Home

Privacy Policy

Effective April 2022

1. ABOUT THIS PRIVACY POLICY

Our privacy policy (this policy) sets out how Edge Data Centres Pty Ltd ABN 55 632 303 827, trading as Leading Edge Data Centres ("Leading Edge Data Centres", “we”, “us” and "our") manage personal information we collect about you. By using our website at www.leadingedgedc.com, engaging us to provide services or taking part in Leading Edge Data Centres activities you consent to us handling your personal information in accordance with this policy. This policy was updated in April 2022. If you have any feedback on this policy, or you wish to contact us, please email us at [email protected]. We look forward to hearing from you. We may vary this policy from time to time. We will ensure that the most updated version is on our website which is located at www.leadingedgedc.com. We invite you to check the policy on the website from time to time.

2. WHAT IS PERSONAL INFORMATION

■ Personal information in Australia In Australia, personal information is information or an opinion about you or from which you can reasonably be identified. When we collect and use personal information about you, we manage that personal information under this privacy policy, the Privacy Act 1988 (Cth) (Act), the Australian Privacy Principles (APPs) in the Act and any APP Code, law or rule we follow.

3. WHAT PERSONAL INFORMATION DO WE COLLECT?

■ The types of personal information we collect We may collect personal information about you that is necessary for our business functions and the purposes described in this policy, including: •identification information such as your name, age, company name, address and contact details including email address and telephone number; • billing information • information about your location or activity when accessing our services; • information we collect when you use our website (including our partner portal) or social media channels, such as: • your IP address; • the user ID of logged in users; and • your username and login attempts; and • information we collect about you from participating in Leading Edge Data Centre activities. If you are applying for a job with us, we may collect relevant information such as your job history and other employment-related information. ■ Sensitive information We only collect 'sensitive information' (such as biometric information) with your consent. We will assume that you have consented to us collecting all information which is provided to us by you for use in accordance with this policy, including any 'sensitive information', unless you tell us otherwise at the time you provide it to us.

4. HOW WE COLLECT PERSONAL INFORMATION

■ Personal information you provide to us Mostly, we collect personal information about you directly from you. We may collect the personal information you give us when you: • enquire about our products and services, including via telephone, email, or our website • apply to receive a product or service from us • use our website and services; • you apply for a product and/or service from us; and • ask us, or accept our invitation, to participate in Leading Edge Data Centre’s activities, or when you participate in those activities. ■ Personal information received by our suppliers We may receive personal information about you from suppliers that help us to conduct our business. Amongst others, that may include suppliers that provide us with IT services, marketing services, security services and so forth. Our suppliers may collect information about your use of our website, products or services, or your participation in Leading Edge Data Centre activities. ■ Personal information provided by others Sometimes, we collect personal information about you that is available publicly, such as from third party agencies and reports that are available in the market. We may also collect personal information about you from other entities who: • act for you, such as your financial team (to confirm and place orders) or another person who refers you to us; • give us information to help us decide whether to make a product or service available to you (like rack spaces and sizes and in which locations); and • help us manage our arrangements with you.

