Privacy Policy
Introduction
In the course of doing business, there may be circumstances where we collect personal information and our Privacy Policy has been developed to ensure that such information is handled appropriately.
We are committed to complying with the Privacy Act 1988 in relation to all personal information we collect. This commitment is articulated in this Policy. The Privacy Act incorporates the National Privacy Principles and, except as outlined below, personal information held will be treated in accordance with those Principles, regardless of any exemptions, which may apply under the Privacy Act.
This Policy sets out the broad controls, which we have adopted to govern the way we use personal information, the circumstances in which we may disclose personal information to third parties, how persons can access their personal information held and what they can do if they are unhappy with any treatment of their personal information.
Who does this Privacy Policy apply to?
This Policy applies to any persons whom we currently hold, or may in the future collect personal information on, in the process of transacting or conducting business.
What information does the Privacy Policy apply to?
This Policy applies to personal information. 'Personal information' is information or an opinion, whether true or not, regarding a person where the identity of the person is apparent or can reasonably be ascertained from the information or opinion.
In this Policy there are also references to 'sensitive information'. 'Sensitive information' is information or an opinion about a person's racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual preferences or practices, criminal record or health. Sensitive information is a subset of personal information.
What information is not personal information?
Information where we have removed any reference to a person and provided that the identity of the person can no longer be ascertained from the information, is not personal information.
We may use this information for its own purposes and commercial gain. For example, the fact that x number of users aged 30-35 have accessed our website is not personal information.
How and when do we collect personal information?
We collect personal information in a variety of ways in the course of conducting business, including:
providing goods and services to customers;
responding to questions regarding our products and our business;
interacting with people via our websites;
conducting trade promotions and competitions; and
Where reasonable and practicable, we will collect personal information directly from the person and inform the person that this is being done.
However in some circumstances, it is necessary for us to collect personal information through third party service providers or agents (eg an Act! Certified Consultant or Messaging Gateway Service Provider) or from a source of publicly available information (eg a telephone book).
At the time or soon after we collect personal information, we will take reasonable steps to ensure that the person is aware that we have undertaken the collection, the purpose(s) of the collection, the types of organisation (if any) to which the information may be disclosed and any law that required the particular information to be collected.
Collection of sensitive information
We will not collect sensitive information without the consent of the person to whom it relates unless the collection is required by law, is necessary to prevent or lessen a serious and imminent threat to the person's (or another person's) life or health or is necessary in relation to legal proceedings (current, anticipated or potential).
How do we use personal information?
The use to which we can put personal information depends on the reason for which it was collected.
We may use personal information for it's primary purpose of collection (eg the delivery of goods to the person) or for any related secondary purpose that we could reasonably be expected to use the personal information for.
In certain circumstances, we may use personal information for promotional or direct marketing purposes. However, a person may at any time request us not to use their personal information for sending direct marketing material to that person. Such a request can be made by contacting us either in writing, by email or by telephone at the contact details below. There is no fee for making such a request.
Disclosure of personal information
We respect the privacy of an individual and will handle personal information appropriately and take all reasonable steps to keep it strictly confidential.
We will only disclose personal information to third parties if it is necessary for the primary purpose of collecting the information, or for a related secondary purpose, if the disclosure could be reasonably expected (eg disclosure to a delivery contractor for the purpose of delivering goods ordered from us). Where such a disclosure is necessary, we will require that the third party undertake to treat the personal information in accordance with the National Privacy Principles.
Otherwise, we will only disclose personal information to third parties without the consent of the person to whom it relates if the disclosure is:
(a) necessary to protect or enforce our legal rights or interests or to defend any claims;
(b) necessary to prevent or lessen a serious threat to a persons' health or safety; or
(c) required by law.
Under no circumstances will we sell personal information without the consent of the person to whom it relates.
Disclosure outside Australia
We will not transfer personal information overseas to a third party unless:
(a) We have the consent of the person to whom the information relates to do so;
(b) the receiving party provides commitments to privacy and confidentiality which are at least equal to the National Privacy Principles; or
(c) the receiving party is under privacy protection laws that offer at least the same level of protection as required under the Privacy Act in Australia.
Information Security
We will take all reasonable steps to ensure that all personal information held by us is secure from any unauthorised access or disclosure. However, we cannot guarantee that personal information cannot be accessed by an unauthorised person (eg a hacker) or that unauthorised disclosures will not occur.
We will take reasonable steps to destroy or permanently de-identify personal information if it is no longer needed for the purposes for which we were authorised to use it.
Accessing personal information
A person may request to access personal information about them held by us. Such a request must be made in writing to the address below.
We will grant a person access to their personal information as soon as possible, subject to the circumstances of the request.
A request to access personal information will be rejected if:
(a) the request is frivolous or vexatious;
(b) providing access would have an unreasonable impact on the privacy of another person;
(c) providing access would pose a serious and imminent threat to the life or health of any person;
(d) providing access would prejudice our legal rights; or
(e) there are other legal grounds to deny the request.
We may charge a fee for reasonable costs incurred in responding to any access request. The fee (if any) will be disclosed prior to it being levied.
Correcting personal information
We will take reasonable steps to ensure the accuracy and completeness of the personal information we hold. However, if a person believes that any personal information that we hold about them is inaccurate or out of date, then they should contact us in writing.
Contact
If there are any questions regarding our Privacy Policy or the way that we manage personal information or if there are any concerns about our treatment of personal information, then we should be contacted.
