We are committed to compliance with privacy laws which apply to our businesses and which set out standards for the management of personal information.
In this policy, ‘we’, ‘EchoJunction’ and ‘Plaut’ are, individually and collectively, Plaut IT (Australia) Pty Ltd ACN 092 547 218 and its related bodies corporate.
This policy outlines our personal information management practices applying to the personal information of individuals in respect of their dealings with Plaut or EchoJunction or interaction with a Plaut or EchoJunction online site or application, specifically:
- the kinds of personal information we collect and hold;
- how we collect and hold it;
- the purposes for which we collect, hold, use and disclose it;
- your right to access and seek correction of it;
- how you may complain about privacy matters; and
- our sharing of your personal information overseas.
There are some matters to which this policy does not apply. These are referred to below.
Kinds of information collected and held
We collect information that is reasonably necessary for one or more of our business functions or activities.
The personal information we collect and hold is what we consider reasonably necessary for our business functions and activities. For example:
- Candidates: For candidates seeking employment, we may collect and hold information including your name, address, email address, contact telephone number, gender, age, employment history, references, resume, and qualifications.
- Clients: We may collect and hold information including your name, address, email address, contact telephone number, gender and age. We may also have access to a client’s employee information and details such as suppliers.
- Suppliers: We may collect and hold information including your name, address, email address, contact telephone number, business records, billing information, and information about goods and services provided.
- Referees: For referees of candidates being considered for employment, we may collect and hold information including your name, contact details, current employment information and professional opinion of the candidate.
- Sensitive Information: We will usually only collect sensitive information where consent has been obtained, and when the information is reasonably necessary for one or more of our functions or activities. Sensitive information includes, but is not limited to, information or an opinion about racial or ethnic origin, political opinions, religious and/or philosophical beliefs, membership of a trade union, sexual preferences, criminal record, health information or genetic information. It is usually optional for you to supply sensitive information.
You have the option of not identifying yourself or of using a pseudonym when dealing with us.
How information is collected and held
EchoJunction and Plaut collects personal information from various sources. We will collect information directly from the individual; if it is reasonable or practicable to do so. We may also collect information in a number of ways, including:
- through application forms;
- by email or other written mechanisms;
- over a telephone call;
- in person;
- through transactions;
- through the company website;
- by technology used to support communication including:
a. through publicly available information sources (which may include telephone directories, the internet and social media sites); and
b. direct marketing database providers
When we collect information through publicly available information sources, it will manage such information in accordance with the Privacy Act 1988.
We may also collect information about you from third parties to provide, and continue to provide, our products and services to you. When we collect personal information other than directly from an individual, we aim to take reasonable steps to notify or otherwise ensure that the individual is made aware of the following:
- our identity and contact details;
- that we have collected information from someone other than the individual;
- that collection of information is required by Australian law and the purpose for which we collect the personal information;
- the consequences if we do not collect some or all of the personal information (for example, we may not be able to provide our services to you); and
Personal information we hold is generally stored in computer systems. These may be operated by us or by our service providers.
Use and direct marketing
When we collect, hold and use your personal information, we do so primarily to:
- ensure that our services are tailored to your specific needs;
- maintain our customer records;
- allow you to participate in Plaut or EchoJunction activities;
- respond to any request for products or services;
- fulfil orders placed with Plaut or EchoJunction by any means (including through our website)
- provide newsletters; and
- maintain a record of enquiries, complaints and adverse reports relating to Plaut or EchoJunction products and services.
We may use some of your personal information to market to you and to others and for incidental purposes. Not all information collected in respect of you is used for marketing and the majority of information is collected solely for the purpose of providing products, access to our website and any account you may have with us, and our services to you.
We may collect, hold, use and disclose your personal information for other purposes which are within reasonable expectations or where permitted by law. When marketing to you, your personal information is only ever used or disclosed for our own purposes. You may opt out of our direct marketing to you. Our direct marketing materials will tell you how to do this.
Disclosure of information
We disclose personal information we collect for those purposes, and for incidental purposes. For example, we may disclose your personal information within our group, to service providers who assist us in our day-to-day business operations and as part of buying or selling businesses.
We may de-identify your personal information. We may do this for use and disclosure of the anonymous data for various data analytics purposes.
- you have consented in writing;
- it is necessary to prevent or mitigate a threat to the life or health of the individual concerned or another person, or is in the clear interests of the individual;
- it is required or authorised by law; or
- it is reasonably necessary for the enforcement of the law, or for imposing a pecuniary penalty.
We may allow your personal information to be shared with those who are in countries other than your own location. We do this:
- where we have made a business decision to store our data with a trusted service provider who is in the business of providing data storage and processing services. Examples are those who store and process our email and mobile application data. These services commonly involve diverse geographic locations which change from time to time for reasons which include data protection and processing efficiency. Where these services are used by us, it is not practical for us to notify you of which country your personal information may be located in;
- for disclosures between our group companies. Our main business location is in Australia but we may do business in a number of countries and some of our group companies may be based in other countries from time to time; and
- when our business that collected your personal information is in a different country to your location.
Accessing and correcting information
We will provide you with access to any of your personal information we hold (except in limited circumstances recognised by law). If you wish to access your personal information or have an enquiry about privacy, please contact our Privacy Officer at:
Plaut IT Australia
Level 15, 5 Martin Place
SYDNEY NSW 2000
Telephone: 02 9492 5600
Before we provide you with access to your personal information we may require some proof of identity. We may charge a reasonable fee for giving access to your personal information if your request requires substantial effort on our part.
There may be certain circumstances in which we refuse such a request. In such situations, we will usually give the requestor written notice that sets out:
- the reasons for the refusal; and
- the mechanisms available to make a complaint.
If you need to correct personal information we hold, please contact our Privacy Officer at one of the above contact points.
We treat all data breaches relating to personal information will be treated seriously.
Any breach or suspected breach must be reported to our Privacy Officer at one of the above contact points. We will then assess the breach and take any appropriate steps required by the Privacy Act 1988.
If you wish to complain about a breach of the privacy rules that bind us, you may contact our Privacy Officer at one of the above contact points. We may ask you to put your complaint in writing and to provide details about it. We may discuss your complaint with our personnel and our service providers and others as appropriate.
Our Privacy Officer will investigate the matter and attempt to resolve it in a timely way. Our Privacy Officer will inform you in writing about the outcome of the investigation. If our Privacy Officer does not resolve your complaint to your satisfaction and no other complaint resolution procedures are agreed or required by law, our Privacy Officer will inform you that your complaint may be referred to the relevant privacy regulator for further investigation and will provide you with the regulator’s contact details.
This is a policy only. There may be additional privacy notices and terms relevant to you depending on the nature of your dealings with us. We have separate charters concerning our employees – this policy does not apply to the personal information of our employees in their capacity as such.
Although we offer you access to external websites through the links we have provided, those websites are not subject to our privacy standards, policies and procedures. We recommend that you make your own enquires as to the privacy policies of these third parties. We are in no way responsible for the privacy practices of these third parties.
More information about privacy law and privacy principles is available from the privacy regulator. The privacy regulator in Australia is the Privacy Commissioner: www.oaic.gov.au (email: firstname.lastname@example.org).