https://www.accurassi.com or use any of our products, including software as a service (together, the Platforms).
1.1 Accurassi is governed by the Privacy Act 1988 (Cth) (Privacy Act) and the General Data Protection Regulation (EU 2016/679) which applies across the European Union (GDRP) which regulate how we may collect, use, disclose and store personal information, and how individuals may access and correct personal information held about them.
1.2 Accurassi is committed to protecting the privacy of your personal information. This policy explains how Accurassi or any of its related bodies manages the personal information that we collect, use and disclose and how to contact us if you have any further queries about our management of your personal information. This policy does not cover personal information collected or held by Accurassi or any of its related bodies corporate (as applicable) about its employees.
2. What is “personal information”?
2.1 The Privacy Act currently defines “personal information” as meaning information or an opinion about an identified individual or an individual who is reasonably identifiable:
(a) whether the information or opinion is true or not; and
(b) whether the information or opinion is recorded in a material form or not.
3. What personal information do we collect?
3.1 The kind of personal information that we collect from you will depend on how you interact with us, such as if you are a visitor to our website, a visitor to the website of a participating provider, stakeholder, prospective customer or customer. If you decide to apply for or buy a product through our website, we may request additional information so that we can complete your request. The personal information which we collect from you may include:
(b) current and former addresses;
(c) dates of birth;
(d) telephone numbers;
(e) email addresses;
(f) social media account details;
(h) employment history;
(i) credit information;
(j) account login credentials;
(k) location data; and
(l) browsing history.
3.2 Depending on the nature of your interaction with us, we may collect government-related identifiers, such as Australian Company Number, Australian Business Number, Medicare number or driver’s licence number. We collect such details only where it is lawful to do so. We do not use government-related identifiers as our own identifier of individuals.
3.3 If you do not allow us to collect personal information, or if you provide us with incorrect or incomplete information, we may not be able to provide you with our products or services or otherwise interact with you.
3.4 When you visit any of our online resources, our system may collect information about your visit for statistical purposes, including:
(a) server address;
(b) top level domain name (for example .com, .gov, .au, etc);
(c) the date, time and duration of your visit to our site;
(d) the pages and links you accessed and documents downloaded during your visit;
(h) the previous site you visited;
(i) if you’ve visited our site before; and
(j) the type of browser used.
4. How we collect your personal information
4.1 We may collect personal information from you when:
(a) you visit our website;
(b) through your use of our products and services (and our records thereof);
(c) when you visit our Platforms or submit information through our Platforms, contact us with a query or request information about products and services or complete any forms or agreements for our products or services, including when you enquire about, seek a quote for or purchase a product or service available from us;
(d) interact or communicate with us via on social media platforms;
(e) you interact with a third party which has received your consent to disclose information to us;
(f) you contact us by telephone, via mail, e-mail, online or other method of communication;
(g) we access publicly available sources of information to supplement or validate information we already hold;
(h) we supply any products or services to you; or
(i) you enter into or participate in any promotions, competitions, specials or other offers with us.
4.3 We use anonymised information from Google and other search engines to analyse how visitors interact with our website. If you would like more information about how Google and other search engines handle your personal information, please review their privacy policies.
5. Legal basis for processing personal information (EU only)
5.1 We rely on several legal bases under the GDPR to collect, process, store, use and disclose the personal information of individuals residing in the European Union (EU) including:
(a) where you have freely and expressly consented to the collecting, use, processing and disclosure of your personal information for a specific purpose. The provision of personal information to us is voluntary. However, if you do not provide your personal information to us, we may not be able to provide you with access to, and use of, our Platforms. You may withdraw your consent at any time by contacting us using the details below;
(b) where the collection, use, processing and disclosure of your personal information is necessary for the performance of a contract to which you are a party. For example, when collection and use is necessary to fulfil our obligations to provide you with access to, and use of, our Platforms;
(c) for our legitimate business interests, including, but not limited to:
(i)providing, operating and improving our Platforms;
(ii)marketing new promotions, deals, offers, competitions, products, services provided by us or our authorised affiliates that we consider may interest or benefit you;
(iii) managing, analysing, understanding and developing our relationship with you; and
(iv) responding to your queries or complaints; and
(d) where there is a legal obligation to collect, use, process or disclose your personal information. For example, we may be obliged to disclose your personal information by reason of any law, regulation or court order and/or to protect our interests and legal rights.
