1.2 We are committed to complying with the Privacy Act 1988 (Cth) (Privacy Act) in relation to all personal information we collect. Our commitment is demonstrated in this policy. The Privacy Act incorporates the Australian Privacy Principles (APPs). The APPs set out the way in which personal information must be treated.
1.3 This policy applies to any person for whom we currently hold, or may in the future collect, personal information.
1.4 This policy applies to personal information. In broad terms, 'personal information' is information or opinions relating to a particular individual who can be identified.
1.5 Information is not personal information where the information cannot be linked to an identifiable individual.
2. HOW DO WE MANAGE THE PERSONAL INFORMATION WE COLLECT?
2.1 We manage the personal information we collect in numerous ways, such as by:
(a) implementing security systems for protecting personal information from misuse, interference and loss from unauthorised access, modification or disclosure;
(b) appointing a privacy officer within the business to monitor privacy compliance;
(c) implementing procedures for identifying and managing privacy risks at each stage of the information lifecycle, including collection, use, disclosure, storage, destruction or de-identification;
(d) regularly providing staff with training on privacy issues;
(e) appropriately supervising staff who regularly handle personal information;
(f) implementing procedures for identifying and reporting privacy breaches and for receiving and responding to complaints;
2.2 Subject to our professional obligations, we will take reasonable steps to destroy or permanently de-identify personal information if that information is no longer needed for the purposes for which we are authorised to use it.
2.3 In limited circumstances, it may be possible for you to use a pseudonym or remain anonymous when dealing with us. If you wish to use a pseudonym or remain anonymous you should notify us when making first enquiries or providing initial instructions. We will use our best endeavours to deal with your request, subject to our legal obligations and ability to perform the technology management services to you without using your name. In most cases, our legal obligations will require you to deal with us using your real name.
2.4 We are also subject to legal obligations that may affect how we deal with personal information.
3. WHAT KINDS OF INFORMATION DO WE COLLECT AND HOLD?
3.1 We may collect and hold personal information about you, which may include:
(a) contact information, including your name, phone number and email address; and
(b) any other personal information required to provide the technology management services to you.
3.2 We do not collect sensitive information about individuals.
4. HOW AND WHEN DO WE COLLECT PERSONAL INFORMATION?
4.1 Our usual approach to collecting personal information is to collect it directly from you.
5. HOW DO WE HOLD PERSONAL INFORMATION?
5.1 Our usual approach to holding personal information includes:
(a) physically at our premises (securely); and
(i) on a private cloud; and
(ii) on our website.
5.2 We secure the personal information we hold in numerous ways, including:
(a) using secure servers to store personal information; and
(b) using unique usernames, passwords and other protections including firewalls on systems that can access personal information.
6. WHY DO WE COLLECT, HOLD, USE OR DISCLOSE PERSONAL INFORMATION?
6.1 We take reasonable steps to use and disclose personal information for the primary purpose for which we collect it. The primary purpose for which information is collected varies, depending on the particular service being provided, but is generally to provide technology management services and software development services to your business.
6.2 Personal information may also be used or disclosed by us for secondary purposes that are within your reasonable expectations and that are related to the primary purpose of collection.
6.3 For example, we may collect and use your personal information to provide you with updates on new services that may be relevant to your business.
6.4 We will only disclose personal information to third parties if permitted by the Privacy Act or authorised by you.
7. WILL WE DISCLOSE PERSONAL INFORMATION OUTSIDE AUSTRALIA?
7.1 We do not disclose personal information outside of Australia.
8. HOW DO YOU MAKE COMPLAINTS AND ACCESS AND CORRECT YOUR PERSONAL INFORMATION?
8.1 It is important that the information we hold about you is up-to-date. You should contact us if your personal information changes.
Access to information and correcting personal information
8.1 You may request access to the personal information held by us or ask us for your personal information to be corrected by using the contact details in this section.
8.2 We will grant you access to your personal information as soon as possible, subject to the request circumstances.
8.3 In keeping with our commitment to protect the privacy of personal information, we may not disclose personal information to you without proof of identity.
8.4 We may deny access to personal information if:
(a) the request is unreasonable;
(b) providing access would have an unreasonable impact on the privacy of another person;
(c) providing access would pose a serious and imminent threat to the life or health of any person;
(d) providing access would compromise our professional obligations; or
(e) there are other legal grounds to deny the request.
8.5 We may charge a fee for reasonable costs incurred in responding to an access request. The fee (if any) will be disclosed prior to it being levied.
8.6 If the personal information we hold is not accurate, complete and up-to-date, we will take reasonable steps to correct it so that it is accurate, complete and up-to-date, where it is appropriate to do so.
8.7 If you wish to complain about an interference with your privacy, then you must follow the following process:
(a) The complaint must be firstly made to us in writing, using the contact details in this section. We will have a reasonable time to respond to the complaint.
(b) In the unlikely event the privacy issue cannot be resolved, you may take your complaint to the Office of the Australian Information Commissioner.
Who to contact
8.8 A person may make a complaint or request to access or correct personal information about them held by us. Such a request must be made in writing to the following address:
Privacy Officer: Allen Johnstone
Postal Address: Box 10, 7 Glunies Ross Court
Eight Miles Plains QLD 4113
Telephone number: 07 3433 0007
Email address: firstname.lastname@example.org
9. CHANGES TO THE POLICY
9.2 This policy is effective February 2015. If you have any comments on the policy, please contact the privacy officer with the contact details in section 8 of this policy.