Software as a Solution (SaaS)
Background Information and Definitions
To meet your expectations about privacy and confidentiality Informed 365 has operational processes and procedures to comply with:
- The Australian Privacy Principles set out in the Privacy Amendment (Enhancing Privacy Protection) Act 2012
- Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (External link)
- Australian Direct Marketing Association (ADMA) Code of Practice (External link) in relation to how we market to our customers
- Spam Act 2003 (External link) in relation to electronic marketing
- Do Not Call Register Act 2006 (External link) where we engage in telemarketing.
If you have any questions not addressed in this policy, please feel free to contact us using the methods at the bottom of this policy under the heading “How to Contact Us”.
Should there be any inconsistency between this policy, the Privacy Act and other Acts mentioned above, this policy shall be interpreted to give effect to and comply with the legislation.
This policy includes examples but is not intended to be restricted in its application to such examples. Where the word ‘including’ is used, it shall mean ‘including without limitation’.
Our website and applications contain links to non-Informed 365 websites. Informed 365 is not responsible for the privacy policies of those other websites. We recommend you review the privacy policies of each site you visit.
‘Personal and business information’ means information we hold about you and your organisation from which your identity is either clear or can be reasonably determined. When you give us your personal and business information, it imposes a serious responsibility on us. Protecting your privacy when handling your personal and business information is very important to us and is fundamental to the way we serve you.
Generally, we will collect personal and business information directly from you, and only to the extent necessary to provide the product or service (including our agency functions) you requested or to carry out our internal administrative operations. An ‘agency function’ means a service that we provide to you on behalf of another organisation / licensor.
Typically, we will collect personal and business information from you when:
- you fill in a survey
- e-mail us
- create an account with us.
We will collect personal and business information from you by lawful and fair means and not in an unreasonably intrusive way.
If you choose to not provide your personal and business information when requested, we may not be able to deliver the product or service that you or the Licensor has requested. We will endeavour to make this as clear as possible for each service.
As noted above, we will only collect personal and business information from you that is necessary to provide the product or service to you and / or the licensor. We collect different personal and business information depending on the product or service that you have requested.
“Unsolicited” personal and business information is personal and business information about an individual that an organisation has unintentionally received. This is an uncommon occurrence for Informed 365, but when it does happen, we will protect your personal and business information with the same rigour as we treat personal and business information that we intended to collect. If we could not have collected this information through our normal processes, we will de-identify that information as soon as we can.
Uses and Sharing
We use the personal and business information you provide only for purposes consistent with the reason you provided it, or for a directly related purpose. We may also use your personal and business information where required or permitted by law. We may also use your information where you have provided us with your express or implied consent.
We do not share your personal and business information with other organisations unless:
- you give us your express consent, or
- sharing is otherwise required or permitted by law.
We have a strict duty to maintain the privacy of all personal and business information we hold about you. However, certain exceptions do apply. For example, where disclosure of your personal and business information is:
- authorised or required by law
- in the public interest (e.g. where a crime, fraud or misdemeanour is committed or suspected and disclosure against the customer’s rights to confidentiality is justified)
- with your consent – your consent may be implied or express and it may also be verbal or written.
Your right to access your personal and business information is not absolute. In some circumstances, the law permits us to refuse your request to provide you with access to your personal and business information, such as circumstances where:
- access would pose a serious threat to the life or health of any individual
- access would have an unreasonable impact on the privacy of others
- the request is frivolous
- the information relates to a commercially-sensitive decision-making process
- access would be unlawful
- access may prejudice enforcement activities, a security function or commercial negotiations.
Freedom of information laws
In addition to privacy laws, you may have rights to access your personal and business information contained in certain Informed 365 databases. Details on how to apply for access to these documents are contained in the Freedom of Information Act 1982 (FOI Act) (External link).
More information is available at the Office of the Australian Information Commissioner’s freedom of information (External link) pages.
Updating your Information
It is inevitable that some personal and business information which we hold will become out of date. You must keep your email address and, where applicable, your contact details and other details associated with your account current and accurate.
Informed 365 is committed to keeping your trust by protecting and securing your personal and business information.
We employ appropriate technical, administrative and physical procedures to protect personal and business information from unauthorised disclosure, loss, misuse or alteration.
We limit access to personal and business information to individuals with a business need consistent with the reason the information was provided. We keep personal and business information only for as long as it is required for business purposes or by the law.