6. Purpose of collection
6.1 We collect, hold, use and disclose personal information so that we can:
(a) provide or deliver our Platforms to you;
(b) administer, improve, develop and manage our Platforms (including maintaining, testing and upgrading our Platforms and systems);
(c) assess your eligibility for the products and services that you’re interested in, including any special offers you’ve redeemed from us;
(d) verify your identity and manage any enquiries or complaints you have after you’ve used our Platforms;
(e) inform you about other products, services or promotional offers that we reasonably believe may be of interest to you;
(f) ensure we comply with the requirements of our participating providers;
(g) develop insights from our customer interactions to improve our Platforms and the services we provide to customers;
(h) analyse your use of our online services to understand the effectiveness of our marketing initiatives;
(i) maintain and improve our customer service by monitoring for quality control, quality and training purposes;
(j) process payments;
(k) evaluate website and system performance;
(l) manage our relationships with our participating providers, suppliers and stakeholders;
(m) manage our internal business, financial management, reporting and accounting;
(n) permit due diligence as part of a corporate transaction, such as a sale, merger or other change of control of our business; and
(o) meet our regulatory and legal obligations.
6.2 By using any of our Platforms, you consent to the receipt of direct marketing material. We will only use your personal information for this purpose if we have collected it directly from you and if it is material of a type which you would reasonably expect to receive from us. We do not use sensitive personal information in direct marketing activity. Our direct marketing material will include a simple means by which you can request not to receive further communications of this nature.
7. Disclosure to service providers
7.1 If you decide to apply for or buy a particular product from us, we’ll share your information with the product provider so that we can facilitate the sale or application. For some products that we compare, we’ll send your personal information directly to the product provider so that you can complete your purchase or submit your application directly with the provider. If the provider contacts you directly, they may provide us with information collected from you for the purposes described in this policy.
7.2 We use service providers to help us provide our comparison services and other products and to conduct our day to day business activities. We take steps to ensure that all our service providers agree to protect the privacy and security of your personal information, and that they only use it for the purposes in this policy, or any collection notice that we provide to you at the time we collect your personal information.
7.3 These service providers generally help us by:
(a)helping us fulfil customer offers;
(b) providing us with software so that we can provide you with our services;
(c) keeping records related to the services we provide and, if you decide to buy through us, your purchase of the product;
(d) providing us with our office management software, such as email;
(e) providing us with software that supports communication between our IT systems, including Australian-hosted cloud services;
(f) assisting us with debt collection;
(g) providing us with professional advice and services; and
(h) assisting us with marketing and advertising.
8. Links to third party sites
8.1 We may provide links to third-party websites from our website. We are not responsible for and make no warranty as to the content or privacy practices or policies of these third-party websites.8.2 These links are provided for your convenience and do not represent Accurassi’s endorsement of any linked third-party website. We recommend that you review the privacy policies of these third parties prior to providing them with your personal information.
9. Data storage and security
9.1 We may store your information in electronic and/or hardcopy form. We will take reasonable precautions to store your personal information securely and to make our Platforms and storage facilities as secure as possible against unauthorized access and protect your personal information from misuse, interference and loss and from unauthorised access, modification or disclosure.
9.2 Our safeguards may include a range of systems and communication security measures, such as:
(a) technical solutions, including passwords, anti-malware software, firewalls and encryption;
(b) cyber security awareness training for employees and contractors;
(c) internal procedures and safeguards on access to, modification to and disclosure of data;
(d) confidentiality mandates for employees and contractors; and
(e) the secure storage of hard copy documents.
9.3 Despite our reasonable endeavours, we are unable to ensure or warrant the security of any personal information transmitted to us via the internet. Accordingly, all personal information disclosed by you to us is at your own risk and we are not liable for any unauthorised access to and disclosures of the personal information.
10. Overseas transfer
Accurassi does not transfer your data overseas. We process and store your personal information in the cloud using services such as Amazon Web Services hosted in Australia. However, our service providers may use cloud services to process and store personal information in a jurisdiction that may be outside of Australia such as the United States of America and these jurisdictions may have different privacy and data security protections from those of your own jurisdiction.
11. Access to your data
11.1 You are permitted to obtain access to the personal information we hold about you in certain circumstances. If you would like to obtain access to your personal information, please contact us as set out below.
11.2 You can expect to have access to the information within 30 days of providing us with the information we need to find your personal information.
