Privacy Policy – United States of America

It is our policy to respect the privacy of the people who access and use our website, including the site you linked from (the “Site”) and the services we provide to you on the Site (the “Services”). Your accessing and continued use of our Site and Services constitutes your consent to and acceptance of the terms and conditions of this Privacy Policy. This Privacy Policy applies to information that you provide to us through the Site and our Services, and when you access, download, purchase or use any information, services, products or content appearing on the Site. This Privacy Policy may be updated from time to time. We will notify you of any material changes by posting the new Privacy Policy on the Site. You should consult this Privacy Policy regularly for any changes. Any reference to us, our, we or similar words shall refer to chapterup.com, and any of its affiliates or affiliated websites. As used in this policy, the terms “using” and “processing” information include using or handling information in any way, including, but not limited to collecting, storing, evaluating, modifying, deleting, combining, disclosing and transferring information.

INFORMATION COLLECTION AND USE
When you register to become a member of the Site and in the course of using the Site, you may voluntarily submit personally identifiable information that can be used to contact or identify you and administer your account (“Personal Information”). Personal information may include, but is not limited to, your name, phone number and email address. The Site may also collect Personal Information from you if you choose to opt-in to participate in surveys, contests or competitions. When you register with the Site, you create your own profile, which may include, but is not limited to, your name and photo. Profile information you submit to the Site may also be available to other users via searching our Site, and may be available to third party search engines. This is primarily so your friends can find you and the content you create and store on the Site. We recommend that you guard your anonymity and sensitive information and that you not use your real name as your screen or user name to the extent that allows others to identify you. Personal Information is used for the following purposes: (i) to provide and improve our services, features and content; (ii) to administer your use of our services and your account; (iii) to enable users to enjoy and easily navigate the Site; (iv) to better understand your needs and interests; (v) to fulfill requests you may make; (vi) to personalize your experience; (vii) to provide service announcements; and (viii) to provide you with further information and offers from us or third parties that we believe you may find useful or interesting, including newsletters, marketing or promotional materials and other information on related services. If you decide at any time that you no longer wish to receive such communications, please follow the unsubscribe instructions provided in any of the communications. Further, you may easily adjust your privacy and e-mail settings via your account settings at any time. The Site includes interfaces that allow you to connect with social networking sites such as Facebook, Twitter, Instagram and LinkedIn (each a “SNS”). If you connect to a SNS through our Sites, you authorize us to access, use, and store the information that you agreed the SNS could provide to us based on your settings on that SNS. We will access, use, and store that information in accordance with this Privacy Policy. You can revoke our access to the information you provide in this way at any time by amending the appropriate settings from within your account settings on the applicable SNS. As you use the Site, our servers automatically record information that the browser sends whenever it points to a Site or online service (“Log Data”). Log Data may include, but is not limited to, your computer’s Internet Protocol address, browser type, the web page you were visiting before you came to one of the Site and information you search for on a Site. We use this information to monitor and analyze use of the Site and Services, for technical administration, to increase functionality and user-friendliness, and to better tailor it to our visitors’ needs. For example, some of this information is collected so that when you visit the Site again, it will recognize you and serve information appropriate to your interests. Like many websites, we use “cookies” to collect information. A cookie is a small data file that we transfer to your computer’s hard disk for record-keeping purposes. We use “persistent cookies” to save your username and login password for future logins to the Site. We use “session ID cookies” to enable certain features of our service, to better understand how you interact with the Site and to monitor web traffic routing on the Site and aggregate usage of the Site. You can instruct your browser, by changing its options, to stop accepting cookies or to prompt you before accepting a cookie from the websites you visit. If you do not accept cookies, however, you may not be able to use all portions of the Site or all functionality of the services. We also may use the services of third-party advertising companies and advertising networks to serve ads to you on our behalf when you visit the Site. These companies may use information (not including your name, address, email address or telephone number) about your visits to this Site and other websites in order to provide advertisements about goods and services of interest to you. If you would like more information about this practice and to know your choices about not having this information used by these companies, please visithttp://www.networkadvertising.org/optout_nonppii.asp. Some Internet browsers may be configured to send “Do Not Track” signals to the online services that you visit. We currently do not currently respond to do not track signals. To find out more about “Do Not Track,” please visit http://www.allaboutdnt.com.

