WHO WE ARE
ABOUT THIS POLICY
The Privacy Act 1988 (Cth) (Privacy Act), and the Australian Privacy Principles (APPs) govern the way in which we must manage your personal information and this policy sets out how we collect, use, disclose and otherwise manage personal information about you. We recognise that your privacy is important and we are committed to protecting the personal information we collect from you. It is our intention to comply with the Privacy Act and the APPs.
COLLECTION OF INFORMATION
We only collect personal information, that is, information that can identify you, in fair and lawful ways and only to an extent which is reasonably necessary for us to operate our business. Our primary purpose in collecting information is to provide products and services to our customers and fulfil our contractual obligations. In addition to this primary purpose we will use the data for secondary, administrative purposes.
Administrative purposes includes things such as managing accounts and billing, assessing credit worthiness and managing business and product development.
In addition to secondary administrative purposes we may use some information for tertiary marketing purposes. This means that we may contact you with offers we believe may be relevant to you. We note, however, that you will always be able to opt-out of allowing us to use personal information that we collect for marketing purposes.
We may be required to collect information to comply with our obligations as a telecommunications company. This may be collection of data mandated by law, regulation or at the order of a regulator or court.
If we are collecting personal information for another purpose we will endeavour to make it clear why we are collecting the data, how it will be used or disclosed, and where you can get more information about how we protect your privacy.
HOW WE WILL USE THE INFORMATION
The personal information that we collect and hold about you, depends on your interaction with us. Generally, we will collect, use and hold your personal information if it is reasonably necessary for or directly related to the performance of our functions and activities and for the purposes notified to you or as disclosed above. Our policy is to not use any information for purposes not connected to providing services or the good management and ongoing operation of our business without your consent, unless we are compelled to do so by law.
INFORMATION WE GENERALLY COLLECT AND WHY WE COLLECT IT
We may collect and hold personal information about you that is relevant to providing you with the services you are seeking. While we may collect a wide variety of personal information from time to time there are types of personal information which we are likely to collect from you. These include:
• When customers submit an order form for a service, they provide us with information including their contact and identifying details (eg: ABN, ACN, registered address), the details of a representative and addresses for both billing and service delivery. This information is used for administrative purposes, including assessing whether we are able to deliver the service, assessing whether the delivery of the service to that customer might entail a credit risk and if the service is delivered, the information will be used to administer the account. We will also use the information to deliver the service and we may need to share the information with third parties in order to arrange for the service to be delivered.
• Our website may include a contact form which collects contact and identifying details (name, email address, phone number and company name). This information is used for administrative purposes including responding to the original contact request and any follow-up contact.
Attending our premises
• Our facilities including data centres, offices and other premise may be secured by monitored electronic locks which use access-passes or biometrics. Prior to receiving an access-pass, pass-holders will be required to provide their name, contact details and in some cases biometric information. This information along with the unique ID of access-passes will be used to keep record of access-passes for both security (eg: ensuring the pass allows access only to the extent necessary for the pass-holder) and administrative purposes (eg: invoicing for lost or damaged passes). Where biometric information is stored it shall be used exclusively for security purposes. We may allow third party security companies to access the information in connection with security work they undertake for us. We may allow law enforcement agencies to access the information in connection with investigations relating to our facilities.
• Our facilities including data centres, offices and other premises are under video and camera surveillance. The personal information and image of people entering our facilities may be collected by us and stored for a reasonable period of time. We may also collect personal information and images from third parties (eg: landlords). The information will only be used by us in connection with security and management of our facilities but may be provided to law enforcement agencies, government bodies, staff, subcontractors, insurers, tenants or landlords for use in connection with those purposes.
If we have a need to contact you and cannot reasonably and practicably do so by way of personal information we have collected directly from you (for example you have not updated your details with us), we may collect personal information from our related entities that you may have dealt with or third party sources including publicly available sources (such as phone directory), information brokers, credit checking agencies.
METHOD OF COLLECTION
Personal information will generally be collected directly from you through the use of any of our standard forms, over the internet, via email, through a telephone conversation with you or upon you entering our premises. There may, however, be some instances where personal information about you will be collected indirectly because it is unreasonable or impractical to collect personal information directly from you. We will usually notify you about these instances in advance, or where that is not possible, as soon as reasonably practicable after the information has been collected.
