Secure2Go handles personal information in Australia including that of its Australian customers and business partners, in accordance with the Australian Privacy Act 1988 (Cth) (the Privacy Act) and the Australian Privacy Principles (APPs). Outside Australia, Secure2Go handles personal information in accordance with the applicable law.
Secure2Go reviews and updates this Policy from time to time to reflect its current information handling practices. Secure2Go will notify changes by posting an updated version of the Policy to the Secure2Go website.
2: What personal information do we collect?
Personal information is any information (including an opinion) which can be used to identify an individual. Sensitive information is a subset of personal information which includes information about an individual’s race or ethnicity, political or religious beliefs, membership of a professional or trade association, membership of a trade union, sexual preferences, criminal record and health information.
Personal information will not be shared, sold or disclosed other than in accordance with this Policy, without an individual’s permission, or in accordance with the Privacy Act.
Secure2Go only collects, holds, uses or discloses personal information where it is reasonably necessary to:
- enable Secure2Go to deliver services or information to individuals or to an organisation;
- maintain or establish a business relationship, including as a customer, supplier, contractor, or employee;
- enable Secure2Go to assist to provide services; or to improve, and better understand preferences in respect of Secure2Go services; and,
- fulfil legal or regulatory obligations.
Situations in which Secure2Go may collect personal information include:
- recruitment and engagement of employees, including contractors;
- when receiving services from third party suppliers, including subcontractors;
- when providing services to clients or customers;
- when required by law;
- when dealing with certain government agencies;
- when visitors to Secure2Go’s website provide their personal information, such as name and email
- during safety and operational environment monitoring (including video and two-way radio
Personal information that may be collected includes:
- personal details, such as name, mailing address, email address, telephone numbers, age and gender;
- human resource information relating to employees including directors and officers;
- details of visitors to Secure2Go premises or sites;
- applications for employment, including information relating to personal skills, work history, experience and details of performance, education, qualifications and skills, professional memberships, hobbies and affiliations;
- details of referees and personal references;
- answers to questions asked to assist Secure2Go to conduct business, including as part of the employment process; and
- stated or likely individual preferences, for example an interest in receiving particular investor or marketing publications.
Personal information can be collected orally, in writing, by telephone, by e-mail, via Secure2Go websites and through other methods of communication.
Secure2Go generally collects personal information directly from the individual to whom it relates, except where that individual has consented to Secure2Go collecting the personal information from a third party or the law otherwise permits Secure2Go to do so, or where it is unreasonable or impracticable to collect it directly.
Secure2Go only collects sensitive information directly from individuals with their consent, or where required, authorised or otherwise permitted to collect the information from a third party by law.
Personal information may also be collected from, and disclosed to, third parties in the course of business activities. For example, steps may be taken to verify that an individual’s academic, training and professional qualifications are accurate and complete and, in appropriate circumstances due to the nature of the available position, health checks, credit checks or criminal records checks may be carried out.
An individual has the option, where lawful and practicable, not to be identified when communicating or entering into transactions with Secure2Go (including by the use of a pseudonym). However, in most circumstances, it will be impracticable for Secure2Go to do business with an individual or provide the services required by an individual unless personal information is provided.
3: Purposes for which we collect, hold, use and disclose personal information Personal information
will be stored in Secure2Go’s systems for immediate business and administration purposes, as detailed above, and may be used or disclosed for the purpose for which it was collected, or for a related purpose which someone may reasonably expect. Sensitive information will only be disclosed for a purpose which is directly related to the purpose for which it was collected.
Personal information may be disclosed between related bodies corporate within Secure2Go Group worldwide, and used by those entities for the same purposes for which the collecting company is entitled to use it.
Secure2Go may also disclose personal information to third party service providers and business associates, including our joint venture and alliance partners, who provide services in connection with its business. These third parties may be located locally or overseas.
4: Disclosure outside Australia
As detailed above, in some circumstances Secure2Go may disclose personal information to entities located outside Australia, including to its own related bodies corporate, third party service providers and business associates.
There are certain safeguards which must be met before Secure2Go is allowed to transfer personal information outside Australia, which are set out in the Privacy Act. Where personal information is disclosed overseas, all reasonable steps will be taken to ensure that the recipient will handle the information in a manner consistent with the Privacy Act.
