Realised Technologies Pty Ltd ACN 159 167 941 (Realised Technologies, We, Our, Us and other similar terms) takes all reasonable steps to implement processes and procedures for the safe management of Personal Information. Realised Technologies endeavours to comply with the Australian Privacy Principles (APP’s) as contained in the Privacy Act 1988 (Cth) (Act) (Law).
- Clients means individuals and entities who We provide information technology services to.
- Employee Policy Manual means Our internal employment policies which form part of the employment agreement with our employees.
- Health Information takes its meaning from s 6FA of the Privacy Act 1988 (Cth).
- Personal Information takes its meaning from s 6 of the Privacy Act 1988 (Cth).
- Privacy Officer means the person operating as Our contact for privacy related matters and who can be contacted via the details provided at clause 2.1.
- Sensitive Information takes its meaning from s 6 of the Privacy Act 1988 (Cth).
- Websites means the websites listed at clause 2.2(e).
2. Collection and use of Personal and Sensitive Information
2.1 Collection of Personal Information
(a) We collect a variety of Personal Information about Individuals for our own purposes including:
- telephone numbers;
- email addresses;
- employer’s name; and
- the Tax File Numbers of our employees.
(b) In providing information technology services to Our Clients we obtain Personal and Sensitive Information, which we keep confidential and delete as soon as the provision of those services are concluded, including:
- Our Client’s and Our Client’s personnel’s usernames and passwords;
- photographs of our Client’s personnel;
- Health Information from our Clients who operate health services; and
- other information which may exist on Our Client’s hardware and back up storage devices.
2.2. How Realised Technologies collects Personal Information
(a) If Clients purchase a products from, services from or makes an enquiry of Realised Technologies, we collect and store Personal Information about them. We collect Personal Information from Clients when they:
- complete enquiry forms on our Websites;
- create an account or purchase products from us;
- sign up for our newsletters;
- correspond with us via email, mail or over the telephone; and
- make requests for services via our job ticketing system.
(b) We endeavour to collect personal information about an individual only from that individual or an authorised representative.
(c) We also collect information on an ad-hoc basis, for business administration purposes from other persons including but not limited to:
- our employees;
- potential employees;
- suppliers; and
- business associates.
(d) Personal Information We obtain from third parties or publically available information sources is limited to circumstances where the person has consented.
Realised Technologies collects a variety of information about Clients through enquiry and registration forms on our Websites listed below:
Realised Technologies – https://www.realised.com.au/
2.3 Purpose of collection and use
(a) Realised Technologies collects, holds, uses and discloses Personal Information:
- to deliver and improve the services We provide to Our Clients; and
- as required or permitted by law in order for Us to comply with regulatory requirements.
(b) Generally, Clients are only obliged to provide Us with information necessary for Us to provide services to them. However, if Clients do not provide Us with certain types of Personal Information they may be unable to enjoy the full benefits of the Service or use of some aspects of Our Websites.
(c) We customarily disclose Personal Information to Our service providers who assist us in servicing Our Clients but only to the extent necessary for them to provide those services. We disclose Personal Information for the purposes of:
- processing credit card payments;
- recording financial transactions; and
- managing our customer relations.
(d) Your Personal Information will not be disclosed to any other third party, unless such disclosure is:
- necessary as part of Our dealings with You; and
- permitted by Law.
2.4 Collection of information from the Internet
(a) Realised Technologies collects information from Our Websites and from Our interactions with Our Clients and potential Clients. We will collect Personal Information only by lawful and fair means. The Law requires Us to collect Personal Information about Clients only from them directly, if it is reasonable and practical to do so.
(b) This information is all held within Our cloud based systems provided to us by reputably Suppliers.
(c) The cloud services used are password protected and encrypted and reasonable steps are taken to ensure all information provided is secure.
2.5 Sensitive Information
(a) We do not collect Sensitive Information for our own use. However, We take custody of Sensitive Information in the course of providing information technology services to Our Clients.
(b) Information technology services which expose Us to Sensitive Information include restoring, testing and recovering Client data from back-ups and in servicing Client hardware. In providing these services we do not hold Sensitive Information for long duration nor do we access, update or utilise the data.
(c) Our Employee Policy Manual requires employees to treat Sensitive Information appropriately, store it securely and delete it or return it to the Client as soon as practicable after providing the services to our Clients.
3. Access, correction and complaint procedure
3.1 Accessing Personal Information about You
If You are a Client and would like to access or correct Personal Information that Realised Technologies holds about You, please contact:
The Privacy Officer
Realised Technologies Pty Ltd ACN 159 167 941
13-15 Winkworth St
Bungalow QLD 4870
Telephone: 07 4051 4200
You will need to identify Yourself to Our reasonable satisfaction before We will provide You with access to Personal Information about an individual which We may or may not have in Our possession.
