RISsafety respects the privacy of individuals who have dealings with RISSafety, such as customers, suppliers and employees. RISsafety is bound by the Australian Privacy Principles, to the extent required by the Australian Privacy Principles (“APP’s”), Privacy Act 1988 (Cth) (“Privacy Act”), and the Credit Reporting Code (“CR Code”). The following policy outlines how RISsafety collects, uses and manages personal information
Why does RISsafety collect personal and sensitive information?
RISsafety is a supplier and/or installer of height safety equipment. To operate our business, we need to collect some information about the people we deal with. Collecting personal information is also necessary in some circumstances to meet our legal obligations.
Who does RISsafety collect personal information about?
RISsafety collects and holds personal information about:
- our employees;
- contractors who provide services to us;
- our customers;
- applicants who wish to open commercial credit accounts with us or apply to become a guarantor in relation to such credit;
- our suppliers;
- job applicants; and
- other people who may come into contact with RISsafety.
We do offer links to third party websites on our websites. Before disclosing your personal information on any other website, we advise you to examine the terms and conditions of using that website and its privacy statement.
What kind of personal information does RISsafety collect and how does RISsafety collect it?
The type of information we collect varies, depending on the purpose, and may include (but is not limited to) name, address, contact details, employment information, credit information, credit eligibility information and marketing information.
This information may be obtained through the submission of completed forms, provided in person or by telephone by the individuals themselves, or information obtained from a third party such as a credit reporting body or another credit provider.
Where reasonable and practicable, we collect information directly from the individual. RISsafety may also collect information from other sources including publicly available information.
In all cases if we collect personal information about you from a third party, we will take reasonable steps to ensure that you are made aware of the collection.
RISsafety also collects a range of credit information about individuals, including the following:
- certain identification information about an individual, including full name, any aliases or previous names, date of birth, gender, drivers licence number, current and previous addresses, and the names of current and former employers;
- consumer credit eligibility information about an individual, such as the name of their credit providers, the type of consumer credit, the maximum amount of credit available under the consumer credit, and the terms and conditions of the consumer credit;
- default information about the individual (including whether the overdue amount has since been repaid);
- details as to whether information requests have been made about an individual to credit reporting bodies by credit providers, mortgage insurers or trade insurers;
- the type of commercial credit or consumer credit, and the amount of credit, the individual has sought from a credit provider; and
- publicly available information about the credit worthiness of the individual.
RISsafety usually collects this information from application forms submitted by applicants for commercial credit, from publicly available sources of information and on individual’s representative sources (eg spouse, professional adviser or a referee nominated by the individual).
How does RISsafety use personal information and to whom may we disclose it?
In general, RISsafety uses personal information to:
- provide products or services that have been requested;
- maintain relationships with suppliers and contractors;
- communicate both internally and externally;
- provide ongoing information about RISsafety and services to RISsafety customers; and to comply with our legal obligations.
Depending on the product or service provided, personal information may be disclosed to:
- service providers and specialist advisers to RISsafety including legal, accounting, business consulting services and mercantile agents;
- insurers, credit providers, courts, tribunals and regulatory authorities as agreed or authorised by law;
- credit reporting or reference agencies or insurance investigators; or
- a person authorised by an individual to access the information.
We also collect, hold, use and disclose credit information and credit eligibility information about individuals to:
- assess applications for commercial credit and to collect overdue payments;
- assess the credit worthiness of an applicant to become a guarantor in relation to commercial credit;
- establish and operate our customers’ commercial credit accounts;
- obtain credit information about applicants for commercial credit from credit reporting bodies, such as Veda Advantage and Dun & Bradstreet;
- obtain credit references about individuals from other credit providers;
- allow credit reporting bodies to create and maintain credit information files about individuals; and
- notify defaults to other credit providers, industry credit bureaus and debt collectors.
If you do not provide information about yourself that RISsafety has requested, RISsafety may not be able to provide you with the relevant product or service.
Credit-Related Personal information
RISsafety sometimes provides products and services to customers on credit. As a consequence, RISsafety does in some cases handle certain consumer credit-related personal information described below, including information from credit reporting bodies (“CRBs”):
- name, sex, date of birth, driver’s licence number, employer and three most recent addresses;
- confirmation of previous information requests to CRBs made by other credit providers and credit insurers about the individual;
- details of previous credit applications, including the amount and type of credit and credit limit;
- details of current and previous credit arrangements, including credit providers, start/end dates and certain terms and conditions;
- permitted payment default information, including information about related payment arrangements and subsequent repayment;
- information about serious credit infringements (e.g. fraud);
- information about adverse court judgments and insolvency;
- publicly available information about the individual’s credit worthiness;
- any credit score or credit risk assessment indicating a CRB’s or credit provider’s analysis of the individual’s eligibility for consumer credit.
