When used in this privacy policy, the term “personal information” has the meaning given to it in the Act. In general terms, it is any information that can be used to personally identify you. This may include your name, address, telephone number or email address. If the information we collect personally identifies you, or you are reasonably identifiable from it, the information will be considered personal information.

Sensitive information

In some circumstances, we may collect sensitive information (as defined in the Privacy Act), such as information relating to health, criminal history, or other categories of sensitive information, where it is reasonably necessary for our functions or activities and where permitted by law. We will only collect sensitive information with your consent or where otherwise authorised or required by law.

 Collecting Personal Information

We may collect the following types of personal information:

·         name and contact details including addresses, email addresses and telephone numbers;

·         age or date of birth;

·         profession, occupation or job title;

·         business details (e.g., address and ABN);

·         any additional information relating to you that you provide to us directly through our website, through our representatives or otherwise;

·         call recordings;

·         camera surveillance, including CCTV, at our business premises.

If we are not able to collect the personal information described above, we may not be able to provide services to you that functions either to the standard required or at all.

We may also collect some information that is not personal information because it does not identify you or anyone else.  For example, we may collect aggregated information about the performance or use of our services, websites, debugging and device usage information for service development, maintenance and operational purposes and reporting purposes.

We collect your personal information directly from you unless it is unreasonable or impracticable to do so.  When collecting personal information from you, we may collect in ways including:

·         through your access and use of our website;

·         during conversations between you and our representatives;

·         through letters or email correspondence;

·         when you visit any of our business premises.

We may also collect personal information from third parties for use during our recruitment and onboarding processes including:

·         Veremark (or other providers) for employee reference checks;

·         Accurate Background (or other providers) for employment history background checks;

·         Australian Criminal Intelligence Commission (ACIC) for Nationally Coordinated Criminal History Checks.

Retention of Personal Information

We retain personal information only for as long as reasonably necessary for the purposes for which it was collected, to comply with legal, contractual or regulatory obligations, or to resolve disputes. When personal information is no longer required, we take reasonable steps to securely destroy or de-identify it in accordance with applicable laws and our internal policies.

Unsolicited personal information

If we receive personal information that we did not request, we will determine whether we could have collected that information under the Privacy Act. If not, and where it is lawful and reasonable to do so, we will destroy the information or de-identify it.

In some cases, we may also collect your personal information through the use of cookies. When you access our website, we may send a “cookie” (which is a small summary file containing a unique ID number) to your computer. This enables us to recognise your computer and greet you each time you visit our website without bothering you with a request to register. It also enables us to keep track of products or services you view so that, if you consent, we can send you news about those products or services. We also use cookies to measure traffic patterns, to determine which areas of our website have been visited and to measure transaction patterns in the aggregate. We use this to research our users’ habits so that we can improve our online products and services. If you do not wish to receive cookies, you can set your browser so that your computer does not accept them.

We may log IP addresses (that is, the electronic addresses of computers connected to the internet) to analyse trends, administer the website, track users movements, and gather broad demographic information.

We may also use third-party analytics and performance tools to help us understand how our websites and digital services are used and to improve them. These providers may collect information such as your device identifiers, IP address, browser type and usage data. You can manage cookies through your browser settings and, where available, through any cookie preferences tool on our websites.

We collect personal information about you so that we can perform our business activities and functions and to provide the best possible quality of client service.

We collect, hold, use and disclose your personal information for the following purposes:

• To provide services to our clients.
• To manage our business operations.
• To answer queries and provide information or advice, or otherwise perform our contractual obligations to our clients.
• To answer enquiries from you.
• To assess the performance of the website and to improve the operation of the website or manage security risk.
• To update our records and keep your contact details up to date.
• To process and respond to any complaint made by you.
• To comply with any law, rule, regulation, lawful and binding determination, decision or direction of a regulator or regulatory authority.

We may disclose your personal information to our employees, related bodies corporate, contractors and service providers who assist us in operating our business and delivering our services, including providers of IT and hosting services, professional advisers, insurers, auditors and other business support services. We take reasonable steps to ensure that such recipients handle personal information in accordance with applicable privacy obligations.

We may disclose personal information to related entities and service providers located outside Australia, including in the United States, United Kingdom and other countries where our group operates or where our IT service providers are located.

Where personal information is disclosed overseas, we take reasonable steps to ensure the recipient handles the information in a manner consistent with the Australian Privacy Principles.

Where we handle information subject to specific contractual, regulatory or security obligations, we comply with those additional requirements, including any restrictions on overseas access, storage or disclosure.

We may send you direct marketing communications about our services where permitted by law (including the Privacy Act 1988 (Cth) and the Spam Act 2003 (Cth)). You can opt out at any time by using the unsubscribe function in our communications or by contacting us using the details below. We will not use or disclose sensitive information for direct marketing without your consent or unless otherwise permitted by law.

We do not provide your personal information to other organisations for the purposes of direct marketing. 

If you believe your privacy has been breached, please contact us (details below) and provide details of the incident.

We will treat your complaint confidentially and a representative will contact you within a reasonable time to discuss your concerns and outline resolution options. We will aim to ensure that your complaint is resolved in a timely and appropriate manner.

If you are not satisfied with our handling of your privacy-related complaint, you may refer it to the Office of the Australian Information Commissioner (OAIC). Details of how to lodge a complaint with the OAIC may be found at www.oaic.gov.au or by calling 1300 363 992.

We take reasonable steps to ensure your personal information is protected from misuse and loss and from unauthorised access, modification or disclosure. We may hold your information in either electronic or hard copy form. Personal information is destroyed or de-identified when no longer needed.

As our website is linked to the internet, and the internet is inherently insecure, we cannot provide any assurance regarding the security of transmission of information you communicate to us online. We also cannot guarantee that the information you supply will not be intercepted while being transmitted over the internet. Accordingly, any personal information or other information which you transmit to us online is transmitted at your own risk.

You may request access to the personal information we hold about you, and you may request that we correct that information if you believe it is inaccurate, out of date, incomplete, irrelevant or misleading.

To make a request, please contact us using the details set out below and include enough information for us to identify you and the information you are seeking. We may need to verify your identity before giving access or making corrections, to ensure we do not disclose your information to the wrong person.

Access will usually be provided in the manner you request where it is reasonable and practicable to do so. In some circumstances we may refuse access or correction as permitted by law. If we refuse your request, we will provide reasons (where required) and information about how you can complain.

We do not charge a fee for making a request, but we may charge a reasonable fee for providing access (for example, for photocopying or administrative costs). We will tell you in advance if a fee applies.

If you have any questions about this privacy policy, wish to make a complaint or seek access or correction of your personal information, please contact us using the details below. You can also request a hard copy of this privacy policy, which will be provided free of charge.

We will treat your requests or complaints confidentially.  Our representative will contact you within a reasonable time after receipt of your complaint to discuss your concerns and outline options regarding how they may be resolved. We will aim to ensure that your complaint is resolved in timely and appropriate manner.

Privacy Officer 
RPS AAP Consulting Pty Ltd
Post:    Level 8, 31 Duncan Street, Fortitude Valley. QLD 4006
Tel:       +61 7 3539 9500
Email:   privacy@rpsconsulting.com

In the event of an eligible data breach involving personal information, we will comply with our obligations under the Notifiable Data Breaches scheme in Part IIIC of the Privacy Act. This includes notifying affected individuals and the Office of the Australian Information Commissioner where required.