Spacetalk Privacy Policy

Spacetalk Privacy Policy

Last Updated: 13^th August

We are Spacetalk Ltd (ACN 091 351 530), Spacetalk Holdings Pty Ltd (ACN 606 733 804), Spacetalk USA Pty Ltd (ACN 45 606 734 598) its UK subsidiary, SPACETALKWATCH UK Ltd (Company Number 11843344) and any of our group companies (together “Spacetalk”). References to "we," "us," or "our" in this document also refer collectively to Spacetalk.

This Privacy Policy sets out our commitment to protecting the privacy of your personal information provided to us, or otherwise collected, used, stored or disclosed by us when providing our products and services (“Services”) or when otherwise interacting with you in accordance with applicable law and the Australian Privacy Principles set out in the Privacy Act 1988 (Cth). As a supplier of telecommunication services, we may also have obligations under other laws, regulations and industry codes. We make this Privacy Policy readily available and accessible to all customers, clients and service providers.

We may also choose or be required by law to provide different or additional disclosures relating to the processing of personal information about residents of certain countries, regions, or U.S. states. Please refer to the Region-Specific Disclosures section below for additional disclosures that may be applicable to you.

By using our website and Services, or in providing any personal information to us, you agree to our collection, use and disclosure of your personal information in accordance with this Privacy Policy and any other arrangements that apply between us. We may change our Privacy Policy from time to time by publishing changes to it on our website. We encourage you to check our website periodically to ensure that you are aware of our current Privacy Policy.

“Personal information” includes information or an opinion about an individual that is reasonably identifiable. For example, this may include your name, age, gender, postcode and contact details. It may also include financial information, including your credit card information, which will be collected and held via our third-party payment providers.

Our Role in Processing Personal Information

Data protection laws sometimes differentiate between “controllers” and “processors” of personal information. A “controller” determines the purposes and means (the why and how) of processing personal information. A “processor” processes personal information on behalf of a controller subject to the controller’s instructions. In some jurisdictions, the term “service provider” is used instead of “processor.”

This Privacy Policy describes our privacy practices where we are acting as the controller of personal information. However, this Privacy Policy does not cover or address how we process personal data as a processor.

In particular, this Privacy Policy does not describe how our enterprise customers, such as Aged Care providers, may process personal information when they use our Services, or how we may process personal information on their behalf in accordance with their instructions where we are acting as their processor. As a result, we recommend referring to the Privacy Policy of the enterprise customer with which you have a relationship for information on how they engage processors, like us, to process personal information on their behalf. In addition, we are generally not permitted to respond to individual requests relating to personal information we process on behalf of our enterprise customers, so we recommend directing any requests to the relevant enterprise customer.

If you access our Services or otherwise interact with us from the European Economic Area (“EEA”), United Kingdom (“UK”), or Switzerland, please see the Controller Details section of our Additional EEA, UK, and Switzerland Privacy Disclosures for more information about our legal entities operating as the controllers of your personal information.

Our Collection and Use of Personal Information

The categories of personal information we collect depend on how you interact with us and our Services. We may collect these types of personal information either directly from you, or from third parties. We may collect this information when you:

sign up on our website or app;
communicate with us through correspondence, chats, email or when you share information with us from other social applications, services or websites;
interact with our sites, Services, content and advertising;
use our devices, Services or products; or
invest in our business; or
enquire as to a potential purchase in our business.

Categories of Personal Information Spacetalk collects

When you sign up to or use our Services, we (or third parties on our behalf) may collect the following types of personal information (in some cases, this information is collected automatically):

full name and nickname;
phone number;
email address;
mailing or street address;
age or date of birth;
gender;
a photo of you and any other content you upload to the Services;
government identifiers (where required to comply with our legal obligations);
account username and password or security pin;
your IP (Internet Protocol) address;
details of SOS emergencies you send to your family members, including date / time of emergencies, your location and recipients of the SOS;
your account and profile settings, including your call settings, do not disturb settings, safe zone settings, social media settings and school mode settings;
your device ID (such as serial numbers), device type, geo-location (including live location) and network information, computer and connection information, statistics on page views, traffic to and from the sites, ad data and standard web log information;
location data such as live physical location, safe zone parameters, Global Positioning System (GPS), nearby Wi-Fi networks, mobile cell tower triangulation, Near Field Communication (NFC), and RFID;
payment and transaction data including details about payments from you and other details of the products you have purchased from us or that you have enquired about, including any additional information necessary to deliver those products and Services and respond to your enquiries (note that we do not directly collect and hold credit card and bank details, but these may be collected on our behalf via our third-party payment service providers);
school name, teacher name, school events (for our Australian Schools product only);
information you provide to us through customer surveys;
any other personal information that may be required in order to facilitate your dealings with us.

In addition, when you apply for a job or position with us we may collect certain information from you (including your name, contact details, working history and relevant records checks) from any recruitment consultant, your previous employers and others who may be able to provide information to us to assist in our decision on whether or not to make you an offer of employment or engage you under a contract. This Privacy Policy does not apply to acts and practices in relation to employee records of our current and former employees.

You do not have to provide us with any personal information, however, if you do not do so, we may not be able to complete a transaction you have entered into, finalise payment of a Service you have requested, make delivery of a Service you have ordered or signed up to, validate your entry in a promotion, or otherwise provide you with the Services you have requested.

Personal Information and consent of third parties

From time to time, you may provide us, and we may collect from you, personal information of a third party. Where you provide the personal information of a third party, it is your responsibility to ensure that you have obtained their consent to provide their personal information to us (where required under applicable law) and inform them that their details will be collected, stored, used and disclosed in accordance with our Privacy Policy. This includes informing them of the purpose of collection, how their information will be used, and their rights regarding access and correction of their information as set out in this Privacy Policy.

If you are purchasing or signing up to our Services for a minor or a person who you have legal responsibility for, as the parent or legal guardian, you must consider the privacy of the user over whom you have responsibility. You may also be responsible for providing any necessary consents on behalf of those individuals.

Sensitive Information Spacetalk collects

Under the Privacy Act and other applicable law, “sensitive information” includes but is not limited to information or an opinion about an individual’s race or ethnic origin, religious belief, or criminal record and also includes health information about an individual.

In certain circumstances, when you use our Services, we may also collect health data including weight, height, average activity levels (including step data), movement/physical ability, medical conditions, heart rate, medication / prescriptions, fall detection and your statements of mood.

How do we use personal information?

We may collect, hold, use and disclose your personal information for the following purposes:

to enable you to access and use our website and Services;
to operate, protect, improve and optimise our website and Services, business and our users’ experience, such as to perform analytics, conduct research, develop new features and for advertising and marketing;
to send you service, support and administrative messages, reminders, technical notices, updates, security alerts, and information requested by you;
to send you marketing and promotional messages and other information that may be of interest to you, including information sent by, or on behalf of, our business partners that we think you may find interesting;
to administer rewards, surveys, contests, or other promotional activities or events sponsored or managed by us or our business partners;
to comply with our legal obligations, resolve any disputes that we may have with any of our users, and enforce our agreements with third parties; and

We may also disclose your personal information to a trusted third party who also holds other information about you. This third party may combine that information in order to enable it and us to develop anonymised consumer insights so that we can better understand your preferences and interests, personalise your experience and enhance the products and services that you receive.