AGE REQUIREMENT
Users must be at least 18 years old to use the MentalHappy site. If we become aware that a person under 18 has provided us with Personal Information, we will delete such information from our files.

INFORMATION SHARING AND DISCLOSURE
We will not disclose to any unauthorized third party a member’s name or contact information. We will also not monitor, edit or disclose the contents of any member’s information unless required to do so by law or in the good faith belief that such action is necessary to: (1) conform to the edicts of the law or comply with legal process served on us; (2) protect and defend our rights or property; (3) act under exigent circumstances to protect the personal safety of our users or the public; (4) to prevent or stop any activity we may consider to be, or to pose a risk of being, illegal, unethical, inappropriate or legally actionable; or (5) fix or debug problems with our servers/software/service.
Members. In addition to your username, any comments or submissions that you post to the Site will be publicly available. You post and share your Personal Information and content on the Site at your own risk. While we go to great lengths to create a safe and enjoyable experience on the Site, we cannot control the actions of other users with whom you may choose to share your content and/or profile information. In addition, we cannot anticipate other users’ ability to circumvent privacy settings. You understand that, even after removal of your Personal Information and content from the Site, copies of your information may remain viewable in cached or archived Web pages or on the local computers of users who may have downloaded or stored your information. Even with all the appropriate precautions we take to protect your information, we recommend you refrain from sending private information or Personal Information by email, chat, or other messaging services.
Aggregate Information and Non-Identifying Information. We may share aggregated information that includes non-identifying information and Log Data with third parties for industry analysis, demographic profiling, and to deliver targeted advertising about other products and services.
Service Providers. We may employ third party companies and individuals to facilitate our services, to provide the services on our behalf, to perform services related to administration of the Site (including, without limitation, maintenance, hosting and database management services, web analytics and administration). These third parties have access to your Personal Information only to perform these tasks on our behalf and are obligated not to disclose or use it for any other purpose.
Business Transfers. We may sell, transfer or otherwise share some or all of its assets, including your Personal Information, in connection with a merger, acquisition, reorganization or sale of assets or in the event of bankruptcy.

Invite-A-Friend
If you choose to invite your friends to use our Services, using our invitation options, we may ask for information such as an e-mail address. We will automatically send your friend(s) a one-time email invitation to visit the Site. We store this information to send this one-time invitation, and to track the success of this referral feature.

CHANGING OR DELETING YOUR INFORMATION
All members may review, update, correct or delete the Personal Information in their registration profile by logging into their account and changing the “user preferences” associated with their account. If you completely delete all such information, your account may be deactivated. We may retain an archived copy of your records as required by law or for legitimate business purposes.

SECURITY
We employ administrative, physical and electronic measures designed to safeguard and protect your information from unauthorized access and disclosure including encrypting your communication by utilizing Secure Sockets Layer (SSL) software. We will make any legally required disclosures of any breach of the security, confidentiality, or integrity of your unencrypted electronically stored “personal data” (as defined in applicable state statutes on security breach notification) to you via email or conspicuous posting on this Services in the most expedient time possible and without unreasonable delay, insofar as consistent with (i) the legitimate needs of law enforcement or (ii) any measures necessary to determine the scope of the breach and restore the reasonable integrity of the data system.

INTERNATIONAL TRANSFER
Your information may be transferred to and maintained on computers located outside of your state, province, country or other governmental jurisdiction where the privacy laws may not be as protective as those in your jurisdiction. If you are located outside the United States and choose to provide information to us, please be advised that we transfer Personal Information to the United States and process it there.

