1. Why do we collect your personal information?
The information you provide to us is collected for the purpose of establishing, providing and enhancing the provision of our services to you. The gathering and combining of personal information allows us to produce a more integrated view of investors, which in turn gives us the ability to provide better products and services to our investors. The primary purpose for which the information is collected is to enable our security holders’ holdings to be maintained and administered efficiently, to keep our security holders informed about our business and its performance, and to enable us to comply with our legal and regulatory obligations. We may also collect your personal information for marketing and promotional purposes.
2. We comply with the Privacy Act
Neat Ideas Pty Ltd (ABN33 103 875 118) and its related bodies corporate (we, us or our) are organisations and “APP Entities” for the purposes of the Privacy Act 1988 (Act), and are bound by the Australian Privacy Principles contained in the Act.
3. Notification of collection
- the purposes for which we collect personal information are described in section 3;
- the organisations to which we would usually disclose it are described in section 6;
- whether we are likely to disclose it to overseas recipients, and where practicable the countries in which they are located, are described in section 9;
- whether there are laws or court/tribunal orders which require or authorise us to collect it is described in section 10; and
- the main consequences for you if you fail to provide it are described in section 11.
4. Why we handle personal information
Generally speaking, we collect, hold, use and disclose personal information so that we may provide our products and services, and effectively communicate and interact with you.
The purposes for which we handle personal information depend on your dealings with us, but generally they may include enabling us to:
- provide products and services to our customers;
- communicate with our customers, suppliers and other business contacts (including providing information you request, responding to your enquiries, managing complaints or otherwise facilitating the purpose for which you have contacted us);
- handle payments;
- manage and account for our products and services;
- verify your identity if required;
- inform our customers and other business contacts about product and industry developments, or provide marketing and promotional material regarding our products or services (including newsletters or other materials);
- market our products or services and send invitations to our events or presentations;
- analyse and measure how our products or services are used;
- manage our employees and contractors;
- seek feedback from you and perform market research, so that we can gauge your satisfaction with our products or services;
- generally carry on our business (including maintaining our business records and ensuring compliance with our legal and insurance obligations); and
- to engage in other activities where required or permitted by law or where you have given your consent.
5. What personal information we collect and hold
The kinds of personal information we may collect and hold about you depend on your dealings with us, but generally it may include:
- your name and address, email address and telephone number;
- information about your relationships with others, such as our business contacts or customers;
- credit card and payment details if you purchase products or services from us; and
- associated business details (ABN, business name, business address, other business contact details, details of products or services purchased, and your position within your business or organisation if applicable);
- other personal information that we require or that you volunteer to us (such as details of your qualifications, skills, education provider, work history, resume and residency status if you apply for employment with us).
We aim to limit personal information we collect to that which is reasonably necessary for our functions or activities.
6. How we collect and hold personal information
We may collect personal information from various sources, including directly from you or from our customers, suppliers, business contacts and prospective employees.
The ways in which we collect and hold personal information depend on your dealings with us, but generally it may include if you:
- meet with us (when you might inform us of your personal details or hand over a business card);
- communicate with us (eg, if you submit an enquiry), including by letter, telephone, SMS or email);
- order products or services from us or register your interest in our products or services;
- subscribe to our publications;
- engage with our online marketing;
- register for or attend our events or presentations; or
- submit information through our websites, blogs or other social media accounts (for example, LinkedIn).
In some circumstances, we may collect personal information about you from third parties such as (as applicable):
- our customers, potential customers and their business contacts;
- your employees, representatives or personal referees;
- your employer; or
- publicly-available resources.
We may hold personal information in electronic or hard-copy formats. More information about how we store personal information is set out in section 13.
7. Use and disclosure of personal information
We will generally only use or disclose your personal information for the purpose for which we collected it, and for related purposes we consider would be within your reasonable expectations.
8. Who we disclose personal information to
We generally disclose personal information to (as applicable in the circumstances):
- certain suppliers who provide products or services to or for us (for example, those who develop and maintain our computer systems, electronic records, websites and social media accounts, or provide payment processing services or other services);
- other persons in connection with the provision of our products or services (such as our customers, suppliers and their contractors and other business contacts);
- our auditors, insurers and legal and other professional advisers;
- members of our corporate group;
- any person to whom you authorise us to disclose the information.
We endeavour to ensure third parties only receive the personal information necessary to undertake their work for us, and that they are bound by appropriate confidentiality obligations to ensure the information we disclose is only used for the limited purposes for which we provide it.
We generally ensure such organisations are contractually required to ensure that information we disclose is used only for the limited purposes for which we provide it.
9. Direct marketing
We may send you marketing or promotional communications by post or by electronic means (such as email or SMS). You may ask not to receive such material from us by contacting us (see section 19 below) or by using the opt-out function included in those communications.
There are no consequences of opting-out of receiving our marketing and promotional communications except that you will no longer receive them, and you may elect to re-join our marketing list at a later time if you wish.
10. Overseas recipients
We are not likely to disclose personal information to overseas recipients, except with your consent or where we are required to or authorised to do so by law. We may disclose personal information to overseas recipients where required in order to provide specific products or services our customers require (limiting the disclosure to the extent required for such purposes). For instance, we use software developers based in India from time to time.
Personal information may be stored or processed on servers located overseas, however generally we retain effective control over such data.
11. Legal requirements for collection
There will not usually be Australian laws or court/tribunal orders which require or authorise us to collect your personal information.
