Decision Design has obligations concerning the collection, use, disclosure and storage of personal information. These obligations are set out in the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth) (Privacy Act), and other applicable State and Territory privacy laws.
What is personal information?
"Personal information" is information or an opinion about an identified individual or reasonably identifiable individual, whether true or not and whether recorded in material form or not.
What personal information do we collect and hold?
We collect information about you and your interactions with us. The types of personal information we may collect about you will depend upon the nature of our interaction with you. Specifically, the personal information we collect and hold may include:
- age and/or date of birth;
- email address;
- telephone number or mobile number;
- information provided to us via customer surveys;
- the location from which you have come to our website and the pages you have visited;
- income; and
- purchase behaviours.
Decision Design may also collect sensitive information that you provide to us, including:
- health information;
- racial or ethnic origin;
- membership of a political association;
- religious beliefs or affiliations; or
We may collect and record personal information about individuals such as:
- our customers/clients/members, potential customers/clients/members and their representatives;
- our employees past and present, including applications for employment; and
- any other person who interacts with us.
How do we collect personal information?
We may collect personal information directly from you or from a third party. We will only collect your personal information from a third party if it is unreasonable or impracticable to collect this information directly from you or if we are otherwise permitted to do so.
We may collect information from third parties such as:
- your nominated representative;
- publicly available sources of information or registers; and
- corporate clients.
We may collect this information when you communicate with us through our website, by telephone, by e-mail, by online survey, by online video-link call, by in person discussion group, or through a written application. In some circumstances the collection of personal information may be required by law.
Specifically, we may collect your personal information:
- when you participate in our programs and activities, such as our online surveys, online video calls or in person discussion groups;
- when you use or buy our services;
- when you request information about us, our services, programs or events;
- when you provide feedback to us;
- when you visit or fill in a form on our Website;
- when you submit a job application to us;
- when you contact us by telephone, email, social media, post or in person; and
- when we are otherwise required or authorised by law to do so.
If the personal information we collect includes sensitive information we will ask for your consent to collect this information, unless the law allows us to collect the information without your consent.
Why to we collect, hold, use and disclose personal information?
We collect, hold, use and disclose your personal information for the following purposes:
- to perform our organisational functions and activities in order to operate our business efficiently;
- to enable us to provide you with requested information, products or services;
- to administer surveys, online video calls or in person discussion groups;
- to help us to manage and enhance goods and services we procure from our suppliers and subcontractors;
- to manage and administer any account you hold with us;
- to operate, improve and optimise our Website and online services and yours and other users' experience; and
- when we are otherwise required or authorised by law to do so.
To whom do we disclose personal information?
We may disclose your personal information to the following third parties for the purposes listed above:
- our trading partners and service providers;
- the nominated customer to which the participant has agreed to provide personal information;
- your nominated representatives;
- other organisations or individuals who assist us in providing services and programs to administer our business;
- professional service providers and advisors, such as lawyers and accountants; and
- Government, regulatory authorities or other organisations as required or authorised by law.
We may disclose your personal information to external service providers so that they may perform services for us or on our behalf or to assist us in providing our services or to administer our business.
When we disclose personal information to third parties, we make all reasonable efforts to ensure that we disclose only relevant information and that it is accurate, complete and up to date and that the third party will comply with the Privacy Act in relation to the use, disclosure and storage of your information.
Other permitted disclosures
We may disclose personal information in other circumstances, where the person concerned has consented to the disclosure, or where we are expressly permitted to do so by the Privacy Act or another law. These other disclosures may include where:
- you would reasonably expect the disclosure to occur (for example, quality assurance purposes or training); and
- when we are authorised or compelled by law to disclose.
Other uses and disclosures
Disclosure of personal information outside Australia
We may disclose your personal information to recipients located outside Australia. Where we disclose information outside of Australia, we will take reasonable steps to ensure that any such person to whom personal information is disclosed will deal with that information in a way that is consistent with the APPs.
Information collected via our website
The information generated by the cookie about your use of the Websites (including their IP address) will be transmitted to and stored by Google on servers in the United States. Google will use this information for the purpose of compiling reports on the Websites' activity and providing other services relating to the Websites and internet usage. Google may also transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf. Google will not associate a person's IP address with any other data held by Google.
You can opt out of the collection of information via Google Analytics by downloading the Google Analytics Opt-out browser add-on here.
Third party websites
The Websites may link to other websites which are outside our control, and other websites outside our control may link to the Websites. Whilst we try to ensure that we link only to websites which share our privacy and security standards, once you have left a Website we cannot be responsible for the protection and privacy of any information which you provide on other websites. You should exercise caution and review the privacy statement applicable to the website in question.
Security of your personal information
We store most information about you in computer systems and databases operated by either us or our external service providers. Some information about you is recorded in paper files that we store securely.
We implement and maintain processes and security measures to protect personal information which we hold from misuse, interference or loss, and from unauthorised access, modification or disclosure. This includes:
- training our staff in how to keep your information safe and secure;
- storing your hard copy and electronic records in secure systems; and
- using trusted contracted service providers (including cloud storage providers).
If the information we store is no longer required by us for any purpose for which it was collected and is no longer required by law to be retained by us, we will destroy or de-identify the information.
How can I access or correct my personal information?
We have measures in place to ensure the information we hold about you is accurate, complete and up to date.
You may access or request correction of the personal information that we hold about you by contacting us. Our contact details are set out below. There are some circumstances in which we are not required to give you access to your personal information.
There is no charge for requesting access to your personal information, but we may require you to meet our reasonable costs in providing you with access (such as photocopying costs or costs for time spent on collating large amounts of material).
We will respond to your requests to access or correct personal information in a reasonable time and will take all reasonable steps to ensure that the personal information we hold about you remains accurate and up to date.
If we refuse to provide you with access to your record or to update your record in the way you request, we will provide you with written reasons.
If we refuse to correct or update your information, you may request that we make a note on your record that you are of the opinion that the information is inaccurate, incomplete, out of date, irrelevant or misleading, as the case may be.
How can I make a complaint?
If you have a complaint or concern regarding our handling of your personal information or think that your privacy has been affected, you should contact us using our contact details set out below to raise your complaint or concern.
We will consider your complaint and determine whether it requires further investigation. We will notify you of the outcome of this investigation and any subsequent internal investigation.
If you remain unsatisfied with the way in which we have handled your privacy complaint or concern, you may approach an independent advisor or contact the OAIC. See the OAIC website for more information about how to make a complaint.
- wish to make a complaint about the way we have collected, used, held or disclosed your personal information;
- would like to opt out of receiving our newsletter or information about Decision Design's services, please contact our Privacy Officer in any of the following ways:
- Email: firstname.lastname@example.org
- Mailing address: 1 Jerula Ave Mount Eliza VIC 3930 Australia