LINKS TO OTHER SITES
The Site and Services may contain links to other websites. If you choose to visit an advertiser by “clicking on” any type of advertisement, or click on another third party link, you will be directed to that third party’s website. The fact that we link to a website or present an advertisement is not an endorsement, authorization or representation that we are affiliated with that third party, nor is it an endorsement of their privacy or information security policies or practices. We do not exercise control over third party websites. These other websites may place their own cookies or other files on your computer, collect data or solicit personal information from you. Other websites and services follow different rules regarding the use or disclosure of the personal information you submit to them. We encourage you to read the privacy policies or statements of the other websites you visit.

DATA PROTECTION
At ChapterUp, we have a deep respect for data. We have always had a strong commitment to privacy, security, and transparency towards our customers. This translates into an already well-considered and sensible attitude in our approach to data. Here is an overview of our approach to GDPR compliance, and what it will mean for you as a ChapterUp customer.

WHAT IS THE GDPR?
The General Data Protection Regulation is a new European data regulation which will replace the current EU Data Protection Directive. The GDPR aims to strengthen the security and protection of personal data in the EU and harmonize EU data protection law. It is designed to give organisations a consistent framework on how personal data can be collected, processed, used, and shared across EU member states The GDPR provides individuals with more control over how their personal data can be processed

Will our users be able to use ChapterUp products and services without risking a breach of the GDPR?
Customers to whom the GDPR applies will need to make sure their business is compliant with the GDPR in its own right. If it is, the customer will not risk a breach of the GDPR solely by using ChapterUp products and services.

What are your data protection rights?
ChapterUp would like to make sure you are fully aware of all of your data protection rights. Every user is entitled to the following:

The right to access – You have the right to request ChapterUp for copies of your personal data. We may charge you a small fee for this service.

The right to rectification – You have the right to request that ChapterUp correct any information you believe is inaccurate. You also have the right to request ChapterUp to complete information you believe is incomplete.

The right to erasure – You have the right to request that ChapterUp erase your personal data, under certain conditions.

The right to restrict processing – You have the right to request that ChapterUp restrict the processing of your personal data, under certain conditions.

The right to object to processing – You have the right to object to ChapterUp ‘s processing of your personal data, under certain conditions.

The right to data portability – You have the right to request that ChapterUp transfer the data that we have collected to another organization, or directly to you, under certain conditions.

If you make a request, we have one month to respond to you. If you would like to exercise any of these rights, please contact us at our email: hello@chapterup.com.

CONTACT US:
If you have any questions about this Privacy Policy you can contact us at hello@chapterup.com

Privacy Policy – Australia
Personally identifiable information
ChapterUp does not collect any personally identifiable information, nor do we sell or distribute email addresses. We only collect address, email address and other minimal information required for administrative purposes and (where applicable) to retrieve your password and username in case they are lost. The ChapterUp website has an optional electronic newsletter service which keeps people informed about our work. If you register for the newsletter service your email address and other information given when registering will be held on the system for the purpose of providing this service. You may opt not to receive administrative ChapterUp emails and newsletters.

ChapterUp collects only aggregate information pertaining to visitors to its website, including visited pages, referring URLs, and other publicly available information. ChapterUp uses this information to help improve its website and services, and to customize the content of its pages for individual consumers or newsletters. ChapterUp studiously implements methods of securing its user information databases from unauthorized access or alteration.

Cookies
A cookie is a small piece of data that is sent to your browser from the site you are visiting and stored on your computer’s hard drive. Cookies are very common and are being used by most websites. Cookies do not harm your computer nor can they access information stored on your computer. The primary purpose of cookies is to maintain your customized settings on the site. The site login process (“Remember my password”, for example) and member functionality requires that your browser accept cookies.

POLICY
CHAPTERUP collects and administers a range of personal information for the purposes of human resources management, client care and stakeholder engagement. The organisation is committed to protecting the privacy of personal information it collects, holds and administers. CHAPTERUP recognises the essential right of individuals to have their information administered in ways which they would reasonably expect – protected on one hand, and made accessible to them on the other. These privacy values are reflected in and supported by our core values and philosophies and also reflected in
our Privacy Policy, which is compliant with the Privacy Act 1988 (Cth). CHAPTERUP is bound by laws which impose specific obligations when it comes to handling information. The organisation has adopted the following principles contained as minimum standards in relation to handling personal information.

