Privacy Policy

1. Information We Collect

1.1 Personal Information

We may collect personally identifiable information (“Personal Information”) that you voluntarily provide to us when you:

• Register an Account: When you create an account on our Website, we may collect your name, email address, and other contact information.
• Subscribe to Newsletters: When you subscribe to our newsletters or other communications, we may collect your email address.
• Contact Us: When you contact us for support or inquiries, we may collect your name, email address, phone number, and other relevant information.

1.2 Automatically Collected Information

We may automatically collect certain information whenever you interact with our Website. Some of this information (for example, IP addresses) may constitute Personal Information under the Privacy Act 1988 (Cth) where it can reasonably be used to identify an individual. Automatically collected information may include:

• Usage Data: Information about how you use our Website, such as pages visited, time spent on pages, and navigation paths.
• Device and Network Information: Information about the device and network you use to access our Website, including IP address, browser type, operating system, and device identifiers.
• Cookies and Tracking Technologies: Information collected through cookies, web beacons, and similar technologies (see Section 4 for more details).

1.3 Third-Party Information

We may receive information about you from third parties, such as social media platforms, if you choose to link your account or interact with our Website through these platforms.

2. How We Use Your Information

We use the information we collect in the following ways:

2.1 To Provide and Improve Our Services

• Account Management: To create and manage your account, authenticate your identity, and provide access to personalized features.
• Content Delivery: To deliver curated news, updates, and other content tailored to your interests.
• Website Improvement: To analyze usage patterns and improve the functionality, content, and user experience of our Website.

2.2 Communication

• Newsletters and Updates: To send you newsletters, promotional materials, and other communications related to our services.
• Customer Support: To respond to your inquiries, provide support, and address any issues you may encounter.

2.3 Marketing and Advertising

• Personalised Advertising: We may display personalised advertisements based on your interests and browsing behaviour. You can opt out of personalised advertising by adjusting your cookie preferences through your browser settings or by using industry opt-out tools such as the Digital Advertising Alliance's opt-out page.
• Third-Party Advertising Partners: We may share limited information with third-party advertising partners, who may use cookies and similar technologies to collect or receive information from our Website and elsewhere on the internet to provide measurement services and targeted ads. We encourage you to review the privacy policies of these third parties. We do not sell your Personal Information.

2.4 Legal and Security

• Compliance: To comply with legal obligations, respond to lawful requests, and enforce our policies.
• Security: To protect against fraud, unauthorized access, and other security threats.

2.5 Protection of Sources and Confidential Contacts

• Where individuals contact us as journalistic sources or provide information on a confidential or anonymous basis, we treat their contact details and identifying information as sensitive.
• Access to such information is restricted to authorised team members and it is used only for editorial purposes consistent with our Editorial Independence and Ethics Policy. We do not disclose the identities of confidential sources unless legally required to do so. Where applicable, we rely on the journalist privilege under section 126K of the Evidence Act 1995 (Cth) to protect the identity of our confidential sources.

3. How We Share Your Information

We may share your information in the following circumstances:

3.1 With Service Providers

We may share your information with third-party service providers who perform services on our behalf, such as:

• Hosting Providers: To host and maintain our Website. Our Website is currently hosted on third-party infrastructure. The hosting provider may collect server logs, which can include IP addresses, request timestamps, and referring URLs.
• Email Service Providers: To manage our email communications and newsletters.
• Analytics Providers: We may use third-party analytics tools to understand how our Website is used. Where we do so, these providers may collect information about your use of the Website, including your IP address, browser type, device information, and browsing behaviour. We will update this section to identify specific analytics providers as and when they are adopted.
• API Service Providers: We use third-party APIs (such as the YouTube Data API and news aggregation APIs) to deliver content on the Website. Your interaction with embedded content from these providers may be subject to their own privacy policies.

3.2 For Business Transfers

In the event of a merger, acquisition, or sale of all or a portion of our assets, your information may be transferred as part of the transaction. Where practicable, we will notify you before your Personal Information is transferred and becomes subject to a different privacy policy.

3.3 With Your Consent

We may share your information with third parties when you have given us explicit consent to do so.

3.4 Legal Requirements

We may disclose your information if required to do so by law or in response to valid legal requests, such as subpoenas or court orders.

3.5 Protecting Rights and Safety

We may disclose your information to protect our rights, privacy, safety, or property, and that of our users and the public.

4. Cookies and Tracking Technologies

4.1 Cookies

Cookies are small data files stored on your device that help us provide a better user experience. We use cookies for various purposes, including:

• Essential Cookies: To enable core functionality of the Website.
• Performance Cookies: To collect information about how visitors use the Website.
• Functional Cookies: To remember your preferences and settings.
• Advertising Cookies: To deliver personalized advertisements.

