Privacy & Disclaimer
Purpose of this policy
Insitec Pty Ltd (ACN 097 025 968), Insitec MIS Systems Pty Ltd (ACN 161 023 856) and their respective subsidiaries (collectively ‘Insitec’ and ‘we’) are bound by the Privacy Act 1988 (Cth) (Act). We are committed to complying with the Act and other relevant laws in relation to the management and protection of personal information. This Privacy Policy describes how Insitec collects, holds, uses and discloses your personal information.
By providing your personal information to Insitec, you consent to our collection, use and disclosure of your personal information in accordance with this Privacy Policy.
This Privacy Policy applies to clients, independent contractors, suppliers and job applicants, users of our software applications, (and other individuals) who may provide Insitec with their personal information or otherwise make that information available.
Employment information
This Privacy Policy does not apply to acts and practices in relation to employee records of our current and former employees, which are outside the scope of the privacy laws. When you apply for a role with Insitec, certain information may be collected from you (including your name, contact details, working history and relevant background checks) from your previous employer and others who may be able to provide information to assist Insitec in deciding whether to offer you employment, or to engage you under a contract.
What personal information do we collect?
Personal information has the meaning given under the Act and it means any information or an opinion about an identified individual, or an individual who is reasonably identifiable. This may include the following types of personal information:
- name
- age or date of birth
- mailing or street address
- telephone, fax numbers and other contact details
- email address
- service or educational institution details
- health information such as medical history
- bank account details
- geographic location
- any additional information relating to you that you provide Insitec directly or indirectly through your use of Insitec’s website
- information you provide Insitec when you communicate with Insitec by email, telephone or other means
- any other personal information that may be required to facilitate your interactions with Insitec including its software and platforms.
How and when do we collect personal information?
Where possible, we collect your personal information directly from you rather than from another person or source, unless it is unreasonable or unpracticable to do so.
We collect personal information in circumstances including the following:
- when you, as an individual in your own capacity or on behalf of your employer become a customer of our business
- when you telephone us, or visit our website and provide feedback, or you make an enquiry to which a later response is requested and to do so requires your contact details
- through written correspondence from you, including letters and emails
- when you ask to be included on marketing distribution lists, sign up to our website or interact with us on social media
- when you take advantage of a promotional offer we may run
- when you otherwise register for or subscribe to one of our online services
- when as a supplier, your contact and other details are provided
- when we enter into an agreement with you for the provision or acquisition of goods or services
- when we receive applications for employment and when evaluating job applicants and personnel, which may include collection of details such as employment history and educational qualifications
We may use ‘cookies’ to collect data (typically not personal information) relating to your general internet usage. This data may include IP addresses, browser versions, number of visits and similar such data relating to your navigation of the internet and our site. A cookie is a small text file that is placed on your computer or device’s hard drive. Cookies help us to improve our site and to deliver a better and more tailored service, for instance by storing information about your preferences and allowing us to recognise you when you return to our site.
You may refuse to accept cookies by activating settings on your internet browser. However, please note that if you select such settings you may be unable to access certain parts of our website.
How do we use and disclose the personal information you provide?
Insitec may collect, hold, use and disclose your personal information for the following purposes:
- for any of the purposes of collection described above
- to deliver the products and services you requested
- to provide you with further information about the products and services you requested
- to personalise and customise your experiences with Insitec
- to help Insitec manage and enhance its services
- to communicate with you, including answering your questions and providing you with information or services
- to provide your information to third parties that assist Insitec in providing the services you have requested
- to carry out administration (such as invoicing, debt collection, receiving and making payments), marketing, fraud and loss prevention activities
- to consider and respond to complaints made by you
- to comply with laws or regulations, or to comply with any directions given by governmental regulators or authorities
- to operate, protect, improve and optimise Insitec’s website, and users’ experience, such as perform analytics, conduct research and for marketing
- to send you service, support and administrative messages, reminders, technical notices, updates, security alerts and information requested by you
- to send you news, announcements and other information that may be of interest to you
- to consider your employment application
- in other circumstances, with your prior express consent, or where it can be reasonably inferred from the circumstances that you consent
What happens if you choose not to provide your personal information?
You are not obliged to give us your personal information, however Insitec may be unable to deliver the range or quality of services you require, should you choose not to do so.