FAILURE TO PROVIDE INFORMATION
If the personal information you provide to us is incomplete or inaccurate, we may be unable to provide you, or someone else you know, with the services you, or they, are seeking.
If you access our website, we may collect additional personal information about you in the form of your IP address or domain name. We use this data to better understand things like how our site is navigated, how many visitors arrive at specific pages, the length and frequency of stays at our site, to try and improve the site for our customers.
Our website may contain links to other websites. We are not responsible for the privacy practices of linked websites and any linked websites are not subject to our privacy policies and procedures.
DISCLOSURE OF THE DATA TO THIRD PARTIES
In some circumstances we may disclose personal information which we collect to third parties.
You agree that we may disclose personal information which we collect to:
• our related entities to facilitate our and their internal business processes;
• Any related entity including any and all holding companies or subsidiaries and other organisations with whom we have affiliations so that those organisations may provide you with information about goods or services and various promotions;
• Any unrelated third party which is acting on our behalf in relation to a matter directly connected to the information we collect; (eg; Credit Reporting Agencies);
• Any third party where there is an imminent threat to public safety or to a person’s life;
• Any other party we are permitted to disclose the information to under law;
• Any third party involved in the sale or transfer of our assets including unpaid debts.
You acknowledge and agree that the law may permit or require us to disclose the information we collect to a law enforcement agency, government agency, court or other party. Information which may be disclosed includes but may not be limited to;
• Subscriber and service information which must be disclosed to the IPND Manager to comply with our obligations as a telecommunications carrier;
• Communications which pass over or are stored on our network which are subject to an Interception or stored communications warrant.
Where we disclose your personal information to a third party and it is appropriate and possible to do so we will take reasonable steps to ensure that our contracts with the third party require them to comply with the use and disclosure requirements of the Privacy Act 1988 (CTH) in relation to the personal information which we provide to them.
We will monitor how we collect and store personal information to identify if changes can be made to improve the quality of the information we collect. If we no longer require the information for the purposes we have disclosed we will take steps to either destroy or de-identify the information.
We require that our employees and contractors perform their duties in a manner consistent with our legal responsibilities. We take reasonable steps to ensure that the personal information which we hold is available only to those who may reasonably require access to it and that that your personal information is stored safely to protect it from interference, misuse, loss, unauthorised access, modification or disclosure, including electronic and physical security measures. We will monitor how we secure the information and our policies regarding access to the information to ensure the information is kept securely.
ACCESS AND CORRECTION
If we discover or you notify us that any information is inaccurate we will take steps to correct that information as soon as practically possible. We will take reasonable steps to correct the information so that it is accurate, complete and up to date. If we refuse to correct your personal information, we will provide you with a written notice that sets out the reasons for our refusal (unless it would be unreasonable to provide those reasons) and provide you with a statement regarding the mechanisms available to you to make a complaint.
We allow records which contain personal information about an individual to be accessed by that individual, upon request. We will respond to that request within a reasonable period. We may decline a request for access to personal information in circumstances prescribed by the Privacy Act, and if we do, we will give you a written notice that sets out the reasons for the refusal (unless it would be unreasonable to provide those reasons).
To access or correct your personal information you should contact your account manager. Where the records you are seeking access to, are complex or difficult to access, or you request access to the records more than once in a three month period, we reserve the right to charge on a costs only basis for access to the records (but not for making the request for access)
While we will take reasonable steps to limit the amount of personal information which is sent to parties which are not based in Australia, we may disclose your personal information overseas to third party service providers.
COMPLAINTS AND FEEDBACK
If you wish to make a complaint about a breach of the Privacy Act, the APPs or a privacy code that applies to us, please contact us using the details below and we will take reasonable steps to investigate the complaint and respond to you.
Street address: 21/ 71 Eagle Street, Brisbane QLD 4000
Email address: firstname.lastname@example.org
Telephone: 07 3847 9292
If after this process you are not satisfied with our response, you can submit a complaint to the Office of the Information Commissioner. To lodge a complaint, visit the ‘Complaints’ section of the Information Commissioner’s website, located at http://www.oaic.gov.au/privacy/privacy-complaints, to obtain the relevant complaint forms, or contact the Information Commissioner’s office.
For more information about privacy in general, you can visit the Office of the Information Commissioner’s website at www.oaic.gov.au.