About this Policy
We understand the importance of, and are committed to, protecting your personal information. We comply with the Privacy Act 1988 (Cth) (Privacy Act). We are bound by the Australian Privacy Principles (APPs) which regulate how we may collect, use, disclose and store personal information, and how our customers and suppliers and stakeholders (‘you‘) may access and correct personal information we hold about you.
The purpose of this policy is to:
- clearly communicate how we deal with personal information;
- enhance the transparency of our operations;
- give a better and more complete understanding of the sort of personal information that we hold, and the way we handle that information.
Who to contact
You may also contact the Privacy Officer using the contact details provided below. You can also contact the privacy officer if you believe that the privacy of your personal information has been compromised or is not adequately protected.
Once a complaint has been lodged, the Privacy Officer will respond to you as soon as possible.
You may also lodge a complaint with the Office of the Australian Information Commissioner by telephone: 1300 363 992 or email: firstname.lastname@example.org
Information we collect about you
We collect information about you that we reasonably need for our business functions and activities. Our business functions and activities include:
- providing you with our information, products and services – these are described generally on our website, our corporate brochures, advertising, and our letter and emails and communications to customers, suppliers and business partners
- activities in support of those functions including administration, management, marketing, contracting, online and mobile marketing, IT, legal, security, customer support, finance (including credit control) and human resources
- activities we plan for the future including new ways of communicating, new products and services, new business models and new businesses.
Generally we collect the following personal information about you:
- your name
- your contact details including residential or business address, telephone number and email address
- company details (if applicable)
- date of birth
We may combine your personal information above with other information about you, including sensitive information, for example:
- if you login to our website we may collect details about your user name, site usage and products and services you may be interested in
- if your business or your employer supplies us with products or services, or if your business or employer distributes, sells or services our products, we collect information about your trading with us (for example the products and services you buy or sell or the products and services you provide), your trading history and account history (including credit card details)
- if you apply for a position with us, we collect information to help us decide your application, including your contact details, date of birth, work history, academic history, referees, tax file number, medical and relationship status and similar details
- if you request information from us (for example about a product or service) or register a complaint, we collect information about your request or complaint
- if you enter a promotion or competition, visit us at an event or enquire about our company, we may collect your contact details so that we can follow up on your enquiry or interest by sending you marketing material
If you submit a credit application to us we collect certain other types of personal information (including information contained in a consumer or commercial credit report about you) including:
- information about your credit history, including information about your past experiences with us and other credit providers
- the kinds of credit products that you have sought and obtained in the past
- information about your consumer credit payments overdue for at least 60 days and for which collection action has started
- advice that payments that were previously notified to a credit reporting bureau as overdue are no longer overdue
- publicly available information about your credit worthiness
- an opinion of a credit provider that you have committed a serious credit infringement in relation to credit provided by that credit provider
- we may also derive information about you from consumer or commercial credit reports about you, including:
- information which assists us to assess your suitability for credit
- the likelihood of you being able to meet your commitments to us
We record this information (personal information) in our database whilst we deal with you. We will remove this information from out database when we have no further need to keep a record of it, except if we are required to keep it by law (for example, for tax or for superannuation purposes).
How we collect information about you
We collect personal information directly from you. We may record your contact details when you call us, when you register and login to our website, when you purchase a product or service, if you are a subcontractor or supplier, when you fill out an application form (including a credit application form) when you participate in a transaction, when you provide your contact details via web, mobile or email or when you ask us for information or request something from us.
Sometimes we collect personal information about you from another person or business, or from a publicly available source. For example:
- your employer may give us your details in relation to a subcontract or provision of a product or service
- we may get you details from a publicly released tender
- an employment service may send us your resume
- if you make a credit application and also where you carry on business with us on credit terms, we may obtain information about you from credit reporting bodies and other credit providers
- if you enter a networking event, promotion or competition organised by us, we may be given your name and contact details by the promoter of the event
- our service providers may provide us with your personal information from websites, social media sites, mobile, and other technology-based sources
Do I have to provide you with my personal information?
