1. INTRODUCTION
This document sets out the privacy policy of Raaise Pty Ltd (ACN 646 058 139) (referred to herein as Raaise, we, us or our) (Privacy Policy). Raaise operates a platform that helps startups prepare for capital raising at raaise.co (Website or Platform).
Your privacy is important to us and we take our privacy obligations under the Privacy Act 1988 (Cth) and related privacy legislation seriously. (If you are located in the UK, please refer to the GDPR Privacy Notice below).
This Privacy Policy explains how we store, maintain, use and disclose your personal information and how you can access that information. By providing personal information to us, you consent to our storage, maintenance, use and disclosure of personal information in accordance with the Privacy Policy.
We may change the Privacy Policy from time to time by posting an updated copy on the Website. We encourage you to check the Website regularly to ensure you are aware of the updated policy.
Please read this Privacy Policy carefully and if you have any questions or comments, please contact us at gday@raaise.co with the subject line “Privacy Policy”.
2. TYPES OF PERSONAL INFORMATION WE COLLECT
User information
If you are a user of the Website (typically, the founder of a startup or an investor), the personal information we collect may include:
your name, email address and location
information about your company or place of employment (including business registration details, such as your ABN or ACN)
information about your current fundraising round, if you’re a founder (including the valuation of your company, the amount you are raising and the terms on which you are raising it, the investors you may be researching or approaching, your geographical focus, the sector you operate in, etc.)
information about past fundraising rounds (including the stage, amount raised and investors) or investments (including the companies you’ve invested in and your typical investment amount)
If you’re a startup or startup founder, any claims you may be making, or have made in the past, about the climate or social impact of your company (or services or products)
If you’re an investor, information about your investment priorities (including the amount you typically invest, the startups you may be researching or approaching, your geographical focus, the sector you are interested in investing in, etc.) and information about the type of climate or social impact you are most interested in
billing and payment information, including credit card details
your device information (including I.P. address, geo-location information, browser session data, device and network information, statistics on page views, search queries, browsing behaviour and information gathered through internet cookies)
any other information provided by you to us via the Website or online, or otherwise required by us or provided by you, whether in writing, orally or by implication
We will try to limit the personal information collected by us to information that is reasonably required to provide you with our services or to facilitate your use of the Website.
Sensitive information
To assist us in our mission of helping more underrepresented founders raise capital, we may collect some sensitive information about you (including your gender, racial or ethnic origin, and your status as an Aboriginal, Torres Strait Islander or indigenous person). We will only collect such information where you consent to that collection and where it is permitted by law. We will use that information only for the purposes for which it is collected, which is primarily to design and deliver tailored services to underrepresented founders, designed specifically to assist underrepresented founders raise more capital more quickly.
Anonymised data
We may also anonymise or de-identify information collected through the Website (including sensitive information) for the purposes of collecting and sharing statistics (which cannot be used to identify an individual or specific user) about the behaviour of our subscribers and Website users. This information may be shared publicly to raise awareness of certain trends or challenges in the startup ecosystem and will not be traceable to individuals or specific companies.
Aggregated (non-personal) data
We may also collect data through our Website in a form that does not, on its own, permit direct association with any specific individual or user. This information will be aggregated and used to help us provide more useful services to our customers. Aggregated data is considered non-personal Data for the purposes of this Privacy Notice.
3. HOW WE COLLECT PERSONAL INFORMATION
We may collect personal information either directly from you, or from third parties, including where you:
contact us through the Website or communicate with us in another way
receive goods or services from us
submit any of our online forms or questionnaires
sign up to any of our online newsletters or mailing lists
communicate with us via email, telephone, SMS, social applications (such as LinkedIn, Instagram, Youtube, Twitter or Facebook) or otherwise
are referred to us by one of our partners, a marketing company or another third party
interact with our Website, social applications, services, content and advertising
apply for a job or internship at Raaise, or
invest in our business or enquire as to a potential purchase in our business
We may also collect personal information from you when you use or access the Website or our social media pages. This may be done through use of web analytics tools, “cookies” or other similar tracking technologies that allow us to track and analyse your website usage. Cookies are small files that store information on your computer, mobile phone or other device and enable and allow the creator of the cookie to identify when you visit different websites. If you do not wish information to be stored as a cookie, you can disable cookies in your web browser.
