ELEK Software (“ELEK”, “we”, “us”, or “our”) is committed to providing quality services to you and protecting your personal information. This policy outlines our ongoing obligations to you in respect of how we manage your personal data in accordance with the Australian Privacy Principles (APPs), the EU General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA/CPRA), Brazil’s LGPD, Canada’s PIPEDA, and other major international privacy standards.
1. Scope and Applicability
This policy applies to all users of ELEK Software’s engineering software, websites, and services globally, regardless of where you are located.
2. Data Controller and Contact Information
Data Controller:
ELEK Software
Level 5, 11 York Street, Sydney NSW 2000. Australia.
Email: privacy@elek.com
EU Representative (GDPR):
ELEK Software, Email: privacy@elek.com
Data Protection Officer (DPO):
Jayson Patrick, Email: privacy@elek.com
3. What is Personal Information? What and Why Do We Collect It?
Personal Information is information or an opinion that identifies an individual.
Examples of Personal Information we collect include:
- Names, addresses, email addresses, phone numbers
- Company, job title, country
- Device identifiers and IP address
- Account credentials and subscription details
- Usage data (feature usage, session duration, actions within the software)
- Payment and billing information (processed securely via third-party providers)
- Communication preferences and marketing opt-ins
We collect your Personal Information for the primary purpose of providing our software products and services, managing your account, processing payments, providing support, improving our products, and for marketing and legal compliance.
We may also use your Personal Information for secondary purposes closely related to the primary purpose, in circumstances where you would reasonably expect such use or disclosure.
We do not knowingly collect data from children under 16 years of age.
4. How We Collect Your Data
We collect data:
- Directly from you (e.g., registration, purchase, support requests)
- Automatically via your use of our website and software (e.g., cookies, analytics)
From third-party partners (e.g., payment processors, resellers), where permitted
5. Sensitive Information
Sensitive Information is defined in the Privacy Act and other laws to include information or opinion about such things as an individual’s racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, criminal record, or health information.
We generally do not collect sensitive information.
Sensitive information will only be used:
- For the primary purpose for which it was obtained
- For a secondary purpose that is directly related to the primary purpose
- With your consent, or where required or authorized by law
6. Third Parties
We rely on other third-party companies for a variety of reasons, including processing payments, providing software solutions, supporting our business processes, and delivering products or services. Some of these companies may have access to your Personal Information and may be located outside of your country, including outside Australia and the European Economic Area (EEA).
We require all such third parties to sign Data Processing Agreements (DPAs) and to protect your data in accordance with applicable laws.
7. Disclosure of Personal Information
Your Personal Information may be shared in several circumstances, including:
- Within our business, between business units or offices
- With businesses who own us, are owned by us, or are affiliated with us
- With authorised third parties for development, delivery, or support of our products
- With contractors, consultants, agencies, institutions, or providers engaged by us
- With our resellers or authorised partners for follow-up, marketing, support, presentations, or training
- In legal proceedings or compliance with law
- To protect against fraud, cyber threats, or to protect our property and safety or that of customers and users
- If a company buys us, merges with us, or we sell a part of our business or products
- When you agree to the sharing
- Where required or authorised by law
Some recipients may be located outside your jurisdiction. Where we transfer data internationally, we ensure appropriate safeguards are in place, such as Standard Contractual Clauses (SCCs) for EU/UK/Swiss data, or other legal mechanisms.
8. Security of Personal Information
Your Personal Information is stored and processed using reasonable and appropriate technical and organisational measures to protect it from misuse, loss, unauthorised access, modification, or disclosure.
Examples include:
- Encryption (AES-256 at rest, TLS 1.3+ in transit)
- Access controls and multi-factor authentication
- Regular security audits and penetration testing
- Data minimisation and pseudonymisation where possible
When your Personal Information is no longer needed for the purpose for which it was obtained, we will take reasonable steps to remove or anonymise it. Most Personal Information will be kept for a minimum of 7 years for legal and tax compliance.
9. Access to and Correction of Your Personal Information
You may request access to the Personal Information we hold about you and to update and/or correct it, subject to certain exceptions.
To request access or correction, please contact us in writing at privacy@elek.com.
We will not charge any fee for your access request but may charge an administrative fee for providing a copy.
We may require identification from you before releasing the requested information.
10. Requesting Data Deletion
You have the right to request the deletion of your personal information. To do so, please contact us in writing at privacy@elek.com, providing sufficient information to identify you and specify the data you wish to have deleted.
We will take reasonable steps to comply within 30 days, subject to any legal obligations to retain certain information. If we are unable to fully delete your information, we will inform you of the reasons.
11. Your Rights Under International Law
Depending on your location, you may have the following rights:
- GDPR (EU/UK/EEA): Access, rectification, erasure, restriction, portability, objection, withdraw consent
- CCPA (California): Know, access, delete, opt-out of sale/sharing, non-discrimination
- Brazil LGPD/Canada PIPEDA/Australia APPs: Access, correction, deletion, complaint
To exercise your rights, contact privacy@elek.com. We will respond within 30 days.
12. Cookies and Tracking Technologies
We use cookies and similar technologies to operate and improve our services and analyse usage.
- Essential Cookies: For authentication and session management (required)
- Analytics Cookies: For product improvement (opt-out available)
- Marketing Cookies: For targeted advertising (consent required in some regions)
You can manage your cookie preferences via our website or your browser settings. For more information, see our Cookie Policy.
13. Data Breach Notification
In the unlikely event of a data breach that may affect your rights and freedoms, we will notify you and relevant authorities as required by law.
14. Data Retention
We retain personal data only as long as necessary for the purposes set out in this policy, including complying with legal, accounting, or reporting obligations.
- Account and transaction data: minimum 7 years after last interaction
- Payment records: up to 10 years (tax compliance)
Marketing consent: until withdrawal or account deletion
When data is no longer needed, it is securely deleted or anonymized.
15. Policy Updates
This Policy may change from time to time. The latest version will always be available at www.elek.com. We will notify you of material changes via email or in-app alerts.
16. Contact Us
For further information, to exercise your rights, or to contact us regarding privacy matters, please visit our contact page or email privacy@elek.com.