If you are in the UK, EEA or Switzerland, please refer to the Purposes and Legal Bases of Processing section of our Additional EEA, UK, and Switzerland Privacy Disclosures for further information regarding the lawful basis we rely on to process your personal information.

Live-location services

Where we collect your location data through our Services, we will comply with the relevant Apple App Store and Google Play Store requirements. If you do not want us to use your location data for the purposes above, you should turn off the location services in your account settings in the Spacetalk app or in your mobile phone settings. If you do not provide location data to us, we may not be able to provide our Services to you.

Do we use your personal information for direct marketing?

By agreeing to the terms of this Privacy Policy, you agree that we and/or our carefully selected business partners may send you direct marketing communications and information about our Service. This may take the form of emails, SMS, mail or other forms of communication, in accordance with the Spam Act, the Privacy Act and other applicable law. You may opt-out of receiving marketing materials from us by contacting us using the details set out below or by using the opt-out facilities provided (e.g. an unsubscribe link).

If you are in the UK or EEA (and, where applicable, in Switzerland), we will only use your personal information for direct marketing where we have your consent to do so. Please refer to the Additional EEA, UK and Switzerland Privacy Disclosures for further information about our use of your personal information for direct marketing and how to withdraw consent.

Automatic Data Collection Preferences

Certain of our Services may provide you the ability to adjust your preferences regarding our use of automatic data collection technologies. For example, there is a “Cookie Preferences” manager linked in the footer of our websites that allows you to adjust your preferences regarding certain automatic data collection technologies on the specific website you are visiting for the specific device and browser you are using at that time (which means you will need to change your preferences on each device and browser you use to interact with the specific website you are visiting).

Where a Spacetalk-specific preference manager or privacy setting is not available, you may be able to utilize third-party tools and features to further restrict our use of automatic data collection technologies. For example, (i) most browsers allow you to change browser settings to limit automatic data collection technologies on websites, (ii) most email providers allow you to prevent the automatic downloading of images in emails that may contain automatic data collection technologies, and (iii) many devices allow you to change your device settings to limit automatic data collection technologies for device applications. Please note that blocking automatic data collection technologies through third-party tools and features may negatively impact your experience using our Services, as some features and offerings may not work properly or at all. Depending on the third-party tool or feature you use, you may not be able to block all automatic data collection technologies, or you may need to update your preferences on multiple devices or browsers. We do not have any control over these third-party tools and features and are not responsible if they do not function as intended.

Who we may disclose your Personal Information to

We work with other companies that help us provide our systems and Services to our customers. We may provide personal information to these companies for the purpose of providing the Services to you and to facilitate our interests as stated above. Those service providers will only be provided with access to your personal information as is reasonably necessary for the purpose that we have engaged the service provider, and we will require that such third parties comply with our standards and all applicable laws.

We may disclose personal information to:

our related entities, their employees and contractors. If you are in the UK, EEA or Switzerland, please refer to the Additional EEA, UK and Switzerland Privacy Disclosures for further information about how we and our related entities process personal information;
third party suppliers and service providers (including providers for the operation of our websites and/or our business) or in connection with providing our Services to you;
marketing or advertising providers;
IT service providers, data storage, web-hosting and server providers;
professional advisors, dealers, agents, auditors, business brokers, our insurers and insurance brokers;
credit reporting bodies and agencies;
payment systems operators (e.g. merchants receiving card payments);
our existing or potential agents, business partners or partners;
our sponsors or promoters of any competition that we conduct via our Services;
your emergency contacts or approved contacts;
anyone to whom our business assets (or any part of them) are, or may (in good faith) be, transferred;
courts, tribunals, governmental agencies, regulatory authorities and law enforcement agencies, or as required, authorised or permitted by law;
third parties to collect and process data including for marketing purposes, such as Google Analytics (To find out how Google uses data when you use third party websites or applications, please see www.google.com/policies/privacy/partners or any other URL Google may use from time to time);
specific third parties authorised by you to receive information held by us; and
any other third parties as required or permitted by law, such as where we receive a summons.

Credit reporting bodies and agencies

To enable us to provide you with certain of our Services, or when you deal with us in some other way that involves our Services, we may be required under applicable law, regulatory body or under an agreement with a third-party service provider to disclose your personal information with credit reporting bodies:

the fact that you have applied for credit and the amount;
the fact that we are a credit provider to you; and
payments which become overdue and for which debt collection action has started.

We may also use your personal information to:

obtain from a credit reporting agency a credit report containing personal information about you in relation to commercial credit provided by us;
obtain a report containing information about your commercial activities or commercial creditworthiness from a business which provides information about the commercial creditworthiness of a person; and
obtain a report from a credit reporting agency and other information in relation to your commercial credit activities. We may also disclose your personal information to third parties to whom you expressly ask us to send the personal information to or to third parties you consent to us sharing your personal information with.

Every credit reporting body is required by law to have a policy which explains how they manage your personal information. You can view the policy for each of the credit reporting bodies we deal with using the details below:

FrankieOne (Aus): https://frankieone.com/frankieone-privacy-policy
Experian (Aus): https://www.experian.com.au/privacy-policy-terms-conditions
Gigs (UK, EEA and USA): https://gigs.com/legal

Overseas Transfers of personal information

As we operate on a global scale, we may store and process personal information in a cloud services or data centres located outside the country in which you are located, including but not limited to Australia, the United States and the UK or in any country where we or our service providers operate.

For the provision of customer support, to troubleshoot issues or for other IT or marketing services, we may give controlled access of our systems to suppliers or personnel located outside of the country where you are located. Any such access is provided strictly under applicable data protection laws, contractual safeguards, and security measures designed to protect your personal information.

Additionally, we may disclose personal information overseas when required by legal or regulatory obligations, such as responding to a lawful request from a foreign law enforcement body.

We take reasonable steps to ensure that any international transfer of personal information is carefully managed to protect your privacy rights and interests. This includes implementing measures such as encryption, pseudonymisation, and contractual safeguards to ensure your data is handled securely and in compliance with applicable privacy laws.

If you are in the UK, EEA or Switzerland, please refer to the Additional EEA, UK, and Switzerland Privacy Disclosures for further information regarding international transfers of your personal information and the transfer mechanisms we rely on.

Using our website and cookies

We may collect personal information about you when you use and access our website.

We may record certain information about your use of our website, such as which pages you visit, the time and date of your visit and the internet protocol address assigned to your computer.

We may also use cookies, pixels and other third-party tracking technologies on our websites from time to time. Cookies are small files that store information on your computer, TV, mobile phone or other device. They enable the entity that put the cookie on your device to recognise you across different websites, services, devices and/or browsing sessions. You can disable cookies through your internet browser, but our websites may not work as intended for you if you do so. If you are in the UK or EEA, we will only collect and process your personal information via cookies if we have your consent to do so or if strictly necessary to provide a feature or functionality of our Services to you.