11.3 Before we make your personal information available to you, we’ll need to verify and confirm your identity. If someone makes the request on your behalf, we will require your prior written consent or we will contact you directly to collect your consent.
11.4 In some circumstances we may refuse to give you access to some or all information you have requested. For example, where we have been unable to verify and confirm your identity, if providing access would have an unreasonable impact on the privacy of others; or giving access would reveal evaluative information in connection with a commercially sensitive decision-making process.
11.5 If we deny or restrict access to the information you have requested, we will give you written reasons for this decision when we respond to your request.
11.6 In most cases, access to your personal information will be provided free of charge. There may be circumstances where, because of the nature of your request, we might need to charge a fee to cover the time we’ll need to spend collating your personal information or putting it in a format that we’re able to send it to you (whether at your request or to maintain the security of the information). We will let you know before we start working on your request so that you can make an informed decision.
11.7 Where you provide us with the personal information relating to another party, you should let that party know and provide them with a copy of this policy.
12. Your rights in relation to privacy (EU only)
12.1 Under the GDPR, you have a number of important rights.
12.2 Subject to certain exceptions, you have the right to:
(a) fair and transparent processing of your personal information and processing in accordance with the GDPR;
(b) require us to rectify or correct any personal information we hold about you that is inaccurate or incomplete;
(c) require us to erase your personal information in certain situations;
(d) obtain a copy of your personal information in a commonly used electronic format so that you can manage and move it, or request we send it to a third party;
(e) object or withdraw your consent at any time to the collection, use, processing or disclosure of your personal information (including for direct marketing purposes), but this does not:
(i) apply where we have other legal justifications to continue to collect use, process or disclose your personal information; or
(ii) affect the lawfulness of any collection, use, processing or disclosure that occurred before you withdraw your consent;
(f) object to decisions being made by automated means which produce legal effects concerning you or significantly affecting you; or
(g) otherwise restrict our collection, use, processing or disclosure of your personal information in certain circumstances.
12.3 You can exercise any of these rights by contacting us using the details below.
13. Children’s policy
13.1 We do not knowingly seek or collect personal information from or about persons under the age of 16 years (Child) without the consent of a parent or guardian.
13.2 If we become aware that any personal information relating to a Child has been provided without the consent of a parent or guardian, we will use reasonable endeavours to:
(a) delete the personal information from all relevant files as soon as possible; or
(b) ensure, where deletion is not possible, the personal information is not used further for any purpose or disclosed further to any third party.
13.3 Any parent or guardian with queries regarding our collection, use, processing or disclosure of personal information relating to their Child should contact us using the details below.
14. Corrections to your data
14.1 You are entitled to correct inaccurate personal information subject to certain exceptions.
14.2 Because we rely on the personal information we hold in order to carry out our business, it is important that information is accurate, complete and up-to-date. If you believe that your personal information is inaccurate, incomplete, out of date, irrelevant or misleading, please contact our Data Privacy Officer using the details provided below and we’ll correct that information within 30 days of receiving any information we need to make the change.
14.3 Before we correct your personal information, we’ll need to verify and confirm your identity. If someone makes the request on your behalf, we will require your prior written consent or we will contact you directly to collect your consent.
14.4 If we don’t agree that the information needs to be corrected, we’ll let you know why. If that occurs, you can ask us to include a statement with the information that says you believe it’s inaccurate, incomplete, out of date, irrelevant or misleading.
15. Complaint procedure
15.1 If you have a complaint concerning how we collect or maintain the privacy of your personal information, please contact us as set out below. All complaints will be considered by our Data Privacy Officer and we may seek further information from you to clarify your concerns. If we agree that your complaint is well founded, we will, in consultation with you, take reasonable steps to rectify the problem.
15.2 If you remain dissatisfied with the outcome of your complaint, you may refer the matter to:
(a) the Office of the Australian Information Commissioner via their website at www.oaic.gov.au or via phone on 1300 363 992.
(b) The supervisory authority in the relevant EU member state.
17. How to contact us about privacy
Please contact our Data Privacy Officer if you:
(a) have any queries;
(c) you seek access to your personal information;
(d) would like to correct your personal information; or
(e) have a complaint about our privacy practices.
Data Privacy Officer
Level 4, 11 York Street
Sydney NSW 2000
Level 4, 11 York Street Sydney NSW 2000 firstname.lastname@example.org 1300 070 351