Rackmill Privacy Policy

BY USING OUR SERVICES, YOU CONSENT TO THE COLLECTION, USE, AND DISCLOSURE OF YOUR PERSONAL INFORMATION AS DESCRIBED IN THIS PRIVACY POLICY.

1. Introduction and Commitment

1.1 Our Privacy Commitment

Rackmill respects your right to privacy and is committed to:

• Safeguarding the privacy of our customers and website visitors
• Complying with the Privacy Act 1988 (Cth) and Australian Privacy Principles
• Being transparent about how we collect, use, and protect your information
• Giving you control over your personal information
• Maintaining the security and confidentiality of your data

1.2 What is Personal Information?

"Personal information" means information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether the information or opinion is true or not, and whether recorded in a material form or not. This includes information such as:

• Name and contact details
• Financial information
• Account credentials
• Technical information about your use of our services
• Any other information that can identify you

2. Information We Collect

2.1 Information You Provide to Us

We collect personal information that you voluntarily provide when you:

Account Registration:

• Full name
• Email address
• Phone number
• Billing address
• Business name and ABN (if applicable)
• Company registration details (if applicable)

Payment Information:

• Credit card or debit card details (processed securely by our payment processor)
• Bank account information (for direct debit arrangements)
• Billing history and transaction records

Service Usage:

• Domain names and DNS configuration
• Server configuration preferences
• Technical support requests and communications
• Account activity and service usage logs

Communications:

• Content of emails, support tickets, and other communications with us
• Feedback and survey responses
• Phone call records (when you contact our support)

2.2 Information Automatically Collected

When you use our website and services, we automatically collect:

Technical Information:

• IP address
• Browser type and version
• Operating system
• Device information
• Referring website addresses
• Pages visited and time spent on pages
• Date and time of visits

Service Usage Data:

• Server resource usage (CPU, memory, bandwidth)
• Login times and locations
• API access logs
• Error logs and diagnostic information

2.3 Cookies and Tracking Technologies

We use cookies and similar technologies to:

• Maintain your session and keep you logged in
• Remember your preferences
• Analyze website usage and improve our services
• Provide security features

You can control cookie settings through your browser, but disabling cookies may affect your ability to use certain features of our services.

2.4 Third-Party Analytics and Tracking Services

We use the following third-party services to analyze website usage and improve user experience:

Microsoft Clarity:

• Purpose: Session recording and heatmap analysis to understand user behavior
• Information collected: Page views, clicks, scrolls, mouse movements, device information
• Privacy policy: https://privacy.microsoft.com/en-us/privacystatement
• Note: Clarity anonymizes personally identifiable information

Google Analytics:

• Purpose: Website traffic analysis and user behavior tracking
• Information collected: Page views, session duration, traffic sources, device information
• Privacy policy: https://policies.google.com/privacy
• Opt-out: You can install the Google Analytics Opt-out Browser Add-on

Google Ads Conversion Tracking:

• Purpose: Measure effectiveness of advertising campaigns
• Information collected: Ad interactions, conversions, device information
• Privacy policy: https://policies.google.com/privacy

Jivochat:

• Purpose: Live chat support and customer communication
• Information collected: Chat messages, name, email, browsing behavior on our site
• Privacy policy: https://www.jivochat.com/files/privacy_policy.pdf
• Note: Only activated when you interact with the chat widget

Vercel Speed Insights:

• Purpose: Monitor website performance and loading times
• Information collected: Page load metrics, Core Web Vitals, browser information
• Privacy policy: https://vercel.com/legal/privacy-policy
• Note: Anonymized performance data only

These services may use cookies and similar technologies. You can manage your preferences through your browser settings or by contacting us at accounts@rackmill.au.

3. How We Use Your Information

3.1 Purposes of Collection

We collect and use your personal information for the following purposes:

Service Provision:

• Create and manage your account
• Provide, operate, and maintain our hosting services
• Process payments and manage billing
• Communicate with you about your services
• Provide technical support and customer service
• Monitor and improve service performance

Business Operations:

• Conduct internal operations including troubleshooting and testing
• Analyze usage patterns to improve our services
• Develop new features and services
• Maintain security and prevent fraud
• Comply with legal obligations

Communications:

• Send service-related announcements and updates
• Respond to your inquiries and support requests
• Send invoices and payment reminders
• Notify you of changes to our terms or policies
• Send marketing communications (with your consent)

Legal and Compliance:

• Comply with Australian laws and regulations
• Respond to legal process and law enforcement requests
• Protect our rights and property
• Investigate and prevent fraud, abuse, or illegal activity

3.2 Marketing Communications

We may send you marketing communications about:

• New services and features
• Special offers and promotions
• Industry news and updates
• Events and webinars

You can opt out of marketing communications at any time by:

• Clicking the unsubscribe link in any marketing email
• Contacting us at accounts@rackmill.au
• Updating your preferences in your customer portal

Note: You cannot opt out of essential service communications such as billing notices, security alerts, and service updates.

