Protecting your privacy and keeping your personal information confidential is very important to us. We’re bound by the Privacy Act 1988 (Cth) (“Privacy Act”), including the Australian Privacy Principles (“APPs”) set out in the Privacy Act, when we handle your personal information.
“We”, “us” and “our” refer to Business Automation Works Pty Ltd ACN 629 822 671 (ABN 16 629 822 671) and its related bodies corporate (as that term is defined in the Corporations Act 2001 (Cth)). “Your” and “you” refer to clients and other members of the public who have an interaction with us, in Australia.
What is personal information?
Personal information means information or an opinion that identifies you, or could reasonably identify you as an individual, whether the information or opinion is true or not.
Personal information may come:
- directly from you;
- from other persons acting on your behalf;
- from third parties; or
- from publicly available sources.
We use your personal information:
- to provide you with the products and services you’ve asked for;
- where we have legitimate interests to process the personal data and they’re not overridden by your rights;
- in accordance with a legal obligation; or
- where we have your consent.
What personal information we may collect
We collect information directly from you or from other persons acting on your behalf when you use our websites and/or sign up to our services.
We only collect personal information from you that is necessary to do business with you and to perform the service you have contracted us to do.
The personal information that we collect about you includes your name, business name, postal address, email address, telephone number, profession/role, personal correspondence and various personal preferences. When you purchase a service from us, we also collect your payment information, such as your credit card or direct debit information and Australian business numbers (“ABNs”).
We also collect some information about you automatically when you visit our websites or use our services, like your Internet Protocol (“IP”) address and device type. We collect information when you navigate through our websites and services, including what pages you looked at and what links you clicked on. This information is useful for us as it helps us get a better understanding of how you’re using our websites and services so that we can continue to provide the best experience possible (e.g., by personalising the content you see).
We collect most personal information directly from you, when you:
- order and/or register for our service;
- activate and use our service;
- interact with our client support and sales teams;
- use our website or social media sites;
- register for marketing events, training and newsletters;
- interact with members of our authorised sales partner network;
- complete our surveys or product testimonials; or
- apply for a job with us.
We may also collect personal information about you:
- from our third party sales partner network;
- that is publicly available from sources such as social media websites; or
- from third parties that provide us with marketing leads.
If we don’t collect your personal data, we may be unable to provide you with all our services, and some functions and features on our websites may not be available to you.
Some of the activities we will do once we have your personal information include:
- verify your identity (including completion of a credit check where required);
- operate, protect, improve and develop our products and services;
- provide technical support to you and your authorised contacts;
- keep you informed about our products and services and those of our relevant business partners, and tailor this information to your needs and interests;
- enable secure access to our websites and service;
- participate in any third party acquisition or potential acquisition of an interest in us or our assets;
- analyse, aggregate and report on your usage of the service which we may share publicly or with third parties.
- respond to any feedback, queries or complaints;
- fulfil any legal and regulatory obligations; and
- process a job application that you’ve submitted.
When you contract to use our service, we also collect information on Australian taxpayers as provided by the Australian Taxation Office (“ATO”) in their notices to you. This information includes:
- unique identifiers such as tax file numbers (“TFNs”) and ABNs;
- names, addresses, telephone and facsimile numbers; and
- financial taxation information pertaining to tax payments and refunds due.
We require access to taxpayer notices provided to you by the ATO in order to enhance your administration and communication of Australian tax payment/refund information to your own clients.
Personal information contained in taxpayer records is collected, held, used or disclosed for the purpose of administering the taxation laws. Division 355 of Schedule 1 to the Taxation Administration Act 1953 (Cth) sets out the specific circumstances in which personal information contained in taxation records can be recorded, used or disclosed.
Where TFN information relates to an individual, rather than a corporation or other entity, the ‘Tax File Number Rules’ under the Privacy Act also applies to how we handle the information.
When personal information contained in taxpayer records is disclosed to us by you, on-disclosure rules apply to us, the recipient. The on-disclosure rules apply to the recipient recording, using or on-disclosing that information.
Your personal information gives you authorised access to our websites so that you can update your details, access online help or use our services. You may be able to authorise other people (such as your employees) to access, add and manage information on your behalf.
Our websites may contain links to third party websites, which don’t belong to us and are beyond our control. Please note we’re not responsible for and can’t guarantee the privacy of these third party websites.