4.2 Managing Cookies

You can control the use of cookies through your browser settings. However, disabling cookies may affect the functionality of our Website.

4.3 Other Tracking Technologies

We may use web beacons, pixel tags, and similar technologies to monitor and analyse the usage of our Website. Please note that third-party content providers (including embedded video players and news APIs) may also use cookies and tracking technologies on our Website over which we have no control. We encourage you to review the privacy policies of these third parties.

4.4 Third-Party Content and Embedded Features

Our Website may include embedded content (e.g., videos, images, articles) from third-party websites. Embedded content from other websites behaves in the same way as if the user has visited the other website. These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content. We do not control these third-party technologies and recommend reviewing the privacy policies of any third-party providers.

5. Data Security

We implement appropriate technical and organizational measures to protect your information against unauthorized access, alteration, disclosure, or destruction. These measures include:

• Encryption: Using encryption to secure data transmission.
• Access Controls: Restricting access to your information to authorized personnel only.

Despite these measures, no method of transmission over the internet or electronic storage is 100% secure. Therefore, we cannot guarantee absolute security of your information.

5.2 Data Breach Notification

In the event of an eligible data breach within the meaning of Part IIIC of the Privacy Act 1988 (Cth) (the Notifiable Data Breaches scheme), we will take all steps required under that Act, including notifying affected individuals and the Office of the Australian Information Commissioner (OAIC) as soon as practicable. Where a data breach affects individuals in the European Economic Area, we will also comply with our notification obligations under Articles 33 and 34 of the GDPR.

6. Data Retention

We retain your Personal Information only for as long as necessary to fulfil the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by law. As a general guide:

• Account information — retained for the life of your account and for up to 12 months after account closure, unless we are required by law to retain it for longer.
• Contact and support enquiries — retained for up to 24 months from the date of the last communication.
• Server logs and analytics data — retained for up to 26 months, after which they are aggregated or deleted.
• Marketing and newsletter data — retained until you unsubscribe, after which your data will be deleted within 30 days.

When your information is no longer needed, we will securely delete or anonymise it in accordance with our data retention procedures.

7. Your Rights and Choices

7.1 Rights Under the Australian Privacy Principles

Under the Privacy Act 1988 (Cth) and the APPs, you have the following rights in relation to Personal Information we hold about you:

• Access (APP 12): You have the right to request access to the Personal Information we hold about you. We will respond to your request within a reasonable period (and in any event within 30 days).
• Correction (APP 13): You have the right to request that we correct any Personal Information that is inaccurate, out of date, incomplete, irrelevant, or misleading.

To exercise these rights, please contact us using the details in Section 16 below. We may need to verify your identity before processing your request.

7.2 Additional Rights

Depending on your jurisdiction, you may also have the following rights:

• Data Portability: You may have the right to receive a copy of your Personal Information in a structured, machine-readable format.
• Deletion: You may request the deletion of your Personal Information, subject to certain exceptions (for example, where we are required by law to retain it).

7.3 Opt-Out and Consent Withdrawal

You can opt out of receiving promotional communications by following the unsubscribe instructions included in such emails or by contacting us directly. Where we process your Personal Information on the basis of your consent, you have the right to withdraw that consent at any time by contacting us. Withdrawal of consent does not affect the lawfulness of processing carried out before the withdrawal.

7.4 Do Not Track

Our Website does not respond to “Do Not Track” signals. However, you can manage your tracking preferences through your browser settings. Please be aware that third-party sites linked from our Website may also not honour “Do Not Track” signals.

7.5 Complaints

If you believe we have breached the APPs or mishandled your Personal Information, you may lodge a complaint with us using the contact details in Section 16. We will acknowledge your complaint within 7 days and endeavour to resolve it within 30 days. If you are not satisfied with our response, you have the right to lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.

8. Rights for European Economic Area (EEA) Residents (GDPR)

8.1 Overview of GDPR Rights

If you are a resident of the European Economic Area (EEA), you have certain data protection rights under the General Data Protection Regulation (GDPR). We are committed to helping you exercise these rights with respect to the Personal Information we collect and process.

8.2 Lawful Basis for Processing

Under GDPR Article 6, we process your Personal Information on the following lawful bases:

• Consent — for marketing communications and non-essential cookies (Article 6(1)(a)).
• Legitimate Interests — for website analytics, fraud prevention, and improving our services, where those interests are not overridden by your data protection rights (Article 6(1)(f)).
• Legal Obligation — where we are required to process your data to comply with applicable law (Article 6(1)(c)).