We may also use cookies to enable us to collect data that may include personal information. For example, where a cookie is linked to your account or otherwise relates to you or your device, it may be considered personal information under the Privacy Act or other applicable data protection laws. We will handle any personal information collected by cookies in the same way that we handle all other personal information as described in this Privacy Policy.

Some “functional” cookies are used in providing our web-based application services to you. These are required to provide access to our systems and enable the user experience. These cookies are not shared with or used by third parties.

For information about the choices you may have in relation to our use of automatic data collection technologies, please refer to the Your Privacy Choices section below. For additional details about the cookies we use on our websites and to adjust your preferences with regard to those cookies, please visit our “Cookie Preferences” manager linked in the footer of our websites.

Use of personal information by Google Analytics

We have enabled Google Analytics Advertising Features including Remarketing Features, Advertising Reporting Features, Demographics and Interest Reports, Store Visits, Google Display Network Impression reporting etc. We and third-party vendors use first-party cookies (such as the Google Analytics cookie) or other first-party identifiers, and third-party cookies (such as Google advertising cookies) or other third-party identifiers together.

You can opt-out of Google Analytics Advertising Features including using a Google Analytics Opt-out Browser add-on found here.

To opt-out of personalised ad delivery on the Google content network, please visit Google’s Ads Preferences Manager here or if you wish to opt-out permanently even when all cookies are deleted from your browser you can install their plugin here.

To opt out of interest-based ads on mobile devices, please follow these instructions for your mobile device:

On android open the Google Settings app on your device and select “ads” to control the settings.
On iOS devices with iOS 6 and above use Apple’s advertising identifier. To learn more about limiting ad tracking using this identifier, visit the settings menu on your device.

If you are in the UK or EEA, we will only permit Google Analytics to process your personal information if we have your consent to do so.

Children’s Personal Information

Where required by applicable law, we will obtain consent from the parent or legal guardian of a child who is under the age of 13 before knowingly processing the child’s personal information. Please refer to the Region-Specific Disclosuressection below for additional children’s privacy disclosures for the region where you live.

If you believe a child under the age of 13 has provided personal information to us without appropriate consent, please contact us so that we may delete such information.

Data Storage

We are committed to ensuring that the personal information we collect is secure. To prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures, to safeguard and secure personal information and protect it from misuse, interference, loss and unauthorised access, modification and disclosure.

Data Retention

We will only retain your personal information for as long as reasonably necessary to fulfill the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your personal information for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.

To determine the appropriate duration of the retention of personal information, we consider the amount, nature, and sensitivity of the personal information, the potential risk of harm from unauthorised use or disclosure of personal information and if we can attain our objectives by other means, as well as our legal, regulatory, tax, accounting, and other applicable obligations.

Once retention of the personal information is no longer reasonably necessary for the purposes outlined above, we will either delete or deidentify the personal information or, if that is not possible (for example, because personal information has been stored in backup archives), we will securely store the personal information and isolate it from further active processing until deletion or deidentification is possible.

Region-Specific Disclosures

We may choose or be required by law to provide different or additional disclosures relating to the processing of personal information about residents of certain countries, regions or states. Please refer below for disclosures that may be applicable to you:

EEA, UK or Switzerland: If you are located in the EEA (Member States of the European Union together with Iceland, Norway, and Liechtenstein), the UK, or Switzerland, please click here for additional European-specific privacy disclosures, including a description of the personal information rights made available to individuals located in those jurisdictions under applicable law.
United States: If you are a resident of the United States, please click here for additional U.S.-specific privacy disclosures. Our U.S.-specific privacy disclosures include information about children’s privacy under the Children’s Online Privacy Protection Act (“COPPA”) as well as a description of the personal information rights made available to residents of certain states under applicable law.

Security

We may hold your personal information in either electronic or hard copy form. We take reasonable steps to protect your personal information from misuse, interference and loss, as well as unauthorised access, modification or disclosure and we use a number of physical, administrative, personnel and technical measures to protect your personal information. For example, we align with SOC2 Type II security control framework. However, we cannot guarantee the security of your personal information.

Links

Our website may contain links to websites operated by third parties. Those links are provided for convenience and may not remain current or be maintained. Unless expressly stated otherwise, we are not responsible for the privacy practices of, or any content on, those linked websites and have no control over or rights in those linked websites. The privacy policies that apply to those other websites may differ substantially from our Privacy Policy, so we encourage individuals to read them before using those websites.

Unsubscribe

To unsubscribe from our e-mail database or opt-out of communications (including marketing communications), please contact us using the details set out below or opt-out using the opt-out facilities provided in the communication.

Accessing or correcting your personal information

You may have the right to ask for your personal information by requesting:

a copy of your personal information;
that we correct inaccuracies relating to your personal information;
that your Personal information be deleted or that we restrict access to it; and
a structured electronic version of your personal information.

You may also have the right to object to our use of your personal information.

Sometimes, we may not be able to provide you with access to all of your personal information and, where this is the case, we will tell you why. We may also need to verify your identity when you request your personal information.

If you think that any personal information, we hold about you is inaccurate, please contact us and we will take reasonable steps to ensure that it is corrected.

Should you wish to make a request in respect of your personal information please contact us at privacy@spacetalk.co.

Please refer to the Region-Specific Disclosures for further information on the rights that may be available to you.

Enquiries, Requests, Complaints, Breaches

You can make enquiries or complaints regarding this Privacy Policy or the personal information we hold on you to our customer service team, whose contact details are below.

For any questions or notices, please contact us at:

Spacetalk Ltd, Spacetalk Holdings Pty Ltd, Spacetalk USA Pty Ltd and SPACETALKWATCH UK LTD

Email: privacy@spacetalk.co

Address (Australia): 154 Fullarton Road, Rose Park, South Australia 5067 Australia

Address (UK): 35 Ballards Lane, London, United Kingdom, N3 1XW

Website (Global): www.spacetalk.co

Website (UK): http://www.spacetalkwatch.co

We will take all reasonable steps to ensure your claims are investigated and a formal response will be provided to you, within a reasonable time, considering the circumstances of your claims. If any corrective action is determined to be required, as a result of that investigation, we will take all reasonable steps to rectify the situation and advise you of such, again within a reasonable time considering the circumstances.