CHAPTERUP will
• Collect only information which the organisation requires for its primary function;
• Ensure that stakeholders are informed as to why we collect the information and how we administer the information gathered;
• Use and disclose personal information only for our primary functions or a directly related purpose, or for another purpose with the person’s consent;
• Store personal information securely, protecting it from unauthorised access; and
• Provide stakeholders with access to their own information, and the right to seek its correction.

PROCESSES
Collection
CHAPTERUP will:
• Only collect information that is necessary for the performance and primary function of CHAPTERUP.
• Notify stakeholders about why we collect the information and how it is administered.
• Notify stakeholders that this information is accessible to them.
• Collect personal information from the person themselves wherever possible.
• Collect Sensitive information only with the person’s consent. (Sensitive information includes health information and information about religious beliefs, race, gender and others). If the person has any kind of mental disability that affects their capacity to consent, CHAPTERUP will collect consent from a representative of the person instead.
• Determine, where unsolicited information is received, whether the personal information could have collected it in the usual way, and then if it could have, it will be treated normally. (If it could not have been, it must be destroyed)

Use and Disclosure
CHAPTERUP will:
• Only use or disclose information for the primary purpose for which it was collected or a directly related secondary purpose.
• For other uses, CHAPTERUP will obtain consent from the affected person.
• In relation to a secondary purpose, use or disclose the personal information only where:
– a secondary purpose is related to the primary purpose and the individual would reasonably have expected us to use it for purposes; or
– the person has consented; or
– certain other legal reasons exist, or disclosure is required to prevent serious and imminent threat to life, health or safety.
• In relation to personal information which has been collected from a person, use the personal information for direct marketing, where that person would reasonably expect it to be used for this purpose and CHAPTERUP has provided an opt-out and the opt-out has not been taken up.
• In relation to personal information which has been collected other than from the person themselves, CHAPTERUP will use the personal information collected for direct marketing and provide an easy and accessible opt-out option.
• Provide all individuals access to personal information except where it is a threat to life or health or it is authorized by law to refuse and, if a person is able to establish that the personal information is not accurate, up to date or complete, then CHAPTERUP must take steps to correct it. CHAPTERUP may allow a
person to attach a statement to their information if CHAPTERUP disagrees it is inaccurate.
• Where for a legal or other reason we are not required to provide a person with access to the information, consider whether a mutually agreed intermediary would allow sufficient access to meet the needs of both parties.
• Not charge a person for making a request to access personal information or to correct personal information, neither for giving access to the requested personal information, or for correcting or associating a statement.

Storage
• CHAPTERUP will implement and maintain steps to ensure that personal information is protected from misuse and loss, unauthorized access, interference, unauthorized modification or disclosure.
• Before CHAPTERUP discloses any personal information to an overseas recipient including a provider of IT services such as servers or cloud services, ensure that they are privacy compliant.
• Ensure that CHAPTERUP data is up to date, accurate and complete. Destruction and de-identification
• Destroy personal information once is not required to be kept for the purpose for which it was collected, including from decommissioned laptops and mobile phones.
De-identify personal information to preserve the privacy of the person, if so required by the person whose information CHAPTERUP holds. The de-identification process includes the removal of personal identifiers, such as an person’s name, address, date of birth or other identifying information, and the removal or alteration of other information that may allow the person to be identified, for example, because of a rare characteristic of the person, or a combination of unique or remarkable characteristics that enable their identification. CHAPTERUP will not use any government related identifiers unless they are reasonably necessary for our functions.

Data Quality
CHAPTERUP will:

• Take reasonable steps to ensure the information CHAPTERUP collects and holds is accurate, complete, up to date, and relevant to the functions we perform.

