InfoTech IT Pty Ltd
Privacy Statement
This document declares the undertakings by InfoTech IT Pty Ltd in relation
to its handling of your data.
Credit Card payments are handled by the WestPac Bank PayWay system for
online security. WestPac security and encryption is used, no credit card
information is handled directly by InfoTech IT Pty Ltd.
-
Data Collection
-
Data Security
-
Data Use
-
Data Disclosure
-
Data Retention and Destruction
-
Access
by You to Your Personal Data
-
Information about Data Handling
Practices
-
Handling of Enquiries, General
Concerns and Complaints
-
Enforcement
-
Changes to These Privacy
Undertakings
InfoTech IT Pty Ltd undertakes to collect Your Data by means that are:
-
fair;
-
legal; and
-
transparent.
If you visit InfoTech IT website, your web-browser automatically discloses,
and InfoTech IT web-server automatically logs the following information: the
date and time, the IP address from which you issued the request, the type of
browser and operating system you are using, the URL of any page that
referred you to the page, the URL you requested, and whether your request
was successful. This data may or may not be sufficient to identify you.
Any additional data that your web-browser automatically provides may also be
logged. This will be the case, for example, if your browser has previously
been requested to store data on your computer in 'cookies' and submits them
each time you request a web-page within a particular domain (such as
infotech-it.com). This data may or may not be sufficient to identify you.
If you disclose personal data to InfoTech IT Pty Ltd, in conjunction with an
identifier such as your name or address and postal details, it will not be
passed on to a third party and only used to provide good customer service to
you.
Subject to the qualifications immediately below, InfoTech IT Pty Ltd
undertakes to collect your data from you and not from other parties. This
undertaking is qualified as follows:
-
where InfoTech IT
Pty Ltd reasonably considers that the protection of its financial
interests requires that it gather your data from other sources, or from
additional sources. This applies in particular where InfoTech IT Pty Ltd
has a lending exposure to you, and seeks information about your
creditworthiness;
-
where InfoTech IT
Pty Ltd reasonably considers that its capability to deliver quality
services to you will be materially enhanced by gathering your data from
other sources. This applies in particular to consumer profile data.
Where InfoTech IT
collects your data from sources other than you, it undertakes:
-
to do so only by
legal means;
-
to do so only with
your consent; and
-
to declare to you
what sources it uses, and under what circumstances.
InfoTech IT Pty Ltd undertakes to declare the purpose of collection in a
manner which is clear and meaningful, and to avoid vague, highly inclusive
statements such as 'to support our operations'.
InfoTech IT Pty Ltd undertakes to store your data in a manner that ensures
security against unauthorised access, alteration or deletion, at a level
commensurate with its sensitivity.
InfoTech IT Pty Ltd undertakes to store your data only in jurisdictions
where data protections are at least equivalent to those required under the
OECD Guidelines.
InfoTech IT Pty Ltd undertakes to transmit your data in a manner that
ensures security against unauthorised access, alteration or deletion, at a
level commensurate with its sensitivity.
InfoTech IT Pty Ltd undertakes to implement appropriate measures to ensure
security of your data against inappropriate behaviour by InfoTech IT Pty Ltd
staff members and contractors. These include:
-
training for staff
in relation to privacy;
-
access control, to
limit access to your data to those staff and contractors who have
legitimate reasons to access it;
-
particularly in the
case of sensitive data, audit trails of accesses, including the
identities of staff and contractors accessing the data;
-
reminders to staff
and contractors from time to time about the importance of data privacy,
and the consequences of inappropriate behaviour;
-
declaration of
appropriately strong sanctions that are to be applied in the event of
inappropriate behaviour
-
clear communication
of policies and sanctions; and
-
processes to audit,
to investigate and to impose sanctions.
Use refers to the application of your data by any part of InfoTech IT Pty
Ltd, or any staff member or contractor of InfoTech IT Pty Ltd in the course
of their work.