5. WHY WE COLLECT PERSONAL INFORMATION

■ To provide services to you and manage our relationship We collect personal information about you only where we need to or where that personal information is related directly to activities with Leading Edge Data Centres. For example, we collect personal information about you so we can: • supply information about our data centres or other services to you; • identify you and manage our commercial relationship and arrangements with you; • help us to understand your data centre requirements and develop our products and services; • offer you our products as they become available and that may be of interest to you; • consider any requests or applications you make to us for products or services; • consider any requests or applications you make to our service partners, who are companies that we collaborate with and who may offer to provide you with related services; • make products available to you at your request; • assess your ongoing ability to make payments for the usage of our data centres; • determine your ongoing ability to manage a (or multiple) data centre(s); • provide you with customer support; • refine, develop and improve the services and products we offer; and • communicate with you about participating in Leading Edge Data Centres activities like market research programs, focus groups, surveys or events. We may also use personal information about you to assist with any other purpose you consent to or at your direction. ■ Direct marketing We may also use your personal information to tell you about our products and services or products and services from our service partners (as described above) that may be available to you. That may include telling you about competitions or other promotional events in which we invite you to participate. That correspondence is called direct marketing. You may request that we stop sending you direct marketing at any time. Please email [email protected] to do so. ■ So that you can assist us to build regional data centres If you participate in Leading Edge Data Centre’s activities (such as market research programs, focus groups, surveys or events), we will collect other personal information about you only if we reasonably need that information for those activities. For example, we may collect personal information about you so: • you can participate in Leading Edge Data Centre’s programs to help us understand and solve regional community problems regarding data centres better; • you can help us develop and improve Leading Edge Data Centre’s products and services; • you can participate in social events, competitions and other promotional events connected to participating in Leading Edge Data Centre’s activities; • you can participate in partner programs that may arise from to time; • we can develop Leading Edge Data Centre activities in which you may be interested in participating; • we can arrange your participation in Leading Edge Data Centre activities; • we can test ideas and get feedback about data centre products and services; and • we can offer products, services and rewards that may be of interest to you. ■ Other reasons We may also use or disclose your personal information: • To prevent or investigate conduct that may be fraudulent or criminal; • To comply with legal requirements and law-enforcement requests • To resolve disputes and allow us to conduct our business, including undertaking activities such as bookkeeping, accounting, billing, identifying fraud or errors, and maintaining our website security. ■ Your consent By providing us with your personal information, you consent to us using your personal information for the above-mentioned purposes.

6. HOW WE PROTECT PERSONAL INFORMATION

■ How we store personal information We may store your information in electronic or hard copy formats. ■ Securing your personal information is important to us We will take steps reasonably available to us to protect your personal information from: • misuse, interference, or loss; and • unauthorised access, modification, or disclosure. We will do this by ensuring that, where practicable, access to your personal information is password protected and available only to those of our employees that need to use, disclose or manage your personal information under this policy. We will take reasonable steps to destroy or permanently de-identify your personal information when we no longer require it for any purpose for which it was collected. ■ How long do we keep personal information? We keep information while you are a customer with us and for only as long as we need it. Generally, we will keep your information for seven (7) years but on occasion we will need to keep it for longer such as: • if the law requires us to keep it for longer; and • to respond to any complaints. ■ What happens when there is a data breach? If, despite our best efforts, a data breach occurs, we will take immediate steps to determine the breach, its cause and how best to fix it. We will advise you of the extent of the data breach (if known) and the most appropriate means of regaining control of that information. We will also notify the Office of the Australian Information Commissioner (OAIC) or any other regulator, if appropriate and comply with all other relevant legal requirements.

7. HOW WE USE GOVERNMENT IDENTIFIERS

We do not use Government related identifiers (such as tax file numbers or Medicare card numbers) to identify you/your business in our records. We may collect and use some of your Government related identifiers, but only for reasons required and permitted by the Act, the APPs in the Act or any APP Code, law or rule we follow. For example, we may use those identifiers to help us to check your identity before we make data centres (or IT) products available to you or for tax reasons.

