SecureCo collects and updates information about users of its services, suppliers, employment candidates and other individuals it deals with in its day-to-day business.
SecureCo may obtain this information via direct contact with an individual (including via SecureCo’s website or application forms/documents), from SecureCo’s customers, third parties such as the individual’s employer or SecureCo’s suppliers or automatically via the individual’s use of SecureCo’s services.
The types of information that SecureCo collects as a Data Controller include:
- Name and contact details of individuals using SecureCo’s services;
- Details regarding an individual’s participation in events or surveys, their interests, and preferences; and
- Information from candidates applying for a job with SecureCo.
SecureCo is a Data Processor of Cardholder Data supplied to SecureCo by a customer for the purpose of using SecureCo’s services. It is the responsibility of SecureCo’s customers to comply with the requirements of the Privacy Act 1988 (Cth) in relation to the provision of Cardholder Data to SecureCo.
If an individual wishes not to provide their Personal Information, to remain anonymous or to use a pseudonym when dealing with SecureCo, SecureCo may not be able to provide the individual with SecureCo’s services (where relevant) or to assist the individual with any specific needs.
SecureCo collects and uses Personal Information to administer, support, improve and obtain feedback on SecureCo’s services, and also to detect and prevent faults, breaches of network security, the law or contract terms. SecureCo may also use all this information to assess what SecureCo products and services may be of interest to individuals and to personalise SecureCo’s service and marketing. SecureCo will not sell or rent Personal Information to others outside SecureCo.
Personal Information collected by SecureCo may be transferred and disclosed to any of the following parties:
- related companies of SecureCo;
- lawyers, auditors or advisors of SecureCo;
- an agent acting on behalf of SecureCo;
- business partners of SecureCo;
- agents, affiliates, contractors or third-party service providers who provide administrative, telecommunications, computer, payment or other services to SecureCo in relation to the operation of the business of SecureCo;
- any persons and corporate entities to whom SecureCo is obliged to disclose under the requirement of any law relating to SecureCo or any of its affiliates or partners;
- governmental and judicial bodies or regulators.
SecureCo only processes Personal Information in Australia. However, in the course of, and for the purpose of, providing its services, SecureCo may, at its customer’s direction, send Cardholder Data to service providers appointed by the customer (Customer Service Providers), such as payment gateways, whose products and services integrate with SecureCo’s services to process payment transactions. These service providers may be located outside Australia. It is the responsibility of SecureCo’s customers to comply with the requirements of the Privacy Act 1988 (Cth) in relation to the transfer of Personal Information by SecureCo to Customer Service Providers.
If an individual subscribes for a service on behalf of their employer, then SecureCo may pass certain information to their employer about their use of the service where their employer has a legitimate reason to receive it. Similarly, if an individual is the main contact person in an organisation using a SecureCo service, SecureCo may pass their contact details to those in the employer organisation for this purpose.
If an individual is registered to use a service, SecureCo may contact the individual to obtain feedback on that service and any improvements SecureCo could make to it. If an individual has agreed to such contact, SecureCo may contact them about those of its other services to which they do not subscribe but which may interest them. Sometimes SecureCo may invite individuals to client entertainment and similar events.
Individuals have the right to ask SecureCo at any time not to contact them for marketing purposes by emailing firstname.lastname@example.org. These preferences will be recorded by the Risk and Compliance team.
Accessing your information
An individual can request access to the Personal information retained by SecureCo, or make corrections to it, ask SecureCo more generally about the kind of Personal Information SecureCo holds or what SecureCo’s policies and practices are in relation to Personal Information by emailing email@example.com. SecureCo may charge a reasonable fee for processing data access or correction requests.
Information storage and security
SecureCo may store Personal information in physical and/or electronic form. Any paperwork retained bySecureCo is stored onsite at SecureCo offices in a secure location. Electronic information may be stored on databases in a secure location, which are located in Australia.
SecureCo takes a number of steps to protect Personal Information from misuse, loss, unauthorised access, modification and unauthorised disclosure including through the use of technology, limiting the access by SecureCo’s Workers to Personal Information and requiring SecureCo Workers to follow internal policies and procedures in relation to the collection, use and storage of Personal Information.
The transmission of information via the internet is not completely secure. Although SecureCo does our best to protect personal data, SecureCo cannot guarantee the security of data transmitted to our website, so any transmission via the website is at an individual’s own risk.
Despite every effort to protect Personal information, there remains the possibility that a breach of SecureCo’s security could occur. In the event of loss of Personal Information, SecureCo will take steps to identify, secure and assess the breach and work with our customers to comply with any legal notification requirements.
Information may be retained and used by SecureCo for a reasonable period, reflecting SecureCo’s need to provide new and improved services, resolve queries or issues, as well as in order to meet any legal or regulatory requirements. This means SecureCo may retain information after an individual ceases to use SecureCo services or interact with us in accordance with the SecureCo Retention Policy.
Any person who has a comment or complaint relating to the handling of their Personal Information by SecureCo, can email SecureCo on firstname.lastname@example.org. Complaints will be managed by the Risk and Compliance team.