Our obligations under the Privacy Act 1988
It is our usual practice to collect personal information directly from the individual, such as through an inquiry made through our website.
We receive files which may contain personal information via email, over the counter, online file transfers from customers and also in the mail on USB.
We maintain CRM lists which include contact information about businesses and individuals who have done business with Tableland Secretarial Services/The Other Girl in the past, have enquired about our services, have been recommended to us, are necessary for the day to day running of our business or whom we believe may be interested in our services.
Sometimes we collect personal information from a third party or a publicly available source, but only if the individual has consented to such collection, or would reasonably expect us to collect their personal information in this way, or if it is necessary for a specific purpose such as the investigation of a privacy complaint.
In limited circumstances we may receive personal information about third parties from individuals who contact us or whom we contact, for example if personal information is contained in files supplied by a customer. In these circumstances we will attempt to ensure that the consent of those third parties is obtained if we think we may need to use or disclose that information.
If a person elects not to provide us with certain personal information, we may be limited in our ability to provide our services.
When an individual looks at our website, our internet service provider may make a record of the individual’s visit and logs the following information for statistical purposes:
- The individual’s server address,
- The individual’s top level domain name (for example .com, .gov, .org, .au, etc),
- The pages the individual accessed and documents downloaded,
- The previous site the individual visited, and
- The type of browser being used.
- We do not identify individual users or their browsing activities.
Our website does not use session cookies. The website statistics for this site are generated from the server logs as outlined above.
Use and disclosure
The personal information we collect is used to respond to enquiries and provide quotes, print and process customer orders, invoice customers, set up a credit trading account (see Credit Information section below for more detailed information about this), investigate customer complaints and other similar functions relating to the running of our business.
We also use personal information to contact businesses and individuals in our CRM list for marketing purposes. Individuals who receive marketing information from us can opt out of further contact from us by clicking the unsubscribe option in the email sent or contacting us (see details below) and asking to be removed from our CRM database.
If personal information regarding third parties is contained in artwork, we will only use this personal information for the purpose of discussion with the customer concerned to determine its accuracy for printing purposes.
In some instances we may disclose individuals’ personal information to our advisors, suppliers of IT services and other third parties engaged by us for the purposes of providing services requested by the individual or to protect our legal rights. Where possible, we contractually require any third parties to protect that personal information in the same manner as we do. Our contracting third parties are all currently located in Australia.
We will not otherwise provide personal information to other agencies, organisations or anyone else unless one of the following applies:
- The individual has consented
- The individual would reasonably expect, or has been told, that information of that kind is usually passed to those individuals, bodies or agencies,
- It is required or authorised by law
We take steps to ensure that the personal information we collect is accurate, up to date and complete.
These steps include maintaining and updating personal information when we are advised by individuals that their personal information has changed, and at other times as necessary.
We take steps to ensure the personal information we hold against loss, unauthorised access, use, modification or disclosure and against other misuse. Access to personal information is restricted to staff on a need to know basis.
Users are advised that there are inherent risks in transmitting information across the internet. Individuals may contact our office by phone or mail if they have concerns about making contact via the internet.
We also utilise password protection for electronic files stored on our system, securing paper files in locked cabinets and physical access restrictions as relevant. Where personal information is held by a third party IT supplier, we take reasonable steps to ensure that they protect that personal information in the same manner that we do.
When no longer required, personal information is destroyed in a secure manner or deleted.
Access and correction
If an individual requests access to the personal information we hold about them, or requests that we change that personal information, we will allow access or make the changes unless we consider that there is a sound reason under the Privacy Act, or other relevant law to withhold the information.
If we do not agree to provide access to personal information the individual may seek a review of our decision or may appeal our decision under the FOI Act.
If we do not agree to make requested changes to personal information the individual may make a statement about the requested changes and we will attach this to the record.
Individuals can obtain further information about how to request access or changes to the information we hold about them by contacting us (see details below).
If an individual has any concerns about the way we have handled their personal information, they have the right to make a complaint by contacting us (see details below). We will promptly consider the concerns and will provide the individual with a reply outlining our response. If the individual’s concern is substantiated, we will take reasonable steps to rectify the problem, which may include correcting our records or systemic changes to the way we handle personal information.
We offer an account facility for approved customers on terms set out in our Terms and Conditions. When completing an application for an account, an individual must consent to us obtaining credit information about the applicant, including from a credit reporting body.
All credit information obtained from a credit reporting body is only used by us to establish the applicant’s suitability to be offered a trade account. We only store individuals’ credit information in hard-copy in a locked cabinet. Only limited staff are able to access credit information on a strictly need to know basis. We do not transfer credit information overseas or disclose it to anyone else.
We may provide an individual’s credit information to a credit reporting body in the event that individual fails to comply with our Terms and Conditions and we have given at least 14 days’ notice to the individual that we intend to disclose the information to the credit reporting body.
Individuals can access and seek to correct credit information held about them in accordance with the normal access and correction procedures set out above in this policy. If an individual has a complaint that we have failed to comply with the Privacy Act in respect of their credit information, they can make a complaint in accordance with the normal complaint procedure set out above in this policy.
How to contact us
Phoning – 07 4091 3500
Faxing – 07 4091 3506
Emailing – firstname.lastname@example.org
or you can write to us at: The Privacy Officer, The Other Girl, PO Box 1035, Atherton QLD 4883.