ReferU2 Logo
Sign up

Privacy Policy

This policy explains how we collect, use, and protect your information.

1. Who we are

JAMM Investments Trust trading as ReferU2

ABN 82 431 151 821

PO Box 517, Wynnum QLD 4178, Australia

For the purposes of the EU and UK General Data Protection Regulation (GDPR), we are the data controller for the Personal Data described in this Privacy Policy, unless stated otherwise.

We have not appointed a data protection officer. If you have any questions about this Privacy Policy or about how we handle your data, you can contact us using the details in section 17.

2. Scope of this Privacy Policy

This Privacy Policy applies when you:

  • Visit our website or pages that link to this Policy
  • Create an account or use the ReferU2 platform
  • Receive communications from us (such as email or SMS)
  • Register for or attend our events or webinars
  • Participate in any community groups or partner workspaces we host or support
  • Connect third party tools or integrations to your ReferU2 account

It does not apply to third party websites, apps or services that we do not control. Those services are governed by their own privacy policies.

When we process Personal Data on behalf of our customers in their own workspaces, we act as a data processor and our customer is the data controller. In those cases, this Privacy Policy is supplemented by our data processing terms with that customer.

3. Personal Data we collect

“Personal Data” means information that identifies you or can reasonably be linked to you.

3.1 Information you provide to us

We may collect Personal Data that you provide directly, including:

  • Account and profile information
    Name, email address, password, job title, company name, phone number, profile photo, timezone and communication preferences.
  • Business and company information
    Company descriptions, websites, logos, industries, locations and other information you add about organisations, partners or opportunities.
  • Referral and partner data
    Contact details for your leads and partners, notes and activities, messages, tasks, deal stages, tags and other information you choose to store in the platform.
  • Billing and transaction data
    Billing name and address, tax details, subscription information and limited payment details. Card and bank information is processed by our payment provider and is not stored in full by us.
  • Events and webinars
    Registration details, attendance status and survey responses. Where events use badges or check-ins, we may collect the information encoded on the badge.
  • Support and correspondence
    Information you provide when you contact us, including support tickets, feedback, screenshots, recordings you choose to share and any other details you provide.
  • Community and training content
    Usernames, bios, profile links and activity in communities, forums or training programs we host or integrate.

3.2 Contacts and images on your device

With your explicit consent, our apps or integrations may access:

  • Contacts stored on your device, or
  • Images stored on your device

This is used to help you create and manage referral records, invitations, partner profiles or related content.

We will only access this information where you grant permission through your device or browser settings. You can withdraw this permission at any time using your device settings. We do not sell contacts or images, and we only share them as necessary to provide the Services or as required by law.

3.3 Information we collect automatically

When you use our website or Services, we automatically collect certain information, which may be Personal Data:

  • IP address and approximate location
  • Device identifiers, browser type and operating system
  • Dates and times of access
  • Pages viewed, links clicked and navigation paths
  • Login, security and session activity
  • Basic telemetry such as performance, errors and crash logs

We collect this information to operate, secure and improve the Services. Some of this information is collected using cookies and similar technologies, described in section 4.

3.4 Information from third parties

We may receive Personal Data about you from third parties, for example:

  • Business data providers that supply professional contact details, firmographics and intent signals relating to organisations that may benefit from the Services
  • Integrated platforms that you connect to ReferU2, such as CRM systems, marketing platforms or communities
  • Partners and resellers that introduce you to us

We only receive information from third parties where they are legally allowed to share it with us.

4. Cookies and similar technologies

We use cookies and similar technologies such as tags, pixels and web beacons to:

  • Operate core features of the website and keep you signed in
  • Remember your preferences
  • Understand how the Services are used
  • Improve performance and reliability
  • Measure the effectiveness of our marketing
  • Provide more relevant content and, where permitted, advertising

You can control cookies through your browser settings. If you disable some cookies, certain features of the Services may not function properly.

Where we use third party analytics and advertising cookies, we rely on your consent where required by law. You can withdraw consent at any time by changing your browser settings or cookie preferences.

Some third parties may also offer their own opt-out tools for analytics or advertising.

5. Legal bases for processing (EEA and UK users)

If you are in the European Economic Area or the United Kingdom, we will only process your Personal Data where we have a legal basis under GDPR. These bases include:

  • Performance of a contract
    To create and manage your account, deliver the Services, process payments, provide support and otherwise perform our contract with you.
  • Legitimate interests
    To operate, secure and improve our Services, understand usage, carry out business development, prevent fraud and protect our legal rights, provided that our interests are not overridden by your rights.
  • Consent
    Where we rely on your consent, for example for certain marketing communications or specific integrations. You can withdraw consent at any time.
  • Compliance with legal obligations
    Where we need to process data to comply with laws, regulations or valid legal requests.

