What kinds of personal information do we collect?
- your name and date of birth;
- your personal and business contact details (including your address, landline or mobile telephone numbers and email address);
- your employment details (including your company name, job title and business sector);
- bank account and credit card details;
- personal information obtained from background screening providers (including credit checks) before you commence employment or enter into a business relationship with us;
- contact and identification details of any third party that you have authorised to negotiate or provide your personal information on your behalf (including any attorneys appointed by you under a power of attorney);
- your social media identity and posts where you have commented publicly; and
- any other personal information provided to us when you make an inquiry, request information (including our information packs and information about our related products and services), respond to marketing or lodge a complaint.
We may also collect sensitive personal information. For example, we may collect details of any allergies or dietary requirements you have if you are attending an event that we are hosting.
If you provide us with the personal information of a third party, you must ensure you have obtained that person’s permission to do so and inform them when you have provided their personal information to us.
How do we collect personal information?
Where possible, we will always try to collect personal information directly from you, for example when you:
- request information or contact us through our website, mobile or tablet applications, by telephone, or when creating an account with us;
- correspond with us in writing (such as letters and emails);
- provide your business card or other documents to us (such as contracts or public records); or
- participate in other activities we offer, such as competitions, conferences or workshops hosted or arranged by us;
- meet with us in person.
We may also obtain your personal information from:
- government and law enforcement agencies;
- our professional advisers;
- our contracted service providers;
- publicly available sources of information, such as public registers; and
- any other organisation with whom we do business.
Where we collect personal information from third parties you refer to us, we will assume, and you will ensure, that you have made that third party aware of the referral and the purposes of collection, use and disclosure of the relevant personal information.
You may choose to restrict the collection or use of your personal information in the following ways:
- Whenever you are asked to fill in a form on the website, you are provided with the choice to opt-in to your information being used for direct marketing purposes, simply look for the box that you can click to indicate your choice; and
- If you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time by writing to or emailing us at email@example.com.
Can you deal with us anonymously?
In general, you can visit our website without telling us who you are or revealing any personal information about yourself. Our web servers collect the IP Addresses, not the email addresses, of visitors. However, there are parts of our website where we may need to collect personal information from you for a specific purpose, such as to provide you with certain information you request, or to place your order etc. We do this through the use of online forms, emails, customer account pages, or other communication methods (e.g. over the telephone or by mail).
Why do we collect, hold, use and disclose your personal information?
We collect, hold, use and disclose your personal information to enable us to provide the services, products and information you request and to perform our functions and activities. In particular, we may collect, hold, use and disclose your personal information for the purposes of:
- responding to your requests or inquiries and providing you with information or other products or services requested by you;
- administering, supporting, improving and developing our business, products and services;
- communicating with you during the course of your business or other relationship with us including in relation to processing your order, payment of invoices, or where necessary, updating and maintaining our records;
- promotion of Zhik and our activities, including carrying out direct marketing (e.g. about our products and services and those offered jointly or on behalf of other organisations)
- and market research campaigns (e.g. on the effectiveness of our products and services);
- account management and administering records of our subscription services or Zhik membership program;
- making our website easier for you to use and providing you with access to all customer facing parts of our website;
- notifying you about important changes or developments to our functions, activities, services or our website;
- assessing your application for employment or in respect of your employment relationship with us;
- if you lodge a complaint with us, processing and responding to your complaint;
- doing anything which you authorise or consent to us doing; or
- taking any action we are required or authorised by law to take.
Except with your permission, we will not sell, trade or rent personal information we hold about you to unaffiliated third parties.
If you do not allow us to collect all of the personal information we reasonably request, we may not be able to provide you with our products and services or deal with you in the manner you have requested.
How do we handle unsolicited personal information?
If we could not have collected such information then we will destroy or de-identify the information if it is lawful and reasonable to do so.
DISCLOSING YOUR PERSONAL INFORMATION
We may disclose your personal information to:
- our employees;
- Australian Government bodies;
- our business partners, suppliers and service providers (such as contractors who provide us with website, IT or data processing, marketing, administration and other services);
- our professional advisers (for example, our insurers, auditors, lawyers and consultants);
- third parties we engage to carry out promotions or other activities you have requested, or for direct marketing purposes (unless you have opted-out of direct marketing communications);
- debt collectors;
- payment systems operators and financial institutions;
- any entity to whom we are required or authorised by law to disclosure your personal information (for example, law enforcement agencies and government and regulatory authorities such as ASIC or AUSTRAC);
- any successors in title to our business (including new business partners or owners if Zhik enters into a joint venture with or is sold to or merged with another entity); and
- with your consent (express or implied), other entities.
The above entities may in turn disclose your personal information to other entities as described in their respective privacy policies or notices.
When you visit our website, we and our contractors may collect information about you which may include personal information (which will be or is de-identified) such as:
- the date and time you visited our website;
- the pages you viewed, how long you viewed those pages and your browsing behaviour;
- how you navigated and interacted with our website (including whether you completed any application forms);
- general location information;
- information about the device you used to visit our website; and
- the IP address automatically assigned by your Internet Service Provider to the device you used to visit our website.
We use this information (i) to personalise the content of the website for you (e.g. make it easier to log in, maintain a shopping basket for your orders and access information about your account) and (ii) for system administration, preparation of statistics on the use of our website and to improve our website’s content.
If you'd like to learn more about cookies we use please visit our cookie list page.
