At Information Technology Services "personal information" includes:
- Records of clients;
- Records of some client queries.
We hold personal information for the following purposes:
- To provide information about our clients, required for administrative purposes;
- To provide contact details for sending bulletins, newsletters and marketing information.
The Internet Services General Manager will give a copy of this policy to anyone who asks for it, and will inform, generally, anyone who enquires:
- What sort of information we hold;
- For what purpose we hold it;
- How we collect, hold, use and disclose the information.
We do not collect personal information unless it is necessary for one or more of our functions or activities.
When we collect personal information, we do so only by lawful and fair means and not in an unreasonably intrusive way.
Use and Disclosure
We will not use or disclose personal information about an individual for a purpose other than the primary purpose for which it is collected, unless one of the circumstances in the National Privacy Principle 2 applies.
Data Quality and Security
We will take steps to:
- Ensure that the personal information we collect, use or disclose is accurate, complete and up-to-date;
- Protect the personal information we hold from loss, misuse, and unauthorised disclosure;
- Ensure that modification information is received from authorised persons only;
- Destroy or de-identify personal information if it is no longer needed for any purpose for which the information may be used or disclosed under National Privacy Principle 2.
Access and Correction
We will provide access to personal information on request by the person to whom it relates, subject to the exceptions in National Privacy Principle 6.
We will not use or disclose an identifier assigned to an individual by another person except in the circumstances set out in National Privacy Principle 7. "Identifier" includes a number, but does not include the individual's name or ABN.
It does not suit our business to conduct transactions with individuals who do not identify themselves. We will allow it where it is lawful and practicable.
We will transfer personal information about an individual to someone in a foreign country only if the circumstances in National Privacy Principle 9 apply.
We will not collect sensitive information except in the circumstances set out in National Privacy Principle 10.