12. Consequences of failure to collect personal information
If you fail to provide personal information requested by us, or if the personal information you supply is incorrect or incomplete, there may be a range of consequences, for example we may be unable to process or respond to your request or provide products or services to you.
You have the option of not identifying yourself, or of using a pseudonym, when dealing with us, unless it is legally necessary or impracticable for us to deal with individuals who are not properly identified. If we request your personal information but would prefer to remain anonymous, please let us know. We will inform you if we require you to be identified or provide personal information for the particular interaction in question.
13. Sensitive information
We do not generally collect sensitive information (which may include, for example, information about an individual’s racial or ethnic origin, political opinions, religious or philosophical beliefs, professional association or trade union membership, sexual orientation, criminal record, or health or disability).
14. Storage and security
We take reasonable steps to protect your personal information we hold from misuse, interference and loss as well as unauthorised access, modification or disclosure.
For example, information stored on our information technology systems is protected by security features and procedures. We undertake regular monitoring of our practices and systems to ensure the effectiveness our security policies and identify and implement improvements where appropriate.
However, we cannot and do not guarantee that personal information we hold will be protected against unauthorised access or misuse. Unfortunately, no system or methodology for holding personal information can be guaranteed as entirely secure.
Generally, we will take reasonable steps to destroy or permanently de-identify your personal information as soon as it is no longer required or permitted to be used by us. We may retain your personal information where we are required or permitted to do so by law, such as for insurance, legal or corporate governance purposes or for the prevention of fraud. Your personal information may also be retained in our archival records.
15. Access to and correction of personal information
You may contact us to request access to or correction of the personal information we hold about you.
We may refuse to allow access or to amend your personal information if we are legally required or permitted to do so. In that case, we will (unless it is unreasonable to do so) provide you with written reasons for the refusal together with information about the options available to complain about the refusal.
We will respond to your request for access within a reasonable period after the request is made and we will give access to the information in the manner requested if it is reasonable and practicable to do so. We may require you to comply with certain procedures before we allow access to or amendment of your personal information (eg, providing satisfactory identification), in order to ensure the integrity and security of information that we hold. Please understand that our requirements to identify individuals requesting access to personal information are designed to protect you and other individuals from unauthorised access.
We may require you to pay certain costs in order to access your personal information held by us. We will advise the amount payable (if any) once we have assessed your application for access. We will not however charge a fee for you to lodge a request for access to or correction of your personal information.
We will take reasonable steps to ensure that the personal information we collect is accurate, up-to-date and complete, and the personal information we use and disclose is accurate, up-to-date, complete and relevant. If we are satisfied that any personal information we hold about you is inaccurate, out-of-date, incomplete, irrelevant or misleading, we will amend our records accordingly.
Please let us know if your personal information changes, so that we may ensure our records are current.
16. Online privacy
16.1 Automatic server logs
Our servers automatically collect various details when you use our website, including:
- your IP (Internet Protocol) address (generally, an identifier assigned to your device when it is connected to the Internet);
- the operating system and Internet browser software you are currently using; and
- the data you access (such as web pages or other document files or software), and the time that you access it.
We do not attempt to identify individuals using this information, and only use it for statistical analysis, system administration, and similar related purposes. This information is not disclosed to any other party.
We do not attempt to specifically identify and track individuals using cookies.
16.3 Google Analytics
Users can usually block cookies, or remove cookies, by editing the privacy and security settings of their web browser or mobile device. Some features on our website may require cookies to function properly. If cookies are disabled or deleted, then depending on the particular cookie that is deleted or disabled, users may not be able to use such features of our website, or previous opt-outs may be undone.
16.4 Email and messages
We may collect personal information from you (such as your name and email address, and any other personal information you volunteer) if you send us an email. We will use this to contact you to respond to your message, to send you information that you request, and for other related purposes we consider are within your reasonable expectations.
16.5 Storage and transmission of personal information online
If you provide any personal information to us via our online services (including email) or if we provide such information to you by such means, the privacy, security and integrity of this information cannot be guaranteed during its transmission unless we have indicated beforehand that a particular transaction or transmission of information will be protected (for example, by encryption).
16.6 Other online services
16.7 No data extraction
You are not permitted to extract, harvest or “scrape” personal information or other data from our website using any automated or non-automated process (whether directly or indirectly).
17. Data breach
If we suspect or there is unauthorised access to or disclosure of, or loss of, personal information we hold, we will undertake a prompt investigation, which will include an assessment of whether the incident is likely to result in serious harm to an individual. If that is the case, we will comply with the requirements of the Act which may require notification to the Office of the Australian Information Commissioner (OAIC) and affected individuals.
Please contact us if you have reason to believe or suspect that a data breach may have occurred, so that we may investigate and, if necessary, undertake appropriate containment, risk mitigation and notification activities as required.
If you have a complaint about our handling of your personal information, or you believe that a breach of your privacy has occurred, please contact us using the details below.
Your complaint will be considered and dealt with by our nominated representative, who may escalate the complaint internally within our organisation if the matter is serious or if necessary to resolve it.
Please allow us a reasonable time to respond to a compliant. If you are not satisfied with our response, you may make a complaint to the OAIC (whose contact details can be found at: http://www.oaic.gov.au/).
20. Contact details
Please contact us at the email address firstname.lastname@example.org if you have an enquiry about our privacy practices or handling of your personal information.