1.2 everfocus is committed to protecting the privacy of individuals and as such, agrees to follow the Australian Privacy Principles as set out in the Privacy Act 1988 (Cth) (Act)
1.4 If you:
(a) are from a country that is part of the European Union;
(b) have a business that has an establishment in the European Union; or
(c) are disclosing Personal Information for someone who is from the European Union,
then we will follow the General Data Protection Regulations to the extent they impose certain rights and obligations that the Australian Privacy Principles do not impose.
2.1 The following definitions apply to this policy:
(a) Act: means the Privacy Act 1988 (Cth).
(b) Australian Privacy Principles: means the principles listed in Schedule 1 of the Act.
(c) GDPR: means the European Union’s General Protection Data Regulations 2016/679.
(d) Personal Information: means information or an opinion (including information or an opinion forming part of a database), whether true or not and whether recorded in an material form or not, about an individual whose identity is apparent or can reasonably be ascertained from the information or opinion.
(e) Us/We/Our: means everfocus and as the context requires includes our employees, officers, agents, contractors and subcontractors.
(f) You; means the person wo whom the Personal Information belongs and may include any person who has provided Personal Information in connection with goods and services provided by us.
3.1 everfocus collects personal information from you in a number of different ways. For example, we may collect personal information directly from you or in the course of our dealings with you, when you:
(a) provide Personal Information to us;
(b) apply for a position of employment with us;
(c) use our website or services (including via cookies); and
(d) contact and correspond with us, for example to ask for information
3.2 everfocus may also:
(a) collect personal information about you from another publicly available sources of information;
(b) with your consent, collect personal information from third parties including recruitment agencies, previous employers, government departments and third-party service providers which provide criminal, bankruptcy and other checks.
3.3 The personal information everfocus collects about you may include:
(a) your name, date and place of birth’
(b) contact details;
(c) Internet Protocol (IP) address;
(d) occupation and education/work history;
(e) information about your dealings with everfocus and our clients; and
(f) other demographic information which read in conjunction with other Personal Information might lead to a positive identification including information about gender, race, ethnic origin, religious, political, or philosophical beliefs, trade union membership and sexual activity or orientation.
3.4 everfocus may also collect sensitive information about you, including health information and criminal background checks.
3.5 The purposes for which we collect your information may include:
(a) verifying your identity;
(b) contacting you whether it be through SMS, email, post, phone or in any other lawful manner;
(c) developing and improving our services and obtaining feedback; or
(d) using your personal information in a way that is authorised through the terms and conditions of the Site.
3.6 As a controller of Personal Information, we agree to use the minimum amount of Personal Information needed to fulfil the purpose for which it is disclosed.
3.7 If we are not able to collect personal information about you, everfocus may not be able to provide you with products, services and assistance to the extent that they require us to collect, use or disclose personal information.
4 USE AND DISCLOSURE
4.1 everfocus may use or disclose your personal information for the purpose for which it was collected.
4.2 everfocus will also use and disclose your personal information for a secondary purpose that is related to a purpose for which we collected it, where you would reasonably expect us to use or disclose your personal information for that secondary purpose.
4.3 Other instances when everfocus may use and disclose your personal information include:
(a) where you have expressly or impliedly consented to the use or disclosure;
(b) in confidence, to our advisers and insurers;
(c) in confidence, to third parties to improve our services and obtain feedback;
(d) any related entity or person of ours; or
(e) where the use or disclosure is authorised or required by or under an Australian law or a court/tribunal order.
4.4 everfocus may also share and disclose your personal information to third parties, including:
(a) employees, officers, agents, contractors and sub-contractors; or
(b) third party service providers engaged by everfocus in the ordinary course of business, subject to confidentiality provisions as we deem appropriate.
4.5 Some of the third parties to whom everfocus discloses your personal information may be located outside Australia.
4.6 everfocus may disclose your personal information to external national or overseas facilities in the course of conducting information and data processing, back up and scanning, or for the purposes of obtaining other services from third parties.
4.7 We also agree to use our best endeavours to correct any errors and inaccuracies that exist in the Personal Information that is used and disclosed by us as soon as we become aware of them.
5 INFORMATION ABOUT EVENTS, THE WEBSITE AND OUR SERVICES
5.1 everfocus may contact you via email, SMS or other means in order to provide you with updated information about
the Site, in relation to events or to provide you with other information about our goods and services.