8. WHEN DO WE USE AND DISCLOSE PERSONAL INFORMATION?

■ Use and disclosure generally We will only use and disclose your personal information for the purposes set out in this policy unless you have consented to another use or disclosure. ■ Disclosure to our suppliers We may exchange personal information about you with suppliers that help us to conduct our business. Amongst others, that may include suppliers that help us to: • understand your IT requirements; • engage with you efficiently; • improve our products or services; • promote the products and services we offer; • verify your identity; • settle a data centre we make available; • provide services to help us run our business; • protect you and our websites from specific kinds of attacks; • check for malicious activity and guard against fraud; • take appropriate action about suspected fraudulent or unlawful activity, or serious misconduct; and • arrange for participation in Leading Edge Data Centres activities or to analyse information we gather from your participation. Those suppliers may disclose your personal information to contractors that assist those suppliers to perform services for us. Our arrangements with suppliers will limit use of your personal information to the services they supply to us. We will ask suppliers to ensure their arrangements with contractors limit those contractors’ use of your personal information to help the suppliers perform services for us. We will require suppliers or their subcontractors to return, destroy or de- identify personal information about you that they hold when they cease performing services for us. If you require information on how those suppliers manage your personal information, please email us at [email protected]. ■ Other entities Other entities we share personal information with include: • any person who refers you to us to obtain services from us; • any guarantors or possible guarantor of your obligations to us; • regulators or law enforcement bodies; • dispute resolution bodies or services, to assist with resolving any complaint you make about our products or services or any dispute you may have with us; • any entity that proposes to take an interest in our business; and • any person at your request or with your consent.

9. THIRD PARTY WEBSITES

Our website may contain links to third party websites. We are not responsible for the privacy, security or handling of your personal information via those websites. You should review the privacy policy terms of use for those websites each time you visit them.

10. COOKIES AND GOOGLE ANALYTICS

■ Cookies We use cookies to personalise content and ads to make our website more appealing or easier for you to use. We also share cookie information with third parties to assist us to direct advertising to you and to analyse data relating to use of our website. For more information on how we use cookies and tracking tags, please visit our Cookie Preference Centre on our website by clicking on the Cookie Settings (on the consent banner) and reviewing your cookie settings. If you would like more information about cookies in general, please visit Cookiepedia (cookiepedia.co.uk). ■ Google Analytics We use Google Analytics services to improve and analyse our website and app experiences. We may share information with Google for that purpose. When you use our website, that information may include the URL of the webpage that you’ve visited and your IP address. Google may also set cookies on your browser or read cookies that are already there. Google uses the information we share with them to help us understand how you engage with our website. Also, Google may use that information for other purposes. Please read Google’s Privacy Policy (https://policies.google.com/privacy) to learn more about how Google uses and processes data. ■ You can turn Google Analytics off If you would prefer Google Analytics not be used in your browser, you can install the Google Analytics browser add-on (https://tools.google.com/dlpage/gaoptout).

11. DO WE DISCLOSE PERSONAL INFORMATION OVERSEAS?

We will store your personal information in Australia whenever possible. If there is a need to store personal information overseas (for example, if a storage service is not available in Australia) we may disclose personal information about you to overseas entities that assist us to conduct our business. It may be necessary for those overseas entities to disclose your personal information under foreign law. Some of the entities we may disclose personal information to are situated in the USA. There may be other overseas jurisdictions (that we are unable to identify now) in which those overseas entities may in turn hold your personal information. If those entities need to host your personal information overseas, we 'tokenise', 'hash' or take other steps to protect the security of that personal information for better data protection. We are responsible for any failures by overseas entities to manage your personal information in accordance with the APPs.

12. WHAT IF

■ We receive unsolicited personal information. If we receive personal information about you that we did not request, we will consider whether we need that information for our data centre functions and activities. If we deem that we do not require this information, we will destroy that information or ensure it does not identify you. ■You choose not to give us your personal information? If you do not provide us with certain personal information about you, we may not be able to: • tell you about our products and services; • supply products and services to you; • manage our relationship with you, like dealing with a complaint you make to us; • tell you about other products and services that may interest you; and • arrange for you to participate in Leading Edge Data Centre programs, focus groups or social events. ■ You want to deal with us anonymously? You may be able to use our website to find out information about us, our products and services or participate in Leading Edge Data Centre activities by using a pseudonym or without identifying yourself. However, due to the nature of the data centre offers and services we supply, the law requires us to identify you when we make our products available to you or supply our services to you. ■ You give us information about other people? If you tell us personal information about another person, you represent, and we collect it on the basis that you have that person's consent for us to collect and handle their personal information in accordance with this policy.