If we do not resolve your enquiry, concern or complaint to your satisfaction or you require further information in relation to any privacy matters, you can contact the relevant regulatory authority, whose contact details are below:

Individuals based in Australia

Office of the Australian Information Commissioner

Telephone: 1300 363 992

Email: enquiries@oaic.gov.au

Address: Level 3, 175 Pitt Street, Sydney NSW 2000, Australia

Individuals based in New Zealand

Office of the Privacy Commissioner

Telephone: 0800 803 909

Email: enquiries@privacy.org.nz

Address: PO Box 10 094, Wellington 6140

Individuals based in the United Kingdom

Information Commissioner's Office

Telephone: +44 (0) 303 123 1113

Email: casework@ico.org.uk

Address: Wycliffe House, Water Lane, Wilmslow SK9 5AF, United Kingdom

Individuals based in the United States

Refer to your relevant State privacy and data protection body

Individuals based in Canada

Office of the Privacy Commissioner of Canada

Phone: +1 819-994-5444

Address: 30 Rue Victoria, Gatineau, QC J8X 2A1, Canada

Individuals based in the Netherlands

The Dutch Data Protection Authority (DPA)

Telephone: +31 (0)88 1805 250

Email: fg@minaz.nl

Address: Dutch Personal Data Authority, PO Box 93374, 2509 AJ The Hague

Individuals based in France

National Commission on Informatics and Liberty

Telephone: +33 (0)1 53 73 22 22

Address: 3 Place de Fontenoy, 75334 Paris Cedex 07

Individuals based in Germany

German Federal Commissioner for Data Protection and Freedom of Information (BfDI)

Telephone: +49 (0)228-997799-0

Email: poststelle@bfdi.bund.de

Address: Graurheindorfer Straße 153, 53117 Bonn

Individuals based in Spain

Spanish Data Protection Agency

Telephone: +34 901 100 099 / +34 91 266 35 17

Website: www.aepd.es.

Address: C/Jorge Juan, 6, 28001 Madrid

Individuals based in Singapore

The Personal Data Protection Commission (PDPC)

Telephone: +65 6377 3131

Address: 10 Pasir Panjang Road #03-01, Mapletree Business City, Singapore 117438

Individuals based in Ireland

Irish Data Protection Commission (DPC)

Telephone: (01) 765 01 00 or 1800 437 437

Email: info@dataprotection.ie

Postal Address: Data Protection Commission, 21 Fitzwilliam Square South, Dublin 2, D02 RD28, Ireland

ADDITIONAL UNITED STATES PRIVACY DISCLOSURES

These disclosures supplement the information contained in our Privacy Policy by providing additional information about children’s privacy under the Children’s Online Privacy Protection Act (“COPPA”) and about our personal information processing practices relating to individual residents of certain states in the United States. For a detailed description of how we collect, use, disclose, and otherwise process personal information, please read our Privacy Policy.

Children’s Privacy (COPPA)

For US users, we will obtain consent from the parent or legal guardian of a child who is under the age of 13 before knowingly processing the child’s personal information.

Personal Information We Collect From Children Under 13

When a child under the age of 13 uses our Services, we will collect the personal information described in our Privacy Policy, such as:

Name and nickname
Phone number
Email address
Mailing or street address
Age or date of birth
Gender
Photos and other content uploaded to the Services
Account username and password or security pin
Device ID, device type, and network information
Geo-location data (including live location, safe zone parameters, GPS, Wi-Fi networks, mobile cell tower triangulation, NFC, and RFID)
Details of SOS emergencies (including date/time, location, and recipients)
Account and profile settings (such as call settings, do not disturb, safe zone, and school mode settings)
Activity and health data (such as weight, height, step data, movement/physical ability, heart rate, fall detection, and statements of mood)

Personal information collected from children under 13 is accessible to the child’s parent or legal guardian and to users identified as family members through our Services. However, we do not provide public forums, chat rooms, or social networking features where children under 13 can post information publicly.

We do not require children under 13 to provide any more information than is reasonably necessary to use our Services.

How We Use the Personal Information of Children Under 13

We use personal information of children under 13 years old for the purposes described in our Privacy Policy, such as:

Enabling core features of our Services such as communication, location tracking, and emergency SOS alerts
Allowing parents or guardians to monitor and manage the child’s use of the device and app
Supporting family safety and wellbeing (such as activity tracking and health monitoring)
Ensuring the security and proper functioning of our Services

We do not use the children’s personal information for targeted advertising.

How We Disclose the Personal Information of Children Under 13

We do not sell personal information of children under 13. We may disclose the children’s personal information for the purposes described in our Privacy Policy, such as in the following circumstances:

To the child’s parent or legal guardian, and to users identified as your family members, as part of the core features of our Services
To trusted third-party service providers who assist us in operating our Services (such as IT, hosting, or customer support providers), and only as necessary for them to perform their services
To comply with legal obligations, such as responding to lawful requests from law enforcement or regulatory authorities
In connection with a business transfer, such as a merger or sale, with notice to parents and legal guardians as required by law

Our current list of service providers is available here. As required by applicable data protection laws, we impose contractual limits on how these service providers can use the Personal Information they receive.

We may also share aggregate or de-identified information in a manner that cannot be reasonably used to identify an individual user.

How to Access and Delete the Personal Information of Children Under 13

The parent or legal guardian of a child under the age of 13 has the right to access the personal information we have collected from the child, withdraw consent for further collection and request deletion of the child’s personal information.

Unless we receive a deletion request, we will retain the personal information collected from the child for as long as necessary to provide our Services and comply with our legal obligations, which could include retaining information as needed for recordkeeping and billing obligations. We will delete and/or de-identify the child’s personal information when it is no longer needed for the purposes for which it was collected.

If you have any questions about our practices regarding children’s personal information, or if you wish to review or delete your child’s information, please contact us at privacy@spacetalk.co. Additional contact details for Spacetalk can be found in the Enquiries, Requests, Complaints, Breaches section of this policy.

Nevada Residents

If you are a resident of the state of Nevada in the United States, you have the right to opt out of the sale of your personal information. Although we do not currently sell personal information of Nevada residents (as defined under Nevada law), you may submit a request to opt-out of the sale of your personal information by contacting us at privacy@spacetalk.co.

California, Colorado, Connecticut, Delaware, Indiana, Kentucky, Montana, Nebraska, New Jersey, Oregon, Tennessee, Texas, Utah, and Virginia Residents

If you are a resident of the state of California, Colorado, Connecticut, Delaware, Indiana, Montana, Nebraska, Oregon, Tennessee, Texas, Utah, or Virginia in the United States, the following supplementary disclosures apply to you.

Personal Information Disclosures, Sales and Targeted Advertising

We disclose all of the categories of personal information we collect to the categories of recipients set forth in the Our Disclosure of Personal Information section of this policy. Our disclosure of personal information to the third parties (listed above) qualifies as the sale of personal information or the sharing or processing of personal information for the purpose of displaying advertisements that are selected based on personal information obtained or inferred over time from an individual’s activities across businesses or distinctly-branded websites, applications, or other services (otherwise known as “targeted advertising” or “cross-context behavioral advertising”) under certain privacy laws.

Depending on your state of residency and subject to certain legal limitations and exceptions, you may be able to limit or opt-out of the sale of personal information or the processing of personal information for purposes of targeted advertising (as described in the Your Additional U.S. Privacy Choices section below).

Please note we do not sell the personal information of individuals we know to be less than 16 years of age or share such information for targeted advertising purposes.]

Sensitive Personal Information

The following personal information elements we collect may be classified as “sensitive” under certain privacy laws:

Government ID numbers, including social security number, driver's license number, state identification card number, or passport number (for verification purposes only)
Account log-in, financial account, debit card or credit card number in combination with any required security or access code, password or credentials allowing access to an account.
Race, ethnicity or national origin
Religious or philosophical beliefs
Biometric data
Health data, including information regarding an individual’s medical history, mental or physical health condition, or medical treatment or diagnosis
Precise geolocation data
Personal information collected from a known child under the age of 13

We use sensitive personal information for the purposes set forth in the Our Collection and Use of Personal Information section of this Policy. Depending on your state of residency and subject to certain legal limitations and exceptions, you may be able to limit, or withdraw your consent for, our processing of sensitive personal information (as described in the Your Additional U.S. Privacy Choices section below).