8.3 Specific GDPR Rights

• Right to Access: You have the right to request copies of your Personal Information that we hold.
• Right to Rectification: You have the right to request that we correct any information you believe is inaccurate or incomplete.
• Right to Erasure: You have the right to request that we erase your Personal Information under certain conditions.
• Right to Restrict Processing: You have the right to request that we restrict the processing of your Personal Information under certain conditions.
• Right to Object to Processing: You have the right to object to our processing of your Personal Information under certain conditions.
• Right to Data Portability: You have the right to request that we transfer your data to another organization, or directly to you, under certain conditions.

8.4 How to Exercise Your GDPR Rights

To exercise any of these rights, please contact us. We may need to verify your identity before responding to such requests.

9. Rights for California Residents (CCPA)

9.1 Overview of CCPA Rights

If you are a California resident, you have specific rights regarding your Personal Information under the California Consumer Privacy Act (CCPA). While we operate primarily in Australia, we are committed to respecting the privacy rights of all our users, including those in California.

9.2 Specific CCPA Rights

• Right to Know: You have the right to request that we disclose certain information to you about our collection and use of your Personal Information over the past 12 months. This includes the categories of Personal Information collected, sources, purposes, and third parties with whom we share it.
• Right to Delete: You have the right to request that we delete any Personal Information we have collected from you, subject to certain exceptions.
• Right to Opt-Out of Sale: We do not sell Personal Information. If we decide to sell Personal Information in the future, we will update this Privacy Policy accordingly and provide you with the right to opt-out.
• Right to Non-Discrimination: We will not discriminate against you for exercising any of your CCPA rights.

9.3 How to Exercise Your CCPA Rights

To exercise any of these rights, please contact us. We may need to verify your identity before processing your request, which may require you to provide additional information.

9.4 Authorized Agents

You may designate an authorized agent to make a request on your behalf. The authorized agent must have written permission to act on your behalf, and we may require you to verify your identity directly with us.

9.5 Minors Under 16 Years of Age

We do not knowingly collect or sell Personal Information from minors under 16 years of age without affirmative authorization. If you are under 16 years old, please do not provide any Personal Information to us. If we become aware that we have collected Personal Information from a minor under 16 years of age without verification of parental consent, we will take steps to remove that information from our servers.

10. Children's Privacy

Our Website is not intended for children under the age of 13. We do not knowingly collect Personal Information from children under 13. If we become aware that a child under 13 has provided us with Personal Information, we will take steps to delete such information promptly. Under the APPs, we treat Personal Information of children as sensitive where the child may not have the capacity to consent, and we will seek parental or guardian consent where required.

11. Third-Party Links

As a news curator, we provide links to third-party websites for your convenience and information. Please note that when you access these links, you will be subject to the privacy policies and practices of those third-party sites. We are not responsible for the content or privacy practices of these third parties, and we encourage you to review their privacy policies.

12. International Data Transfers

12.1 Transfer of Personal Information

Your Personal Information may be transferred to and processed in countries other than the country in which you are resident, including the United States. These countries may have data protection laws that differ from those of your country.

12.2 Safeguards for Cross-Border Transfers

Where your Personal Information is transferred overseas, we take reasonable steps to comply with:

• APP 8 — Before disclosing Personal Information to an overseas recipient, we take reasonable steps to ensure that the recipient does not breach the APPs in relation to that information.
• GDPR — Where we transfer Personal Information of EEA residents outside the EEA, we rely on appropriate safeguards such as Standard Contractual Clauses (SCCs) approved by the European Commission, or transfers to countries that have received an adequacy decision.

12.3 Hosting and Third-Party Infrastructure

Our Website is hosted on third-party infrastructure, which may use servers located in the United States and other countries. We require our hosting providers and service providers to implement appropriate technical and organisational safeguards to protect your Personal Information.

13. Changes to This Privacy Policy

We may update this Privacy Policy from time to time. Any changes will be effective immediately upon posting the revised policy on our Website and updating the “Last updated” date at the top of this page. Where we make material changes to this Privacy Policy (for example, changes to the types of Personal Information we collect or the purposes for which we use it), we will use reasonable efforts to notify you — for example, by posting a prominent notice on our Website or, where we hold your email address, by sending you an email. We encourage you to review this Privacy Policy periodically to stay informed about how we are protecting your information.

14. Governing Law

This Privacy Policy is governed by and construed in accordance with the laws of the Australian Capital Territory and the Commonwealth of Australia, including the Privacy Act 1988 (Cth), without regard to conflict of law provisions. You irrevocably submit to the non-exclusive jurisdiction of the courts of the Australian Capital Territory and any courts entitled to hear appeals therefrom.

15. Severability

If any provision of this Privacy Policy is held to be invalid, unlawful, or unenforceable by a court of competent jurisdiction, that provision shall be severed and the remaining provisions shall continue in full force and effect. Where possible, the invalid provision shall be interpreted in a manner consistent with applicable law to reflect its original intent.

16. Contact Us

If you have any questions or concerns about this Privacy Policy or our data practices, please contact us.