13. HOW TO STOP RECEIVING DIRECT MARKETING

You can ask us any time to stop sending you direct marketing information. When we email you with direct marketing, you can respond by clicking unsubscribe and we will stop sending you direct marketing. We do not charge you a fee for asking us to stop direct marketing. Also, we will not call you with marketing offers if you are on the “Do Not Call” register. You can register on the “Do Not Call” register at www.donotcall.gov.au or phoning 1300 792 958.

14. HOW TO ACCESS YOUR PERSONAL INFORMATION

■ Asking for access to personal information You can ask for access to personal information we hold about you anytime. We may ask you to detail the information you require if you require only some of that personal information. If you want to access the personal information we hold about you, please email us at [email protected] You may also want to access personal information (including credit-related personal information) we have disclosed about you to third parties or to make a complaint to those third parties. The privacy policies of those respective third parties will tell you how you can make an access request or a complaint to them. ■ What information we can and cannot share Generally, we will give you access to the information you request. There may be some circumstances, as required or permitted by law in which we will not give you that access. For example, we may not give you access to information where: • giving access would have an unreasonable impact on the privacy of others; • we reasonably believe the request is frivolous or vexatious; • the information relates to actual or possible legal proceedings between us and you and we would not otherwise have to produce that information under court orders. We will give you written reasons if we refuse to give you access to personal information you request, unless there are reasonable grounds (such as confidentiality obligations we owe) for not giving you those reasons. In any case, we will give you an explanation if we do not give you access to information because of a commercially sensitive decision-making process. ■ How we will respond to requests for personal information We will give you access to the information you request in the manner you request (for example, by email), if we are reasonably able to do so. If we are not able to do so or if we have a reason for not giving you access to all the information you request, we will try and work with you to give you access to personal information we hold about you in a way that meets your needs and our needs. We will respond to any request you make for access to personal information we hold about you within a reasonable time after you make the request. The time it takes will depend on the amount of information you seek and whether we must make further enquiries of you to clarify your request. We expect to respond to any request you make for access within 30 days after we receive your request. ■ Is there a cost to accessing personal information? Depending on the amount of information you request, we may charge you a reasonable fee for organising the information you request from us. We will give you an estimate of the fee before we organise the information. Then, we can work with you to check whether you wish to limit your request to reduce the charges. You will not be charged a cost for making a request to access your personal information.

15. HOW PERSONAL INFORMATION IS KEPT UP TO DATE

■ Correcting your personal information We take steps, reasonably available to us, to ensure that the personal information we hold about you is accurate, up-to-date, and complete. To assist us, we ask that you contact us and update the personal details we hold about you (for example, your name, your company address, and contact details), if those details change. You can contact us by email at [email protected]. You may consider that the personal information we hold about you is inaccurate, out-of-date, incomplete, irrelevant, or misleading. You can request us to correct the personal information we hold about you by email to [email protected]. If we receive your request to correct information but consider that the information does not need correcting, we will give you a written notice setting out our reasons as to why we do not consider the information requires correcting. We will respond to any correction request you make within a reasonable time after you make the request. We will not charge you for correcting personal information at your request.

16. HOW TO MAKE A COMPLAINT

If you have a complaint about the way we manage the personal information we hold about you, please email us at [email protected]. If we cannot resolve your complaint in a manner that is satisfactory to you and within 30 days of receiving your complaint, we will tell you how you can take your complaint to the external dispute resolution scheme of which we are a member or the OAIC. You can also make a complaint directly to the OAIC by using the privacy complaint form available at www.oaic.gov.au/individuals/how-do-i-make-a-privacy-complaint and submitting it online, by post, fax or email. It is free to make a complaint to us or the OAIC.

17. FURTHER INFORMATION AND HOW TO CONTACT US

If you have any questions about this privacy policy or the personal information we hold about you, please contact our Privacy Officer at [email protected].