MyHub Privacy Statement

Effective Date: 01 August 2025

MyHub Intranet Solutions (“MyHub”, “we”, “our”, “us”) respects your privacy and is committed to protecting the personal information we handle. This Privacy Statement explains how we collect, store, use, and protect personal information in accordance with applicable privacy laws, including:

  • The Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs)
  • The EU and UK General Data Protection Regulation (GDPR)
  • Other applicable data protection regulations in jurisdictions where we operate

By using the MyHub platform, you agree to the terms of this Privacy Statement.

1. Scope

This Privacy Statement applies to:

  • All visitors to the MyHub website
  • Customers using the MyHub platform
  • End-users of customer intranet sites hosted by MyHub

2. Information We Collect

Depending on how you interact with us, we may collect:

  • Identification details – name, job title, company
  • Contact details – email address, phone number, mailing address
  • Account credentials – usernames, passwords (stored securely)
  • Profile information – profile photos, biography, documents you upload
  • Usage data – IP address, browser type, pages accessed, login times
  • Sensitive information – in some cases, customers may store sensitive personal or health information

We collect this information directly from you, from your employer (our customer), or automatically through your use of the platform.

3. Purpose of Collection

We use personal information to:

  • Provide access to the MyHub platform and its features
  • Deliver customer support and respond to inquiries
  • Configure, maintain, and improve our services
  • Facilitate communication between users within the platform
  • Comply with legal obligations and enforce our terms of use

We will not use personal information for purposes unrelated to these without consent or a lawful basis.

4. Legal Basis for Processing

We process personal information on the following bases:

  • Consent – for specific optional features or integrations
  • Contractual necessity – to deliver services under our customer agreements
  • Legal obligations – to comply with applicable laws
  • Legitimate interests – to operate, secure, and improve our platform

5. Cross-Border Data Hosting and Australian Privacy Compliance

Hosting Location

All MyHub intranet sites and associated data are hosted with Amazon Web Services (AWS) in the United States. The hosting region is fixed and will not change without prior notice from MyHub.

APP 8 Compliance – Cross-Border Disclosure

When personal information is stored outside Australia, the APPs require us to take reasonable steps to ensure the overseas recipient complies with privacy protections substantially similar to the APPs. MyHub remains fully accountable under the Privacy Act 1988 (Cth) for any personal or sensitive information transferred overseas.

We have contractual arrangements and technical safeguards in place with AWS to ensure that your data is protected to standards that meet or exceed the APPs, including:

  • Encryption in transit and at rest
  • Role-based access controls and multi-factor authentication
  • Continuous system monitoring and regular security audits

Risk Mitigation

While hosting data overseas means it is subject to the laws of that jurisdiction (including the US CLOUD Act), MyHub takes extensive steps to mitigate these risks and prevent unauthorised access, misuse, or disclosure.

Consent

By using the MyHub platform, you acknowledge and consent to your data being stored and processed in the United States under these terms.

6. Data Sharing

We may share personal information with:

  • Service providers – e.g., AWS, email delivery providers, analytics services
  • Integration partners – when enabled by the customer
  • Legal authorities – where required by law or regulation

We do not sell personal information to third parties.

7. Security

We implement industry-standard measures to protect data, including:

  • Encryption in transit and at rest
  • Access controls and authentication measures
  • Logging and monitoring of system activity
  • Vulnerability scanning and penetration testing
  • A documented incident response and breach notification process

8. Data Retention

We retain personal information for as long as necessary to:

  • Provide services to our customers
  • Meet contractual obligations
  • Comply with legal and audit requirements

When no longer required, data is securely deleted or anonymised.

9. Individual Rights

Depending on your jurisdiction, you may have rights to:

  • Access the personal information we hold about you
  • Request correction or updating of your information
  • Request deletion of your information
  • Object to or restrict processing of your information
  • Receive a copy of your information in a portable format

Requests can be sent to the contact details below. We will verify your identity before actioning any request.

10. Notifiable Data Breaches

In the event of an eligible data breach under the Australian Notifiable Data Breaches (NDB) scheme or equivalent law, MyHub will:

  • Promptly notify affected customers once aware of the breach
  • Provide details of the nature of the breach, the information involved, and recommended steps to mitigate potential harm
  • Cooperate fully with the customer to meet all legal notification requirements under applicable privacy laws

Where the General Data Protection Regulation (GDPR) applies, MyHub will:

  • Notify the relevant supervisory authority within 72 hours of becoming aware of a personal data breach, unless the breach is unlikely to result in a risk to the rights and freedoms of individuals
  • Notify affected data subjects without undue delay if the breach is likely to result in a high risk to their rights and freedoms
  • Maintain an internal record of all personal data breaches, regardless of whether they are required to be reported to a supervisory authority or data subjects

11. Cookies and Tracking

We use cookies and similar technologies to:

  • Provide essential platform functionality
  • Improve the user experience
  • Analyse site usage and performance

You can manage cookie preferences through your browser settings. Some features may not function if cookies are disabled.

12. Mobile Devices and Applications

If you access MyHub through a mobile device or mobile application:

  • We may collect technical information about your device, such as device type, operating system, browser type, app version, and device identifiers.
  • If you enable features that require access to your device’s hardware or services (e.g., camera, microphone, photo library, location services, push notifications), we will request your permission before doing so.
  • Any information collected through these features will be used solely for the purpose you have enabled (for example, uploading a profile picture, scanning a document, or sending alerts).
  • You can control or revoke these permissions at any time via your device’s settings; however, certain features may not function without the relevant permissions enabled.
  • Our handling of mobile device data is subject to the same security, retention, and privacy protections described in this Privacy Statement.

13. Changes to This Privacy Statement

We may update this Privacy Statement from time to time. The latest version will always be published on our website with the effective date shown.

14. Contact Us

For questions, concerns, or complaints about privacy or this statement, contact:

MyHub Intranet Solutions
Email: privacy@myhubintranet.com
Website: www.myhubintranet.com

If you are in Australia and are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) via www.oaic.gov.au.