You can deal with us anonymously (without giving us your name and contact details) or by using a pseudonym (a name that does not include your real name, for example an email address or a user name that you use in an online forum (nickname)).
If you choose to deal with us anonymously or using a nickname, we can give you general information about our products and services, and you may be able to purchase products and services from us for cash or participate in any online forum we provide, but there are some things we cannot do, for example:
If you do not give us your personal information, there are certain things we cannot do, including give you information about your dealings with us as a customer, subcontractor or supplier, deal with a complaint you may have, provide you with a service or deliver a product or service to you at an address. You cannot attend one of our networking events, or enter into one of our promotions anonymously or using a nickname.
You can deal with us using a nickname together with your real name and contact details. If you choose to deal with us in this way, we may collect your personal information together with your nickname. When you identify yourself to us using your nickname only, we can deal with you only as described above. We may ask you to provide proof of your identity if you use a nickname.
Why we collect personal information about you (purpose of collection)
We collect and record personal information about you so that we can carry out our functions and activities described above. The primary purposes for which we collect your personal information include:
- so that we can provide our products and services to you
- so that we can administer our dealings with you (and your employer if applicable), to provide you with information and to respond to any requests that you may have (for example, so that we can administer and provide you with project information)
- so that we can assess and process a credit application made by you or your business, establish, provide and administer your credit account, and collect overdue payments
- so that we can function as a business, for example, we may collect your personal information for research, marketing or so that we can offer new products, reconcile transactions, or if you are a supplier so that we can record your dealings with us
- so that we can decide whether to employ or contract with you
- so that we can comply with agreements we have entered into with our suppliers and customers
We also collect your personal information for certain secondary purposes that are related to the primary purposes outlined above. Secondary purposes may include so that we can run our business efficiently, for example, so that our advisors can provide us with customer research, or so that we can use technology to automate our business and to understand how our business is performing, to allow us to operate efficiently and to lower costs by outsourcing services (such as collecting or paying money). Other secondary purposes may include so that we can sell or transfer our business or merge with another business.
We do not use or disclose your personal information for a purpose other than:
- a purpose you would reasonably expec
- a purpose required or permitted by law
- a purpose otherwise disclosed to you to which you have consented
Depending on the circumstances, we may disclose your personal information to other people including one or more of the following:
- service providers including travel providers, agents, contractors, IT, security, legal, accounting, research, credit, credit reporting bodies, marketing, insurers, financial institutions, debt collection agencies and others
- other credit providers, to assist them with assessing a credit application they have with you, or to ensure that the information about you that we handle is correct
- credit reporting bodies in order to obtain credit reports and also for the purpose of dealing with defaults on your credit account and serious credit infringements
- our affiliate companies and related companies
- government, regulatory and law enforcement authorities, where we are required to or permitted to by law
- your employer, if you are an employee of a subcontractor or contractor
- to prevent or investigate any fraud or crime (or a suspected fraud or crime)
We take reasonable steps to ensure that these organisations are bound by confidentiality and privacy obligations with respect to the protection of your personal information.
We may disclose your personal information to an overseas service provider, for example a travel provider, a cloud data centre or a customer information call centre.
If it is not practicable or reasonable for us to gain your consent to disclose your personal information to an overseas service provider, we will take reasonable steps to notify you of the specific countries where we disclose your personal information. We will take reasonable steps to ensure that the overseas services provider is bound by privacy and confidentiality obligations.
Access to your personal information
You may request access to the personal information that we hold about you by using the contact details provided above.
We will deal with your request for such access within a reasonable time. If we refuse access, we will provide you with a written notice which sets out the reasons for the refusal and the relevant provisions of the Privacy Act that we rely on to refuse access.
We may recover reasonable costs in relation to a request for access to personal information.
Accuracy and correction
We take reasonable steps to make sure that the personal information we collect is accurate, up-to-date and complete. Where we believe that the personal information we hold is inaccurate, out-of-date, incomplete, irrelevant or misleading, we will take reasonable steps to correct that information. You may also request that we correct information that we hold about you.
