1. Purpose of our Privacy Information Policy
1. BMD Associate Enterprises Ltd Pty as trustee for BMD Associate Enterprises Discretionary Trust trading as SquaredImpact (“we”, “us” or “our”) has adopted this Privacy Information Policy to ensure that we communicate to you the procedures that we use to collect, use, store and disclose personal information, including the way complaints and requests for access and correction are managed.
2. We also have a Privacy Information Statement which documents how we use and disclose personal information and how you may access the information or make complaints about the way we use, disclose or store information. We recommend that you read both documents in conjunction with each other.
2. Who, and what, this policy applies to
If, at any time, you provide personal or other information about someone other than yourself, you warrant that you have that person’s consent to provide such information for the purpose specified.
3. The information we collect
In the course of business it is necessary for us to collect personal information. We always let you know when we are collecting information. This information allows us to identify who you are for the purposes of our business, contact you in the ordinary course of business and transact with you. Without limitation, the type of information we may collect about you is:
1. Identity Information – we may collect personal details such as your name, location, date of birth, nationality, details of licenses & registrations, associations, family details, passwords, clues, employment details and third-party usernames and other information that allows us to identify who you are;
2. Contact Information – we may collect information such as your email address, telephone & fax number, third-party usernames, residential, business and postal address and other information that allows us to contact you;
3. Financial Information – we may collect information about your finances such as your bank accounts and credit cards, the value of transactions you undertake with us or through our services, the value of certain assets that you declare to us and other information that allows us to transact with you and/or provide you with our services;
4. Statistical Information – we may collect information about your online and offline preferences, habits, movements, trends, decisions, associations, memberships, finances, purchases and other information for statistical purposes.
5. Health Information – we may indirectly receive health and medical information about you from our customers, although we do not have access to this information.
6. Social Information – we may indirectly receive social information about your employment, family, income, social & community services, although we do not have access to this information.
Individuals have the option to not identify themselves to us, or to use a pseudonym, unless we are required or authorised by law to deal with individuals who have identified themselves, or it is impracticable for us to deal with individuals who have not identified themselves.
We may directly or indirectly collect or receive sensitive information. Where we collect sensitive information we will comply with the requirements under the Australian Privacy Principles to:
a. seek consent before collecting the sensitive information and ensure that the information is reasonably necessary for one or more of our functions or activities (unless an exemption in the Australian Privacy Principles applies), where the information is directly solicited; or
b. where the information is unsolicited, destroy or de-identify the information if we determine that we could not have obtained the information if we had sought to solicit it directly (and the information is not containing a Commonwealth record).
4. How your information is collected
Most information will be collected in association with your use, custom, enquiry or dealings with us, but will at all times be collected only by lawful and fair means. However we may also receive your personal information from sources such as advertising, your own promotions, public records, mailing lists, contractors, staff, recruitment agencies and our business partners. In particular, your information is likely to be collected as follows:
1. Our Customers – we may indirectly receive information as a result of our customer’s use of our systems and services, especially where you access services provided by our customers.
2. Registrations/Subscriptions – when you register or subscribe for a service, list, account, connection or other process whereby you enter your details in order to receive or access something, including a transaction;
3. Accounts/Memberships – when you submit your details to open an account and/or become a member;
4. Supply – when you supply us with goods or services;
5. Contact – when you contact us in any way; and/or
6. Access – when you access us physically we may require you to provide us with details for us to permit you such access. When you access us through the internet we may collect information using cookies (if relevant – you can adjust your browser’s setting to accept or reject cookies) or analytical services.
There are many circumstances in which we may collect your information both electronically and physically. We will endeavour to ensure that you are always aware of when your personal information is being collected.
We will take all reasonable steps to protect all personal information collected from misuse, interference, loss and unauthorised access, modification, or disclosure.
If we no longer require the personal information for any specified purpose, the information is not contained in a Commonwealth record, and we are not required by, or under, an Australian law or court to retain the information, then we will take reasonable steps to destroy or de-identify the information in accordance with the Australian Privacy Principles.
5. The safety & security of your personal information
1. We will take all reasonable precautions to protect your personal information from unauthorised access. This includes appropriately securing our physical facilities and electronic networks.
3. You acknowledge that the security of online transactions and the security of communications sent by electronic means or by post cannot be guaranteed. You provide information to us via the internet or by post at your own risk. We cannot accept responsibility for misuse or loss of, or unauthorised access to, your personal information where the security of information is not within our control.
4. You acknowledge that we are not responsible for the privacy or security practices of any third party (including third parties that we are permitted to disclose your personal information to in accordance with this policy or any applicable laws). The collection and use of your information by such third party/ies may be subject to separate privacy and security policies.
5. If you suspect any misuse or loss of, or unauthorised access to, your personal information, please let us know immediately.
6. We are not liable for any loss, damage or claim arising out of another person’s use of the materials.
6. How to access and/or update your information
You have the right to request from us the personal information that we have about you, and we have an obligation to provide you with such confirmation within 28 days of receiving your written request unless an exemption in Australian Privacy Principle 12 applies.
If you have an online account or membership with us, you will most likely be able to update all your necessary details from within your private account.
7. Complaints and disputes
If you have a complaint about our handling of your personal information, you should address your complaint in writing to the details below. We will contact you to discuss and resolve the situation within five business days of receiving your complaint.
If we have a dispute regarding your personal information, we both must first attempt to resolve the issue directly between us.
If we become aware of any unauthorised access to your personal information we will inform you at the earliest practical opportunity once we have established what was accessed and how it was accessed.
10. Contacting us
1. You should address all correspondence to the Privacy Officer with regards to privacy by email firstname.lastname@example.org in the first instance.
2. Correspondence regarding privacy can also be mailed to The Privacy Officer at the following address:
The Privacy Officer
PO Box 174 Yarraville
11. Additions to this policy