Scope and Purpose
This policy applies when you visit or use our website, use our software, provide us information over the telephone or other forms of electronic communication, or when you use any of the Company’s services. This policy governs the Company’s data collection, use and disclosure.
This policy applies to all employees, clients, users and visitors.
This policy is to be read and used in conjunction with the Company’s other policies and procedures as well as applicable industrial instruments (if any) and, or relevant legislations.
This policy is not a term of any contract, including any contract of employment and this policy may be rescinded or varied by the Company from time to time in its absolute discretion.
Collection of Personal Information
The Company will collect personal information from our clients, users, visitors, and employees to provide our products and services, improve our products and services, and comply with legal requirements.
The types of personal information we collect depends on the nature of our engagement with you. We may collect these types of personal information directly from you or from third parties or public sources. Personal information may include, but is not limited to:
- Clients, Users and Visitors to our website
- organisation or individual name, or business information that might be reasonably capable of identifying you as an individual (for example if you are a sole trader),
- contact details, including organisation or individual email address, mailing address, street address and/or phone and mobile phone number, and Internet Protocol (IP) address,
- age and/or date of birth,
- usernames and passwords,
- transaction details arising from the use of our software, processing of Credability Systems subscriptions and other provided services, credit card information or bank account details,
- records of any user of the Company’s products and services, including organizations and individual users. This may include Sensitive Information such as NDIS number, goals, budgets or funding that may apply to their use of the NDIS (such as details of the goods and/or services processed and additional information necessary to process those goods and/or services), which may include information about a health service provided by or to them,
- in circumstances where you have visited the Company’s website or software portal, your browser session and geo-location data, device and network information, statistics on page views and sessions, acquisition sources, search queries and/or browsing behaviour,
- records of your communications and interactions with the Company, via chats, email, phone or through other social applications, services or websites, including details/history of preferences, interests and behaviour relating to transactions, products, services and activity with our online services,
- information received through customer surveys or collected through any marketing activities,
- any other personal information that you may provide to us directly or indirectly and/or information that may be required in order to facilitate your dealings with the Company,
- the Company may collect these types of personal information directly from you or from third parties or public sources.
- Employees, job applicants/ prospect employees:
The Company will collect and use personal information of employees for human resources and administrative purposes. This includes but is not limited to:
- general identification information such as names, job title, date of birth and gender,
- contact details such as address, email address, phone and mobile phone number,
- educational qualifications, employment history, salary and referee reports,
- payment details including PAYG Payment Summaries, payslips, and other income earning information, receipts for gifts and work-related expenses,
- information contained in identification documents such as passport or driver’s licence,
- government-issued identification numbers such as tax file numbers,
- financial information such as bank account details and details of superannuation and insurance arrangements,
- visa or work permit status and related information,
- information about immigration status,
- probity check reports including criminal history/police check, financial/credit background checks, fit to work/ medical checks, where applicable,
- any report and records including performance and conduct related reviews, grievance mattress documents, general records, and
Use and Disclosure of Personal Information
The Company will use personal information for the purposes for which it was collected. The company, in compliance with legal requirements and as authorised or permitted by law, may disclose personal information to third-party service providers who assist us in providing our products and services, unless there are conditions, including legal requirements, contractual provisions or user and service agreement terms in place which prohibit this.
The Company will only use personal information if we have a lawful reason to do so such as when it’s our legal duty, if we have your consent and when it’s in our legitimate interest to do so. Reasons include:
- to provide our services to you or to our client in accordance with the terms of any engagement letter, user agreement or service agreement etc.,
- to provide, improve and properly manage our products and services,
- developing new products, responding to requests or queries,
- verifying your identity,
- to conduct surveys, and
- seeking your feedback.
- to maintain contact with our clients and other contacts (including users and participants), and keep them informed of our services, industry developments, and other events.
- for administrative purposes, including:
- processing payment transactions,
- charging and billing,
- detecting or preventing fraud, and
- identifying breaches of our terms and conditions of engagement.
- for governance and compliance purposes including:
- managing any quality, conduct or risk management issues including conflict of interest or independence (including auditor independence) obligations or situations,
- meeting regulatory obligations, and
- where the Company is required to or authorised by legislation or industry code, direction or standard to do so.