Informed 365 protects your personal and business information by complying with Information Security Standards, Industry Schemes and Statutory obligations. We regularly conduct targeted internal and external audits on our security systems to validate the currency of our security practices.
Website / Application Security and Privacy
We understand that you may be concerned about the security of the personal and business information we collect from you online.
In those instances where we secure your personal and business information in transit to us and upon receipt, we use the industry standard encryption software, Secured Socket Layer (SSL) 128 bit encryption. The URL in your browser will change to “HTTPS” instead of “HTTP” when this security feature is invoked. Your browser may also display a lock symbol on its bottom task bar line to indicate this secure transmission is in place.
For site security purposes and to ensure this service remains available to all users, we employ software programs to monitor network traffic in order to identify unauthorised attempts to upload or change information, or otherwise cause us damage. Except for authorised law enforcement investigations, no other attempts are made to identify individual users or their usage habits other than those uses identified in this policy. Unauthorised modification or misuse of information stored in this system will be investigated and may result in criminal prosecution.
Information Collected on Website / Application
We may collect non-personal and business information from you such as browser type, operating system, and web pages visited to help us manage our Services.
Our internet server logs the following information which is provided by your browser for statistical purposes only:
- the type of browser and operating system you are using
- your Internet Service Provider and top level domain name (for example – .com, .gov, .au, .uk etc.)
- the address of any referring web site (for example – the previous web site you visited)
- your computer’s IP (Internet Protocol) address (a number which is unique to the machine through which you are connected to the internet).
All of this information is used by Informed 365 for aggregated statistical analyses or systems administration purposes only. No attempt will be made to identify users or their browsing activities, except where required by law.
A “cookie” is a packet of information stored on your computer that allows the server to identify and interact more effectively with your computer.
Our websites / application may use two different kinds of cookies:
- Session cookies – temporary cookies that only last until you close your browser.
- Persistent cookies – cookies that are stored for a longer term on your computer.
You are free to disable cookies in your browser. If you have disabled cookies you may not be able to take full advantage of all of our website / application features.
We use session cookies in the following manner:
- Log-on and log-off administration – Session cookies help with the log-on and log-off processes for users who register to use one of our online services. The cookies enable us to recognize your user ID when you log on so that we do not establish a duplicate registration record for you.
- Transactions and site usability – We use session cookies to improve how you navigate through our website and applications. As examples, session cookies are used to maintain your online session as you browse over several pages; to store and pre-populate information so that you do not have to re-enter the same information twice.
Informed 365 may also use “persistent cookies”. A persistent cookie is a small piece of text stored on your computer’s hard drive for a defined period of time, after which the cookie is erased. Informed 365 will not collect or link to personal and business information through persistent cookies without your express consent.
We use persistent cookies as follows:
- Site usage measurement – Our site measurement tool uses a persistent cookie to assist us in measuring how and when our web site and applications are used. It functions as a “visit cookie,” so we can determine if you are a repeat visitor to our site.
- Log-off safety function – Informed 365 uses a persistent cookie to automatically log you off certain Informed 365 sites or applications if there has been no activity for a pre-determined period.
- Longer-term cookies – Persistent cookies allow us, at your request, to recognise you when you return to a website or application or to remember certain information that you have provided us.
Links to Other Sites
The Informed 365 site and applications may contain links to other sites. We are ultimately not responsible for the privacy practices or the content of such web sites. We encourage you to read and understand the privacy policies on those websites prior to providing any information to them.
Loss of Personal and Business Information
Despite our every effort to protect your personal and business information, there remains the possibility that a breach of our security could occur. In the event of loss of personal and business information Informed 365 will:
- seek to rapidly identify and secure the breach to prevent any further breaches
- engage the appropriate authorities where criminal activity is suspected
- assess the nature and severity of the breach including the type of personal and business information involved and the risk of harm to affected individuals
- notify the affected individuals directly if appropriate and where possible
- if appropriate, put a notice on our website advising our customers of the breach
- notify the Privacy Commissioner (at the OAIC) if the breach is significant.
How to Contact Us
T: 1300 552 335
E: [email protected] 365.com
Further information on privacyYou can obtain further general information about your privacy rights and privacy law from the Office of the Australian Information Commissioner by:
- calling their Privacy Hotline on 1300 363 992
- visiting their web site at http://www.oaic.gov.au/ (External link)
- writing to:
The Australian Information Commissioner
GPO Box 5218
Sydney NSW 1042