Deidentified Information

We may at times receive, or process personal information to create, deidentified information that can no longer reasonably be used to infer information about, or otherwise be linked to, a particular individual or household. Where we maintain deidentified information, we will maintain and use the information in deidentified form and not attempt to reidentify the information except as required or permitted by law.

Automated Decision-Making and Profiling

We do not conduct automated processing of personal information for the purposes of evaluating, analyzing, or predicting an individual’s personal aspects in furtherance of decisions that produce legal or similarly significant effects. As a result, we do not provide a right to exercise control over such forms of automated decision-making and profiling.

Your Additional U.S. Privacy Choices (Your Privacy Choices)

Depending on your state of residency and subject to certain legal limitations and exceptions, you may be able to exercise some or all of the following rights:

Right to Know:

The right to confirm whether we are processing personal information about you and, under California law only, to obtain certain personalized details about the personal information we have collected about you, including:

The categories of personal information collected;
The categories of sources of the personal information;
The purposes for which the personal information were collected;
The categories of personal information disclosed to third parties (if any), and the categories of recipients to whom this personal information were disclosed;
The categories of personal information shared for targeted advertising purposes (if any), and the categories of recipients to whom the personal information were disclosed for these purposes; and
The categories of personal information sold (if any) and the categories of third parties to whom the personal information were sold.

Right to Access & Portability The right to obtain access to the personal information we have collected about you and, where required by law, the right to obtain a copy of the personal information in a portable and, to the extent technically feasible, readily usable format that allows you to transmit the data to another entity without hindrance.
Right to Correction The right to correct inaccuracies in your personal information, taking into account the nature of the personal information and the purposes of the processing of the personal information.
Right to Control Over Sensitive Personal Information The right to exercise control over our collection and processing of certain sensitive personal information.
Right to Control Over Automated Decision-Making / Profiling The right to direct us not to use automated decision-making or profiling for certain purposes.
Right to Opt-Out of Targeted Advertising The right to direct us not to use or share personal information for certain targeted advertising purposes.
Right to Opt-Out of Sales The right to direct us not to sell personal information to third parties, [including the right to opt-out of the disclosure of personal information to third parties for the third parties’ direct marketing purposes under California’s “Shine the Light” Law].
Right to Deletion The right to have us delete personal information we maintain about you. If you are a resident of the State of California under the age of 18, you may also request and obtain removal of user-generated content you have posted on our platform (though please note that such a request does not ensure complete or comprehensive removal of all user-generated content, particularly where user-generated content has been republished or reposted by another user or third party).

Submitting Privacy Rights Requests

Please submit a request specifying the right you wish to exercise by:

Completing our online form found here; or
by contacting us at privacy@spacetalk.co.

To exercise your right to opt-out as it relates to the use of cookies and related technologies that involve the sharing of personal information or the use of personal information for targeted advertising purposes, please click the “Cookie Settings” link in the footer of the website and adjust your preferences accordingly. In addition, you can also opt-out of cookie-based sales by businesses that participate in the Digital Advertising Alliance’s CCPA Opt-Out Tool by visiting https://www.privacyrights.info/. Lastly, you may follow the other steps set forth in the Automatic Data Collection Preferences section of the Your Privacy Choices section of this policy to further exercise control over automatic data collection technologies. Our site does not respond to the Global Privacy Control signal.

Before processing your request to exercise certain rights (including the Right to Know, Access & Portability, Correction, and Deletion), we will need to verify your identity and confirm you are a resident of California. In order to verify your identity, we will generally either require the successful authentication of your account, or the matching of sufficient information you provide us to the information we maintain about you in our systems. As a result, we require requests to include first and last name, email address, phone number, state of residency and/or the date of your last transaction with us.

In certain circumstances, we may decline or limit your request, particularly where we are unable to verify your identity or locate your information in our systems, or where you are not a resident of one of the eligible states.

Submitting Authorized Agent Requests

In certain circumstances, you are permitted to use an authorized agent to submit requests on your behalf through the designated methods set forth above where we can verify the authorized agent’s authority to act on your behalf. In order to verify the authorized agent’s authority, we generally require evidence of either (i) a valid power of attorney or (ii) a signed letter containing your name and contact information, the name and contact information of the authorized agent, and a statement of authorization for the request. Depending on the evidence provided and your state of residency, we may still need to separately reach out to you to confirm the authorized agent has permission to act on your behalf and to verify your identity in connection with the request.

Additional California-Specific Disclosures

California Categories of Personal Information

California law requires we provide disclosures to you about what personal information we collect by reference to the enumerated categories of personal information set forth within California law. To address this obligation, we have identified the relevant enumerated California personal information category for the personal information described in the Our Collection and Use of Personal information section of this policy below:

Identifiers, such as email address.
Internet / network information, such as device information, logs and analytics data.
Geolocation data, such as your approximate location based on IP address.
Inferences, such as preferences.

ADDITIONAL EUROPEAN ECONOMIC AREA, UNITED KINGDOM, AND SWITZERLAND PRIVACY DISCLOSURES

These disclosures supplement the information above by providing additional information about our personal information processing practices relating to individuals who access our website (“Site Users”) and individuals who access and use our Services or otherwise interact with us from the EEA, UK, and Switzerland (“Service Users”). If you use our Services as part of our Aged Care service offering, we refer to you as “Aged Care Users” in these disclosures. For a detailed description of how we collect, use, disclose, and otherwise process personal information, please read our disclosures above.

Controller Details

EEA, UK, and Swiss Controller

SPACEWALKWATCH UK LTD (“Spacetalk UK”), a company duly incorporated and organized under the laws of England and Wales, having its registered address at 35 Ballards Lane C/O Bkl Llp, 35 Ballards Lane, London, United Kingdom, N3 1XW, is the “controller” responsible for the processing of personal information in connection with our EEA, UK, and Swiss Services and operations. This means Spacetalk UK determines and is responsible for how your personal information is used. You may contact Spacetalk UK by sending an email to: privacy@spacetalk.co.

As referred to above, where we provide services to our enterprise customers, such as Aged Care service providers, we mostly use personal information as a processor on behalf of the relevant Aged Care provider. This means that the care provider determines and is responsible for how we process personal information. You should consult that care provider's privacy notice for information about how that personal information is used. We have indicated in these additional disclosures where we process limited personal information as a controller in connection with our Aged Care services.

