At Growth Focus Consulting Pty Ltd ACN 138 943 496 and its related entities (‘GFC’ / ‘we’ / ‘us’) it is important to us that we manage your personal information securely and consistently with relevant legislation, including the Privacy Act 1988 (Cth) (‘Privacy Act’) as well as the Credit Reporting Privacy Code (where applicable). This Policy outlines how we collect, disclose, use, store or otherwise handle personal information.
This Policy explains:
- The kinds of personal information (including credit-related information) we collect, and the purposes for which we do that;
- How we manage the personal information that we collect about you;
- How you can seek access to and correction of that information;
- If necessary, how you can make a complaint relating to our handling of that information.
This Policy is not limited to current customers but to all individuals and business users who deal with us.
1.1 GFC is a proprietary company that operates across Australia. We provide a variety of services such as professional accounting, wealth creation, business development, human resource and marketing solutions to businesses, entrepreneurs and individuals.
1.2 We are governed by the Australian Privacy Principles (‘APPs’) under the Privacy Act 1988 (‘the Privacy Act’). In our interactions with you, we also comply with Credit Reporting Privacy Code requirements. These set out the way organisations and government agencies can collect and use, disclose and provide access to personal and sensitive information.
(a) Personal information is information that identifies or could identify a person, whether it is true or not. It may include, for example, your name, age, gender, profile picture, contact details, bank account details and financial information.
(b) Sensitive information as defined by the Privacy Act (as amended) is also personal information but relates to your opinions, views, racial or ethnic origin, political options or affiliations, religious beliefs, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual preferences or practices or criminal record or health, genetic, biometric information or biometric templates.
(c) Credit Information as defined in the Privacy Act is personal information about an individual (other than sensitive information) relating primarily to your credit-related dealings which can be disclosed to Credit Reporting Bodies (‘CRBs’) that report on consumer credit worthiness and includes:
i. identification information about the individual; or
ii. consumer credit liability information about the individual; or
iii. repayment history information about the individual; or
iv. a statement that an information request has been made in relation to the individual by a credit provider, mortgage insurer or trade insurer; or
v. the type of consumer credit or commercial credit, and the amount of credit, sought in an application:
a. that has been made by the individual to a credit provider; and
b. in connection with which the provider has made an information request in relation to the individual; or
vi. default information about the individual; or
vii. payment information about the individual; or
viii. new arrangement information about the individual; or
ix. court proceedings information about the individual; or
x. personal insolvency information about the individual; or
xi. publicly available information about the individual:
a. that relates to the individual’s activities in Australia or the external Territories and the individual’s credit worthiness; and
b. that is not court proceedings information about the individual or information about the individual that is entered or recorded on the National Personal Insolvency Index; or
xii. the opinion of a credit provider that the individual has committed, in circumstances specified by the provider, a serious credit infringement in relation to consumer credit provided by the provider to the individual.
(d) Credit Eligibility Information provided to us by CRBs, so it may also include information about your credit related dealings with other credit providers. CEI also includes any credit worthiness information that we derive from the data from a credit reporting body, for example credit ratings, scores and evaluations about you and your credit worthiness.
2. WHAT WE DO
2.1 We are an accounting firm providing businesses, entrepreneurs and individuals with innovative, value add cloud based accounting, financial planning and business advisory services delivered in a timely, efficient and professional manner.
2.2 Examples of our current services where we might collect personal or sensitive information include:
(a) when visiting the GFC website;
(b) when using GFC’s online services;
(c) when entering into an agreement with GFC for the supply of services;
(d) when you correspond or communicate with GFC over the telephone or in any other manner, including by letter, facsimile or email;
(e) your credit card information to facilitate payment;
(f) internet service provider or mobile network you use to connect to our services;
(g) considering your eligibility for our services;
(h) if you connect with us via a social network;
(i) when you complete a customer survey or send us feedback; and
(j) administering your account including requests and the provision of our services;
3. WHY WE COLLECT AND USE PERSONAL INFORMATION
3.1 At GFC we take your personal privacy seriously. We may collect personal information about you:
(a) because you have provided it directly to us, for instance contact details, date of birth, and credit card numbers or bank account details;
(b) to process your application to GFC and/or request for services;
(c) to provide you with the most appropriate services for your needs;
(e) because you work for us;
(f) for purposes directly related to any of the above and any of our services;
(g) to provide follow-up on information regarding GFC, including responding to comments or questions or providing our services to you;
(h) to meet any requirements of government funding for programs including receiving, collecting and collating de-identified statistical information;
(i) to monitor and evaluate existing services and plan for future services; and (j) if we are required to share your information with government or regulatory bodies, as required or authorised by law.
3.2 We only use your personal and sensitive information for purposes which are directly related to the reason you provided us with your information in the first place and where you would reasonably expect us to use your information. This may include sharing your personal or sensitive information with Service Providers.
3.3 We may share your information with government or regulatory bodies (such as the Australian Tax Office and ASIC) as required or authorised by law. These agencies may also share this information with organisations or agencies outside Australia.
4. HOW WE COLLECT INFORMATION
4.1 Whenever possible, we will collect personal information directly from you unless unreasonable or impractical for us to do so. GFC may also collect personal information in a variety of ways, including but not limited to when you:
(a) use our website;
(b) connect with us via social network;
(c) phone us;
(d) write to us;
(e) email us;
(f) visit us in person;
(g) through the use of our services; and
(h) provide feedback to us.
4.2 There are certain instances in which we will collect information about you from third parties where it is unreasonable or impracticable to collect it directly from you. For example, we may collect information about you from a business which provides information about commercial credit worthiness for the purpose of assessing your application.