4. USE OF YOUR PERSONAL INFORMATION
We collect and use personal information for the following purposes:
to provide goods, services or information to you
to improve and optimise our service offering and customer experience
to send you marketing and promotional messages and other information that may be of interest to you, such as newsletters and blogs, and to invite you to events and seminars
for the purpose of direct marketing, in accordance with the Spam Act 2003 (Cth) (in this regard, we may use email, SMS or social media to send you direct marketing communications and you can opt out of receiving marketing materials from us at any time by using the opt-out facility provided, such as an unsubscribe link)
for billing, record keeping and administrative purposes
to provide information about you to our contractors, employees, consultants, agents or other third parties for the purpose of providing goods or services to you
for the purpose of fulfilling the terms of a contractual relationship
to comply with our legal obligations, resolve disputes or enforce our agreements with third parties
to send you administrative messages, reminders, notices, updates, security alerts, and other information requested by you
to consider an employment application from you, and
for any other purpose for which you have given your consent.
We may disclose your personal information to cloud-providers, contractors and other third parties located inside or outside of Australia. If we do so, we will take reasonable steps to ensure that any overseas recipient deals with such personal information in a manner consistent with how we deal with it.
Sharing of your information
We may need to share your personal information with third parties, where this is reasonably required to provide you with our services, including for the purposes of conducting identity verification services. You consent to the sharing of your personal and sensitive information with these third parties as required to provide you with the services.
Unsolicited information
Where we receive unsolicited personal information that is not required to provide our Services, we will endeavour to destroy the personal information as soon as practicable.
Destroying and de-identifying personal information
Where we have collected personal information that is no longer necessary or needed, we will destroy or de-identify that information unless otherwise required by law to retain it.
5. DIRECT MARKETING
We may occasionally contact you regarding products or services offered by Raaise or our partners. To opt-out of such emails, please use the unsubscribe link in the email or contact our Privacy Officer at gday@raaise.co with the subject line OPT OUT. Once we receive your request, we will take steps to take you off of our mailing list within a reasonable period of time.
6. REQUESTING ACCESS OR CORRECTING YOUR PERSONAL INFORMATION
If you wish to request access to the personal information we hold about you, please send an email to gday@raaise.co and include your name and contact details. We may need to verify your identity before providing you with your personal information. In some cases, we may be unable to provide you with access to all your personal information and where this occurs, we will explain why. We will deal with all requests for access to personal information within a reasonable timeframe.
If you think that any personal information we hold about you is inaccurate, please send an email to gday@raaise.co and we will take reasonable steps to ensure that it is corrected, where appropriate.
7. SECURITY
We take reasonable steps to ensure your personal information is secure and protected from misuse or unauthorised access. Your personal information is held in secure ISO compliant databases operated by our third-party service providers. Our information technology systems are password protected and we use a range of administrative and technical measures to protect these systems, including multi-factor authentication for access. However, despite these and other steps, security measures over the internet can never be guaranteed. We encourage you to play a part in the security of your personal information by keeping it secure and by maintaining the confidentiality of any passwords and account details used on the Website.
8. LINKS
Our website may contain links to other websites. Those links are provided for convenience and may not remain current or be maintained. We are not responsible for the privacy practices of those linked websites and we suggest you review the privacy policies of those websites before using them.
9. COMPLAINTS
If you wish to complain about how we have handled your personal information, please send an email to gday@raaise.co, including your name, contact details and the details of your complaint (with PRIVACY COMPLAINT in the subject line). We will investigate your complaint promptly and respond within a reasonable timeframe.
10. CONTACT US
For further information about our privacy policy or practices, or to access or correct your personal information, or to make a complaint, please email the Raaise Privacy Officer: gday@raaise.co.