This information may include information about an individual’s arrangements with other credit providers as well as with RISsafety.
RISsafety may disclose credit-related personal information to CRBs to assist the CRBs to maintain information about individuals to provide to other credit providers for credit assessments. RISsafety may collect credit-related personal information from CRBs for purposes including, to the extent permitted by law, to assess relevant credit or guarantee applications, manage and review the credit or guarantee, assign debts, collect overdue payments and produce assessments and ratings in respect of the individual’s credit worthiness. RISsafety may also exchange credit-related personal information with guarantors, debt buyers and other credit providers.
The CRB RISsafety uses is Veda Advantage, PO Box 964 North Sydney 2059, www.mycreditfile.com.au,
1300 762 207
Under the Privacy Act, individuals may request CRBs not to:
- use their credit-related personal information to determine their eligibility to receive direct marketing from credit providers; and
- use or disclose their credit information, if they have been or are likely to be a victim of fraud.
How do we treat sensitive information?
The Privacy Act defines ‘sensitive information’ as (among other things) information about a person’s racial or ethnic origin, religion, membership of political bodies, trade union or other professional or trade association, sexual preferences or practices, criminal record or health. Sometimes it may be necessary for RISsafety to collect sensitive information.
If you provide RISsafety with sensitive information, it is our policy that this information will be used and disclosed only for the purpose for which it was provided or another directly related purpose, unless you agree otherwise, or unless use or disclosure of this information is allowed by law.
The way we use tax file numbers and information received from a credit reporting body about an individual is also restricted by law.
How do we manage personal information?
RISsafety trains its employees who handle personal information to respect the confidentiality of that information and the privacy of individuals.
How do we store personal information?
RISsafety is required by the APPs and Part IIIA of the Privacy Act to safeguard the security and privacy of your information, whether you interact with us personally, by telephone, mail, over the internet or other electronic medium. RISsafety stores personal information at its own premises with the assistance of its service providers. RISsafety maintains strict procedures and standards and takes a range of steps to prevent unauthorised access to or, disclosure of, personal information and protect an individual’s information from misuse or loss. Once an individual’s information is no longer needed by RISsafety reasonable steps are taken to destroy or de-identify it.
How do we keep personal information accurate and up-to-date?
RISsafety seeks to ensure that the personal information it holds is accurate, complete and up-to-date. We realise that this information changes frequently with changes of address and other personal circumstances. We encourage you to contact RISsafety as soon as possible in order to update any personal information we hold about you. Our contact details are set out below.
Can you access and correct the personal information we hold about you?
You may obtain access to, and correct, any personal information which RISsafety holds about you (including credit eligibility information), unless one of the exceptions in the Privacy Act applies.
To make a request to access information RISsafety holds about you, please contact RISsafety in writing using the details listed below. RISsafety will require you to verify your identity and to specify what information you require. RISsafety may charge a reasonable fee to cover the cost of verifying the application and locating, retrieving, reviewing and copying any material requested.
If you seek access to credit eligibility information that we hold about you, we will endeavour to provide you with access within 30 days of your request (unless unusual circumstances apply). In order to ensure that you have access to the most up-to-date information, you should also request access to the credit reporting information held by credit reporting bodies about you.
Requests to correct credit information and credit eligibility information will be assessed on a case-by-case basis.
If we are satisfied that the personal information is inaccurate, out-of-date, incomplete, irrelevant or misleading, we will take reasonable steps to correct the information within 30 days of your request, or such longer period as agreed with you in writing. In certain circumstances, we may need to consult with a credit reporting body or another credit provider to determine the accuracy or otherwise of the information.
If we correct personal information about you, we will give you written notice of the correction within a reasonable time period. We will also notify you in writing if we decide not to correct the information in accordance with the requirements of the Privacy Act.
What if you have a complaint?
Please specify the nature of your complaint in writing.
If your complaint relates to an alleged contravention of the credit reporting provisions or the CR Code, we will acknowledge your complaint in writing within 7 days and advise you as to how we will deal with it. After investigating the complaint, we will make a decision within 30 days of the complaint being made (or such longer period as agreed with you in writing) and notify you in writing of our decision.
Please note that if you wish to make a complaint about our handling of an access and/or correction request, you may complain directly to the Office of the Australian Information Commissioner (OAIC).
RISsafety Privacy Officer
PO BOX 6304
WETHERILL PARK NSW 2164
Telephone: (02) 8781 2100 Facsimile: (02) 8781 2111
If you are not satisfied with our response to your complaint, you may escalate your complaint to the OAIC by calling 1300 363 992 or emailing firstname.lastname@example.org.
Updates to this policy