What is personal information?
Under the Privacy Act there is a long winded definition as to what constitutes ‘personal information’. But the Readers Digest condensed version is that personal information is your name (that one was sort of obvious), signature, address, email address, credit card information, telephone number, date of birth, medical records, bank account details and commentary or opinion about a person.
How do you comply with Australian privacy laws?
- You need to be able to respond to individuals who request details about what information you hold, how you use it and if you have shared it with others.
- Include details about the kind of personal information you collect, how you collect that information and how you hold that information;
- Explain how the personal information is used;
- Advise how an individual may complain about access to the information and make corrections to any personal information; and
- Indicate whether the information is likely to be disclosed to overseas recipients.
Prime examples of businesses that collect personal information are Facebook, Twitter and Snapchat.
So, when we sign up to a Facebook account, we agree for Facebook to store the personal information that we provide to it, such as our name, date of birth, mobile number and our relationship status. Now, customers or clients will probably be wondering why on earth would Facebook want to use this information? Well, Facebook could use it for a variety of reasons, such as for market research or for demographic information or marketing purposes.
Are privacy policies easy to draft/make?
Privacy and Policy
1. We respect your privacy
- We are committed to safeguarding personal privacy. Unless given consent to do otherwise and/or otherwise permissible by and/or required by law, we will only collect and use personal information as set out below.
2. Your Personal Information
Personal information that may be requested or provided by you includes, but is not limited to:
- contact information such as your full name and email address;
- your phone number;
- your individual preferences;
- financial information about you;
- your credit card details;
- information regarding your personal interests and interesting and relevant information about you;
- location data;
- sensitive information about you;
- your online behaviour and interests based on your online browsing activity (including social interactions);
- information automatically collected by our software to include IP Address, cookies data, performance specifications of the user’s hardware and software, date and time of access to Our Website and the URL of the page requested;
- information about your experience with our Services;
- the contact details of third parties. If you are asked to provide details about other people, please ensure that these individuals are happy for their details to be given to us and used for the purposes set out in this policy (which may include using their details for marketing and social media purposes);
- any other personal information which you directly provide to us;
- any other personal information requested or required for the purpose of provision the Services.
3. Sensitive Information
4. Collection of Personal Information
Active Information Collection
- Personal information may be collected by us if you:
- purchase any product or service via Our Website;
- subscribe to any alerts, information releases, news, newsletters, updates and media releases about our products or services;
- complete and submit any forms to us;
- communicate with any other users on Our Website;
- contact us directly in person or via any medium including but not limited to by mail, telephone, social media and via the contact form on Our Website;
- participate in any offers, promotions or marketing activities;
- interact with Our Website for a specific purpose; or
- interact with or browse Our Website generally.
- Personal information is requested in order to facilitate or provide you with Services, certain content, and information about such content, products or services, any marketing materials, newsletters, electronic newsletters (e-newsletters), news and media releases / launch information, and also to advise you of other Services, offers, or events which may be of interest. You are not obliged to provide personal information. However, failure to do so may result in us being unable facilitate or provide you with certain content or Services, upcoming promotion, competition, offer or event information or accept competition entries (where applicable).
- We may also obtain your personal information from legitimate third party sources including list brokers, social media websites and other data providers or organisations that share data in circumstances where it is lawful and/or you have given permission for them to do so.
Passive Information Collection
- We may also collect information which tells us about visitors to Our Website. For example, we may collect information about the location, date, time and duration of visits and which pages of Our Website are most commonly accessed. This information is generally not linked to the identity of visitors. By accessing Our Website via links in an email we have sent and/or by accessing Our Website generally, you consent to the collection of such information where it is personal information.
- Certain information can be passively collected (that is, gathered without you actively providing the information) using various technologies, such as Unique Device Identifiers (UDI), cookies, Internet tags or web beacons, and navigational data collection (log files, server logs, clickstream). In certain circumstances, this information may be considered anonymous information or personal information under the Privacy Act 1988 (Cth).