We will take reasonable steps to correct the information within a reasonable time. However, if we do not agree with the corrections you have requested, we are not obliged to alter your personal information, but we will give you a written notice which sets out the reasons for our refusal, the mechanisms available to complain about the refusal and the relevant provisions of the Act that we rely on to refuse correction.
You can also ask us to associate a statement with the relevant information that puts your view that it is inaccurate, out-of-date, incomplete, irrelevant or misleading. We will not charge you for making a correction request, for correcting your information or for associating a statement with your information.
We hold your personal information in paper-based and electronic files. We will take reasonable steps to ensure that your personal information which is kept in our files is protected from misuse, interference and loss and/or unauthorised access, modification or disclosure. This means that, in respect of our paper-based files, we maintain various security systems on our premises, and in respect of electronic files, we (or our service providers) maintain secure electronic network systems.
When we no longer require your personal information (including when we are no longer required by law to keep records relating to you), we ensure that it is destroyed or de-identified.
This section explains how we handle personal information collected from our websites (including social media sites and mobile sites if relevant). If you have any questions or concerns about transmitting your personal information via the internet, you may contact us using the contact details provided above, as there are other ways for you to provide us with your personal information.
If you access an unsecured part of our websites, that is, a public page that does not require you to log on, we (or our service providers) will collect information about your visit, such as:
- the time and date of the visit
- any information or documentation that you download
- your browser type
- your IP address
Email: When we receive emails, we will retain the content of the email and our response to you where we consider it necessary to do so. Your email address will only be used or disclosed for the purpose for which is was provided. It will not be added to any mailing lists or used for any other purpose without your consent.
Security: We make reasonable efforts to ensure that the most up-to-date security measures are used on our website to protect your personal information. Any data containing personal information which we transmit via the internet is encrypted. However, we cannot guarantee that any information transmitted via the internet by us, or you, is entirely secure. You use our website at your own risk.
Location data: We may use and store information about your location if you give us permission to do so. We use this data to provide features of our Service, to improve and customize our service. You can enable or disable location services at any time through your device settings.
We may use your personal information, including your contact details, to provide you with information about products and services, including those of third parties, which we consider may be of interest to you. We may do this, even if you are on the Do Not Call Register.
We may also provide your details to other organisations for specific marketing purposes.
You may opt out at any time if you no longer wish to receive marketing information. In order to do so, you will need to request that we no longer send marketing materials to you or disclose your information to other organisations for marketing purposes. You can make this request by using the contact details provided above, or by “unsubscribing” from email or other marketing messages.
Analytics: We may use third-party Service Providers to monitor and analyze the use of our Service.
Google AdWords: Google AdWords remarketing service is provided by Google Inc. You can opt-out of Google Analytics for Display Advertising and customize the Google Display Network ads by visiting the Google Ads Settings page: http://www.google.com/settings/ads. Google also recommends installing the Google Analytics Opt-out Browser Add-on, https://tools.google.com/dlpage/gaoptout for your web browser. Google Analytics Opt-out Browser Add-on provides visitors with the ability to prevent their data from being collected and used by Google Analytics. For more information on the privacy practices of Google, please visit the Google Privacy Terms web page: https://policies.google.com/privacy?hl=en.
Facebook: Facebook remarketing service is provided by Facebook Inc. You can learn more about interest-based advertising from Facebook by visiting this page: https://www.facebook.com/help/164968693837950. To opt-out from Facebook’s interest-based ads follow these instructions from Facebook: https://www.facebook.com/help/568137493302217. For more information on the privacy practices of Facebook, please visit Facebook’s Data Policy: https://www.facebook.com/privacy/explanation.
We may provide paid products and/or services within the Service. In that case, we use third-party services for payment processing (e.g. payment processors).
Notification of data breaches
If we have reasonable grounds to suspect that a data breach has occurred, we will:
- Complete an assessment of the suspected data breach within 30 days;
- If appropriate, take remedial action to address any potential harm to individuals that may arise due to a relevant data breach before any serious harm is caused to individuals to whom the information relates.
We will otherwise comply with privacy data breach notification requirements, including notifying affected individuals and the Office of the Australian Information Commissioner as applicable.