curbi Privacy Policy

06 March 2017

The curbi Privacy Policy explains:
    •    What information we collect and why we collect it.
    •    How we use that information.

Information we collect

We collect information in order to provide the curbi service to our users.  This includes the device usage details that a user sees for their managed devices and specific details about the managed devices.

We also collect system-wide information like general usage patterns to help us tune the performance of curbi.

We do not collect student-specific information in any way.  While devices can be named as "Amy's iPhone" we don't specifically collect student information or create student profiles.

We collect information in two ways:

  • Information you give us. curbi requires you to create an account and provide a small amount of information so that we can provide a good service.  We store all that information securely and safely and never share it with anyone.
  • Information we get from your use of curbi. We collect information about how you use curbi, like the sites that your managed devices visit. This information includes:
    • Device information - We collect device-specific information (such as your hardware model, operating system version, and mobile network information including phone number) for your managed devices.
    • Usage information - When you use curbi we automatically collect details on which sites your managed devices visit and the apps being used.

We do not collect device location information.

How we use information we collect

We use the information we collect to provide, maintain, protect and improve curbi, to develop new features, and to protect curbi and our users. We also use this information to offer you tailored suggestions and alerts – like when a device is unenrolled from curbi.

When you contact Systemic, we will keep a record of your communication to help solve any issues you might be facing. We may use your email address to inform you about our services, such as letting you know about upcoming changes or improvements.

We will ask for your consent before using information for a purpose other than those that are set out in this Privacy Policy.

Systemic processes personal information on our servers in many countries around the world. We may process your personal information on a server located outside the country where you live.

Your access to your information

All data that we collect about you and your device usage is accessible to you through the curbi management app.  You do not see low-level system logs that curbi generates but these are used for system operations only. 

You can update your personal information at any time through the curbi management app.  If you don't have access to this app you can contact us at any time to update your information at

Information we share

We do not directly collect student information and therefore can never share student information with other organizations.

We do not share personal information with companies, organizations and individuals outside of Systemic unless one of the following circumstances apply:

  • For system functionality - in some limited cases we need to provide limited personal information to trusted third parties in order to make curbi work.  At this stage, this is limited to providing email address and name to MailChimp who manage our email lists.
  • For payments - we use BrainTree Payments to process credit card payments.  We don't store or see your credit card details at all.  Your credit card details are held only with Braintree Payments and we receive details about the payment when you pay.  Braintree Payments also doesn't know anything about your curbi account.
  • For legal reasons - We will share personal information with organizations or individuals outside of Systemic if we have a good-faith belief that access, use, preservation or disclosure of the information is reasonably necessary to:
    • meet any applicable law, regulation, legal process or enforceable governmental request.
    • enforce applicable Terms of Service, including investigation of potential violations.
    • detect, prevent, or otherwise address fraud, security or technical issues.
    • protect against harm to the rights, property or safety of Systemic, our users or the public as required or permitted by law.

We will never sell personal information about our users or their managed devices.

curbi does not use advertising to raise revenue in any way.  No curbi information is shared with any advertiser.

We may share aggregated, non-personally identifiable information publicly and with some partners – like universities and researchers. We may share non-personally identifiable information publicly to show trends about the general use of curbi.

If Systemic is involved in a merger, acquisition or asset sale, we will continue to ensure the confidentiality of any personal information and give affected users notice before personal information is transferred or becomes subject to a different privacy policy.

Data Retention

curbi usage device and usage details are purged after 12 months of account inactivity.  We do retain basic account details to allow users to reactivate dormant accounts.

Information security

We work hard to protect curbi and our users from unauthorized access to or unauthorized alteration, disclosure or destruction of information we hold. In particular:

  • All curbi communications are encrypted using SSL.
  • We constantly review our information collection, storage and processing practices, including physical security measures, to guard against unauthorized access to systems.
  • We restrict access to personal information to Systemic employees, contractors and agents who need to know that information in order to process it for us, and who are subject to strict contractual confidentiality obligations and may be disciplined, dismissed or prosecuted if they fail to meet these obligations.


Our Privacy Policy applies to curbi as offered by Systemic Pty Ltd and its affiliates.

Our Privacy Policy does not apply to services offered by other companies or individuals, or other sites linked from our services. Our Privacy Policy does not cover the information practices of other companies and organizations who advertise our services, and who may use cookies, pixel tags and other technologies to serve and offer relevant ads.


We regularly review our compliance with our Privacy Policy.  When we receive formal written complaints, we will contact the person who made the complaint to follow up. We work with the appropriate regulatory authorities, including local data protection authorities, to resolve any complaints regarding the transfer of personal data that we cannot resolve with our users directly.


Should you have any complaints about how we handle your information, please contact us at

Your complaint will be assessed against the Australian Privacy Principles as specified in the Commonwealth Privacy Act, 1998.  You will be provided a response within 7 days.


Our Privacy Policy may change from time to time. We will not reduce your rights under this Privacy Policy without your explicit consent.