Joint Controllership

Spacetalk UK works with our affiliated entities: Spacetalk Ltd, Spacetalk Holdings Pty Ltd and Spacetalk USA Pty Ltd (the “Spacetalk Affiliates”) to provide the Services. When we do so, we generally act as “joint controllers” with our Spacetalk Affiliates, meaning that we jointly determine and are responsible for how your personal information is used. We and our Spacetalk Affiliates have allocated responsibility for complying with applicable data protection law between us as follows:

Information about how we use your personal information	Spacetalk UK provides the information contained in this privacy notice to you on behalf of Spacetalk UK and the Spacetalk Affiliates
Identifying a lawful basis and collecting consent	Spacetalk UK is responsible for identifying the lawful basis relied on for the processing of your personal information. Spacetalk UK is responsible for obtaining or procuring your consent to the processing of your personal information
Giving effect to your rights	Spacetalk UK is the primary contact point for your exercise of your rights. You can exercise your rights as set out in the “Your Additional EEA, UK, and Swiss Privacy Choices” section below in respect of both Spacetalk UK and our Spacetalk Affiliates
Ensuring the security of your personal information	Spacetalk UK and the Spacetalk Affiliates each maintain safeguards to ensure that the personal information we process as joint controllers is kept secure
Complying with rules on international transfers	Spacetalk UK and the Spacetalk Affiliates have each implemented safeguards for the transfers of your personal information we undertake, including transfers to recipients outside of the jurisdiction you are in

Additional Questions or Complaints

If you have a concern about our processing of personal information, you have the right to lodge a complaint with the Data Protection Authority where you reside, where you work, or where an alleged violation of the law has occurred. Contact details for applicable Data Protection Authorities can be found in the Enquiries, Requests, Complaints, Breaches section of this policy. We would, however, appreciate the chance to handle your concerns directly prior to a complaint being filed, so please contact us directly at privacy@spacetalk.co if you have any concerns.

You can make a complaint directly to Spacetalk UK by completing this webform:

Automated Decision-Making and Profiling

We do not conduct automated processing of personal information, including profiling, for the purposes of making decisions about you with legal or similarly significant effects.

Purposes and Legal Bases of Processing

When we process your personal information, we will do so in reliance on the following lawful bases. You are not required to provide personal information to us, but we do rely on your personal information to provide certain of our products and services. If you choose not to provide us with your personal information, we may not be able to provide you with a service or product you request. We will inform you at the point that we collect personal information from you if the provision of certain personal information is mandatory or optional for receipt of our products and services.

If you are minor (under 18), we may collect some or all of the below information from your responsible family member(s).

Personal Information We Collect

We collect personal information that you submit directly to us when you access our website, contact us or use the Services, as follows:

Categories of Personal Information used	How we use Personal Information	Lawful basis
Site Users and Service Users
Contact information and identifiers, including title, first name, last name, email address, and telephone numbers.	We use this information to communicate with you in response to any queries that you submit to us.	If you purchase or use our Services, this processing is necessary for the performance of, or to take steps prior to, a contract with you. Otherwise, the processing is necessary for our legitimate interests, namely to communicate with you and respond to and appropriately investigate specific information requests made by you.
	We use this information to send notifications and alerts to if you have signed up to receive our newsletter or other marketing emails, surveys and/or information about promotions.	We will only process this personal information to the extent we have your consent to do so.
Chat and comments (including uploaded content), when you contact us directly e.g., by email, webform or phone, we will record your comments and opinions and any content you upload in connection with your comment or query.	We use this information to handle your customer service requests including: · directing your questions to the appropriate team members; and · investigating and addressing any concerns.	If you purchase or use our Services, this processing is necessary for the performance of, or to take steps prior to, a contract with you. Otherwise, the processing is necessary for our legitimate interests, namely to respond to and appropriately investigate your request.
	We use this information to identify ways in which we can improve the website and service as well as to inform our development of new products and digital content.	The processing is necessary for our legitimate interests, namely identifying ways in which we can improve and further develop the website and service.
Marketing and communications preferences includes your preferences in receiving marketing from us and our third parties, and your communication preferences.	We use this information to send notifications and alerts in accordance with your preferences.	The processing is necessary to comply with legal obligations to which we are subject, namely privacy and electronic communications legislation.
Service Users Only
Account information, including username and password or security pin	We use this information to set up your account profile and to authenticate you to service.	The processing is necessary for the performance of a contract with you. If you are a minor (under 18), the processing is necessary for our legitimate interests, namely to provide you and your responsible family members with the Services at your or their request.
Government identifiers including official identification document details Note that we do not directly collect identification document details, but these may be collected on our behalf via our third-party verification service providers.	We use this information to verify your identity for the purpose of providing certain services to your phone plan services to you. Multiple jurisdictions require us by law to verify your identity for the provision of mobile carrier services. We will only process this personal data if required in that country and for persons eligible to enter into a mobile service.	The processing is necessary to comply with a legal obligation to which we are subject. Note that we do not collect this information in relation to minors’ (under 18s’) accounts.
Profile information, including name and nickname, contact information (phone and email address), postal address, age or date of birth, gender, photo, school name, teacher name, family member details (including relationship to you)	We use this information to set up your account profile for your use when using our service. This information will be displayed to users identified as your family members.	The processing is necessary for the performance of a contract with you. If you are a minor (under 18), the processing is necessary for our legitimate interests, namely to provide you and your responsible family members with the Services at your or their request.
Account and profile settings, such as call settings, do not disturb settings, safe zone settings, social media settings, school mode settings	We use this information to set up your account profile and manage your settings in order to provide the service to you in accordance with your, or your responsible family members’ wishes.	The processing is necessary for the performance of a contract with you. If you are a minor (under 18), the processing is necessary for our legitimate interests, namely to provide you and your responsible family members with the Services at your or their request.
SMS or call information, including date / time of calls or chats and recipients of calls or chats	We use this information to allow you to make calls or send messages and receive calls or messages when using our Services.	The processing is necessary for the performance of a contract with you. If you are a minor (under 18), the processing is necessary for our legitimate interests, namely to provide you and your responsible family members with the Services at your or their request.
Blocked SMS message content	We use this information to allow guardians to identify if a message was received by an unapproved number and blocked on a wearable device that may be pertinent to providing mobile carrier network access.	The processing is necessary for the performance of a contract with you. If you are a minor (under 18), the processing is necessary for our legitimate interests, namely to provide you and your responsible family members with the Services at your or their request.
Credit reporting information,connected with your use of our phone plan services, including the fact that you have applied for credit, the fact that we are a credit provider to you and payments which became overdue and for which debt collection has started, and the content of any reports from credit reporting agencies.	We use this information to determine whether you are eligible to participate in our phone plan services.	The processing is necessary for the performance of a contract with you. Note that we do not collect this information in relation to minors’ (under 18s’) accounts.
	We may disclose information about overdue payments to credit reporting bodies in connection with debt collection processes or where required under an agreement with a third party service provider of phone services.	The processing is necessary for our legitimate interests, namely to comply with legal agreements we have entered into in connection with the phone plan services and in connection with the enforcement of our or a third party’s rights under agreements with you.
Service User content, including photos, chat and any other materials you upload to the Services	We use this information to allow you to upload content among your family members at your request.	The processing is necessary for the performance of a contract with you. If you are a minor (under 18), the processing is necessary for our legitimate interests, namely to provide you and your responsible family members with the Services at your or their request.
Physical and mental health information, such as weight / height, movement / physical ability, medical conditions, heart rate, instances of falls, and your expressed mood	We use this information to allow you and your family members to track and monitor your health and wellbeing, at your and their request.	We will only process this information where we have your consent to do so. If you are a child (under 16, depending on your country of residence), we may require such consent from your responsible family member.
Activity information and goals, such as steps taken, distance walked, calories burned in a given period and activity goals	We use this information to allow you and your family members to track and monitor your wellbeing, at your and their request.	We will only process this information where we have your consent to do so. If you are a child (under 16, depending on your country of residence), we may require such consent from your responsible family member.
SOS emergencies, including the date / time of SOS emergencies you receive or send, recipients of your SOS emergencies and your location	We use this information to allow you and your family members to send and receive emergency SOS notifications at your and their request.	The processing is necessary for the performance of a contract with you. If you are a minor (under 18), the processing is necessary for our legitimate interests, namely to provide you and your responsible family members with the Services at your or their request.
Transaction information, including details of products / Services you purchase from or return to us, details of any returns, relevant delivery details and app subscription details	We use this information to allow you to purchase our products and Services, to deliver our products and Services to you and (where relevant) to manage any returns of our products or Services.	The processing is necessary for the performance of a contract with you.
	We use this information for our own internal record-keeping purposes and to ensure the security and integrity of the Services, including identifying and preventing unlawful, fraudulent, or malicious use of the Services.	The processing is necessary for our legitimate interests, namely to maintain our own internal legal records and identifying and mitigating the risk of unlawful behavior to protect the Services.
Payment details, including card and bank details, purchased products or Services and date / time of purchases. Note that we do not directly collect and hold credit card and bank details, but these may be collected on our behalf via our third-party payment service providers.	We use this information to allow you to purchase our products and Services.	The processing is necessary for the performance of a contract with you. Note that we do not collect this information in relation to minors’ (under 18s’) accounts.
	We use this information for our own internal record-keeping purposes and to identify suspicious transactions and prevent unlawful, fraudulent, or malicious use of the Services.	The processing is necessary for our legitimate interests, namely to maintain our own internal legal records and identify fraud.
All of the above information (other than sensitive data collected, such as data regarding your health).	Where permitted by law, we may use all of the above personal information to allow us, and our partners, to present advertising that is tailored to you.	We will only process your personal information in this way to the extent that you have given us your consent to do so via our cookie consent banner or in-app preferences. [Note, we do not use personal information in this manner when collected from accounts identified as minors’ (under 18s’) accounts.]
Aged Care Users only
Inquiry and Communication Information, including your name, contact information and contents of your enquiry when you contact us.	If you are an employee or representative of an enterprise customer, we will use this information to administer our contract with your employer and maintain our legal records.	Our legitimate interests, namely managing our contractual relationships with enterprise customers and for our own internal record-keeping purposes.
	To identify ways in which we can improve the Services, including fixing errors or developing new features and functionalities.	Our legitimate interests, namely informing our product development and improvement.