Introduction
In the course of doing business, there may be circumstances where we collect personal information and our Privacy Policy has been developed to ensure that such information is handled appropriately.
We are committed to complying with the Privacy Act 1988 in relation to all personal information we collect. This commitment is articulated in this Policy. The Privacy Act incorporates the National Privacy Principles and, except as outlined below, personal information held will be treated in accordance with those Principles, regardless of any exemptions, which may apply under the Privacy Act.
This Policy sets out the broad controls, which we have adopted to govern the way we use personal information, the circumstances in which we may disclose personal information to third parties, how persons can access their personal information held and what they can do if they are unhappy with any treatment of their personal information.
Who does this Privacy Policy apply to?
This Policy applies to any persons whom we currently hold, or may in the future collect personal information on, in the process of transacting or conducting business.
What information does the Privacy Policy apply to?
This Policy applies to personal information. 'Personal information' is information or an opinion, whether true or not, regarding a person where the identity of the person is apparent or can reasonably be ascertained from the information or opinion.
In this Policy there are also references to 'sensitive information'. 'Sensitive information' is information or an opinion about a person's racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual preferences or practices, criminal record or health. Sensitive information is a subset of personal information.
What information is not personal information?
Information where we have removed any reference to a person and provided that the identity of the person can no longer be ascertained from the information, is not personal information.
We may use this information for its own purposes and commercial gain. For example, the fact that x number of users aged 30-35 have accessed our website is not personal information.
How and when do we collect personal information?
We collect personal information in a variety of ways in the course of conducting business, including:
providing goods and services to customers;
responding to questions regarding our products and our business;
interacting with people via our websites;
conducting trade promotions and competitions; and
Where reasonable and practicable, we will collect personal information directly from the person and inform the person that this is being done.
However in some circumstances, it is necessary for us to collect personal information through third party service providers or agents (eg an Act! Certified Consultant or Messaging Gateway Service Provider) or from a source of publicly available information (eg a telephone book).
At the time or soon after we collect personal information, we will take reasonable steps to ensure that the person is aware that we have undertaken the collection, the purpose(s) of the collection, the types of organisation (if any) to which the information may be disclosed and any law that required the particular information to be collected.
Collection of sensitive information
We will not collect sensitive information without the consent of the person to whom it relates unless the collection is required by law, is necessary to prevent or lessen a serious and imminent threat to the person's (or another person's) life or health or is necessary in relation to legal proceedings (current, anticipated or potential).
How do we use personal information?
The use to which we can put personal information depends on the reason for which it was collected.
We may use personal information for it's primary purpose of collection (eg the delivery of goods to the person) or for any related secondary purpose that we could reasonably be expected to use the personal information for.
In certain circumstances, we may use personal information for promotional or direct marketing purposes. However, a person may at any time request us not to use their personal information for sending direct marketing material to that person. Such a request can be made by contacting us either in writing, by email or by telephone at the contact details below. There is no fee for making such a request.
Disclosure of personal information
We respect the privacy of an individual and will handle personal information appropriately and take all reasonable steps to keep it strictly confidential.
We will only disclose personal information to third parties if it is necessary for the primary purpose of collecting the information, or for a related secondary purpose, if the disclosure could be reasonably expected (eg disclosure to a delivery contractor for the purpose of delivering goods ordered from us). Where such a disclosure is necessary, we will require that the third party undertake to treat the personal information in accordance with the National Privacy Principles.
Otherwise, we will only disclose personal information to third parties without the consent of the person to whom it relates if the disclosure is:
(a) necessary to protect or enforce our legal rights or interests or to defend any claims;
(b) necessary to prevent or lessen a serious threat to a persons' health or safety; or
(c) required by law.
Under no circumstances will we sell personal information without the consent of the person to whom it relates.
Disclosure outside Australia
We will not transfer personal information overseas to a third party unless:
(a) We have the consent of the person to whom the information relates to do so;
(b) the receiving party provides commitments to privacy and confidentiality which are at least equal to the National Privacy Principles; or
(c) the receiving party is under privacy protection laws that offer at least the same level of protection as required under the Privacy Act in Australia.
Information Security
We will take all reasonable steps to ensure that all personal information held by us is secure from any unauthorised access or disclosure. However, we cannot guarantee that personal information cannot be accessed by an unauthorised person (eg a hacker) or that unauthorised disclosures will not occur.
We will take reasonable steps to destroy or permanently de-identify personal information if it is no longer needed for the purposes for which we were authorised to use it.
Accessing personal information
A person may request to access personal information about them held by us. Such a request must be made in writing to the address below.
We will grant a person access to their personal information as soon as possible, subject to the circumstances of the request.
A request to access personal information will be rejected if:
(a) the request is frivolous or vexatious;
(b) providing access would have an unreasonable impact on the privacy of another person;
(c) providing access would pose a serious and imminent threat to the life or health of any person;
(d) providing access would prejudice our legal rights; or
(e) there are other legal grounds to deny the request.
We may charge a fee for reasonable costs incurred in responding to any access request. The fee (if any) will be disclosed prior to it being levied.
Correcting personal information
We will take reasonable steps to ensure the accuracy and completeness of the personal information we hold. However, if a person believes that any personal information that we hold about them is inaccurate or out of date, then they should contact us in writing.
Contact
If there are any questions regarding our Privacy Policy or the way that we manage personal information or if there are any concerns about our treatment of personal information, then we should be contacted.