- Your Internet browser automatically transmits to Our Website you are browsing some of this anonymous information or personal information, such as the URL of the website you just came from, the Internet Protocol (IP) address, the UDI (if applicable) and the browser version your device is currently using.
- We may use passively collected anonymous information or personal information to provide better service to Our Website’s visitors and customers, customise Our Website based on your preferences, compile and analyse statistics and trends, and otherwise administer and improve Our Website for your use.
- By accessing Our Website, you consent to information about you being collected, compiled and used in this way.
- The collection of personal information is neither intended for, nor directed to, persons who are under the age of eighteen (18) years old. Persons under age eighteen (18) may only use Our Website with the involvement and consent of a parent or legal guardian.
6. Purpose for collection, use and disclosure of personal information
Personal information will be collected, held, used and disclosed for the following primary purposes jointly and/or severally:
- To maintain the functionality of Our Website, including the provision of information to you relating to the content available on Our Website and e-commerce transactions conducted via Our Website;
- To send you any technical, administrative or legal notices, whether or not these are important to Our Website;
- To fulfil obligations in respect of any transaction made on Our Website;
- To provide you with information about your transactions, content and services, to provide direct marketing materials, events, special offers, competitions and promotions in person and via any medium including mail, telephone or any other form of electronic, emerging, digital or conventional communications channel;
- To maintain our relationship with you;
- To render Services to you;
- To provide you with newsletters via mail and electronic newsletters (e-newsletters);
- To respond to enquiries, complaints and complaints handling;
- To improve Services, Our Website and system administration;
- To record statistical data for marketing analysis and to conduct market research;
- To share personal information with our promotional partners and other trusted third parties in the manner described below;
- To the extent permissible by law, for any other purpose as may be deemed reasonably necessary by us in the circumstances.
7. Protection of Personal Information
- These exceptions include, but are not limited to, data entry, database management, promotions, products and services alerts, analysing data, providing marketing assistance, providing search results and links (including paid listings and links), and providing customer service (the “Service Providers”). These Service Providers are under a duty of confidentiality to us and are only permitted to use the personal information in connection with their functions and not for their own purposes (including direct marketing).
- We reserve the right to use or disclose any information, including personal information, as needed to satisfy any law, regulation or legal request, to protect the rights or property of us, or any member of the public, to protect the integrity of Our Website, to fulfil your requests, or to cooperate in any law enforcement investigation or an investigation on a matter of public safety.
8. Storage and Security of Personal Information
- We will endeavour to take all reasonable steps to keep secure any personal information recorded (including your credit card details). The information is stored on secure servers that are protected in controlled facilities. This service may be performed on our behalf and data may be hosted by our selected data storage providers. In some cases these facilities may be overseas or may be operated by cloud computing.
9. Links to Other Websites
- Our Website may contain links to the websites of other organisations which may be of interest to you. Their inclusion cannot be taken to imply any endorsement or validation by us of the content of the third party website. Linked websites are responsible for their own privacy practices and you should check those websites for their respective privacy policies, practices or statements. We are not responsible, nor does it accept any liability, for the conduct of organisation linked to Our Website.
10. Access and Correction to Your Personal Information
- You have the right to access and review your personal information that may be recorded on our database. Information may be reviewed by contacting our privacy officer via email – see Our Website for the address. A small administrative fee may be payable for the provision of information. Please allow 30 days for this request to be processed.
- We reserve the right to refuse to provide you with information that we hold about you, in certain circumstances set out in the Privacy Act 1988 (Cth).
11. Data Retention
- We retain your personal information for as long as is necessary or your account is active or as needed to provide you with services on Our Website. If you no longer want us to use your personal information to provide you with services, you may close your account. However, we may retain and use your personal information as necessary to comply with our legal obligations, resolve disputes and enforce our agreement.
12. Sale of Company
13. Changing and Deleting Information we have about you
- Information contained on the database may be deleted if you send a request to our privacy officer via email – see Our Website for details. Please allow 30 days for this request to be processed.