How we can share your data
There will be times when we need to share your personal data with third parties. We will only disclose your personal data to:
- other companies in our group of companies;
- third party service providers and partners who assist and enable us to use the personal data to, for example, support delivery of or provide functionality on the website or services, or to market or promote our goods and services to you;
- regulators, law enforcement bodies, government agencies, courts or other third parties where we think it’s necessary to comply with applicable laws or regulations, or to exercise, establish or defend our legal rights. Where possible and appropriate, we will notify you of this type of disclosure;
- an actual or potential buyer (and its agents and advisers) in connection with an actual or proposed purchase, merger or acquisition of any part of our business; or
- other people where we have your consent,
and in respect of TFNs and information according to specific legal restriction on use.
Holding your personal information and keeping it safe
We typically hold the personal information that we collect either on electronic databases or as hard copy documents.
The security of your personal information is fundamental to the way that we do business. We take all reasonable steps to protect the personal information that you give us from unauthorised access, use or disclosure, in line with industry standards.
We do this by employing a range of security measures to protect the personal information that we hold. For example, we use a secure redaction technique to hide tax file numbers.
We apply industry-best security methods, including information technology and physical security audits, penetration testing and industry best practice risk management and system security technologies to protect the personal information we hold.
Our staff may not access personal information contained in the taxation records they receive unless they are doing so:
- in the course of exercising powers or performing functions under or in relation to the taxation laws or service we provide;
- in accordance with the processes of a court or tribunal; or
- under the Freedom of Information Act 1982 (Cth).
Whilst we take all reasonable measures to protect your personal information when it’s in our hands, it’s important to note that we’re unable to guarantee the security of the internet as a whole. If you’re using our product and services online, please ensure that you’re doing so in a secure environment. In addition, if you use email to send and receive your personal information, please be aware that the information may be less secure in transit.
Security is a priority for us when it comes to your personal data. We’re committed to protecting your personal data and have appropriate technical and organisational measures in place to make sure that happens. For more information about security, check out our security policy at www.businessautomationworks.com.au.
International data management
When we share data, it may be transferred to, and processed in, countries other than the country you live in – such as to the United States, where our data hosting provider’s servers are located. These countries may have laws different to what you’re used to. Rest assured, where we disclose personal data to a third party in another country, we put safeguards in place to ensure your personal data remains protected.
How long do we keep your information for
The length of time we keep your personal data depends on what it is and whether we have an ongoing business need or legal obligation to retain it (for example, to provide you with a service you’ve requested or to comply with applicable legal, tax or accounting requirements).
We’ll retain your personal data for as long as we have a relationship with you and for a period of time afterwards where we have an ongoing business need to retain it, in accordance with our data retention policies and practices. Following that period, we’ll make sure it’s deleted or anonymised.
It’s your personal data and you have certain rights relating to it. When it comes to marketing communications, you can ask us not to send you these at any time – just follow the unsubscribe instructions contained in the marketing communication, or send your request to email@example.com.
You also have rights to:
- know what personal data we hold about you, and to make sure it’s correct and up to date
- request a copy of your personal data, or ask us to restrict processing your personal data or delete it; or
- object to our continued processing of your personal data.
You can exercise these rights at any time by sending an email to firstname.lastname@example.org.
If you’re not happy with how we are processing your personal data, please let us know by sending an email to email@example.com. We will review and investigate your complaint, and try to get back to you within a reasonable time frame. You can also complain to your local data protection authority. They will be able to advise you how to submit a complaint.
If you’re someone who doesn’t have a relationship with us, but believe that your personal data has been entered into our websites or services, you’ll need to contact the person who entered the data for any questions you have about your personal data (including where you want to access, correct, amend, or request that the user delete, your personal data).
Questions, concerns and complaints
Once we have received your complaint, we will investigate and respond to you as quickly as possible. We’ll try to resolve your complaint as quickly as possible, and in any event within 30 days of hearing from you. If your complaint takes longer to resolve, we’ll keep you informed of our progress with the investigation.
If you aren’t satisfied with our handling or resolution of your complaint, you can lodge a complaint with the Office of the Australian Information Commissioner (“OAIC”). For more information please visit the OAIC website.
Business Automation Works Pty Ltd ACN 629 822 671 (ABN 16 629 822 671)