We compile and categorise a list of our followers on social media platforms and receive reports on what our followers have posted on these social media platforms. We also receive aggregate, non-personalised statistics on Zhik’s coverage in social media.
In addition to the above, we may engage with third-party social media service providers who may acquire personal information through social media platforms in the course of providing client relationship management, reporting, analysis and other social media related services. Zhik will take reasonable steps when engaging with such third-party social media service providers to ensure that any such personal information is substantially dealt with in accordance with the Privacy Act.
DATA STORAGE, RETENTION, SECURITY AND LOCATION OF YOUR PERSONAL INFORMATION
We (and our third-party suppliers) will take reasonable steps to protect your personal information from loss, misuse, unauthorised access, modification or disclosure. We may store your personal information in different forms including in hardcopy and electronic form.
We store your information in secure data centres that are located in Sydney, Australia (website & Business Management System), NSW & VIC, Australia (Central Document System), East USA (Customer Service Ticketing System) and USA data centre (email database).
We have implemented policies, procedures and systems to keep your personal information secure. In addition, we limit access to the personal information we hold to employees with a legitimate need to use it consistent with the purpose for which the information was collected.
You are able to request removal of any personal information you have previously provided to us, and we will take reasonable steps to destroy, delete or de-identify your personal information in a secure manner should such a request be made. However, we may sometimes be required by law to retain information.
OVERSEAS DISCLOSURE OF PERSONAL INFORMATION
From time to time, we may engage service providers located overseas to perform certain of our functions and activities. In the course of receiving these services, we may need to disclose your personal information to these service providers. If overseas service providers are engaged and personal information is sent overseas, we will take reasonable steps to ensure that our service providers are carefully chosen and have policies, procedures and systems in place to ensure your personal information is otherwise handled in accordance with the Privacy Act.
ACCESS AND CORRECTION
To effectively conduct business with you, it is important that the personal information we hold about you is complete, accurate and current. At any time while we hold your personal information, we may ask you to confirm the personal information we hold is complete, accurate and current. Alternatively, if you believe that any of the personal information we hold about you is inaccurate, out-of-date, incomplete, irrelevant or misleading and needs to be corrected or updated, please contact us using our details provided below. We will respond to a request to correct your personal information within 30 calendar days.
You may also request access to the personal information we hold about you by contacting us using our details provided below. We will respond to a request for access within 30 calendar days, either by giving you access to the personal information requested, or by notifying you of our refusal to give access. If we cannot respond to you within 30 calendar days, we will contact you and provide a reason for the delay and an expected time frame for finalising your request.
We will not charge an application fee for making a request to access the personal information we hold about you or for making any corrections to your personal information. We may require your identity to be verified before responding to your request. There may be a reasonable charge for giving you access to your personal information which would cover such things as locating the information and supplying it to you.
Under legislation related to privacy, your right to receive access to your personal information, or to make corrections to it, is not absolute and exceptions exist. If we decide not to provide you with access to or correct your personal information, we will give you reasons for our decision. If we refuse to correct your personal information, you may request that we associate with the information a statement that the information is inaccurate, out-of-date, incomplete, irrelevant or misleading.
LODGING A QUESTION OR COMPLAINT
If you have a question or a complaint about how we have handled your personal information, please contact us using the contact details below.
In the case of a complaint, we will ask you to lodge the complaint in writing so we can fully understand your concerns. We will acknowledge receipt of your complaint as soon as possible after receiving your complaint in writing and let you know if we require any further information from you. We will then investigate the circumstances of your complaint and provide you with a response within a reasonable timeframe, usually 30 calendar days. If we cannot respond to you within 30 calendar days, we will contact you and provide a reason for the delay and an expected time frame for finalising our response.
If you are not satisfied with how your complaint is handled by us, then you may lodge a formal complaint with the Office of the Australian Information Commissioner at:
- Telephone: 1300 363 992 (if calling from outside Australia, +61 2 9284 9749)
- Post: GPO Box 5218, Sydney NSW 2001
- Email: firstname.lastname@example.org
- Website: http://www.oaic.gov.au
NOTIFIABLE DATA BREACHES
We are required to notify you and the Office of the Australian Information Commissioner if we suffer a data breach likely to result in serious harm to you. There are exceptions to this requirement to notify you. For example, if we have already taken action to eliminate the risk of harm to you, we would not necessarily be required to notify you of the data breach.
If we suffer a data breach which involves your personal information, we will notify you and the Office of the Australian Information Commissioner as soon as reasonably practicable, outline the personal information that has been the subject of the data breach, advise the actions we are taking to address the breach and provide steps you can take to limit the impact of the data breach (e.g. undertake a password change or monitor credit cards for suspicious activity).
If at any time you believe your personal information which we hold has been the subject of a data breach please contact us immediately using the contact details set out below.
- By post at Zhik Pty Limited, 73 Whiting Street, Artarmon, NSW 2064, Australia.
- By email through the Contact Us page on our website
- By phone on +64 2 9420 9355
If your enquiry relates to personal information given or to be given in relation to a job application, please contact the Commercial Operations Manager;
- By post at Zhik Pty Limited, 73 Whiting Street, Artarmon, NSW 2064, Australia.
- By email to email@example.com
- By phone on +64 2 9420 9355
CHANGES TO THIS POLICY
You can obtain further general information about your privacy rights and the laws related to privacy from the Office of the Australian Information Commissioner at https://www.oaic.gov.au/ or by phoning 1300 363 992.