applicable law. We ask that you please attempt to resolve any issues with us first, although you have a right to contact your supervisory authority at any time.
Please also visit our Terms and Conditions section establishing our data protection obligations to you as your data processor and the use, disclaimers, and limitations of liability governing the use of our website and Software.
c/o Theta Systems Limited
Level 2, Theta House
8-10 Beresford Square
1010 New Zealand
If you have any questions, concerns or complaints regarding our compliance with this policy, the information we hold about you or if you wish to exercise your rights, we encourage you to first contact firstname.lastname@example.org. We will investigate and attempt to resolve complaints and disputes and make every reasonable effort to honour your wish to exercise your rights as quickly as possible and within the timescales provided by data protection laws.