Data Security and Retention
CHAPTERUP will:

• Only destroy records in accordance with the organisation’s Information Management Policy.

Openness
CHAPTERUP will:

• Ensure stakeholders are aware of CHAPTERUP’s Privacy Policy and its purposes.
• Make this information freely available in relevant publications and on the organisation’s website. Access and Correction
CHAPTERUP will:
• Ensure individuals have a right to seek access to information held about them and to correct it if it is
inaccurate, incomplete, misleading or not up to date.

Anonymity
• Allow people from whom the personal information is being collected to not identify themselves or use a pseudonym unless it is impracticable to deal with them on this basis.

Making information available to other organisations
CHAPTERUP can:
• Release information to third parties where it is requested by the person concerned.

PRIVACY POLICY
Your privacy is important
This statement outlines the CHAPTERUPs policy on how the CHAPTERUP uses and manages personal information provided to or collected by it. CHAPTERUP is bound by the Australian Privacy Principles contained in the Commonwealth Privacy Act being, therefore, compliant with the Privacy Amendment (Enhancing Privacy Protection) Act 2012. CHAPTERUP may, from time to time, review and update this Privacy Policy to take account of new laws and
technology, changes to CHAPTERUPs operations and practices and to make sure it remains appropriate to the changing legal environment. What kind of personal information does CHAPTERUP collect and how does CHAPTERUP collect it?
The type of information CHAPTERUP collects and holds includes personal information, including sensitive information, about:
• Name
• Address
• Email address
• Medication
• Medical and or mental health history ( for those in Residential Programs)

Personal Information you provide:
CHAPTERUP will generally collect personal information held about an individual by way of phone calls, forms, meetings, surveys. You do have the right to seek to deal with us anonymously or using a pseudonym, but in some (not all) circumstance it will not be practicable for us to deal with you or provide any services to you except for the most general responses to general enquiries unless you identify yourself.

Personal Information provided by other people:
In some circumstances, CHAPTERUP may be provided with personal information about an individual from a third party, for example, a case manager or government employee.

In relation to employee records:
Under the Privacy Act, the Australian Privacy Principles do not apply to an employee record. As a result, this Privacy Policy does not apply to the CHAPTERUPs treatment of an employee record, where the treatment is directly related to a current or former employment relationship between the CHAPTERUP and employee. However, the CHAPTERUP must provide access and ensure compliance with the Health Privacy Principles under
the Victorian Health Records Act 2001.

How will the CHAPTERUP use the personal information you provide?
CHAPTERUP will use personal information it collects from you for the primary purpose of collection, and for such other secondary purposes that are related to the primary purpose of collection and reasonably expected, or to which you have consented. In relation to direct marketing, CHAPTERUP will use your personal information for direct marketing where you have provided that information, and you are likely to expect direct marketing: only then you will be sent direct marketing containing an opt-out. If we use your personal information obtained from elsewhere we will still send you direct marketing information where you have consented and which will also contain an opt-out. We will always obtain your consent to use sensitive information as the basis for any of our direct marketing.

We may use video surveillance for security purposes and the footage will be used only by CHAPTERUP and by the providers of our security services for security purposes. Surveillance videos are not used by CHAPTERUP for other purposes and the footage is not publicly available. Surveillance cameras are not located in any bathrooms or change room facilities.

Job applicants, staff members and contractors:
In relation to personal information of job applicants, staff members and contractors, CHAPTERUPs primary purpose of collection is to assess and (if successful) to engage the applicant, staff member or contractor, as the case may be. The purposes for which CHAPTERUP uses personal information of job applicants, staff members and contractors
include:
• for insurance purposes;
• for payroll purposes
• for Tax purposes
• to satisfy CHAPTERUPs legal obligations,

Where CHAPTERUP receives unsolicited job applications these will usually be dealt with in accordance with the unsolicited personal information requirements of the Privacy Act.