InfoTech IT Pty Ltd undertakes to use your data only for:
-
the purposes for
which it was collected;
-
such other purposes
as are subsequently agreed between InfoTech IT Pty Ltd and you;
-
such additional
purposes as may be required by law. In these circumstances, InfoTech IT
Pty Ltd will take any reasonable steps available to it to communicate to
you that the use has occurred, unless it is precluded from doing so by
law; and
-
such additional
purposes as are authorised by law (in particular to protect InfoTech IT
Pty Ltd interests, e.g. if it believes on reasonable grounds that you
have failed to fulfil your undertakings to InfoTech IT Pty Ltd or have
committed a breach of the criminal law).
InfoTech IT Pty Ltd undertakes to use your data only if it has demonstrable
relevance to the particular use to which it is being put.
InfoTech IT Pty Ltd undertakes to use your data in such a manner as to take
into account the possibility that it is not of sufficient quality for the
purpose, e.g. because it is inaccurate, out-of-date, incomplete, or
out-of-context.
Disclosure refers to making your data available to any party other than
InfoTech IT Pty Ltd and you. The term disclosure may include many different
conditions of data transfer, including selling, renting, trading, sharing
and giving.
InfoTech IT Pty Ltd undertakes to disclose your data only under the
following circumstances:
-
in the course of
business being conducted between you and InfoTech IT Pty Ltd, where
disclosure is necessary for a contract. Where your data is disclosed in
this way, InfoTech IT Pty Ltd undertakes to exercise control over
InfoTech IT Pty Ltd representatives to ensure that their actions are
compliant with these Terms;
-
in other
circumstances that are directly implied by the purpose agreed between
you and InfoTech IT Pty Ltd at the time of data collection or
subsequently. Where your data is disclosed in this way, InfoTech IT Pty
Ltd undertakes to exercise control over representatives to ensure that
their actions are compliant with these Terms;
-
with your consent,
or at your request;
-
where required by
law, such as a provision of a statute, or a court order such as a search
warrant or subpoena. In these circumstances, InfoTech IT Pty Ltd will
take any reasonable steps available to it to communicate to you that the
disclosure has occurred, unless it is precluded from doing so by law;
-
where permitted by
law (e.g. the reporting of suspected breach of the criminal law to a law
enforcement agency; and in an emergency, where InfoTech IT Pty Ltd
believes on reasonable grounds that the disclosure of your data will
materially assist in the protection of the life or health of some
person), provided that InfoTech IT Pty Ltd will apply due diligence to
ensure that the exercise of the permission is justifiable.
In all cases, InfoTech IT Pty Ltd undertakes to disclose only such of your
data as is necessary in the particular circumstances.
Data Retention and
Destruction
Subject to the qualifications immediately below, InfoTech IT Pty Ltd
undertakes:
-
to retain your data
only as long as is consistent with its purpose; and
-
to destroy your
data when its purpose has expired, and to do so in such a manner that
your data is not subsequently capable of being recovered.
This undertaking is qualified as follows:
-
your data may be
retained in InfoTech IT Pty Ltd's database, backups and audit trails
within short-term retention cycles that are devised to protect the
company's operations. In such cases, your data will be destroyed in
accordance with those cycles;
-
Your data may be
retained beyond the expiry of its purpose if that is required by law,
such as a provision of a statute, or a court order such as a search
warrant or subpoena, or a warning by a law enforcement agency that
delivery of a court order is imminent. In these circumstances, InfoTech
IT Pty Ltd:
-
will take any
reasonable steps available to it to communicate to you that your
data is being retained, unless it is precluded from doing so by law;
and
-
will only retain
your data while that provision is current, and will then destroy
your data;
-
will take any
reasonable steps available to it to communicate to you that your
data is being retained, unless it is precluded from doing so by law;
and
-
Your data may be
retained beyond the expiry of its purpose if it is authorised by law (in
particular to protect InfoTech IT Pty Ltd's interests, e.g. if it
believes on reasonable grounds that you have failed to fulfil your
undertakings to InfoTech IT Pty Ltd or have committed a breach of the
criminal law). In these circumstances, InfoTech IT Pty Ltd will only
retain your data while that situation is current, and will then destroy
your data.
Access by You to Your
Personal Data
InfoTech IT Pty Ltd undertakes to provide you with access to your data,
subject to only such conditions and processes as are reasonable in the
circumstances. In particular, InfoTech IT Pty Ltd undertakes to enable
access:
-
conveniently;
-
without
unreasonable delay; and
-
without cost.
