This policy relates to we-do-IT’s collection and handling of personal information that is covered by the Privacy Act. It is not intended to cover categories of personal information that are not covered by the Privacy Act.
Collection of personal information
we-do-IT collects and holds personal information from clients, customers, employees, contractors and other individuals. We collect and hold this information when it is necessary for business purposes. The main types of personal information we-do-IT collects and holds relate to the contact details and organisational roles of our clients, suppliers and other business contacts. Typically, this information includes names, addresses, telephone numbers, e-mail addresses and job titles. In the course of providing professional services to our clients, we may collect and hold more detailed personal information (for instance financial details if we are engaged to perform financial services, or credit information). We collect most information directly from individuals when we deal with them. The personal information we collect may be provided in forms filled out by individuals, face to face meetings, email messages, telephone conversations, when you use our websites or our social media, or by third parties. If you contact us, we may keep a record of that contact. Because of the nature of our business, it is generally impracticable for us to deal with individuals on an anonymous basis or through the use of a pseudonym, although sometimes this is possible (for example, when seeking staff or client feedback generally).
Use of personal information
The main purposes for which we collect, hold and use personal information are:
- to provide our services;
- to respond to an individual’s request;
- to maintain contact with clients;
- to keep clients and other contacts informed of the services we offer and industry developments that may be of interest to them, and to notify them of service offerings, seminars and other events we are holding;
- for general management and reporting purposes, such as invoicing and account management;
- for recruitment purposes;
- for purposes related to the employment of our personnel and providing internal services to our staff; and
- other purposes related to our business.
If you choose not to provide us with personal information, we may be unable to do such things. We may collect, hold and use personal information about individuals to market our services, including by email. However, individuals always have the opportunity to elect not to receive further marketing information from us by emailing us at email@example.com. Please allow 28 days for your request to be processed. Alternatively, if we have contacted you by email, you may use the unsubscribe function in that email to notify us that you do not want to receive further marketing information from us by email. If we collect, hold or use personal information in ways other than as stated in this policy, we will ensure we do so pursuant to the requirements of the Privacy Act. Employee records are not generally subject to the Privacy Act and therefore this policy may not apply to the handling of information about employees by we-do-IT. For information about our practices relating to employee information, please contact us directly.
Disclosure of personal information
we-do-IT does not routinely disclose personal information to other organisations unless:
- use or disclosure is permitted by this policy;
- we believe it is necessary to provide you with a product or service which you have requested (or, in the case of a partner, employee or contractor of we-do-IT, it is necessary for maintaining or related to your role at we-do-IT);
- to protect the rights, property or personal safety of any member of the public or a customer of we-do-IT or the interests of we-do-IT;
- some or all of the assets or operations of we-do-IT are or may be transferred to another party as part of the sale of some or all of we-do-IT’s business;
- you give your consent; or
- such disclosure is otherwise required or permitted by law, regulation, rule or professional standard.
We may also share non-personal, de-identified and aggregated information for research or promotional purposes. Except as set out in this policy, we do not sell to or trade personal information with third parties. we-do-IT uses a range of service providers to help us maximise the quality and efficiency of our services and our business operations (including internal business requirements, such as recruitment and human capital requirements). This means that individuals and organisations outside of we-do-IT will sometimes have access to personal information held by us and may collect or use it from or on behalf of we-do-IT. This may include, but is not limited to, independent contractors and consultants, travel service providers, mail houses, off-site security storage providers, information technology providers, event managers, credit managers and debt collecting agencies. We require our service providers to adhere to our privacy guidelines and not to keep, use or disclose personal information we provide to them for any unauthorised purposes. If we-do-IT’s staff obtain products or services offered by a third party pursuant to an agreement or arrangement between that third party and we-do-IT, such as a credit card provider, we may provide your personal information to that third party, including information that relates to your use of such services.
Transfer of information outside Australia
In addition to disclosures permitted under this policy, we may disclose your personal information to other we-do-IT firms within the we-do-IT global network. we-do-IT and other we-do-IT firms with which we exchange information may also use overseas facilities or contractors to process or backup our information or to provide certain services to us. These we-do-IT firms, service providers and contractors may not be Australian entities or regulated by the Privacy Act, and may not be subject to privacy laws that provide the same level of protection as Australia’s. You consent to the disclosure of your personal information to such we-do-IT firms, service providers and contractors on this basis. Any such disclosure or transfer of information does not change any of our commitments to safeguard your privacy and the information remains subject to existing confidentiality obligations.
Privacy on Our Web Sites and Applications
Security of Personal Information
Depending on the purpose for which we have collected personal information (for example, registration for a we-do-IT event or a request for particular information or material), we may store some of the information electronically in our customer relationship management system. Some or all of this personal information may be available to partners and authorised staff of we-do-IT for use in accordance with this policy. we-do-IT will endeavour to take all reasonable steps to keep secure any information which we hold about you, whether electronically or in hard-copy, and to keep this information accurate and up to date. We also require our employees and data processors to respect the confidentiality of any personal information held by we-do-IT. we-do-IT aims to achieve industry best practice in the security of personal information which it holds. It is our policy not to retain personal information once there is no longer a legal or business need for us to do so.
Access to Information
We will provide access to personal information upon request by an individual, except in the limited circumstances in which it is permitted for us to withhold this information (for instance, where granting access would infringe another person’s privacy). When you make a request to access personal information, we will require you to provide some form of identification (such as a driver’s licence or passport) so we can verify that you are the person to whom the information relates. In some cases we may also request an administrative fee to cover the cost of access. If at any time you want to know what personal information we hold about you, you may contact us by emailing us at firstname.lastname@example.org.
Corrections and Concerns
Effect of Policy