UK GDPR Privacy Notice
Although our privacy obligations stem primarily from Australian law, sometimes we provide services to UK citizens or other individuals located in the UK, to whom this UK GDPR Privacy Notice applies (Privacy Notice).
1. Your rights under the UK GDPR
Under the UK GDPR, you have the right to:
be informed—the person processing your personal information must make it clear what they are processing and who they may share your personal information with
access—the right to access the personal information that is held about you
rectification—the right to correct or amend your personal information
erasure—the right to ask the person holding your personal information to delete that information
restrict processing—the right to ask for a temporary halt to the processing of your information
data portability—the right to ask for any personal information supplied by you to us to be provided in a common, machine-readable format
object—the right to object to the processing of your personal information in a manner inconsistent with the purposes for which it was provided
consider automated decision making and profiling—the right to object to being subjected to a decision based solely on automated processing
2. Consent
Where your consent is required under the UK GDPR, we will always ask for you to positively affirm your acceptance before we process your personal information. If you wish to withdraw your consent, please email gday@raaise.co.
3. Personal information we collect
contact details (including your name, address, phone number and email address)
contact and messaging data (if you contact us via email, telephone call or you submit a form on the Website)
subscription data (information related to your subscription to our services)
use data (information related to your use of our services)
log data (information collected by us or a third party provider regarding your behaviour on our website, demographic information, etc)
analytics (third party analytics services which collect anonymous information to report on website trends)
data provided by third parties (e.g. a third party provides us with information about you for the purposes of enabling us to provide you with our services)
3. Personal information we collect
contact details (including your name, address, phone number and email address)
contact and messaging data (if you contact us via email, telephone call or you submit a form on the Website)
subscription data (information related to your subscription to our services)
use data (information related to your use of our services)
log data (information collected by us or a third party provider regarding your behaviour on our website, demographic information, etc)
analytics (third party analytics services which collect anonymous information to report on website trends)
data provided by third parties (e.g. a third party provides us with information about you for the purposes of enabling us to provide you with our services)
4. How we use your personal information
We will only use or disclose your personal information for the following purposes:
to enable us to provide you (or the organisation you work for or are associated with) with our services
to enable you to access the Website and other services on the Platform, or to process a transaction to which you are a party
conduct our business, generate content, provide customer support and arrange for payment (including all matters relating to billing)
maintain internal records and administrative purposes (which includes verifying information for accuracy or completeness)
resolve disputes and comply with our legal obligations, including to protect another person’s rights, property or safety
monitor website performance and metrics (which includes taking action to identify, test and resolve problems and improve our services)
combine and aggregate personal data with information we collect from third parties
any other purpose made known in this Privacy Policy or another policy published on our Website
We agree to not use or disclose this information for a secondary purpose unless you consent to us doing so, or another exception applies under applicable laws.
For the purposes of the law, some information we hold about you may be considered “sensitive” as a special category of data and therefore subject to greater protection. If we hold sensitive information about you, we will only disclose or use that information with your consent or if another exception applies under applicable laws.
We will also use or disclose your personal or sensitive information if we are required to do so by law or a court or tribunal order, or if we reasonably believe that the use or disclosure of the information is reasonably necessary for an enforcement-related activity or on behalf of an enforcement body, in which case we will make a written note of the use or disclosure or another exception applies under relevant Laws.
We also collect anonymous data in a form that does not, on its own, permit direct association with any specific individual (non-personal data). This information is aggregated and used to help us provide more useful information to our customers and to understand which parts of our website, products, and Services are of most interest. Since aggregated data is considered non-personal data for the purposes of this Privacy Notice, we may collect, use, transfer, and disclose non-personal data for any purpose.
