You own your Data

This privacy notice was last updated on: 24th May 2018

At Vistr.co we know you care about how your data is used and shared. We take privacy VERY seriously!

This updated privacy policy takes into consideration the European Union General Data Protection Regulation 2016/679 (GDPR) and describes how VISTR.CO collects and uses the personal information you provide on VISTR.CO.com and all of our domains (“the Website”).

Personally Identifying Information

This Privacy Notice covers our treatment of personally identifiable information (“Personal Information”) that we gather or is provided to us by you when you are accessing or using our Website or the Services. This Privacy Notice also sets out the rights you have in relation to your Personal Information. This Privacy Notice does not apply to the practices of companies that we do not own or control, to individuals that we do not employ or manage or to any other third party websites whose links may appear on the Website. We do not knowingly collect or solicit Personal Information from anyone under the age of 16 or knowingly allow such persons to register for the Services (as that term is defined in our Terms of Use).

  1. We gather various types of Personal Information from our users, as explained more fully below. We use your Personal Information to:
  2. allow you to set up a user account and profile;
  3. personalise and improve the Services – we analyse and log user login patterns, threats, risks, location and device data to identify and prevent security breaches. We also track user activity to better understand user behaviour and improve the Services;

iii. manage user accounts and provide customer service – we log your communication with us in order to provide users with an enhanced experience. The Personal Information we collect includes user location, number of clients, requested features, accountancy package, lead source and company size in order to optimize our relationship with users.

  1. We also use a live chat feature which stores conversations we have with our users along with user location, device operating system, page last browsed on our website and details of when the user was last contacted or contacted us. We do this to maximise our efficiency so that our service to users is seamless;
  2. process payments and for other billing purposes – we take payments using third party software. We collect user email, billing email, name and location. We also use this information for internal processes such as account management, sales and customer support and marketing;
  3. send users product-related communications and marketing communications – VISTR.CO uses user email, name and status (business owner or accountant) to facilitate product-related communications and marketing communications.
  4. contact users in relation to the Website and the Services;
  5.  fulfill your requests for the Service;
  6. analyse how users utilise the Website, and as otherwise set forth in this Privacy Notice;

You own your Data

We store financial information (the Data) about your business, and therefore about the company operating the business (if there is one). The Data is imported on your instruction when you provide permission to access your online accounting system (Xero), or is manually entered into your password protected instance of the Vistr cash flow tool. The Data remains your property.

The Data may identify you or another individual. It is impractical to ask you to provide information anonymously, and we does not collect sensitive information from you. By using Vistr, you agree to provide us with identifying information.

You control who has access to your Data

We store your Data securely. You control who can access this information via the internet to those you have provided access to, or who have your User ID and password. It is your responsibility to keep these details safe, and only provide access to trusted parties. You may access or alter your Data at any time by logging in to your Vistr service.

From time to time, we may access your Data in order to provide the Service. Your Data will only be accessed by staff on a need to know basis. 

According to GPDR definitions, Vistr.co is the “processor” of the data, but we take our direction from you the "controller". Our contact details are set out on this website and at the bottom of this page.

We may use your Data to improve our Services

We may use your Data for a range of purposes, including: 

  1. to provide you with the Vistr service, 
  2. to monitor platform use, quality and performance; 
  3. to improve the services we provide to you, 
  4. to evaluate the demand for new or additional services; 
  5. to better understand your business's cashflow needs (sources, uses) and what drives these needs in order to improve our cashflow forecasting capability and to help our related companies to do the same; 
  6. to provide you with information about products and services we believe may interest you. These products and services may be offered by preferred suppliers. We may supply the information in various means, including by mail, telephone, email, or other electronic means. 

You may reduce your participation or withdraw entirely from some or all of these purposes at any time, by notifying us of your choice.

We may use third-party Services

We may use third party vendors or service providers to help us provide the service to you, such as sending email messages on our behalf, hosting and operating a particular feature or functionality of the service. 

We monitor usage

Like most electronic data service providers, we collect non-personally-identifying information, such as the type of device you are using, the software you are accessing the service through (for example, browser type), language preference, referring site, and the date and time of each visitor request. We collect this non-personally-identifying information to better understand how our service is used. From time to time, we may release non-personally-identifying information in the aggregate, such as by publishing a report on trends in the usage of the service. 

We also collect information that potentially may personally-identify you through additional means. An example of this type of information would be a user's Internet Protocol (IP) address or Device ID. We use this information to improve user experiences and implement appropriate information security. 

Your Data is sent securely over the internet

Our servers have SSL Certificates, so all Data transferred between you and us is encrypted. However, the internet is not in itself a secure environment. You should only enter or import Data within a secure environment. This means that your browser must support the encryption security used in connection with the Service. 

We store your Data in the location we consider will give you the most efficient access from wherever in the world you may be. Where you access or input Data from somewhere other than the country where the Data is stored or to be stored, you consent to that Data being transferred from one country to the other (including via any intermediate country) as a function of transmission across the Internet. 

Cookies store no information that may identify you

We use cookies and other technical means that enable us to monitor traffic patterns and to serve you more efficiently if you revisit the site. A cookie does not identify you personally or contain any other information about you or your business, but it does identify your computer. You can set your browser to notify you when you receive a cookie and this will provide you with an opportunity to either accept or reject it in each instance. 

We may share non-personally identifying information with third parties

If you choose to apply for, and / or use, third party products or services that we have told you about, those third party suppliers may request your Data from us. We will only share your personally identifying information with third parties for the purposes for which it was collected (or any reasonable ancillary purpose), or if you give us express instructions to do so. We may share your non-personally-identifying information with third parties unless prohibited under the Privacy Act. 

If you disclose information to third party providers, whether directly or through us, or grant them permission to collect information about you, then the information you provided and their use of it is governed by their privacy policies. You should evaluate the practices of third party providers before deciding to use their services. We are not responsible for the privacy practices of third party providers. We may present links in a format that enables us to keep track of whether these links have been followed and whether any action has been taken by you on a third party website. 

You can opt-out and be forgotten

We may send product information, service updates and other notifications to you via email. Where appropriate, emails will contain clear and obvious instructions describing how you can opt out of the mailing list. 

You may change your communications preferences or withdraw entirely from some or all communications at any time, by notifying us of your choice. 

This policy may change from time-to-time

We reserve the right to change this policy at any time and any amended policy is effective upon the posting on this website. We will make every effort to communicate these changes to you via email or notification via the website. 

Please read our Terms of Use

Use of the Service is subject to our Terms of Use and this Privacy Policy should be read in conjunction with that document. In the event of a conflict or disagreement between this Privacy Policy and the Terms of Use, the Terms of Use will prevail.

Please contact us for any more information or to make complaints

If you have any questions about our privacy procedures, or want to lodge a complaint about how we have dealt with your personal information (including credit information) you may lodge a complaint then please email: team@vistr.com.au.

You can also refer your complaint to the Office of the Australian Information Commissioner by telephoning 1300 363 992, by writing to Director of Complaints, Office of the Australian Information Commissioner, GPO Box 5218, SYDNEY NSW 2001, or by emailing enquiries@oaic.gov.au