ISOWELD

Home ?
Privacy Policy ?

Privacy Policy

Effective Date: August 3, 2025

ISOWeld, operated by Damien Crane (ABN: 50 803 660 487), a sole trader based in New South Wales, Australia, is committed to protecting your privacy in accordance with the Australian Privacy Principles (APPs) under the Privacy Act 1988 and, where applicable, the General Data Protection Regulation (GDPR). This Privacy Policy outlines how we collect, use, store, and protect your personal information when using our services at https://isoweld.damocrane.com. By using the app, you agree to these practices.

1. Information We Collect

We collect the following information:

  • Personal Information: Name, email address, phone number, employee ID, and other details provided during registration, sign-ins, or document uploads (e.g., certifications, log book scans).
  • Usage Data: IP addresses, browser type, pages visited, timestamps, session durations (via session cookies with 30-minute timeout), and AI Assistant queries.
  • Files and Documents: Documents uploaded to the Documents Register (e.g., policies, safety data sheets, certifications), which may contain personal or sensitive information.
  • Employee Data: Job details, qualifications, licenses, inductions, certifications, and sign-in records stored in our database.
  • Geolocation Data: Location data collected via Google Maps API in the Kiosk Module, with your explicit consent.

2. How We Collect Information

We collect information through:

  • User Input: Data you provide during registration, sign-ins, document uploads, or AI Assistant queries.
  • Automated Collection: Session cookies, IP addresses, and usage logs collected during app interactions.
  • Third-Party Services: Data processed via Microsoft SharePoint (document storage) or Google Maps API (geolocation), subject to their privacy policies.
  • Consent: We obtain explicit consent for collecting sensitive data (e.g., geolocation, AI queries) via opt-in mechanisms displayed during app use.

3. How We Use Your Information

Your information is used to:

  • Provide and maintain app functionality (e.g., Kiosk Module, AI Assistant, global search, admin interface).
  • Authenticate users, manage sessions, and enforce role-based access (e.g., admin vs. employee).
  • Store and manage documents in the Documents Register (local or SharePoint).
  • Display compliance data (e.g., certifications, safety data sheets, first aid records).
  • Generate audit logs for compliance tracking (e.g., ISO 9001:2015, AS/NZS ISO 3834).
  • Improve app functionality using anonymized usage data.
  • Notify users of expiring qualifications or licenses via the AI Assistant.
  • Liability Disclaimer: Damien Crane is not liable for errors in data usage or reliance on app outputs (e.g., AI responses, certification data).

4. Data Storage and Security

We take reasonable steps to protect your data, aligned with APP 11 and ISO/IEC 27001 principles:

  • Storage: Data is stored on secure servers in Australia. Documents may be stored locally (`assets/documents/`) or on Microsoft SharePoint (`roddyengineer.sharepoint.com`).
  • Security Measures: We use HTTPS with TLS 1.3 for data transmission, AES-256 encryption for data at rest, CSRF tokens, password hashing, and prepared statements to prevent SQL injection and XSS.
  • Third-Party Services: SharePoint data is subject to Microsoft’s security and privacy policies. We are not liable for their data handling practices or breaches.
  • Data Breach Response: In case of a data breach, we will notify affected users and the Office of the Australian Information Commissioner (OAIC) within 72 hours, per the Notifiable Data Breaches scheme.
  • Liability Disclaimer: Damien Crane is not liable for data breaches, unauthorized access, or loss caused by third-party services, cyberattacks, or user negligence (e.g., sharing credentials).

5. Sharing Your Information

We do not sell, trade, or rent your personal information. However:

  • Internal Use: Authorized employees or admins access data for operational purposes (e.g., managing jobs, certifications).
  • Third-Party Services: Data shared with Microsoft SharePoint or Google Maps API is subject to their privacy policies. We are not liable for their practices.
  • Legal Requirements: We may disclose data to comply with Australian laws (e.g., court orders) or protect our legal rights. We are not liable for consequences of such disclosures.

6. Your Rights Under Australian and Global Privacy Laws

Under the APPs and, where applicable, GDPR, you have the following rights:

  • Access and Correction: Request access to or correction of your personal information at support@isoweld.damocrane.com. We will respond within 30 days.
  • Deletion: Request data deletion, subject to legal retention requirements (e.g., audit logs for 5 years).
  • Data Portability (GDPR): For EU users, request data in a portable format.
  • Objection and Restriction (GDPR): Object to or restrict data processing if in the EU.
  • Complaints: Contact us with privacy concerns. If unresolved, lodge a complaint with the OAIC (www.oaic.gov.au) or, for EU users, a local data protection authority.

7. Cookies and Tracking

We use session cookies to manage authentication and sessions, expiring after 30 minutes of inactivity. You consent to cookies via an opt-in banner displayed on first use. We do not use tracking cookies for advertising or analytics.

8. Data Retention

Data is retained only as necessary:

  • User Accounts: Retained until deletion is requested or the account is inactive for 12 months.
  • Documents: Retained until deleted by users/admins (local files deleted immediately; SharePoint files subject to Microsoft’s policies).
  • Audit Logs: Retained for 5 years for compliance (e.g., ISO 9001:2015, AS/NZS ISO 3834).
  • Liability Disclaimer: Damien Crane is not liable for data loss due to user actions or third-party failures.

9. Third-Party Links

The app includes links to third-party services (e.g., SharePoint, Google Maps API, OpenAI). We are not responsible for their privacy practices. Users access these links at their own risk, and Damien Crane is not liable for resulting issues (e.g., data breaches, service interruptions).

10. Limitation of Liability

To the fullest extent permitted by Australian law, Damien Crane, trading as ISOWeld, is not liable for:

  • Data breaches, loss, or corruption caused by third-party services, cyberattacks, or user negligence.
  • Service interruptions, downtime, or data loss due to server failures or external events.
  • Errors or omissions in user-uploaded content (e.g., incorrect safety data sheets, certifications).
  • Indirect, incidental, or consequential damages from app use, including loss of data, profits, or opportunities.

Use of the app is at your own risk, with no warranties of security or availability.

11. Changes to This Privacy Policy

We may update this Privacy Policy, with changes posted at this page and an updated effective date. Continued use after changes constitutes acceptance.

12. Contact Us

For privacy inquiries, contact:

Damien Crane
Sole Trader, ISOWeld
support@isoweld.damocrane.com
0498251470
New South Wales, Australia