5. Disclosure of your personal information
We may disclose your personal information to the following parties for reasons outlined in this Privacy Notice, including without limitation to:
service providers (including, without limitation, information technology service providers such as cloud service providers, web host providers, advertising partners and market research organisations) to enable them to:
provide you or our subscribers or users with our services
conduct user testing or quality assurance testing, or
to provide other services to Raaise
affiliates and acquisitions (including, without limitation, any of our parent companies, subsidiaries, joint ventures, or other companies under a common control (Affiliates)), in which case we will require our Affiliates to honour this Privacy Notice
third parties (including, without limitation, your professional advisers, authorised representatives, and the company or organisation that you work for), provided you consent to, or request, such a disclosure
6. Other disclosures
We may also disclose your Personal Data if we believe in good faith that such disclosure is necessary:
in connection with any legal investigation;
to comply with relevant laws, regulations, enforceable governmental requests or to respond to subpoenas or warrants served on Raaise;
to protect or defend the rights or property of Raaise;
to investigate or assist in preventing any violation or potential violation of the law, this Privacy Notice, or our Terms and Conditions;
to protect the safety of any person; or (vi) detect, prevent or otherwise address fraud, security or technical issues.
We may share your Personal Data with such third parties subject to obligations consistent with this Privacy Notice and any other appropriate professional obligations, confidentiality, and security measures, and on the condition that the third parties use your Personal Data only on our behalf and pursuant to our instructions. We will take reasonable steps to ensure that anyone to whom we disclose your Personal Data respects the confidentiality of the information and abides by the UK GDPR or equivalent privacy laws. We will not share, sell, rent or disclose your Personal Data in ways different from what is disclosed in this Privacy Notice.
If we can't collect your data If you do not provide us with the Personal Data described above, some or all of the following may happen:
(a) we may not be able to provide our services to you, or to our clients, either to the same standard or at all;
(b) we may not be able to run competitions and promotions in a way that benefits you or our clients; and/or
(c) we may not be able to provide you with information about products and services that you may want.
7. Cookies Policy
7.1 What are cookies?
A cookie is a small piece of text sent to your browser by a website that you visit. It helps the website to remember information about your visit, like your preferred language and other settings. That can make your next visit easier and the website more useful to you.
7.2 Use of cookies
Raaise’s websites, online services, email messages, and advertisements, may use “cookies” and other technologies such as pixel tags and web beacons. These technologies help us better understand user behaviour, tell us which parts of our website people have visited, and facilitate and measure the effectiveness of advertisements and web searches. We treat information collected by cookies and other technologies as non-Personal Data. However, to the extent that Internet Protocol addresses or similar identifiers are considered Personal Data by local law, we also treat these identifiers as Personal Data. Similarly, to the extent that non-Personal Data is combined with Personal Data, we treat the combined information as Personal Data for the purposes of this Privacy Notice.
Raaise and our partners also use cookies and other technologies to remember Personal Data when you use our services. Our goal in these cases is to make your experience with us more convenient and personal. Knowing someone using your computer or device has used a particular service helps us make our advertising and email communications more relevant to your interests. Knowing your contact information, hardware identifiers, and information about your computer or device helps us personalise your operating system and provide you with better customer service. Pixel tags enable us to send email messages in a format customers can read, and they tell us whether mail has been opened. We may use this information to reduce or eliminate messages sent to customers.
7.3 How to manage cookies
Some people prefer not to allow cookies, which is why most browsers give you the ability to manage cookies to suit you. Please note that certain features of our website, online services, email messages, and advertisements may not be available once cookies are disabled.
8. Third party websites
When you click on a link to any other website or location, you will leave our website and go to another site and another entity may collect Personal Data or Anonymous Data from you. We have no control over, do not review, and cannot be responsible for, these outside websites or their content. Please be aware that the terms of this Privacy Notice do not apply to these outside websites or content, or to any collection of data after you click on links to such outside websites.
9. Managing your Personal Data
Subject to the UK GDPR you may request to access the Personal Data we hold about you by contacting us. All requests for access will be processed within a reasonable time.
Accessing or rectifying your Personal Data—You may submit a request to us to correct, delete or modify your Personal Data and download the data for you.
Deletion—We keep data for as long as it is needed for the purpose we collected it. If you wish to have us delete your data, please contact us.