5.2 If you do not wish to receive any such information, please contact us as set out below.
6 INFORMATION WE KEEP ABOUT YOU
6.1 You have a right to request access to or to correct personal information held by everfocus .
6.2 If you wish to access, correct or update any personal information everfocus may hold about you, please contact us as set out below. However, we may charge for providing access to this information and we may refuse access where the Act allows us to do so.
7.2 everfocus will investigate the complaint and determine whether a breach has occurred and what action, if any, to take. When contacting us, please provide as much detail as possible in relation to the query, issue or complaint.
7.3 everfocus will take any privacy complaint seriously and we request that you cooperate with us during this process and provide us with relevant information we may require so we can deal with your complaint fairly and promptly.
7.4 If you remain dissatisfied with our response, you can also make a formal complaint with the Office of the Australian Information Commissioner (which is the regulator responsible for privacy in Australia).
8 STORAGE AND SECURITY OF YOUR PERSONAL INFORMATION
8.1 everfocus will take reasonable steps to keep any Personal Information we hold about you secure.
8.2 Except to the extent liability cannot be excluded due to the operation of statute, everfocus excludes all liability (including in negligence) for the consequences of any unauthorised access to your personal information. Please notify us immediately if you become aware of any breach of security.
8.3 everfocus may store your files in hard copy or electronically in our IT systems. These may include Australian-based cloud servers or the servers of third parties within Australia.
8.4 everfocus implements a range of physical and electronic security measures to protect the personal information that we hold, including:
(a) mandatory password protection on all computers (users are required to change their passwords at regular intervals);
(b) hardware encryption on desktops, laptops and portable storage devices;
(c) secure hard copy document, electronic storage media and hardware disposal procedures;
(d) firewall and antivirus/malware software; and
(e) systems and application access controls implemented to restrict access to information (on a need to know basis).
8.5 Staff receive periodic training on security issues, to foster a security aware culture. everfocus also regularly reviews its security measures to identify charges that may be necessary or desirable.
9 SOCIAL MEDIA
9.1 Where the Site make provision for the user generated content, we may display user generated content on social
media and other digital platforms.
9.2 By posting, linking or tagging any account, application or platform that is operated by us, you:
(a) grant us a non-exclusive, royalty free, worldwide, revocable, perpetual licence to use, modify, delete from, add to, reproduce or display your content on these accounts;
(b) to the fullest extent permitted by law, consent to the infringement of your moral rights for any user generated content that is uploaded onto our social media accounts; and
(c) acknowledge that we do not approve, endorse, recommend or sponsor user generated content and provide no warranty about its accuracy, currency or suitability.
11 PERSONAL INFORMATION FOR EU BASED INDIVIDUALS
11.1 This clause 11 applies if the GPDR apply to you.
11.2 Subject to this clause 11 you consent under the GDPR to us using your Personal Information for the relevant Purpose.
11.3 We will:
(a) only process your Personal Information to the minimal extent needed to satisfy our Purpose;
(b) implement technical and organisational measures that enable clause 11.3(a) to be satisfied;
(c) implement additional safeguards to protect special categories of Personal Information (e.g. health information, race, sexual orientation, religion and political beliefs); and
(d) ensure that any employees, officers, agents contractors or subcontractors who we engage are substantially bound by the same terms.
11.4 We will implement a code of conduct that includes a requirement for us to comply with the GDPR.
11.5 We will:
(a) give you access to your Personal Information should you request it;
(b) provide your Personal Information to a third-party subject to you consenting to the disclosure; and
(c) erase your Personal Information if you ask for us to do so (subject to this not compromising our ability to carry out any research that is authorised by law or to exercise freedom of expression).
11.6 Subject to us receiving a request from you to, we will:
(a) remove you from any direct marketing that uses your Personal Information;
(b) not use or process your Personal Information in a way so that is used for data profiling.
11.7 If you are under the age of 16, we will use our best endeavours to obtain consent from your parent or guardian.
11.8 We will implement legal arrangements that are substantially consistent with clause 11 when your Personal
Information is transferred to a country that has not been approved by the European Union.
11.9 We will take steps to actively notify you within 72 hours of us discovering that your Personal Information has been used or disclosed in a way that is inconsistent with this Policy.
11.10 Through our contact person under clause 12, we will respond to any queries or requests you might have about the use, disclosure, protection or removal of your Personal Information.
12 CONTACT US
12.1 Please direct any privacy issues or queries to Ryan Hollis at firstname.lastname@example.org.