Secure2Go may also use or disclose personal information (including to overseas recipients):
- with the individual’s consent;
- where required, authorised or permitted to do so by law; or
- to a person authorised to act on the individual’s behalf.
Information may be disclosed to any person as required by law and specifically to any government agency if Secure2Go believes in good faith that it must do so to comply with the law or that doing so is required to prevent, detect, investigate or remedy improper conduct potentially affecting it.
5: Confidentiality and security
Secure2Go is committed to:
- safeguarding all personal information provided to Secure2Go;
- ensuring that personal information remains confidential and secure; and
- taking all reasonable steps to ensure that personal privacy is respected.
Secure2Go maintains physical, electronic and procedural safeguards to protect personal information from misuse, interference, unauthorised access, modification or disclosure, and loss or corruption by computer viruses and other sources of harm. Access to personal information is restricted to those employees, joint venture partners, subsidiary companies and third parties who need to know that information.
6: Accessing or correcting personal information
In most circumstances, Secure2Go will make available to an individual upon their request any personal information held about them. Requests to access personal information may be made at any time. Secure2Go will respond to a request within a reasonable time, and in the manner requested, unless there is a legal or administrative reason preventing Secure2Go from do so. In some cases a reasonable fee may be charged for providing access.
Reasonable steps will be taken to ensure the personal information held is accurate, complete, up to date, relevant and not misleading before it is used or shared.
An individual may request that personal information be corrected or supplemented if the individual believes the information held by Secure2Go is inaccurate or misleading. If Secure2Go agrees, the change will be made. If Secure2Go disagrees, Secure2Go will advise the individual and include a notation on the record that the information’s accuracy is disputed.
If personal information changes, or if an individual believes that the personal information held by Secure2Go is no longer accurate or complete, the individual should contact the Privacy Officer.
7: Privacy Offer Contact Details
By email: firstname.lastname@example.org
By post: The Privacy Officer, Unit 4, Ground Level, 9 Bowman Street, South Perth WA 6151
Secure2Go will respond to requests to correct or supplement personal information within a reasonable time period.
8: Destruction and de-identification of personal information
Records management policies govern the archiving and destruction of records which include personal information.
If unsolicited personal information is received, reasonable steps will be taken to destroy or de-identify that personal information.
A cookie is a small text file downloaded onto a computer or mobile device when a website is accessed, including the Secure2Go website. Cookies are widely used to make websites work, or work more efficiently, as well as to provide information to the website’s owners and third parties.
Cookies allow a website to recognise a computer or mobile device. Cookies do not identify the individual, but do identify the computer or mobile device used to access the Internet, and can therefore be used to collect information about the individual’s use of the Internet. Cookies do not allow access to any information stored on the individual’s computer or mobile device.
Cookies are used:
- to determine the number and global location of visitors to Secure2Go’s website and to identify how visitors move around the site and, in particular, which pages they visit. This allows Secure2Go’s website and services to be improved;
- to collect information, where available, about a computer or mobile device for system administration purposes, such as IP address, operating system and browser type.
10: Links to other websites
Secure2Go’s website provides hyperlinks to websites owned and controlled by others. Secure2Go is not responsible for the privacy practices of these websites. By accessing or using Secure2Go’s website, an individual consents to the collection, use and disclosure of personal information as described in this Policy, as amended from time to time.
If an individual has a question, concern or complaint regarding the way in which personal information is handled, or believes that Secure2Go or one of its Operating Companies has breached its obligations under the Privacy Act or has failed to comply with this Policy, they should make a complaint in writing to Secure2Go’s Privacy Officer – email@example.com.
Secure2Go will review and respond to any complaint as soon as possible, and generally within 30 days of receiving it.
If an individual is not satisfied with Secure2Go’s response, the complaint can be referred to the Office of the Australian Information Commissioner (OAIC). The OAIC will generally only consider a complaint if the individual has first written to Secure2Go and given Secure2Go a reasonable opportunity to resolve the complaint (usually 30 days).
12: Policy Information Owner:
Chief Financial Officer, Secure2Go Approved by: Managing Director, Secure2Go Effective date: 11 May 2016 Note: Secure2Go Group policies may be amended from time to time.