1. About this Document
You can obtain further information regarding the APPs and your privacy rights at the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.
3. Personal or sensitive information we collect
We may collect personal information that you have supplied to us such as your name, age, date of birth, address, and other contact details. We may also collect sensitive information from you with your consent (in specific circumstances).
The type of information we may collect depends on your dealings with us and may include:
4. Collection & Use
We may collect personal information from you or from third parties by:
We collect personal information from you to be able to provide you with the services you have requested us to provide including:
We may disclose your personal information for the following purposes:
We will only use sensitive information for the primary purpose it was obtained for or for a secondary purpose that is directly related to the primary purpose (or where otherwise required by law).
We may disclose your personal and sensitive information to trusted third parties, including the following entities:
We may disclose personal information to credit reporting bodies, in order to comply with our obligations under the Anti-Money Laundering and Counter Terrorism Financing Act 2006 (Cth) (AML/CTF obligations). To comply with our AML/CTF obligations, we may disclose your:
to credit reporting bodies, in order to verify whether the personal information matches the identification information held by the credit reporting body. We may, upon request, provide you with an alternative method of verification, however, any alternative verification method must also comply with the AML/CTF legislation.
6. Sending Information Overseas
We may disclose personal information to our cloud service providers such as Microsoft, DropBox, Xero, Intuit, Reckon Hosted, MYOB and BGL Corp that are located outside Australia in some circumstances. These recipients may be located in the following countries:
We will not send personal information to recipients outside of Australia unless:
We take our security obligations seriously and your personal information is regarded as confidential and may be held in both hard copy and/or electronic versions. We will take all reasonable steps to safeguard your information so that it is not misused, lost, modified, accessed by unauthorised persons or disclosed without authorisation.
As responsible data custodians we are familiar with the requirements of the Notifiable Data Breaches scheme and are committed to responding to data breaches in accordance with our obligations under the Privacy Act. We will notify the Office of the Australian Information Commissioner and you if there is unauthorised access to, unauthorised disclosure of, or loss of, personal information held by us and the access, disclosure or loss is likely to result in serious harm to any of the individuals to whom the information relates in accordance with the Privacy Act.
8. Accessing, Updating and Correcting Your Personal and Sensitive Information
You have a right to access your personal information, subject to exceptions allowed by law. If you would like to do so, please provide us with a request in writing to the contact details listed below. Depending upon the complexity of the request, we will endeavour to respond to you within four weeks of receiving your request. We reserve the right to charge a fee for searching for, and providing access to, your information on a per request basis. Where we cannot provide you with access to all of your personal information, we will provide you with reasons why. We may also require your identity to be verified when you send in your request and prior to sending any substantive response.
If at any time you believe that information we hold about you is incomplete, inaccurate, irrelevant, misleading or not up-to-date, please contact us and we will take reasonable steps to correct the information in accordance with the Privacy Act.
9. Complaints and Inquiries
Please make sure to include your name and return contact details with any inquiry.
We will endeavour to respond to your complaint or inquiry within a reasonable period from when it is received.
If you are not satisfied with our response to your complaint or inquiry you can contact the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.
Policy Effective: 1 February 2021