Object, restrict or withdraw consent —You may submit a request to us if you object to any Personal Data being stored, or if you wish to restrict or withdraw any consent given for the collection of your Personal Data. You may withdraw your consent to the processing of all your Personal Data at any time. If you wish to exercise this right, you may do so by contacting us. You may withdraw your consent or manage your opt-ins by clicking the unsubscribe link at the bottom of any marketing materials we send you.
Portability—You may submit a request to us to receive the Personal Data that you have provided to us or ask us to transmit the Personal Data to another organisation. Please contact us for further information on how this can be arranged. In certain instances, we may not be required or able to provide you with access to your Personal Data. If this occurs, we will give you reasons for our decision not to provide you with such access to your Personal Data in accordance with the requirements of the UK GDPR. There is no application fee for making a request to access your Personal Data. However, we may charge an administrative fee for the provision of information in certain circumstances, such as if you make repeated requests for information or where the information is held by a third-party provider.
10. Storage and Security of Your Personal Data Law
Raaise stores Personal Data through a number of different layers including:
holding your Personal Data electronically in secure ISO compliant databases operated by our third-party service providers
having secure authentication requirements for all staff, including multi-factor authentication for access
providing staff training and policies on cyber security, and
actively monitoring errors and logs using industry-level tooling.
Raaise takes the security of your Personal Data very seriously. We will take all steps reasonable under the circumstances to protect your Personal Data from misuse, interference, loss, and unauthorised access, modification or disclosure. We will process Personal Data securely and apply and maintain appropriate technical and organisational measure to protect Personal Data. Although we take measures to safeguard against unauthorised disclosures of information, we cannot assure you that Personal Data that we collect will not be disclosed in a manner that is inconsistent with this Privacy Notice.
11. International Transfer and Disclosure of Personal Data
Where we transfer Personal Data from within the UK to outside of the UK, we ensure an adequate level of protection for the rights of data subjects based on the adequacy of the receiving country’s data protection laws. We may disclose Personal Data to our Affiliates, third-party suppliers, and service providers located overseas for some of the purposes listed above. We take reasonable steps to ensure that the overseas recipients of your Personal Data do not breach the privacy obligations relating to your Personal Data.
12. Notifiable Data Breaches
We take data breaches very seriously. We will endeavour to meet the 72-hour deadline (as imposed by the UK GDPR) to report any data breach that will likely be a risk to your rights and freedoms to the Information Commissioner’s Office. Further, where there is likely to be a high risk to your rights and freedoms, we will endeavour to contact you without undue delay. We will review every incident and take action to prevent future breaches.
13. Automated individual decision-making, including profiling
You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you, or similarly significantly affects you, as long as the decision is not necessary for entering into, or the performance of, a contract between us, or is not authorised by any UK law to which we are subject and which also lays down suitable measures to safeguard your rights and freedoms and legitimate interests, or is not based on your explicit consent. If you wish to exercise your rights, please contact us.
14. Integrity and Retention of Data
We take all reasonable steps to ensure that the Personal Data we collect about you is accurate, up to date and complete. Where we collect that information from you directly, we rely on you to supply accurate information. Raaise makes it easy for you to keep your Personal Data accurate, complete, and up to date. Where we use or disclose your Personal Data, we will also ensure that your Personal Data is relevant. We will retain your Personal Data for the period necessary to fulfil the purposes outlined in this Privacy Notice unless a longer retention period is required or permitted by law. We may retain your information for fraud prevention or similar purposes.
15. Contact Information
If you have a question regarding this Privacy Notice or you would like to make a complaint, please contact us by email at gday@raaise.co. If you wish to raise a concern about our use of your information you have the right to do so with the Information Commissioner’s Office.
16. Changes to this Privacy Notice
This Privacy Notice is subject to occasional revision and Raaise reserves the right, at its sole discretion, to modify or replace any part of this Agreement. It is your responsibility to check this Privacy Notice periodically for changes. Continued use of our services, including the Website, shall indicate your acknowledgement that you have reviewed the most recent Privacy Notice. We will notify you of any change to our policies that require your consent before being implemented.