ARCO Windows Pty Ltd (ACN 620 816 471) (hereinafter referred to as “we”, “us” and “our”) is committed to providing quality services to you and this policy outlines our ongoing obligations to you in respect of how we manage your personal information. We respect your privacy and value your trust. As a holder of your personal information, we are bound by the Privacy Act 1988 (Cth) (“Privacy Act”) and the Australian Privacy Principles (“APP”). The APP governs the way in which we collect, use, disclose, store, secure and dispose of your personal information. A copy of the APP may be obtained from the website of The Office of the Australian Information Commissioner at www.aoic.gov.au.
In order to provide our products and perform our services for you, we will require from you information that may be confidential, personal and sensitive to you. In this policy, we adopt and refer to the term “personal information” which has the same meaning defined in the Privacy Act as “information or an opinion about an identified individual, or an individual, who is reasonably identifiable: whether the information or opinion is true or not; and whether the information or opinion is recorded in a material form or not.”
Privacy Act and The APP
As a data holder and controller, we are obligated and committed to comply with the Privacy Act and the APP at all times when we handle your personal information. This policy gives you a summary on your privacy rights regarding our collection, use, storage, sharing, and protection of your personal information.
Collection, Use and Disclosure of Personal Information
We do not collect your personal information unless the information is necessary for us to conduct our business, to provide services to you, to carry out our obligations in accordance with an agreement with a third party, respond to you, and in some circumstances, to meet our legal obligations.
Before collecting your personal information, we will endeavour to ensure that you are aware of:
- the person or organisation collecting your personal information and how to contact that person or organisation;
- the purpose of which the personal information is collected;
- the person or organisation to whom we usually or is likely to disclose your personal information;
- whether it is a requirement under the law for us to collect your personal information; and
- consequences (if any) if all or part of your confidential information is not provided.
Your personal information may be obtained by way of forms filled out, information provided in person or by telephone, email or online by you, or from a public source or third party. We will also let you know that if we receive your personal information from a third party without having to ask from you. Where reasonable and practicable to do so, we will collect your personal information only from you.
We do not generally collect any sensitive information about you unless required by law or with your consent. Sensitive information is defined in the Privacy Act to include information or opinion about such things as an individual’s racial or ethnic origin, political opinions, membership of a political association, religious or philosophical beliefs, membership of a trade union or other professional body, criminal record or health information. Sensitive information will be used by us only for the primary purpose for which it was obtained; for a secondary purpose that is directly related to the primary purpose; and with your consent; or where required or authorised by law.
We collect your personal information for the primary purpose of providing our services to you, providing information to our clients and marketing. We may also use your personal information for secondary purposes closely related to the primary purpose, in circumstances where you would reasonably expect such use or disclosure. You may unsubscribe from our mailing/marketing lists at any time by contacting us in writing.
When we collect Personal Information we will, where appropriate and where possible, explain to you why we are collecting the information and how we plan to use it. The primary purposes of collection of your personal information may include the following:
- to provide products and services to you;
- to manage and enhance our products and services to you;
- to investigate any complaints about or made by you;
- to conduct direct marketing communications;
- to disclose to and allow foreign entity to use your personal information;
- to verify your identity;
- to complete background checks and assess your suitability to obtain account with us; and
- whenever as required or authorised by law.
There are circumstances where we do not require your consent to collect sensitive information under the Privacy Act. These exceptions are authorised or required by the Privacy Act and are categorised as: Permitted General Situations; and Permitted Health Situations. Please visit the website of the Office of Australian Information Commissioner at www.oaic.gov.au for more information.
Your personal information may be disclosed to our employees, agents, contractors, service providers, our professional advisers, our insurers or our related entities for the primary purpose and credit reporting agencies for credit-related purposes.
Cross Border Disclosures
We use data hosting facilities and third party service providers to assist with providing our goods and services. Consequently, your personal information may be transferred to and stored at, a destination outside Australia. We use our best endeavours to ensure our counterparts handle the personal information in accordance with the standards in the APP, unless they have different data protection rules in their countries.
Visiting our website
We also do not sell or rent your personal information to third parties for their marketing purposes without your consent. We may, however, use your personal information for marketing purposes with your consent or that you would reasonably expect us to use your personal information for the purpose of direct marketing, unless it is impracticable for us to seek your consent and/or you did not make a request to us not to receive direct marketing communications. You can at anytime request to us that you no longer wish to receive direct marketing communications from us and we will not charge any fees for such a request.
STORAGE, SECURITY, ACCESS AND DESTRUCTION
Storage and Security
We store and process your personal information on our servers which are physically located in Australia as well as physical records at our own premises here in Australia. We may also use third party data storage provider outside Australia or an offshore cloud hosting service provider.
We will take reasonable steps to protect the personal information we hold from misuse and loss and from unauthorised access, modification or disclosure. The ways we do this include, limiting physical access to our premises, limiting access to the information we collect about you (for instance, only those of our personnel who need your information to carry out our business activities are allowed access and committee members only have access to the contact details of members of their own committee and not other committees), requiring any third party providers to have acceptable security measures to keep personal information secure; and putting in place physical, electronic, and procedural safeguards in line with industry standards. Where personal information is stored with a third party, we have arrangements which require those third parties to maintain the security of the information. We take reasonable steps to protect the privacy and security of that information, but we are not liable for any unauthorised access or use of that information.
We always take reasonable and necessary steps to ensure that your personal information we collect from you is accurate, up-to-date and relevant at the time of collection. You can request access to the personal information we hold about you. You can ask us to correct any inaccurate or out of date information we hold by using the contacts details provided below. There will be no fees charged.. In certain circumstances, we may disagree with you that your personal information should be corrected. If such circumstances arise, we will let you know. If you believe that such a refusal is unnecessary, you may lodge a complaint using the contact details below and we will take reasonable steps to investigate your complaint. You will be asked to provide some proof of identification so that we can verify that it is you making the request
When we no longer need your personal information for our purposes and we are not required by law to keep it, we will ensure that your personal information is destroyed or de-identified. You may also request us to delete your personal information and we will take reasonable steps to delete it, unless we require it for legal, auditing or internal risk management reasons.
Identifiers and Anonymity
Anonymity and Pseudonymity
If you have general enquiry type questions, you can choose to do this anonymously or use a pseudonym. Generally you will be given an opportunity to interact with us without having to identify yourself, unless it is unlawful, when we are required or authorised by law or a court, or impracticable to do so under certain circumstances.
We do not on most occasions adopt a government related identifier such as your Medicare or tax file number. However, there are certain circumstances we may be required to collect government-related identifiers when we are required by law, necessary to verify your identity, and required by court orders and government enforcement bodies.
If you would like more information about how we handle your personal information or to discuss the personal information we hold of you, please contact us by:
Telephone: 1300 46 368253
Email: [email protected]
Post: Attention: Privacy Officer, 46 Miguel Road, Bibra Lake.
Where we cannot resolve a complaint within thirty (30) business days, we will notify you of the reason for the delay as well as an indication of when we expect to resolve the complaint. If you are not satisfied with the outcome of your complaint, you may refer the matter to Office of the Australian Information Commissioner.