Volunteers:
CHAPTERUP also obtains personal information about volunteers who assist the CHAPTERUP in its functions or conduct associated activities, such as to enable the CHAPTERUP and the volunteers to work together.

Marketing and fundraising:
CHAPTERUP treats marketing and seeking donations for the future ChapterUPth and development of the CHAPTERUP as important. Personal information held by the CHAPTERUP may be disclosed to an organisation that assists in the CHAPTERUPs fundraising and the CHAPTERUP reasonably expects that any third party organisations we rely on attend to applicable privacy regulatory requirements.

To whom might CHAPTERUP disclose personal information?
CHAPTERUP may disclose personal information, including sensitive information, held about an individual to:
• government departments;
• people providing clinical or professional health services to the CHAPTERUP and
• anyone you authorise the CHAPTERUP to disclose information to.

Where CHAPTERUP is providing health service to an individual and discloses health information about the individual, CHAPTERUP will do so if necessary and to the extent necessary for the provision of the services.

Sending information overseas:
The CHAPTERUP will not send personal information about an individual outside Australia without:
• obtaining the consent of the individual (in some cases this consent will be implied), or
• otherwise complying with the Australian Privacy Principles or other applicable privacy legislation.

How does the CHAPTERUP treat sensitive information?
In referring to ‘sensitive information’, CHAPTERUP means:
“information relating to a person’s racial ethnic origin, political opinions, religion, trade union or other professional or trade association membership, sexual preferences or criminal record, that is also personal information; and health information about an individual”. Sensitive information will be used and disclosed only for the purpose for which it was provided or a directly related secondary purpose unless you agree otherwise, or the use or disclosure of the sensitive information is allowed by law.

Management and security of personal information

CHAPTERUPs staff are required to respect the confidentiality of personal information and the privacy of individuals.

CHAPTERUP has in place steps to protect the personal information CHAPTERUP holds from misuse, loss, unauthorised access, modification, interference or disclosure by use of various methods including locked storage of paper records and passworded access rights to computerised records. When you use our website, having your cookies enabled will allow us to maintain the continuity of your browsing session and remember your details when you return. We may also use flash local stored objects and JavaScript. If you adjust your browser settings to block, reject or delete these functions, the webpage may not function in an optimal manner. We may also collect information about your IP address, although this may not identify you. Updating personal information CHAPTERUP endeavours to ensure that the personal information it holds is accurate, complete and up-to-date. A person may seek to update their personal information held by the CHAPTERUP by contacting the Privacy Officer at any time.

The Australian Privacy Principles and the Health Privacy Principles require the CHAPTERUP not to store personal information longer than necessary. In particular, the Health Privacy Principles impose certain obligations about the length of time health records must be stored. Under the Commonwealth Privacy Act and the Health Records Act, an individual has the right to obtain access to any personal information which the CHAPTERUP holds about them and to advise the CHAPTERUP of any perceived inaccuracy. There are some exceptions to this right set out in the applicable legislation. To make a request to access any information the CHAPTERUP holds about you, please contact the Privacy Officer in writing.

CHAPTERUP may require you to verify your identity and specify what information you require. Although no fee will be charged for accessing your personal information or making a correction, the CHAPTERUP may charge a fee to retrieve and copy any material. CHAPTERUP If the information sought is extensive, the CHAPTERUP will advise the likely cost in advance. How long will the CHAPTERUP keep my information? Under our destruction and de-identification policies, your personal information that is no longer required will be de-identified or destroyed.

Enquiries and privacy complaints
If you have any privacy enquiries or would like to make a complaint about the way we have managed your personal information, or if you think there has been a breach of privacy, please contact the Company Secretary. We will endeavor to reply to your requests within 30 days. Accessing and correcting information CHAPTERUP holds about you If you would like to have access to the information we hold about, or would like to request correction of an information we hold about, please contact the Privacy Officer. We will follow our internal Privacy & Confidentiality Policy and Procedure when dealing with your case and will endeavor to reply to your requests within 30 days.

Contact details
Email: hello@chapterup.com