1. Policy Statement
SpecSavvy International Limited (SōLEURS) respects your privacy and is committed to complying with the Australian Privacy Principles contained in the Privacy Act 1988 (Cth). This policy sets out the manner in which SōLEURS collects, holds, uses and discloses personal information relating to an individual.
SōLEURS reserves the right to modify or alter this policy in whole or in part where appropriate, without notice.
2. Personal and sensitive information
2.1 Personal information
Personal information is any information that can identify a person (for example a person’s address, place of work or business activities), whether the person’s identity is apparent from the information or can be reasonably ascertained from the information.
SōLEURS from time to time collects personal information including in relation to:
(a) our employees and candidates for positions with us;
(b) our customers;
(c) our suppliers, consultants and contractors;
(d) any other individuals with whom SōLEURS has or proposes to have dealings, including customers, suppliers, consultants, personnel or other persons, who propose to have, or may have, any dealings; or
(e) any other individuals who use SōLEURS’ website.
2.2 Sensitive information
Sensitive information refers to information regarding an individual’s:
(a) race or ethnicity;
(b) genetic information or history, including health information;
(c) political opinions or affiliations;
(d) religion, religious beliefs or philosophical beliefs;
(e) membership of any professional trade association or trade union;
(f) sex, sexual orientation or sexuality; and
(g) prior records including, but not limited to criminal, health and other sensitive or private matters.
3 When may SōLEURS collect information about an individual?
3.1 Personal Information
SōLEURS will endeavour only to collect personal information where it is reasonably necessary for, or directly related to, SōLEURS’ purposes and functions, including:
(a) to provide you with information about SōLEURS products or promotions;
(b) to be able to respond to questions or comments you may have;
(c) to satisfy your warranty or product service or repair requirements;
(d) to enable SōLEURS to undertake credit assessments;
(e) our internal management needs;
(f) our marketing activities; and
(g) product development.
SōLEURS will collect personal information only by lawful and fair means, and not in an unreasonably intrusive way.
If SōLEURS collects personal information about an individual, as soon as reasonably practicable, SōLEURS will endeavour to take such steps as are reasonably practicable in the circumstances to ensure the individual is aware of:
(a) the identity of SōLEURS and how to contact it;
(b) the fact that the individual is able to gain access to the information, how to access the information and how to seek correction of the information;
(c) the purposes for which the information is collected;
(d) organisations to which SōLEURS usually discloses information of the kind collected;
(e) any law or a court or tribunal order that requires the particular information to be collected;
(f) the main consequence (if any) for the individual if all or part of the information is not provided or collected;
(g) how to make a complaint about SōLEURS’ handling of the individual’s personal information and how SōLEURS will deal with a complaint; and
(h) whether SōLEURS is likely to disclose personal information about the individual to overseas recipients and, if it is practicable, the country within which such recipients are likely to be located.
3.2 Sensitive Information
SōLEURS may only collect sensitive information about an individual in the following circumstances:
(a) where the individual has consented to SōLEURS collecting the information;
(b) where the collection of sensitive information is required by an Australian Court or Tribunal, or under state or federal legislation;
(c) where the information is reasonably necessary to prevent a serious and/or imminent threat to life, health or safety or an individual, or the public where the individual is unable, either physically or legally to communicate consent;
(d) where SōLEURS reasonably believes any unlawful or illegal conduct has occurred, that may relate to SōLEURS’ business or functions;
(e) where SōLEURS is required to use or disclose the information (and that is reasonably necessary to do so) on behalf of an enforcement body; and/or
(f) where the collection of sensitive information is directly related to SōLEURS’ business functions.
4. Disclosure of information relating to individuals
4.1 Use and disclosure of information
Where SōLEURS collects information from an individual for a specific, or primary purpose, SōLEURS must not use or disclose that information for another purpose unless:
(a) the individual consented to the use and disclosure of the information;
(b) the individual reasonably expected SōLEURS to use and disclose the personal information for another secondary purpose where:
(i) if it is sensitive information – it relates directly to the primary purpose; or
(ii) if it is not sensitive information – it relates to the primary purpose.
Where SōLEURS collects personal information from a related body corporate, the primary purpose for which SōLEURS collects personal information will be the same as the primary purpose for the related body corporate.
5. Access to and correction of personal information
5.1 Access to personal information
If SōLEURS holds personal information, upon request, SōLEURS will give the individual access to their personal information unless:
(a) SōLEURS reasonably believes that it would pose a serious threat to the life, health and safety of an individual or the public;
(b) it would unreasonably infringe upon another individual’s privacy;
(c) the request for information is frivolous or vexatious;
(d) denying access is authorised according to a Court or Tribunal, or under State and/or Federal legislation;
(e) SōLEURS has reason to suspect that unlawful activity, or misconduct of a serious nature, that relates to the entity’s functions or activities, has been, is being or may be engaged in, or, if giving access to the information would be likely to prejudice the taking of appropriate action in relation to the matter;
(i) it may prejudice an enforcement activity of an enforcement body; or
(ii) giving access would reveal evaluative information generated in connection with a commercially sensitive decision-making process of SōLEURS.
If SōLEURS refuses to give access to the personal information because of one of the reasons listed in this paragraph 5.1, SōLEURS will make reasonable endeavours to provide the individual with written notice setting out the reasons for the refusal and any mechanism available to complain about the refusal.
If SōLEURS agrees to provide the individual with any personal information, it will charge the individual the reasonable costs of providing the individual with the personal information. Charges will include the charge out rate of any individual of SōLEURS required to provide the individual with the personal information.
5.2 Correction of personal information
Where the individual requests that their personal information be amended, SōLEURS will endeavour to take reasonable steps to ensure that the information provided is accurate, up to date, complete, relevant and not misleading.
Where SōLEURS refuses to amend an individual’s personal information, it must give the individual a written notice setting out the reasons for its decision.
6. Anonymity and pseudonymity
SōLEURS must allow an individual to have the option of de-identifying themselves, or allow them to use a pseudonym where it is lawful and reasonably practicable to do so.
This does not apply where the identification of the individual is required by a Court or Tribunal, or under State or Federal legislation, or it is impracticable for SōLEURS to deal with an individual that has used a pseudonym.
7. Data quality
SōLEURS will take such steps as are reasonable in the circumstances to make sure that the personal information it collects and/or discloses is accurate, complete and up-to-date.
8. Security of personal and sensitive Information
SōLEURS may take steps that are reasonable in the circumstances to protect any personal information it collects from misuse, interference, loss, unauthorised access, variation or disclosure.
In certain reasonable circumstances, SōLEURS may permanently destroy, or de-identify the personal or sensitive information it collects for any purpose outlined in this policy, where the personal information is no longer required.
9. Cross-border data flows
SōLEURS may transfer personal information about an individual to someone (other than SōLEURS or the individual) who is in a foreign country. SōLEURS will only do so if:
(a) SōLEURS reasonably believes that the recipient of the information is subject to a law, or binding scheme, which effectively overall upholds principles for protection of the information that are substantially similar to the Australian Privacy Principles, and there are mechanisms that an individual can access to take action to enforce that law or binding scheme;
(b) SōLEURS has taken such steps as are reasonable in the circumstances to ensure that the information which it has transferred will not be held, used or disclosed by the recipient of the information inconsistently with the Australian Privacy Principles; or
(c) the individual has been expressly informed that if they consent to the transfer, paragraph 9(a) will not apply, and the individual consents to the transfer.
If you would like to make a correction to collected information, a complaint or a comment in relation to this policy, feel free to contact us at firstname.lastname@example.org