Privacy Policy
Raedyne Systems Pty. Ltd. (Raedyne) is bound by the Privacy Act 1988 (Cth) (the Privacy Act) and the Australian Privacy Principles (APPs). Raedyne is an APP entity as defined in the Privacy Act.
The APPs and the Privacy Act govern:
-
the type of Personal Information that Raedyne collects from You;
-
the way in which Raedyne collects and holds Your Personal Information;
-
Raedyne’s purposes for collection of Personal Information from You;
-
how Raedyne holds, uses and discloses Your Personal Information following its collection from You;
-
how You can access Personal Information held by Raedyne and seek to correct this Personal Information;
-
how You can complain if You believe Raedyne have breached the APPs in respect to Your Personal Information.
The APPs are available from the website of The Office of the Australian Information Commissioner at www.oaic.gov.au.
This Raedyne Privacy Policy (the Privacy Policy) outlines Raedyne’s ongoing obligations to You in respect of how Raedyne manages information or an opinion about You that identifies You as an individual (Personal Information).
Where relevant, the Privacy Policy uses terms as defined in the Terms and Conditions of Raedyne’s Website (accessible at www.raedyne.systems/terms-conditions) and defined terms should be read in conjunction with these Terms and Conditions (as varied from time to time).
The Privacy Policy may change from time to time and is accessible at www.raedyne.systems/privacy-policy.
What is Your Personal Information?
Examples of Your Personal Information that Raedyne might collect and hold from You includes, but is not limited to:
-
Your name;
-
Your addresses;
-
Your email addresses;
-
Your social media details;
-
Your date of birth;
-
Your occupation details;
-
Your phone and facsimile numbers;
-
Your bank account or other payment details;
-
in using Raedyne’s Website and/or Customer Portal:
-
information about Your browser, network and accessing device, including Your IP address;
-
details about Your use, including clicks, internal links, pages visited, searches and timestamps;
-
analytics and performance cookies to view site traffic, activity and other data.
-
Sensitive Information
Sensitive information is defined in the Privacy Act to include information or opinion about such things as Your racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association or a trade union, sexual orientation or practice, criminal record, health information, genetic information or biometric information (Sensitive Information).
How does Raedyne collect and hold Your Personal Information?
Your Personal Information is collected by Raedyne from You in a number of ways, including, but not limited to:
-
by You providing Personal Information to Raedyne directly (either by correspondence, telephone contact, email or by material You input into the Website and/or Customer Portal or in other direct communications You have with Raedyne, either by electronic communication or otherwise);
-
by You authorising a third party to provide Raedyne with Your Personal Information;
-
by other parties providing Your Personal Information to Raedyne either voluntarily or pursuant to compulsory processes on the part of these other parties.
Your Personal Information may be collected and held by Raedyne either in hard copy, paper copy or as electronic data (in any available form).
Raedyne takes the security of Your Personal Information very seriously.
Your Personal Information:
-
is or will be stored in customer files which will be kept by Raedyne for a minimum of seven (7) years;
-
is stored (in the case of hard copy or paper copy documents) securely at Raedyne’s business premises;
-
is stored (in the case of electronic data) in a manner that reasonably protects it from misuse and loss, and from unauthorised access, modification or disclosure.
When Personal Information is no longer required for the purpose for which it was obtained (or otherwise at the end of the seven (7) year period noted above), Raedyne will take reasonable steps to securely destroy or permanently de-identify Your Personal Information.
Why does Raedyne collect, hold, use and disclose Your Personal Information?
All Personal Information processed by Raedyne is done on a lawful basis.
Raedyne collects, holds, uses and discloses Your Personal Information for the following purposes (the Primary Purpose):
-
to offer Raedyne’s Service to our customers and the general public (including the provision of up-to-date information and/or marketing by Raedyne to You).
In providing the Service, Raedyne may disclose Personal Information provided by You to:-
bodies corporate that are related to Raedyne; and
-
other people or entities involved with Raedyne in the provision of the Service, including statutory authorities, government departments and individuals.
Unless compelled by law, Raedyne will otherwise never disclose Personal Information without Your knowledge and consent;
-
-
to facilitate Raedyne’s internal and external administrative processes (including financial and business operations and reporting requirements);
-
to obtain, maintain and comply with the terms of Raedyne’s professional indemnity and other insurance policies; and
-
to allow Raedyne to comply with applicable laws and regulations.
Raedyne will:
-
only seek to collect Personal Information from You which is directly related to, or reasonably necessary for, the reasons Raedyne seeks to collect and hold Your Personal Information from You, as set out in this Privacy Policy;
-
not actively seek to collect Sensitive Information from You, unless this collection is:
-
required or authorised by law;
-
pursuant to a permitted general situation (as defined in the Privacy Act and/or the APPs); or
-
in circumstances where You have consented to the collection of the Sensitive Information, in circumstances where:
-
You are adequately informed prior to giving that consent;
-
You give consent to that collection voluntarily;
-
Your consent is current and specific; and
-
You had the capacity to understand and communicate Your consent at the time of giving that consent.