- the company may be required to disclose personal information to other persons, including government agencies, regulatory bodies and law enforcement agencies as required, authorised or permitted by law.
- for business purposes such as part of an actual (or proposed) acquisition, disposition, merger or de-merger of a business or entering into an alliance, joint venture or other arrangements.
- for development and analytics purposes to develop our expertise and know how, including:
- for benchmarking purposes,
- development, analytics and business intelligence functions including web site trend and performance analysis,
- quality assurance and thought leadership, and
- other purposes related to our business.
- for purposes relating to the employment of our personnel, contractors and sub-contractors including:
- recruitment purposes such as pre-employment screening, contacting referees, processing applications, administering psychometric testing, assessment for suitability for future positions, background checks and ongoing analytic purposes such as ensuring we are reaching a diverse range of candidates,
- any related reasons such as payroll, tax, superannuation and accounting services, and
- providing internal services or benefits to our staff.
The company may also use non-personal, de-identified and aggregated information for several purposes including for data analytics, research, thought leadership and promotional purposes. Any output is anonymised or aggregated so that no personal information or information relating specifically to you is reasonably identifiable.
In circumstances when the Company provides you with access to an environment where you can store and process personal information, such personal information is not collected, stored, used, processed, modified or disclosed by the Company – except to the extent required by the Company’s permitted employees who may access customer environments for system configuration, maintenance and account administration purposes or as otherwise required by law.
Security of Personal Information
The Company take reasonable steps to protect personal information from misuse, loss, unauthorized access, modification, disclosure. The Company implement administrative, technical, and physical safeguards to protect personal information.
The Company will adhere to accepted industry standards to protect the personal information submitted to us, both during transmission and on receipt. The Company will endeavour to use commercially acceptable means to protect your personal information to the best of its ability.
The Company will comply with its legal obligations in relation to notifiable data breaches, including notification to the Office of the Australian Information Commissioner and affected individuals of certain types of data breaches, and will be able to promptly respond to any suspected data breaches.
The Company’s digital information is stored on servers within Australia. The Company will take all reasonable steps to ensure that it will deal with reputable entities for the purposes of securely storing personal information.
In some cases, the Company may disclose personal information to overseas recipients for the purposes of providing our products and services. Where we do this, the Company will require these parties to take appropriate measures to protect that information and to restrict how they can use that information.
Access and Correction of Personal Information
It’s important that you make sure the personal information the Company holds about you is accurate, up to date and complete. If any of your details change or if you believe that any personal information the Company has collected about you is inaccurate you can contact us and we will take reasonable steps to correct it in accordance with the requirements of the Privacy Act.
You can request access to your personal information that we hold about you. Sometimes, we may not be able to provide you with access to all of your personal information and, where this is the case, we will tell you why.
You may wish to contact us via:
Phone: 1300 034 998
Email: [email protected]
Mail: Credability Systems – Level 2, 50 Bridge Street, Sydney NSW 2000
Website Use and Cookies
The Company may also use this information for development and analytics purposes. You can tailor your experience with these technologies via the privacy and browser settings on your device or by rejecting the associated cookies.
The Company may use personal information to send marketing communications about our products and services. Users may opt-out/ unsubscribe of receiving marketing communications at any time.
- for electronic communications, you can click on the unsubscribe function in communications,
- for hard copy communications, you can email [email protected]
The Company will not disclose personal information to third-party advertisers or marketers. However, we may share non-personal, de-identified or aggregated information with select third parties for research, development, analytics or promotional purposes other than direct marketing.
Contact Information and Complaints
Phone: 1300 034 998
Email: [email protected]
Mail: Credability Systems – Level 2, 50 Bridge Street, Sydney NSW 2000
You can notify us of any complaint you may have about the Company handling of your personal information. Following your initial contact, you will be asked to set out the details of your complaint in writing.
We will endeavour to reply to you within 30 days of receipt of the written complaint and, where appropriate, will advise you of the general reasons for the outcome of the complaint.
While we hope that we will be able to resolve any complaints you may have without needing to involve third parties, if you are not satisfied with the outcome of your complaint, you can refer your complaint to the Office of the Australian Information Commissioner.