4. How We Store and Protect Your Information

4.1 Data Storage Location

All personal information is stored on secure servers located in Perth, Western Australia. This means:

• Your data remains within Australian jurisdiction
• Australian privacy laws apply to your information
• Your data is not transferred outside Australia (except as described in Section 5)

4.2 Security Measures

We implement appropriate technical and organizational measures to protect your personal information, including:

Technical Security:

• Encryption of data in transit (SSL/TLS)
• Encryption of sensitive data at rest
• Secure data centers with physical access controls
• Regular security updates and patches
• Intrusion detection and prevention systems
• Firewalls and network security measures

Administrative Security:

• Access controls and authentication requirements
• Employee training on privacy and security
• Regular security audits and assessments
• Incident response procedures
• Confidentiality agreements with employees and contractors

4.3 Data Retention

We retain your personal information for as long as:

• Your account remains active
• Required to provide services to you
• Necessary to comply with legal obligations
• Required for legitimate business purposes (e.g., dispute resolution, record-keeping)

After your account is closed, we may retain certain information:

• For up to 7 years to comply with Australian taxation and business record requirements
• As required by law or legal process
• In anonymized or aggregated form for statistical purposes

You may request deletion of your personal information subject to our legal obligations and legitimate business needs.

5. How We Share Your Information

5.1 General Principle

We do not sell, rent, or trade your personal information to third parties. We only share your information as described in this Privacy Policy.

5.2 Service Providers and Partners

We may share your information with trusted third-party service providers who assist us in:

Payment Processing:

• Payment processors (e.g., Stripe) to process credit card and payment transactions
• These providers have their own privacy policies and security measures

Infrastructure and Services:

• Data center providers (Equinix) for colocation services
• Software providers (e.g., cPanel, control panel software)
• Upstream network providers for connectivity
• Domain registrars for domain name services

Business Operations:

• Email service providers for sending communications
• Analytics providers for website and service analytics (see Section 2.4 for specific services)
• Customer support tools and ticketing systems
• Accounting and tax service providers

All third-party service providers are required to:

• Use your information only for specified purposes
• Maintain appropriate security measures
• Comply with applicable privacy laws

5.3 Legal Requirements

We may disclose your personal information when required by law or in good faith belief that such action is necessary to:

• Comply with legal process (court orders, subpoenas, warrants)
• Respond to lawful requests from government authorities and law enforcement
• Enforce our Terms and Conditions and Acceptable Use Policy
• Protect the rights, property, or safety of Rackmill, our customers, or others
• Investigate fraud, security issues, or technical problems

5.4 Business Transfers

If Rackmill is involved in a merger, acquisition, sale of assets, or bankruptcy:

• Your personal information may be transferred to the successor entity
• We will provide notice before your information is transferred and becomes subject to a different privacy policy
• You will have the opportunity to delete your account before any transfer

5.5 With Your Consent

We may share your information for other purposes with your express consent.

5.6 No International Transfers

We do not routinely transfer personal information outside Australia. If an international transfer becomes necessary:

• We will ensure the recipient country has adequate privacy protections, or
• We will use appropriate safeguards (such as standard contractual clauses), and
• We will obtain your consent where required by law

6. Your Rights and Choices

6.1 Access to Your Information

You have the right to request access to the personal information we hold about you. To request access:

• Contact us at accounts@rackmill.au
• Specify what information you wish to access
• Verify your identity (for security purposes)

We will provide access within a reasonable timeframe, typically within 30 days. A small administrative fee may apply for complex requests.

6.2 Correction of Information

If you believe any information we hold about you is inaccurate, out of date, incomplete, irrelevant, or misleading:

• You can update most information through your customer portal
• Contact us at accounts@rackmill.au to request corrections
• We will take reasonable steps to correct your information

6.3 Deletion of Information

You may request deletion of your personal information, subject to:

• Our legal obligations to retain certain records
• Legitimate business purposes (e.g., resolving disputes, enforcing agreements)
• Technical limitations

To request deletion, contact us at accounts@rackmill.au.

6.4 Portability

You may request a copy of your personal information in a structured, commonly used, and machine-readable format where technically feasible.

6.5 Objection and Restriction

You may object to or request restriction of certain processing of your personal information, including:

• Marketing communications (opt-out rights)
• Processing based on legitimate interests
• Automated decision-making (if applicable)

6.6 Complaints

If you believe we have breached the Australian Privacy Principles or your privacy rights:

1. Contact us at accounts@rackmill.au with details of your complaint
2. We will investigate and respond within 30 days
3. If you are not satisfied with our response, you may contact:

Office of the Australian Information Commissioner (OAIC)
Website: https://www.oaic.gov.au
Phone: 1300 363 992
Email: enquiries@oaic.gov.au

7. Children's Privacy

Our services are not intended for individuals under 18 years of age. We do not knowingly collect personal information from children. If you are a parent or guardian and believe we have collected information about a child, please contact us immediately so we can delete the information.