3.2 Complaints procedure
Realised Technologies is a service orientated business. Therefore if You have a complaint about Our collection or use of Personal Information pertaining to You, then We would ask You to contact Our Privacy Officer at first instance. If after investigating Your complaint and reporting to You about an alleged breach of the Australian Privacy Principles and reporting the results of Our investigations to You, You are not satisfied then We would ask that You consult:
The Australian Information Privacy Commissioner
GPO Box 5218
Sydney NSW 2001
Telephone: 1300 363 992
3.3 Transfer of personal information outside Australia
(a) Where we can We prioritise the use of service providers who store data inside Australia. Our Websites and service provider for Our hosting service is located in Australia.
(b) Personal Information We collect may be accessed by employees, contractors or service providers who We engaged to provide services to Realised Technologies from outside of Australia. Personal Information contained in a record may be transferred and held in countries including, but not limited to the United States where some of our cloud service providers are located.
(c) We do not transfer Sensitive Information outside of Australia.
(d) We take reasonable steps to ensure parties that provide Us with necessary services for website hosting and database administration services act in accordance with the Australian Privacy Principles.
(e) We engage only recognised service providers who use enterprise level software with up to date SSL Encryption.
3.4 Anonymity and use of pseudonyms
Where practical and reasonable to do so, We provide Clients with the opportunity to use pseudonyms in relation to information You provide to Us. In a lot of cases it is impractical for Realised Technologies to deal with Clients anonymously.
3.5 How We deal with unsolicited Personal Information
We only collect Personal Information about individuals by lawful and fair means.
3.6 Notice of collection of Personal Information
4. Use of Personal Information in Direct Marketing
4.1 Direct Marketing
We may use Personal Information for the purposes of promoting Our services to Clients which would reasonably expect to receive Our marketing material.
4.2 Opting out
Clients can unsubscribe from Our marketing material by clicking on the functional unsubscribe facility contained in any email or can contact the Privacy Officer on the details set out above.
(a) We collect Personal Information that is reasonably necessary for the performance of Our operations and activities including marketing and sales. We automatically receive and record information on Our server logs from the user’s browser, including their IP address, operating system, top level domain, date and time, pages accessed, documents downloaded, previous website visited, type of browser used and other cookie information. This enables Us to tell when Clients use Our Websites and also to help customise the user’s experience with Our Website.
(b) No Personal Information about a user is linked to the cookie data we collect nor do We conduct any data matching between cookie information and Personal Information we hold.
- Google which is associated with Google Analytics; and
- Facebook for their Facebook Ads service.
(d) Opting out of cookies
5. Security and Integrity of Personal Information
We take reasonable steps to ensure that the Personal Information We collect, use or disclose is accurate, complete and up-to-date.
(a) Realised Technologies takes reasonable steps to safeguard the disclosure of Personal Information from third parties, contractors and staff who do not need to access that information. We have an up to date Employee Policy Manual relating to information technology usage and strive for best practice in this area.
(b) Wherever possible we use complex passwords, SSL encryption and two factor authentication.
5.3 Security measures taken for Cross Border disclosure of Personal Information
We take reasonable steps to protect the Personal Information We hold from misuse and loss and from authorised access, modification or disclosure when We send Personal Information offshore. Which includes the careful selection of offshore service providers, most of which are entities based in the United States.
6.2 General Data Protection Regulations (European Union) (GDPR)
(a) We do not actively collect data from the citizens or residents of the European Union (Data Subjects) nor do we consider the European Union part of our target market.
(b) We do host websites for Our Clients, who may, collect Personal Information about Data Subjects. However, we take no active steps to process data on behalf of any person who may be considered a data controller under the GDPR, other than to provide a hosting service to Our Clients.
(c) Where Our Clients collect Personal Information of Data Subjects and that data is processed by us in providing web hosting services, we do not transfer that information outside of Australia where our file servers are located.
(d) We do not always have access to our Clients data bases, however if you are a citizen or resident of the European Union and require assistance in satisfying your rights under the GDPR we are committed to assist you. You can contact our Privacy Officer for assistance. Similarly, you may seek assistance from a supervisory body in your home country who we are committed to co-operating with.
(e) For further information about privacy rights under Australian law visit the website of the Office of the Australian Information Commissioner at www.oaic.gov.au.
6.3 Data Retention
We take reasonable steps to destroy or permanently de-identify Personal Information if it is no longer needed or used by Realised Technologies. However, we are required by law in some circumstances to maintain records. These records include but are not limited to financial records, which must be kept for at least seven (7) years pursuant to section 286 of the Corporations Act 2001 (Cth), and that assist us in the provision of information technology services to Our Clients.