For the purposes of this policy, “personal information” means personal information as defined in the Privacy Act 1988 (the “Act”). Essentially, this is any information that can reasonably be used to identify you as a natural person including but not limited to your name, email, contact details and financial information such as credit card details.
If you would like a copy sent to you or you have any questions or concerns, please contact our Privacy Officer (details below) and we will provide you a copy free of charge.
By interacting with us, you agree that we can use information about you in accordance with this policy.
2. Open and transparent management
We take our obligations under the Act and the Australian Privacy Principles very seriously and has implemented practices, procedures and systems to ensure we comply with those laws.
We are committed to maintaining the confidentiality and security of your personal information and managing it in an open and transparent way.
3. Collection of personal information
3.1 Types of information collected
In the process of conducting our businesses, we collect a broad range of personal information about our current and prospective customers, contractors, suppliers, agents, service providers, other business associates and the people associated with the businesses we deal with, current, past and prospective employees, users of our websites, subscribers and other stakeholders. This information can include:
- Identifiers such as your name, date of birth, contact details (such as your phone number(s) and email and mailing addresses)
- Information about the products and services you have with us or our business partners
- Financial and credit information (including banking and credit card details) and supporting documentation (including credit history details), identification and transaction history information, and personal references
- Employment information and information about your educational background
- Information about your interests, preferences, opinions or comments you have made to us
- Other information about your identity including when your image is recorded on surveillance camera when you visit our offices.
3.2 How we collect personal information
Our preference is to collect personal information from you directly and we will endeavour to do this unless it is unreasonable or impractical to do so. We collect personal information in a variety of ways including via our software applications, online enquiries you submit on our websites, over the telephone, social media, apps, through correspondence (whether by letter, fax or email), and on our forms when you enter into agreements and contracts with us. We may also collect personal information from you when you attend our events.
We may also collect personal information from third parties including from credit reporting bodies, contractors, business partners and other entities.
3.4 Other Sources
We may also collect personal information from:
- people with permission from you to give us your information
- our business partners and distributors
- recruitment agencies, previous employers or referees
- credit reporting bodies
- service providers that work with us or help us provide products and services to you or identity and fraud checking services, or analytics and advertising related services
- companies related to us including Novum Networks Pty Ltd
4. Use or disclosure of personal information
4.1 Why do we collect, hold, use or disclose personal information?
We collect, hold, use and disclose your information for the primary purpose of enabling us to carry out our business functions and activities which includes but is not limited to:
- the provision of products or services to you (including the improvement of those products or services)
- communicating with you, managing your account and billing and delivering customer or technical support
- verifying your identity
- conducting checks and searches of your credit information to assess your credit rating from time to time
- debt recovery including assigning a debt you owe us
- communicating with you including via email, mail, telephone or SMS
- personalising and customising your experience
- managing and enhancing our products and services
- delivery, provision, installation or repair of hardware, accessories or service and maintenance of our products, systems and networks
- promoting and marketing our products and services including updating you with news and information about our existing and new products and services
- providing you with information about events, products or services that may interest you
- developing products and services that may be of interest to you
- communicating with you when you have previously expressed an interest in our products or services
- managing our relationship with you
- employment related purposes (eg. Verifying your work experience or undertaking criminal history checks)
- facilitating our internal business operations
- conducting internal investigations, including in relation to fraud and crime
- investigating any complaints made by you
- deriving insights about you and who you interact with to identify market segments, market products and services or carry out market research
- assessing the effectiveness of our marketing campaigns to optimise our marketing spend and to personalise our products, services and marketing messages
- analysing audience ratings information and anonymous viewing and browsing data to understand how you and others engage with our products and services
- we may de-identify information about you to use and share with our business partners. This information may be combined with other demographic information or anonymous identifiers to develop aggregated insights to improve our products, services and offers to our customers
- as otherwise required or permitted by law.
4.2 Disclosure of personal information
From time to time we may disclose your personal information, in so far as it is necessary for the purposes set out in this policy, including to:
- Our service providers
- Our business partners
- Our analytics and advertising related organisations
- Our debt recovery agents and credit reporting bodies
- Other telecommunications companies (to administer number portability requests)
- Our insurers
- Professional advisers
- Companies who collect information and data from cookies and other similar technologies
- Companies working with us to prevent or investigate unlawful activity (particularly fraud and identify theft)
- Companies relating to Access4 including Novum Networks Pty Ltd and any other related entity.
We may also share your information:
- To comply with our legal obligations in response to warrants, subpoenas or similar lawful requests for this information
- For the purpose of a transfer, sale or restructure of some or all of our assets or business
- With government and regulatory authorities and law enforcement agencies as required or authorised by law
- With the operator of the Integrated Public Number Database to assist with the provision of directories, emergency services and safeguard national security
- With directory providers when you elect to have your information disclosed to such organisations e.g. If you choose to have your number listed
- With emergency call service centres and relevant emergency service organisations.