8. Third-Party Websites and Services

8.1 Third-Party Links

Our website and services may contain links to third-party websites and services. We are not responsible for the privacy practices of these third parties. We encourage you to read their privacy policies.

8.2 Third-Party Services

When you use third-party services integrated with our platform (e.g., cPanel, payment processors):

• Those services have their own privacy policies
• Your use is subject to their terms and policies
• We are not responsible for their privacy practices

9. Data Breach Notification

9.1 Our Commitment

We maintain comprehensive security measures to protect against data breaches. However, no system is completely secure.

9.2 Notification Procedures

In the event of a data breach that is likely to result in serious harm:

• We will assess the breach and take immediate remedial action
• We will notify affected individuals as soon as practicable
• We will notify the Office of the Australian Information Commissioner as required by law
• We will provide information about the breach and steps you can take to protect yourself

10. Business Contact Information

10.1 Information We Collect

When you use our business contact form or contact us regarding business inquiries, we collect:

• Your name
• Email address
• Phone number (if provided)
• Company name (if provided)
• Message content

10.2 How We Use Business Inquiries

Information from business inquiries is used to:

• Respond to your questions or requests
• Provide information about our services
• Follow up on business opportunities
• Maintain records of business communications

11. Changes to This Privacy Policy

11.1 Updates

We may update this Privacy Policy from time to time to reflect:

• Changes in our practices
• Changes in applicable laws
• New services or features
• Feedback from customers

11.2 Notification of Changes

When we make significant changes to this Privacy Policy:

• We will update the "Last Updated" date at the top of this policy
• We will post the updated policy on our website
• We may notify you via email or through your customer portal
• For material changes, we may seek your consent where required by law

11.3 Continued Use

Your continued use of our services after changes to this Privacy Policy constitutes acceptance of the updated policy.

12. Australian Privacy Principles Compliance

We comply with the 13 Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth):

1. APP 1 - Open and transparent management of personal information: This Privacy Policy demonstrates our commitment to transparency
2. APP 2 - Anonymity and pseudonymity: You may interact with us anonymously or using a pseudonym where practicable
3. APP 3 - Collection of solicited personal information: We only collect information reasonably necessary for our functions
4. APP 4 - Dealing with unsolicited personal information: We properly handle unsolicited information
5. APP 5 - Notification of collection: We notify you of collection purposes and rights
6. APP 6 - Use or disclosure of personal information: We only use information for disclosed purposes
7. APP 7 - Direct marketing: We provide opt-out options for marketing communications
8. APP 8 - Cross-border disclosure: We ensure overseas recipients comply with privacy obligations
9. APP 9 - Adoption, use or disclosure of government identifiers: We do not adopt government identifiers as our own
10. APP 10 - Quality of personal information: We take reasonable steps to ensure information accuracy
11. APP 11 - Security of personal information: We maintain appropriate security measures
12. APP 12 - Access to personal information: We provide access to your information upon request
13. APP 13 - Correction of personal information: We correct inaccurate information upon request

13. Definitions

Australian Privacy Principles (APPs): The 13 principles in the Privacy Act 1988 (Cth) that regulate how personal information is handled.

Personal Information: Information or an opinion about an identified individual, or an individual who is reasonably identifiable.

Sensitive Information: A subset of personal information that includes information about health, racial or ethnic origin, political opinions, religious beliefs, sexual orientation, criminal records, and other sensitive matters. We do not generally collect sensitive information unless necessary and with your consent.

Data Controller: The entity that determines the purposes and means of processing personal information (Rackmill in this context).

Data Processor: A third party that processes personal information on behalf of the data controller.

14. General Provisions

14.1 Governing Law

This Privacy Policy is governed by the laws of Western Australia and the Commonwealth of Australia. You agree to submit to the exclusive jurisdiction of the courts of Western Australia.

14.2 Severability

If any provision of this Privacy Policy is held to be invalid or unenforceable, the remaining provisions will continue in full force and effect, and the invalid provision will be modified to the minimum extent necessary to make it valid and enforceable.

14.3 Contact Information

For questions about this Privacy Policy, or to exercise your privacy rights, contact accounts@rackmill.au.

For complete company information and contact details, see our Legal Notice.

15. Acknowledgment and Acceptance

BY CREATING AN ACCOUNT, ACCESSING, OR USING RACKMILL'S SERVICES, YOU ACKNOWLEDGE THAT YOU HAVE READ, UNDERSTOOD, AND AGREE TO BE BOUND BY THIS PRIVACY POLICY.

IF YOU DO NOT AGREE YOU MUST NOT USE OUR SERVICES.