The Book Adviser is committed to complying with the Australian Privacy Principles (‘APPs’) in the Privacy Act 1988 (‘The Privacy Act’), and to being open and transparent about our information handling practices. We respect the confidentiality of your personal information and take steps to safeguard that information.
The kinds of personal information we collect and hold (and why)
The Book Adviser needs to collect personal information to provide services to our clients. We may collect and hold the following personal information:
- our clients’ names and contact details;
- personal information (including sensitive information) about our clients or a third party in the course of providing our clients with a service;
- our clients’ credit card and/or banking details.
How we collect personal information
Where it is practical to do so, we aim to collect personal information directly from the individual it relates to. However, there may be circumstances where we need to collect personal information from a third party (such as a client we are providing services to). Also, we may collect personal information indirectly because it is included in a communication with us. Some examples of how we collect personal information include (but are not limited to):
- directly from individuals and clients during telephone calls or in meetings;
- through our website at www.thebookadviser.com.au and through other forms of communication such as when clients email us;
- through our social media pages and social media networks;
- from publicly available sources of information;
- when we are permitted or required to collect the personal information by or under law.
Storage and security of personal information
We take the security of your personal information seriously. The Book Adviser staff handle personal information sensitively and in accordance with the APPs.
We take all reasonable steps to protect your personal information from misuse, interference and loss; and from unauthorised access, modification or disclosure. These steps include using electronic and physical security measures, such as password protected software and hardware.
If we no longer need your personal information, we take reasonable steps to destroy or de-identify that information. It may be necessary for us to retain personal information to comply with our legal obligations, or for insurance or audit purposes. Personal information stored electronically may be stored securely indefinitely for IT back up and electronic audit trail purposes.
How we use personal information and for what purposes
We use personal information in order to provide our clients with services.
Where necessary, we may also use personal information for the purpose of complying with any applicable laws (for example any obligations we may have under legislation).
We may use personal information for audit or quality assessment purposes; billing and invoicing; and for staff training.
We only use personal information in accordance with the APPs, and while maintaining client confidentiality.
Disclosure of personal information
In order to provide our services and conduct our business, we may disclose personal information to third parties.
In some, limited circumstances this may include sensitive information as defined in the Privacy Act. We do not disclose sensitive information about you unless you agree, or unless the disclosure is for the primary purpose it was collected (or a directly related secondary purpose) and you would reasonably expect us to do so.
We may disclose personal information:
- if the person to whom the information relates agrees to the disclosure;
- where the disclosure is for the purpose the personal information was collected;
- in circumstances where the person about whom the personal information relates would reasonably expect this disclosure to occur;
- where required to do so by law.
How you can access the personal information we hold about you
You can seek access to the personal information we hold about you by contacting us at the address below under ‘Contact details’. We will need to verify your identity and may charge a fee to cover the cost of providing you with access. If a fee is charged for providing access, you will be informed of the details of the fee prior to provision of access.
How to update or correct your personal information
You can request to update or correct personal information we hold about you which you believe is inaccurate or out of date. To do so, you may contact us using the address under the ‘Contact details’ section.
How to make a privacy complaint
If you have any concerns about our information handling practices you can contact us at email@example.com so that we can try and resolve the issue quickly and directly.
If we are unable to resolve your privacy complaint, you may contact the Office of the Australian Information Commissioner at:
GPO Box 5218, Sydney NSW, 2001, www.oaic.gov.au (telephone 1300 363 992).
You may request access to the personal information we hold about you, or make a privacy complaint, by contacting us at firstname.lastname@example.org.