Personal information we collect automatically

Like all online Services, we also collect certain personal information about you automatically when you use the website or Services in order to understand how the website or Services are used and how we can improve it, as well as to tailor the adverts you see online to your interests.

If you are a Service User, certain information (e.g. location information) is collected automatically to provide you with features of the Services, as described further below.

Categories of Personal Information used	How we use Personal Information	Lawful basis
Site Users / Service Users / Aged Care Users
Location Information or your IP address, including longitude, latitude, date and time (the precision of this data varies greatly and is determined by factors controlled by your device or mobile service providers). [Note, other than when strictly necessary to provide Service functionality or to secure the Service, we do not automatically collect this type of personal information from accounts identified as children’s (under 16s’) accounts.]	We use this information to tailor the website or service to you and ensure it is personalized to your needs and preferences.	We will only process your personal information in this way to the extent that you have given us your consent to do so via our cookie consent banner or in-app preferences.
	Where relevant and where permitted under applicable law, we use this information to identify potential risk or unlawful behavior including fraud detection, theft prevention, emergency response purposes and legal compliance.	The processing is necessary for our legitimate interests, namely identifying and mitigating the risk of unlawful behavior to protect the website or Services, Spacetalk and its users.
Information about how you access and use the website or Services, the time you access the website or service and how long you access it for, the approximate location that you access the website or Services, the site from which you came and the site to which you are going when you leave the Services, the pages you visit, the links you click, your interactions on the website or service and other actions you take on the website or service. [Note, other than when strictly necessary to provide Service functionality or to secure the Service, we do not automatically collect this type of personal information from accounts identified as children’s (under 16s’) accounts.]	We use necessary information to present the website or service to you on your device.	The processing is necessary for our legitimate interests, namely presenting the website or service to our users so they can access and use our website or Services.
	Where relevant and where permitted under applicable law, we use this information to ensure the security and integrity of the website or Services, including identifying and preventing unlawful, fraudulent, or malicious use of the website or service.	The processing is necessary for our legitimate interests, namely identifying and mitigating the risk of unlawful behavior to protect the website or Services, Spacetalk and its users.
	We use this information to tailor the website or service to you and ensure it is personalized to your needs and preferences.	We will only process your personal information in this way to the extent that you have given us your consent to do so via our cookie consent banner or in-app preferences.
	We use this information to monitor and improve the website or service and to resolve any issues.	We will only process your personal information in this way to the extent that you have given us your consent to do so via our cookie consent banner or in-app preferences.
Log files and information about your device. We also collect information about the tablet, smartphone or other electronic device you use to connect to the website or service. This information can include details about the type of device, unique device identifying numbers, operating systems, browsers and applications connected to the service through the device, your mobile network, your IP address and your device's telephone number (if it has one). [Note, other than when strictly necessary to provide Service functionality or to secure the Service, we do not automatically collect this type of personal information from accounts identified as children’s (under 16s’) accounts.]	We use necessary information to present the website or service to you on your device.	The processing is necessary for our legitimate interests, namely presenting the website or service to our users so they can access and use our website or Services.
	Where relevant and where permitted under applicable law, we use this information to ensure the security and integrity of the website or Services, including identifying and preventing unlawful, fraudulent, or malicious use of the website or service.	The processing is necessary for our legitimate interests, namely identifying and mitigating the risk of unlawful behavior to protect the website or Services, Spacetalk and its users.
	We use this information to tailor the website or service to you and ensure it is personalized to your needs and preferences.	We will only process your personal information in this way to the extent that you have given us your consent to do so via our cookie consent banner or in-app preferences.
	We use this information to monitor and improve the website or service and to resolve any issues.	We will only process your personal information in this way to the extent that you have given us your consent to do so via our cookie consent banner or in-app preferences.
We may collect analytics data or use third-party analytics tools such as Google Analytics, Firebase and Posthog to help us measure traffic and usage trends for the Services and to understand more about the demographics of our users. You can learn more about Google's practices here and view its additional opt-out options here. [Note, we do not automatically collect this type of personal information from accounts identified as children’s (under 16s’) accounts.]	We use this information to help us measure traffic and usage trends for the service and to understand more about the demographics of our users.	We will only process your personal information in this way to the extent that you have given us your consent to do so via our cookie consent banner or in-app preferences.
All of the above information.	Where permitted by law, we may use all of the above personal information to allow us, and our partners, to present advertising that is tailored to you.	We will only process your personal information in this way to the extent that you have given us your consent to do so via our cookie consent banner or in-app preferences. Note, we do not use personal information in this manner when collected from accounts identified as minors’ (under 18s’) accounts.]
Service Users only
Location information, including live physical location, entry / exit from safe zone parameters, Global Positioning System (GPS), nearby Wi-Fi networks, mobile cell tower triangulation, Near Field Communication (NFC), and RFID	We use this information to allow you to use features of the Services, at your or your responsible family members’ request, such as real-time location features, navigation features, SOS emergency features and safe-zone features	We will only process this information where we have your consent to do so. If you are a child (under 16, depending on your country of residence), we may require such consent from your responsible family member.

