We deal with your personal information in accordance with the Privacy Act 1988 (Cth) (“the Act”) and the Australian Privacy Principles (APPs) set out in the Act. We also comply with the Spam Act 2003 (Cth) which imposes various restrictions on sending emails.
WHAT PERSONAL INFORMATION DO WE COLLECT?
We may collect and hold the following personal information:
HOW DO WE COLLECT THE PERSONAL INFORMATION?
Generally we collect your personal information directly from you, including when you use our social media sites, or our website, or when you call us or email us. However, in some instances we may collect personal information from third parties, for example when we perform a credit check on you.
We also use software like cookies to tell us how you use our website. Cookies are tiny digital
identifiers that are automatically stored on your computer and help us to personalise our service to you. You can turn them off or delete these at any time in your website browser settings. We need your personal information to provide you with some or all of our services.
WHY DO WE COLLECT AND HOLD YOUR PERSONAL INFORMATION?
We collect and hold your personal information to:
WHEN DO WE DISCLOSE IT?
We do not sell your personal information, and we do not use your personal information or disclose it to another organisation unless:
WHAT IF YOU DON’T WANT IT DISCLOSED?
STORAGE AND SECURITY
We will take reasonable precautions to protect your personal information, including against loss, unauthorised access, disclosure, misuse or modification. We will ensure that organisations to whom disclosure is made are compliant with the Act.
YOUR RIGHTS TO ACCESS AND DISCLOSURE
There are some other circumstances where we may withhold your personal information including:
Please email us at [email protected] to access, correct or delete your personal information.
ADDITIONAL PROVISIONS FOR EUROPEAN CITIZENS
If you are a resident of the European Economic Area (“EEA”) you have certain rights and protections under the GDPR regarding the processing of your personal information. We are a controller under the GDPR as we collect, use and store your personal information to enable us to provide you with our website services and information about them. We rely on the following lawful means of processing your personal information:
Where you have given us valid express consent to use your personal information we will rely
on that consent, and only use the personal or sensitive information for the specific purpose
for which you have given consent.
If you are an EEA resident, you have various rights including the right to be informed; right of access; right to rectification; right to object; right to restriction of processing; right to erasure or to be forgotten; right to data portability; and right not to be subject to automated processing.
If you want to access personal information we hold about you, or ask if that the information be corrected, please contact us at [email protected] In some circumstances, youalso have a right to object to or ask that we restrict certain processing activities or delete your personal information. If you would like to limit or request deletion of your personal information or exercise any other rights you can do so by contacting us.
You can withdraw your consent to our collection or processing of your personal information. You can do so by contacting us at [email protected] or by opting out of email newsletter communications by following the instructions in those emails or by clicking unsubscribe.
If you withdraw your consent to the use of your personal information, you may not have access to our services, and we might not be able to provide you with our services. In some circumstances where we have a legal basis to do so we may continue to process your information after you have withdrawn consent, for example if it is necessary to comply with an independent legal obligation or if it is necessary to do so to protect our legitimate interest in keeping our services secure.
All personal information stored on our website platform is treated as confidential. It is stored
securely and is accessed by authorized personnel only. Our collection is limited in relation to what is necessary, for the purpose for which the personal information is processed, and kept only for so long as is necessary for the purpose for which the personal information was collected. We implement and maintain appropriate technical, security and organisational measures to protect personal information against unauthorized or unlawful processing and use, and against accidental loss, destruction, damage, theft or disclosure. We ensure the encryption and pseudonymisation of personal information and we have adequate cyber security measures in place.
By providing us with your personal information you consent to us disclosing it to third parties who reside outside the EEA countries. We will ensure that those third parties are GDPR compliant.