Purpose
The purpose of this policy is to meet obligations of MyEcoBag®️ under the Privacy Act 1988 in regard to the collection, management and disclosure of customer personal information.
Scope
This policy extends to all Company employees, contractors, agency staff and interns. This policy covers all personal, private, sensitive and health information (known collectively as ‘Personal Information’) held by Company. ‘Personal Information’ refers to an individual, i.e. a natural person and includes Customers, Company employees, commercial / private contractors and agency staff. Personal information cannot be about a corporation or other form of legal person.
Policy Statement
The responsible handling of personal information is a key aspect to good governance practice and is essential to protecting an individual’s right to privacy.
Company is committed to full compliance with its obligations under Privacy Act 1988 and the Australian Privacy Principles (APPs).
Policy Principles
Company will:
What is Personal Information
The Privacy Act 1988 defines personal information as: Information or an opinion about an identified individual, or an individual who is reasonably identifiable: whether the information or opinion is true or not; and, whether the information or opinion is recorded in a material form or not.
Information must be about an individual that is, a natural person, e.g. Customers, Company employees, commercial / private contractors and agency staff.
It cannot be about a corporation or other form of legal person as they cannot have “personal information”.
Examples of personal information include:
Factual information
Sensitive information
It includes data about ethnic origin, religious belief, sexuality, political affiliations, genetic information, health information, biometric information, membership to trade unions and criminal records.
Health Information
Health Information is another type of personal information and includes individual health disabilities, allergies, injuries and more. Health information can also be considered as sensitive personal information.
Tax Information
Tax information can be considered personal information and should only be disclosed as required by a relevant agency.
Payment Card Information
Credit card information is also personal information, as the information on it is identifiable to a living individual. Fraud and identity theft are the result of credit card data breaches exposing this personal data.
Opinions and recordings
External Contractors
While information is usually handled by Company staff, Company may outsource some of its functions to third party organisations. This may require the third party to collect, use or disclose certain information (e.g. cleaning or health information). It is Company’s intention to require all contractors to comply with the Privacy Act 1988 in all respects.
Management of Information
The Company will only collect personal information that is necessary for carrying out its activities, and where reasonable and practicable, collection will be from you directly.
Company does this in a variety of ways, including, but not limited to:
form (online or in hard copy).
(a) Types of information collected by the Company
Personal information collected typically includes, but is not limited, to the following:
(b) Creating a single customer record
The company records customer information in its ERP system, compiling and maintaining a secure central customer record for each customer. Your central customer record will contain your current contact details and the history of your contacts with the Company.
This information will be made available to relevant Company officers and service providers for the purpose of responding to customer service requests or any other directly-related purpose.
If you do not want to have a single customer record with the Company, you can choose to opt-out of this process by calling Company on (03) 85666800, lodging an opt-out request email to info@secosgroup.com.au.
(c) Photographs
Company takes photographs on Company premises and also in public places. These photographs may be used for publicity purposes.
Before taking photographs to be used for publicity purposes, Company will seek consent (if practicable) from individuals to take and use the photograph(s). Where feasible, this consent will be obtained in writing, using a specific consent form designed for this purpose. However, on certain occasions verbal permission may be applicable.
(d) Online payments
Members of the public are able to make payments online when transacting with Company. The online payment service uses a PCI-DSS (Payment Card Industry Data Security Standards) compliant payment gateway service to collect the credit card details and process payment for Invoices or accounts. Company does not collect or hold credit card information for these payments.
Company will take all necessary measures to prevent unauthorised access to, or disclosure of personal information. Company will not use or disclose your personal information other than for:
Example: Court Order or Subpoena. A Court Order or Subpoena is a legal document issued by the Court which compels a Company staff member to give evidence at a hearing and / or the Company to produce documents in its possession to the Court.
Organisations to which Company may disclose personal information may include,
but limited to, the following: The Ombudsman, Office of the Victorian Information Commissioner, debt collection agencies, insurers, legal advisors, contracted service providers, printer and mailing services, Federal and State Government agencies, law enforcement agencies and courts,
Company will endeavour to ensure that the personal information it holds is accurate, complete and up to date.
Company will systematically append and / or update any new personal information you provide to your existing customer record. This ensures that your customer record is complete and up to date.
Company will take all necessary steps to ensure that personal information is stored safely and securely to protect it from misuse, loss, and unauthorised modification and disclosure. This applies to all format types including print and digital in which the information is held.
Refer to SECOS Group Cyber Security Policy and SECOS Group Data Security Policy.
A person is entitled to seek access to their personal information, except in specific circumstances as outlined within the Privacy Act 1988, or seek access to correct or amend a document containing their personal affairs information, where they believe the information is inaccurate, incomplete, out of date, or would give a misleading impression.
As documents in the possession of Company are subject to the FOI Act, access to, or correction of personal affairs information is managed under the FOI Act.
For details on how to make an application under the FOI Act to access your personal affairs information, please email info@secosgroup.com.au
Where lawful and practicable, the Company will offer members of the pubic the option of remaining anonymous as part of a transaction with the Company.
However, as anonymity may limit Company’s ability to process a complaint or other matter, Company reserves the right to take no action on any matter where you choose not to supply relevant personal information so that it can perform its functions.
Privacy Complaints
Individuals who feel aggrieved by Company’s handling of their personal information are encouraged to contact Company’s Privacy Officer. Company treats all complaints seriously and will try to resolve them fairly and quickly.
A complaint will be acknowledged within two business days and will be investigated as soon as practicable. You will be provided with a written response within 30 days of the date your complaint is received by Company.
Please submit your complaint to:
Chief Financial Officer
SECOS Group Ltd.
Phone: (03) 8566 6800
E-mail: info@secosgroup.com.au
Where a complainant is not satisfied with the decision of the Company’s Privacy Officer you may apply to – Office of the Victorian Information Commissioner
Post: PO Box 24274, Melbourne VIC 3001
Telephone: 1300 00 6842 (1300 00 OVIC)
Website: https://ovic.vic.gov.au
Email: enquiries@ovic.vic.gov.au
Looks like you haven't made a choice yet.