International Transfers of Personal Information

We operate and engage third-party partners and providers in various jurisdictions. Therefore, we and our third-party providers may transfer personal information to, or store, access, or process personal information in, a country other than the one in which it was collected, including, but not limited to, the United States, Australia and the Philippines. The country to which personal information is transferred may not provide the same level of protection for personal information as the country from which it was transferred.

We may transfer personal information about you outside of the EEA, UK, and Switzerland, and when we do so we rely on appropriate or suitable safeguards recognized under applicable law, including adequacy decisions, standard contractual clauses, and the DPF (defined below). If you would like more information on the specific safeguards we use (and obtain a copy of such safeguards, where applicable), please contact us at privacy@spacetalk.co.

Adequacy Decisions

We may transfer personal information about you to countries that the relevant regulatory authority have deemed to adequately safeguard personal information, either automatically or in connection with a specific safe harbor framework.

Standard Contractual Clauses

Certain regulatory authorities have adopted standard contractual clauses, which provide safeguards for personal information transferred outside of the originating jurisdiction. We may use these standard contractual clauses when transferring personal information to a third country that has not been deemed to adequately safeguard personal information.

EU-U.S., Swiss-U.S. Data Privacy Framework and UK Extension

The EU-U.S., Swiss-U.S. Data Privacy Framework and UK Extension (“DPF”) was designed by the U.S. Department of Commerce and the European Commission (and respectively the Swiss Council and UK Secretary of State) to ensure adequate protection for personal information transferred to a company participating in the DPF. If we transfer any personal information about you from the EEA, UK or Switzerland to a third party outside the EEA, UK or Switzerland who is participating in the DPF, we may rely on their participation in the DPF to ensure adequate protection for personal information so transferred.

We may transfer your personal information to, or store your personal information in, the following countries:

Country	Appropriate Safeguard
Australia	Standard Contractual Clauses adopted by the European Commission / regulation of the UK Secretary of State or Swiss Council
United States of America	Standard Contractual Clauses adopted by the European Commission / regulation of the UK Secretary of State or Swiss Council Sharing with recipients certified to the DPF
EEA	If you are in the UK or Switzerland, Adequacy
UK	If you are in the EEA or Switzerland, Adequacy
Switzerland	If you are in the UK or EEA, Adequacy
Philippines	Standard Contractual Clauses adopted by the European Commission / regulation of the UK Secretary of State or Swiss Council

Your Additional EEA, UK, and Swiss Privacy Choices (Your Privacy Choices)

Subject to certain limitations at law, you may be able to exercise the following rights:

- Right to Access: The right to obtain confirmation of whether we are processing personal information about you, access to and a copy of the personal information we are processing about you, and information relating to its processing, including:

The categories of personal information being processed;
The purposes of the processing;
The sources of the personal information;
The categories of recipients to whom the personal information have been or will be disclosed;
The envisaged period for which the personal information will be stored, or the criteria used to determine that period;
Any automated decision-making or profiling performed in connection with your personal information; and
The safeguards relied upon for the transfer of personal information to any third country.

- Right of Portability:

The right to obtain a copy of the personal information we have collected about you in a structured, commonly used, and machine-readable format, and the right to transmit that personal information to another controller without hindrance.

- Right to Rectification:

The right to correct or update any personal information about you that is inaccurate or incomplete.

- Right to Restriction of Processing:

The right to require us to limit the purposes for which we process your personal information if the continued processing of the personal information in this way is not justified, such as where the accuracy of the personal information is contested by you.

- Right to Object to Processing:

The right to object to any processing based on our legitimate interests where there are grounds relating to your particular situation. There may be compelling reasons for continuing to process your personal information, and we will assess and inform you if that is the case. You can object to marketing activities for any reason.

- Right to Withdraw Consent:

The right to withdraw your previously provided consent to our processing of your personal information. Please note withdrawing your consent will not affect the lawfulness of our use of your personal information before your consent was withdrawn, nor our processing of personal information pursuant to a different lawful basis for processing.

- Right to Erasure:

The right to have us erase your personal information if the continued processing of that personal information is not otherwise justified.

Please note that if the exercise of these rights limits our ability to process personal information, we may not be able to provide our Services to you or otherwise engage with you in the same manner.

Submitting Privacy Rights Requests

Please submit a request specifying the right you wish to exercise by completing our online form found here:https://spacetalk.co/pages/contact-us

Before processing your request to exercise certain rights (taking into account the confidential nature of any personal information we maintain), we will need to verify your identity and confirm you are accessing our Services or otherwise interacting with us from the EEA, UK, or Switzerland. In order to verify your identity, we will generally either require the successful authentication of your account, or the matching of sufficient information you provide us to the information we maintain about you in our systems. As a result, we require requests submitted through our online form to include first and last name, email address, phone number, state of residency and/or the date of your last transaction with us.

In certain circumstances, we may decline or limit your request, particularly where we are unable to verify your identity as needed to protect your personal information or locate your information in our systems, or where you are not accessing our Services or otherwise interacting with us from the EEA, UK, or Switzerland.

You can withdraw your consent to marketing materials by clicking on the unsubscribe link in the footer of our marketing emails or by contacting us at support@spacetalk.co. We make every effort to promptly process all unsubscribe requests. You may not opt-out of service-related communications (e.g., account verification, transactional communications, changes/updates to the features of the Services, technical and security notices).

To exercise your right to withdraw your consent as it relates to the use of automatic data collection technologies (including cookies) that facilitate our online targeted advertising activities, please click the “Cookie Settings” link in the footer of the website and adjust your preferences accordingly. Please note this preferences tool is website, device, and browser specific, so you will need to change your preferences on each device and browser you use to interact with the specific website you are visiting. In addition, you may follow the other steps set forth in the Automatic Data Collection Preferences section of the Your Privacy Choices section of this policy. to further exercise control over automatic data collection technologies.

Children’s Personal Information

If you are the parent or individual with parental responsibility of a child under the age of 16, we may ask for your consent to process certain personal information, as further set out in this Privacy Policy. If you have any questions or would like to obtain further information about our processing of your child’s personal information, please contact us using the details set out in this Privacy Policy.

Spacetalk Privacy Policy.pdf