We may also use personal information to protect copyright, trademarks, legal rights, property or safety of Access4, its clients or third parties.
If there is a change of control in our business or a sale or transfer of business assets, we reserve the right to transfer to the extent permissible at law our user databases, together with any personal information and non-personal information contained in those databases. This information may be disclosed to a potential purchaser under an agreement to maintain confidentiality. We would seek to only disclose information in good faith and where required by any of the above circumstances.
By providing us with personal information, individuals consent to the terms of this Policy and the types of disclosure covered by this Policy. Where we disclose personal information to third parties, we will request that the third party follow this Policy regarding handling personal information.
5. Direct marketing
5.1 What is direct marketing?
For the purposes of this policy, “direct marketing” is the promotion and sale of goods and services directly to you including through emails, SMS, MMS, phone calls, social media, digital advertising and the post.
You consent to us using your personal information to send you – either directly or via one of our service providers – information, including promotional material about us and business partners from time to time in relation to any product or service they offer and you consent to being contacted by means of direct mail, email, SMS and MMS messaging and via telephone.
5.2 No direct marketing
We will not use or disclose your personal information for the purposes of direct marketing material if you have previously told us not to.
If at any time you do not want us (or one of our service providers) to send you direct marketing material or you wish to cancel a previous consent, then you can simply inform our Privacy Officer by contacting them (details below). We will effect the change in a reasonable time and without charge.
6. Cross-border disclosure of personal information
We may disclose your personal information to an overseas entity in circumstances where we:
- have taken reasonable steps to ensure that they also treat it in accordance with the Act; or
- reasonably believe that the overseas entity is subject to the same or similar laws to that found in the Act and there are ways that you can take action to enforce those overseas laws; or
- expressly inform you of your option to consent to that disclosure and you then provide us with informed consent to do so; or
- are required or authorised by law.
7. Security of personal information
We will take such steps as are reasonable in the circumstances to protect your personal information that we hold.
In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure information and protect it from misuse, interference, loss and unauthorised access, modification and disclosure.
As our website is linked to the internet, and the internet is inherently insecure, we cannot provide any assurance regarding the security of transmission of information you communicate to us online. We also cannot guarantee that the information you supply will not be intercepted while being transmitted over the internet. Accordingly, any personal information or other information which you transmit to us online is transmitted at your own risk.
When we no longer need your personal information for a permitted purpose and we are not required to keep it to comply with any laws, we will take such steps as are reasonable in the circumstances to destroy your personal information or to ensure that the information is de-identified.
9. Access to personal information
Individuals may request details of personal information that we hold about them in accordance with the provisions of the Privacy Act 1988 (Aus Cth), or the Privacy Act 2020 (NZ).
This information will be provided within a reasonable time frame, free of charge.
If an individual would like a copy of the information, which we hold about them or believe that any information we hold on them is inaccurate, out of date, incomplete, irrelevant or misleading, please email the Privacy Officer using the contact details below.
We reserve the right to refuse to provide you with information that we hold, in certain circumstances set out in the Privacy Act.
10. Correction of personal information
10.1 Correction of personal information
We will take reasonable steps to correct your personal information (at no charge) if we are satisfied that it is inaccurate, out-of-date, incomplete, irrelevant or misleading. This extends to third parties that we have provided your personal information to unless it is impracticable or unlawful to do so.
10.2 Circumstances when we decline to make corrections
In certain circumstances we may decline to correct your personal information. When this occurs we will provide you with a written notice that sets out:
- the reasons for the refusal; and
- the mechanisms available to complain about the refusal.
11. Third-party sites
Our site may from time to time have links to other websites not owned or controlled by us. These links are meant for individual convenience only. Links to third-party websites do not constitute sponsorship or endorsement or approval of these websites. Please be aware that Access4 is not responsible for the privacy practices of other such websites. We encourage our users to be aware, when they leave our website, to read the privacy statements of each and every website that collects personally identifiable information.
In Australia, it is a requirement of the Privacy Act 1988 Notifiable Data Breaches (NDB) Scheme that when an organisation or agency the Privacy Act 1988 covers has reasonable grounds to believe an eligible data breach has occurred, they must promptly notify any individual at risk of serious harm. They must also notify the Office of the Australian Information Commissioner (OAIC).
Similarly, in New Zealand Under the Privacy Act 2020, if we have a privacy breach that either has caused or is likely to cause anyone serious harm, we must notify the Privacy Commissioner and any affected people as soon as you are practically able.
Breaches must be handled in accordance with the Access4 Personal Data Breach Notification Procedure (MP-IS-07).
13. Our obligations as a cloud service provider
In addition to holding personal data on our own account, Access4 also stores and processes the personal data of our cloud clients. In doing so, there are a number of additional obligations that must be fulfilled to allow our clients to stay within the law.
14. Privacy Officer Contact
Access 4 Pty Ltd
Level 4/658 Church St
Richmond VIC 3121
Last updated: December 2023