SBAAS is committed to protecting the privacy of individuals as defined by the Australian Privacy Principles (“APP’s”) set out in the Privacy Act 1988 (Cth) (the “Act”).
COLLECTION OF INFORMATION
Some information provided to us by clients, customers, contractors and other third parties might be considered private or personal. Without these details we would not be able to carry on our business and provide our services to you. We will only collect such personal information if it is necessary for one of our functions or activities.
In particular, situations in which personal information may be collected from people by SBAAS may include but not be limited to:
- If you contact SBAAS, we may keep a record of that correspondence,
- When you place or receive a telephone call to or from us, we may record that conversation,
- When you submit your e-mail address to our Website mailing list.
At or before the time the personal information is collected by us we will take reasonable steps to ensure that you are made aware of who we are, the fact that you are able to gain access to the information held about you, the purpose of the collection, the type(s) of organisations to which we usually disclose the information collected about you, any laws requiring the collection of the information and the main consequences for you if all or part of the information is not collected.
USE OF INFORMATION COLLECTED AND DISCLOSURE OF PERSONAL INFORMATION TO OTHERS
We may use or disclose personal information held about an individual for the primary purpose for which it is collected (eg. provision of our services, including administration of our services, notification to you about changes to our services, record-keeping following termination of our services to you and technical maintenance). We may also use such information for a purpose related to the primary purpose of collection and where it would reasonably be expected by you that we would use the information in such a way. We may only share this information with related entities if we believe that the related entities may add value or make such offer as to add value. This information is only disclosed to persons outside our businesses in the circumstances set out in this policy or as otherwise notified to you at the time of collection of the information.
In addition we are permitted to use or disclose personal information held about you:
- Where you have consented to the use or disclosure;
- Where we reasonably believe that the use or disclosure is necessary to lessen or prevent a serious, immediate threat to someone’s health or safety or the public’s health or safety;
- Where we reasonably suspect that unlawful activity has been, is being or may be engaged in and the use or disclosure is a necessary part of our investigation or in reporting the matter to the relevant authorities;
- Where such use or disclosure is required under or authorised by law (for example, to comply with a subpoena, a warrant or other order of a court or legal process);
- Where we reasonably believe that the use or disclosure is reasonably necessary for prevention, investigation, prosecution and punishment of crimes or wrongdoings or the preparation for, conduct of, proceedings before any court or tribunal or the implementation of the orders of a court or tribunal by or on behalf of an enforcement body.
DISCLOSING AND STORING INFORMATION OVERSEAS
Some of the third parties to whom we disclose your personal information may be located outside Australia.
For example, we may disclose your personal information to external national or overseas facilities in the course of conducting information and data processing, back up and scanning or for the purposes of obtaining other services from third parties.
However, SBAAS will not send personal information about an individual outside Australia without:
- obtaining the consent of the individual (in some cases this consent will be implied);
- otherwise taking all reasonable steps to ensure such third parties comply with the Australian Privacy Principles or other applicable privacy legislation.
The countries in which these third parties are located will depend on the circumstances. However, in the course of our ordinary business operations we commonly disclose personal information to third parties located in the following countries: New Zealand; United Kingdom; USA; Spain;
SBAAS may also store personal information in the ‘cloud’ which may mean that it resides on servers which are situated outside Australia. As these cloud storage services are provided by independent third parties, the actual location of these servers may change from time to time and is outside the knowledge or control of SBAAS.
WEBSITE LINKS AND COOKIES
Our Website may contain links to other web sites and those third party web sites may collect personal information about you. We are not responsible for the privacy practices of other businesses or the content of web sites that are linked to our Website. SBAAS encourages users to be aware when they leave the Website and to read the privacy statements of each and every web site that collects personally identifiable information.
SBAAS may collect information from the Website using “cookies”. When you visit the Website to read, browse or download information, our system will record/log your IP address (the address which identifies your computer on the internet and which is automatically recognised by our web server), date and time of your visit to our Website, the pages viewed and any information downloaded. This information will only be used for the purpose of site analysis and to help us offer you improved online service. We may automatically collect non-personal information about you such as the type of Internet browsers you use or the site from which you linked to our Website. You cannot be identified from this information and it is only used to assist us in providing an effective service on our Website.
SECURITY AND STORAGE
SBAAS places a great importance on the security of all information associated with our customers, clients and contractors. We have security measures in place to attempt to protect against the loss, misuse and alteration of personal information under our control.
Personal information is de-identified or destroyed securely when no longer required by us.
SBAAS retains the information you provide to us including possibly your contact and credit card details to enable us to verify transactions and customer details and to retain adequate records for legal and accounting purposes. This information is held on secure servers in controlled facilities.
Information stored within our computer systems can only be accessed by those entrusted with authority and computer network password sanctions.
No data transmission over the Internet can be guaranteed to be 100 per cent secure. As a result, while we strive to protect user’s personal information, SBAAS cannot ensure or warrant the security of any information transmitted to it or from its online products or services, and users do so at their own risk. Once receives your transmission, it makes every effort to ensure its security on its systems.
Ultimately, you are solely responsible for keeping your passwords and/or account information secret. You should be careful and responsible whenever you are online.
ACCESS TO AND CORRECTION OF PERSONAL INFORMATION
You have a right to request access to or correction of your personal information held by us. If you wish to access, correct or update any personal information we may hold about you, please contact our Privacy Officer in writing as set out below.
However, we may charge for providing access to this information to cover the cost of verifying your application and locating, retrieving, reviewing and copying any material requested.
We may also refuse access where the Act allows us to do so. If we cannot provide you with access to that information, we will provide you with written notice explaining the reasons for refusal.
We will investigate your complaint and attempt to resolve any breach that might have occurred in relation to the collection, use or destruction of personal information held by us about you in accordance with the Commonwealth Privacy legislation. If you are not satisfied with the outcome of this procedure then you may request that an independent person (usually the Commonwealth Privacy Officer) investigate your complaint.
Our internal complaint handling division will deal fairly and promptly with your complaint. However, if you remain dissatisfied, you can also make a formal complaint with the Office of the Australian Information Commissioner (which is the regulator responsible for privacy in Australia):
Office of the Australian Information Commissioner (OAIC)
Phone 1300 363 992
Complaints must be made in writing:
Director of Compliance
Office of the Australian Information Commissioner
GPO Box 5218
Sydney NSW 2001
Should you wish to read more information on privacy legislation or the National Privacy Principles or the Australian Privacy Principles, we recommend that you visit the Federal Privacy Commissioner’s website at www.OAIC.gov.au.
Last updated 20/03/2019