6. How we use Personal Data

We use Personal Data for the following purposes:

  • To provide, maintain and improve the Services
  • To create and manage your account and profile
  • To configure and support your referral, partner and opportunity workflows
  • To enable connections, invitations and referrals that you initiate or approve
  • To process payments, issue invoices and manage subscriptions
  • To send transactional communications such as service messages, security alerts and changes to this Policy or our terms
  • To provide customer support and respond to enquiries
  • To analyse usage and performance, and to develop new features and offerings
  • To personalise content, product recommendations and learning experiences
  • To send marketing communications where permitted, with the ability to opt out at any time
  • To detect, investigate and prevent fraud, abuse and security incidents
  • To comply with our legal and regulatory obligations and to protect our rights

7. ReferU2 as processor

In many cases, you or your organisation act as the data controller for the Personal Data you upload or create in your workspace, such as your own customers' or partners' information. In those cases:

  • We act as a data processor
  • We process that data only on your instructions and as described in our agreement with you
  • You are responsible for ensuring that you have a lawful basis and appropriate notices and consents for processing that Personal Data in the Services

Where we act as processor and you are the controller, individuals who wish to exercise their data protection rights should contact the relevant controller. We will assist our customers in responding to such requests where required by law and our contract.

8. Sharing your Personal Data

We may share Personal Data with:

  • Service providers
    Third parties that provide hosting, infrastructure, analytics, email and messaging, payment processing, customer support, security and other services that help us deliver the Services. These providers may only use Personal Data as instructed by us.
  • Affiliates
    Related entities within our corporate group where needed for support, operations, finance, compliance or reporting.
  • Event sponsors and partners
    If you register for an event and explicitly agree to share your details with sponsors, or if you allow your badge to be scanned at a sponsored stand, your information may be shared with those sponsors. They are responsible for their own use of that data.
  • Professional advisers
    Lawyers, accountants, auditors and insurers, where reasonably necessary for the establishment, exercise or defence of legal claims, or for compliance and governance.
  • Business transfers
    If we are involved in a merger, acquisition, financing, reorganisation, sale of assets or similar transaction, your Personal Data may be transferred as part of that transaction, subject to continued protections consistent with this Policy.
  • Compliance and legal requests
    Where required by law or where we reasonably believe such disclosure is necessary to protect our rights, your safety or the safety of others, investigate fraud, or respond to a government or regulatory request.

We may share aggregated or de-identified information that cannot reasonably be used to identify you. We do not sell Personal Data.

9. International data transfers

We are based in Australia and may process Personal Data in Australia and other countries. Some of these locations may have different data protection laws from those where you live.

Where we transfer Personal Data from the EEA or UK to countries that are not recognised as providing an adequate level of protection, we use appropriate safeguards, such as the European Commission's Standard Contractual Clauses or equivalent mechanisms, or we rely on another lawful transfer mechanism.

10. Data retention

We retain Personal Data for as long as necessary to fulfil the purposes described in this Policy, including:

  • Providing the Services to you
  • Complying with legal, accounting or reporting obligations
  • Resolving disputes and enforcing our agreements
  • Maintaining appropriate business and financial records

When data is no longer required for these purposes, we will delete it or de-identify it in line with our retention standards and applicable law.

If you close your account, we will take reasonable steps to delete or de-identify Personal Data associated with your account, subject to data that we need to retain for legal, regulatory or legitimate business purposes. Information that you have shared with other users or third parties may continue to be visible to them, as it is part of their own records.

11. Security

We use appropriate technical and organisational measures to protect Personal Data against unauthorised access, loss, misuse or alteration. These measures include access controls, encryption in transit where appropriate, logging and regular review of our systems and practices.

No system can be guaranteed to be completely secure. You are responsible for keeping your password confidential and for limiting access to your devices and account.

12. Children

Our Services are not directed to children under 16 years of age. We do not knowingly collect Personal Data from children under 16. If you believe that a child has provided us with Personal Data without appropriate consent, please contact us and we will take reasonable steps to delete that information.

13. Your privacy rights

Your rights will depend on where you live, but may include:

  • The right to access the Personal Data we hold about you
  • The right to request correction of inaccurate or incomplete data
  • The right to request deletion of your Personal Data, subject to legal exceptions
  • The right to restrict or object to certain processing
  • The right to data portability for certain information
  • The right to withdraw consent where processing is based on consent
  • The right to opt out of direct marketing at any time

If you are in the EEA or UK, you also have the right to lodge a complaint with your local data protection authority.

To exercise any of these rights, contact us using the details in section 17. We may need to verify your identity before responding to your request. If we process your data on behalf of a customer as processor, we may direct you to contact that customer (the controller) and will assist them as required.

14. Marketing communications

We may send you marketing emails or messages about our products, features, content or events where permitted by law, for example if you have requested information or created an account.

You can opt out of marketing communications at any time by:

  • Clicking the “unsubscribe” link in our emails
  • Following the instructions in the message, or
  • Contacting us using the details in section 17

Opting out of marketing will not affect important transactional or service communications related to your account and use of the Services.

15. Third party services and links

Our Services may contain links to third party websites, applications or services, or offer integrations with them. We do not control those third parties and are not responsible for their privacy practices. We encourage you to review the privacy policies of any third party services you use.

16. Changes to this Privacy Policy

We may update this Privacy Policy from time to time. If we make material changes, we will take appropriate steps to notify you, such as by posting a notice on our website or contacting you directly where required by law. The “Effective date” at the top of this Policy indicates when it was last updated.

Your continued use of the Services after any changes take effect will constitute your acknowledgement of the updated Policy.

17. Contact us

If you have any questions about this Privacy Policy or would like to exercise your privacy rights, you can contact us at:

Post:

ReferU2

PO Box 517

Wynnum QLD 4178

Australia

Email:

privacy@referu2.com