-
-
Where Raedyne has collected Your Personal Information for the Primary Purpose, it is possible that disclosure of the Personal Information may be made by Raedyne for a purpose other than the Primary Purpose (the Secondary Purpose).
This disclosure of the Personal Information for the Secondary Purpose will only occur where the Secondary Purpose:
-
is related to the Primary Purpose for which Raedyne collected the Personal Information (where Your Personal Information is not Sensitive Information);
-
is directly related to the Primary Purpose for which Raedyne collected the Personal Information (where Your Personal Information is Sensitive Information);
-
allows for disclosure for a permitted general situation (as defined in the Privacy Act and/or the APPs); or
-
is otherwise required or authorised by or under an Australian law or a court or tribunal order.
How can You access Your Personal Information held by Raedyne and correct Your Personal Information?
It is important to Raedyne that Your Personal Information is up-to-date.
You have a right to request:
-
access to Your Personal Information held by Raedyne; and
-
correction of any Your Personal Information held by Raedyne.
Raedyne will take reasonable steps to make sure that Your Personal Information is accurate, complete and up-to-date.
If You find that the Personal Information Raedyne holds is not up-to-date or is inaccurate, please advise Raedyne as soon as practicable so Raedyne can update Your Personal Information.
If You wish to access Your Personal Information, please contact Raedyne in writing, by phone on 1300 770 007 or by email at [email protected]. Raedyne will respond to any such request within a reasonable period after You make the request.
In order to protect Your Personal Information, Raedyne may require identification from You before releasing the requested Personal Information.
Raedyne will not charge any fee for access to Your Personal Information but may charge a reasonable administrative fee for providing any copy of Your Personal Information.
Is Personal Information disclosed outside of Australia?
Not at present.
However, it is possible Raedyne may disclose Personal Information outside of Australia when its business activities commence offshore. If so, Raedyne will publish a list of countries where such disclosure may occur provided it is practicable to do so. The list may be published on the Website and/or Customer Portal or in an updated version of this Privacy Policy. Raedyne recommends You regularly review the Website and Customer Portal and this Privacy Policy for this information and for any other change to this Privacy Policy relating to overseas disclosure.
If Raedyne discloses Personal Information to an overseas recipient, it will take reasonable steps to ensure the recipient does not breach the APP’s.
How can You complain if You feel Raedyne have breached the APPs?
If You feel there has been a breach of this Privacy Policy, the Privacy Act or the APPs as they apply to Raedyne, a complaint may be made to Raedyne by telephone on 1300 770 007 or by email to [email protected].
Raedyne will respond to any complaints within a reasonable period of lodgement of a complaint by You.
In the event that a complaint by You does not resolve Your concerns, You may then lodge a complaint with the Office of the Australian Privacy Commissioner.
Data breaches
All workers at Raedyne are responsible for protecting the confidentiality of Your Personal Information. Any data breaches, or suspected data breaches, should be reported to Raedyne at [email protected] as soon as possible.
What is an eligible data breach?
An eligible data breach, defined in s 26WE(2) of the Privacy Act, is when:
-
both of the following conditions are satisfied:
-
there is unauthorised access to, or unauthorised disclosure of, the information;
-
a reasonable person would conclude that the access or disclosure would be likely to result in serious harm to any of the individuals to whom the information relates; or
-
-
the information is lost in circumstances where:
-
unauthorised access to, or unauthorised disclosure of, the information is likely to occur; and
-
assuming that unauthorised access to, or unauthorised disclosure of, the information were to occur, a reasonable person would conclude that the access or disclosure would be likely to result in serious harm to any of the individuals to whom the information relates; …
-
If there is a suspicion of a breach
If Raedyne suspects that there has been an eligible data breach, a reasonable and expeditious assessment will be conducted within 30 days.
If Raedyne believes or has reasonable grounds to believe there has been a breach then a statement will be prepared setting out:
-
Your details;
-
a description of the breach;
-
the kind or kinds of information concerned; and
-
recommendations about the steps that Raedyne will take in response to it.
If practicable, Raedyne will advise the contents of the statement to each of the affected customers who may be at risk from the breach.
If this is not practicable, Raedyne will publish the statement on the Website and/or Customer Portal and take other reasonable steps to publicise its contents. Communications with individuals will be via their preferred communication method.
The statement will be submitted to the Privacy Commissioner.
Exception to reporting
Mandatory notification requirements are waived if remedial action can be taken that results in a reasonable person concluding that the access or disclosure is not likely to result in serious harm to any of those individuals.