5. DISCLOSURE OF PERSONAL INFORMATION
5.1 Disclosure of personal information to third parties
We will not disclose your personal information to another person unless you have given consent or if one of the exceptions under the Privacy Act applies.
Where possible, the information that could reasonably identify you as an individual is first removed.
Except as set out above, GFC will not disclose your information to a third party unless one or more of the following applies:
(a) you have given your consent for us to do so;
(b) you would reasonably expect us to use or give that information for another purpose related to the purpose for which it was collected (or in the case of sensitive information – directly related to the purpose for which it was collected);
(c) it is otherwise required or authorised by law;
(d) it will prevent or lessen a serious threat to somebody’s life, health or safety or to public health or safety;
(e) it is reasonably necessary for us to take appropriate action in relation to suspected unlawful activity, or misconduct of a serious nature that relates to our functions or activities;
(f) it is reasonably necessary for the enforcement of a law conducted by an enforcement body.
5.3 Examples of disclosure
(a) Customer Records
GFC maintains records of all customers including financial information which may need to be shared with financial institutions, government or regulatory bodies from time to time.
(b) Credit Reporting
We may disclose personal information about you to a CRB in relation to any credit-related dealings with us. That information may be included in reports by the CRB to other credit providers or to another CRB to help them assess applications by you for credit.
6. DISCLOSURE OF INFORMATION TO THIRD PARTIES OVERSEAS
6.1 We may disclose personal information to overseas based organisations or agencies in the provision and/or administration of your account. We undertake to protect your personal information by ensuring the country of the overseas based organisation or agency has similar protections in relation to privacy, or that we enter into contractual arrangements with the organisation or agency to ensure the protection of your privacy.
7. CAN I REMAIN ANONYMOUS?
7.1 It is your choice to provide information to us. Wherever it is lawful and practicable, you have the option not to identify yourself or to use a fictional name when interacting with us. You can remain anonymous when using some parts of our website, or sites administered by us.
7.2 It may be necessary for us to collect your personal or sensitive information if you would like certain services. If you choose to withhold the information we require, we may not be able to provide you the services you have requested.
8. SECURITY AND STORAGE OF YOUR INFORMATION
8.1 We store your information in a number of ways including physically (such as in paper form) or electronically with third party data storage providers. Your privacy
and the security of your information is very important to us so where we store your information with third party providers, we will enter into contractual arrangements with those providers to ensure they take appropriate measures to protect your information.
8.2 We take appropriate steps to protect your personal and sensitive information held by us from misuse, interference, unauthorised access, modification, loss or disclosure. This includes during storage, collection, processing and transfer and destruction of the information. These steps include but are not limited to:
(a) ensuring our computer systems and websites have security systems in place such as up to date firewall and data encryption;
(b) maintaining security systems and monitoring of our premises;
(c) implementing confidentiality agreements with our employees and contractors, sub-contractors ,service providers and their agents;
(e) maintaining document storage security policies and procedures; and
(f) implementing verification procedures for all inquiries/transactions to ensure only authorised people can access personal information.
8.3 Our website may contain links to external websites. We recommend that you review the privacy policies of those external websites as we are not responsible for their privacy practices.
9. HOW TO ACCESS AND CORRECT YOUR INFORMATION
9.1 We will take reasonable steps to ensure that all personal information we collect, use or disclose is accurate, up-to-date, complete, relevant, and not misleading.
9.2 We will correct any personal information that we believe to be incorrect, out-of-date, incomplete, irrelevant or misleading. This may include taking reasonable steps to notify any organisation or government agency to which information was disclosed about the correction. You may request to access or correct your personal information at any time by contacting the Privacy Officer using the contact details below. We will give you access to your information unless one of the exceptions under the Privacy Act applies. For example, if providing access would be unlawful or denying access is authorised by law.
9.3 If you request to access or correct your information, we will respond within a reasonable time (usually within 30 days). If your request is refused, we will give you a written notice that sets out the reasons for refusal and how to complain about the decision.
10. DIRECT COMMUNICATIONS AND PROMOTIONAL MATERIALS
10.1 From time to time, we may send out promotional materials and information from government departments or other third parties.
10.2 If you do not wish to receive these communications, please contact us to unsubscribe from that mailing list.
10.3 Your information may also be used by us to provide you with details of other organisation’s services where permitted by the Privacy Act or where you have consented to the use or disclosure of your personal information for direct communications and promotional materials.
10.4 It is our policy that any direct communications or promotional material will include a statement advising that you can request to not receive further material from us by contacting us using the details provided. Please note that if you choose this option this will also prevent you receiving offers of discounts and notices of upcoming sales as well as all promotional and informational materials.
11.1 The GFC website and sites administered by us use software known as ‘cookies’ to record your visit to the website and collect some statistical information. We use this information to help administer and improve our websites. We do not use this information to personally identify you. Information we may collect includes:
(a) your computer’s IP address;
(b) your domain name;
(c) the date and time or access to the website;
(d) pages accessed and documents downloaded;
(e) the previous site visited;
(f) if you have visited the website before;
(g) the type of browser software in use;
(h) your mobile carrier; and
(i) device information including device and application ID.
11.2 You may set your browser to disable cookies when visiting our websites. However, some website functions may be unavailable if you choose to do so.
13. COMPLAINTS AND ENQUIRIES
13.2 If you consider your privacy concerns have not been resolved satisfactorily by us, or you wish to obtain more information on privacy requirements, you can contact The Office of the Australian Information Commissioner on 1300 363 992 or visit their website at www.oaic.gov.au.
14. CONTACTING US
14.1 Phone (07) 3812 1420
14.2 Online http://www.growthfocusconsulting.com.au/
14.3 By Post Growth Focus Consulting
PO Box 872
Ipswich QLD 4305