Where possible, you have the option of interacting with us anonymously (for example, as a visitor of the website), or using a pseudonym if you feel more comfortable dealing with us that way. For example, if you contact us directly by telephone with a general question, we will not ask for your full name unless we need it to answer your question.
When do we disclose your personal information?
We limit the information we provide to third parties to the information they need to help us provide or facilitate the provision of goods and services to you. We deal with third parties who are required to meet the privacy standards required by law in handling your personal information and use your personal information only for the purposes that we give it to them
Insitec will not your sell personal information to third parties.
Personal information will only be disclosed to third parties in accordance with this Privacy Policy. Information may be provided to third parties where services relating to the purpose for which the personal information is collected are outsourced or you would reasonably expect us to disclose it to a third party for a particular purpose, or we have obtained your prior consent. For example, we may disclose your personal information to:
- our related bodies corporate
- third party suppliers and service providers (where necessary and subject to the qualification mentioned above)
- our professional advisers
- our payment system operators
- debt collection companies
- anyone to whom our assets or businesses (or any part of them) are transferred
- specific third parties authorised by you to receive information held by Insitec
- other persons, including government agencies, regulatory bodies and law enforcement agencies, or as required, authorised or permitted by law
Insitec may also disclose your personal information if:
- you have consented to the disclosure
- where disclosure is necessary to prevent injury to life or health
- it is required or authorised by or under an Australian law or a court/tribunal order
Accessing your personal information
You have a right to access your personal information, subject to certain exceptions provided for in the Privacy Act. If you require access to your personal information, please contact Insitec’s Privacy Officer and you should receive a response within 30 days. For security reasons, you will be required to put your request in writing and provide proof of your identity.
If Insitec refuses to give you access to your personal information, Insitec will notify you in writing setting out the reasons.
Correcting your personal information
Insitec will take all reasonable steps to ensure that the personal information that we hold is accurate. If you feel that information about you is not accurate, you can ask for correction by contacting Insitec’s Privacy Officer and you should receive a response within 30 days.
If Insitec refuses to give correct or update your personal information, Insitec will notify you in writing setting out the reasons.
Security of your personal information
Insitec will take all reasonable steps to keep your personal information safe and stored in a secure environment which can only be accessed by authorised personnel who have a need to do so. Electronic information is protected by various security measures and access to information and databases is restricted, by password protection and physical security measures. However, no data transmission over the internet or information stored in servers accessible through the internet can be guaranteed to be fully secure.
In addition, Insitec will take reasonable steps to destroy or de-identify personal information once it is no longer needed for our record retention purposes.
Disclosure and transfer of information overseas
Insitec does not disclose or transfer personal information outside Australia.
Notifiable data breaches
In the event of any unauthorised access or unauthorised disclosure or loss of your personal information that is likely to result in serious harm to you, Insitec will investigate and notify you and the Office of the Australian Information Commissioner in accordance with privacy laws.
Questions and Complaints
If you believe your privacy has been breached by Insitec, or if you wish to make a complaint about the way Insitec has handled your privacy information, you can contact Insitec’s Privacy Officer using the contact details below.
Please include your name, email address and/or telephone number and clearly describe your complaint. Insitec will acknowledge your complaint and respond to your complaint with a reasonable period of time (usually within 30 days). If you are not satisfied with Insitec’s response to your complaint, you may lodge a formal compliant with the Office of the Australian Information Commissioner.
Changes to this policy
Insitec may change this Privacy Policy from time to time. Any updated versions of this Privacy Policy will be posted on our website www.insitec.com.au and will be effective from the date of posting.
This Privacy Policy was last reviewed and updated on 6 December 2021.
Retention of data
Insitec will generally retain personal information for 7 years from the date of its collection. If you request us to delete or destroy personal information we hold about you before this date, you can contact us with your request.
Please include your name, email address and/or telephone number and clearly describe your request. Insitec will acknowledge your request and respond to within a reasonable period of time (usually within 30 days). If you are not satisfied with Insitec’s response to your request, you may lodge a formal compliant with the Office of the Australian Information Commissioner.