InfoTech IT Pty Ltd undertakes to establish and operate identity
authentication protections for access to your data that are appropriate to
its sensitivity, but practical. This may involve some inconvenience; for
example, relatively straightforward procedures may be involved in order to
provide you with access through a channel that you have previously
registered with InfoTech IT Pty Ltd such as an email address, postal
address, but may impose more onerous procedures if you wish to use some
other channel.
In the event that you dispute some aspect of your data, InfoTech IT Pty Ltd
undertakes to take reasonable steps in relation to the amendment,
supplementation or deletion of your data.
You undertake:
-
not to seek access
for frivolous purposes, or unreasonably frequently;
-
to accept that
deletion of some data may not be consistent with the provision of
particular services by InfoTech IT Pty Ltd to you.
Information about
Data-Handling Practices
InfoTech IT Pty Ltd undertakes to make information available to you about
the manner in which InfoTech IT Pty Ltd handles your data:
-
in general terms,
in a readily accessible manner; and
-
in more specific
terms, on request.
Where your data is disclosed to a contractor, InfoTech IT Pty Ltd undertakes
to make information available to you on request about the manner in
which InfoTech IT Pty Ltd contractors handle your data.
InfoTech IT Pty Ltd undertakes to ensure that the information provided is
meaningful, and addresses your concerns.
You undertake:
-
not to seek such
information for frivolous purposes, or unreasonably frequently; and
-
to accept that the
disclosure of excessive detail may harm the security of your data and
InfoTech IT Pty Ltd's business processes, and may harm InfoTech IT Pty
Ltd's commercial interests.
Handling of Enquiries,
General Concerns and Complaints
If you have enquiries, general concerns, or complaints about these Terms, or
about InfoTech IT Pty Ltd's behaviour in relation to these Terms, you
undertake:
-
to communicate them
in the first instance:
-
to InfoTech IT Pty
Ltd only;
-
in sufficient
detail;
-
through a channel
made available by InfoTech IT Pty Ltd for that purpose;
-
to InfoTech IT Pty
Ltd only;
InfoTech IT Pty Ltd undertakes:
-
to provide one or
more channels for communications to InfoTech IT Pty Ltd, which are
convenient to users;
-
to promptly provide
acknowledgement of the receipt of communications, including the
provision of a copy of the communication, the date and time it was
registered, and InfoTech IT Pty Ltd's reference code for the
communication;
-
to promptly provide
a response to the communication, in an appropriate and meaningful
manner.
You further undertake to not pursue InfoTech IT Pty Ltd through any
Regulator or the media:
-
until and unless
InfoTech IT Pty Ltd has had a reasonable opportunity to respond to the
initial communication; and
-
while InfoTech IT
Pty Ltd and you are conducting a meaningful dialogue about the matter.
InfoTech IT Pty Ltd declares that its undertakings in these Terms are
intended to create legal obligations, and that those obligations are
intended to be enforceable under appropriate laws in appropriate
jurisdictions. These include laws relating to data protection, privacy, fair
trading, corporations and criminal laws.
You undertake to seek enforcement only in a jurisdiction that is relevant to
the transactions that have taken place between you and InfoTech IT Pty Ltd,
in particular the jurisdiction in which you live or in which you performed
the relevant acts, and the jurisdiction in which InfoTech IT Pty Ltd is
domiciled or performed the relevant acts.
Changes to These Privacy
Undertakings
InfoTech IT Pty Ltd undertakes:
-
not to unilaterally
make any material change to these Terms in a manner that reduces the
protections for your data;
-
to take all
practicable steps to prevent any company that acquires this company or
any of its relevant assets from materially changing the Terms applicable
to your data in a manner that reduces the protections for your data;
-
where it is
considering making changes to these Terms, or creating more specific
Terms relating to specific services, to consult with appropriate
representative and advocacy organisations;
-
where it makes
changes to these Terms, to ensure that the differences between
successive versions are readily accessible;
-
to maintain all
prior versions of these Terms in such a manner that they are dated, and
readily accessible.
InfoTech IT Pty Ltd