How to contact us
If you would like more information or have any questions in relation to this Privacy Policy, or to access or correct your personal information, or make a complaint, please contact:
Privacy Officer
Insitec Pty Ltd
4/110 Giles Street
Kingston ACT 2604
Telephone: (02) 6232 4541
Email: privacy@insitec.com.au
Insitec – Modern Slavery Policy
Definitions
- Modern Slavery Act 2018 (Cth) being the Commonwealth legislation (the Act) enacted by the Parliament of Australia on 29 November 2018 (and may be amended from time to time).
Modern slavery for the purposes of this policy is defined as including eight types of serious exploitation and outlined in Section 5. - Operations is defined as activity undertaken by Insitec Group Holdings Pty Ltd and its subsidiaries.
- Partner (partnership) means all relationships between Insitec and a Partner whereby Insitec grants the Partner the possibility of using its name, emblem/logo or image in its communication and promotional materials, thereby potentially creating a public association of image between the Partner and Insitec. This relationship includes arrangements of; sponsorships, cause-related marketing initiatives, and strategic alliances.
- Risks of modern slavery practices means the potential for Insitec to cause, contribute to, or be directly linked to modern slavery through its supply chains and operations.
- Insitec is the term used to refer to Insitec Group Holdings Pty Ltd and all subsidiaries.
- Insitec staff and contractors includes any current:
- Members of a Governance Body (members of the Insitec Group Holdings Board, its subcommittees or any subsidiary Boards/subcommittees)
- Employees;
- Members; and
- Contractors.
- Suppliers is defined as any organisation or person who provides us with goods or services, including their subcontractors, agents, related entities and consultants.
- Supply chains is defined as the products and services (including labour) that contribute to Insitec’s own products and services. This includes products and services sourced in Australia or overseas and extends beyond direct suppliers.
Policy Statement
This policy affirms Insitec’s commitment to contribute to ending all forms of modern slavery and outlines our approach to reducing the risk of modern slavery practices within our supply chains and operations (procurement, code of conduct, human resources policies).
It is consistent with our Governance Framework, that expects a culture of high ethical standards, including compliance with applicable laws, contractual and other obligations. As a result, this Modern Slavery Policy forms part of Insitec’s Governance Framework.
This Policy also supports the intent of international conventions, treaties and protocols relevant to combatting modern slavery and the Modern Slavery Act (Cth) 2018.
Scope of the Policy
This Policy applies to all Insitec employees and contractors.
Policy
Insitec maintains a Modern Slavery Policy (this Policy) outlining our approach to reducing the risk of modern slavery practices within our supply chains and operations. The Policy provides guidance on the steps Insitec takes to work with suppliers to reduce risks and the range of supports available for when an Insitec employee or contractor becomes aware that someone is at risk of or affected by modern slavery practices.
5.1 What is modern slavery
Modern slavery is defined by the Modern Slavery Act (Cth) 2018 to include eight types of serious exploitation and which can be understood as:
- trafficking in persons, which is the recruitment, harbouring and movement of a person for the purposes of exploitation through modern slavery. Exploitation also includes the prostitution of others or other forms of sexual exploitation, forced labour or services, slavery or practices similar to slavery, servitude or the removal of organs;
- slavery, which is where the offender exercises powers of ownership over the victim;
- servitude which is where the victim’s personal freedom is significantly restricted and they are not free to stop working or leave their place of work;
- forced labour, which is where the victim is either not free to stop working or not free to leave their place of work;
- forced marriage, which is where coercion, threats or deception are used to make a victim marry or where the victim does not understand or is incapable of understanding the nature and effect of the marriage ceremony;
- debt bondage, which is where the victim’s services are pledged as security for a debt and the debt is manifestly excessive or the victim’s services are not applied to liquidate the debt, or the length and nature of the services are not limited and defined;
- the worst forms of child labour, which involves situations where children are: exploited through slavery or similar practices, including for sexual exploitation; or engaged in hazardous work which may harm their health or safety, or used to produce or traffic drugs; and
- deceptive recruiting for labour or services which is where the victim is deceived about whether they will be exploited through a type of modern slavery5.
It can also extend to:
- entering into a commercial transaction involving a slave;
- exercising control or direction over, or providing finance for, any commercial transaction involving a slave or act of slave trading;
- conducting a business involving servitude or forced labour (including exercising control over the business or providing finance to it);