The Act defines “Personal information” as meaning: “information or an opinion (including information or an opinion forming part of a database), whether true or not, and whether recorded in a material form or not, about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion”. This is a very wide definition.
- 1.1 We only collect personal information that is necessary for one or more of our functions or activities.
- 1.2 We only collect personal information by lawful and fair means and not in an unreasonably intrusive way.
- 1.3 At or before the time (or, if that is not practicable, as soon as practicable after) we collect personal information from you, we take reasonable steps to ensure that you are aware of:
- (a) our identity and how to contact us, namely:
Accounts Flow Pty Ltd c/- PO Box 1003, Subiaco WA 6904
Privacy Officer: Mr Tony Brockhurst
- (b) the fact that you are able to gain access to the information - anyone about whom we hold information can contact us via the contact details in 1.3(a) above to gain access to their personal information;
- (c) the purposes for which the information is collected - we collect personal information for the following purposes:
- (i) identifying and corresponding with you and other parties generally to enable us to conduct our business, provide and market our services and to meet our legal and other obligations in respect to the provision of services;
- (ii) matters implicit in our management including service monitoring, planning, evaluation and accreditation activities and compliance with quality assurance audits;
- (iii) to check details of our clients; and
- (iv) generally anything necessary and expedient to achieve the above;
- (d) the organisations (or the types of organisations) to which we usually disclose personal information - the usual persons and organisations to whom personal information is disclosed are:
- (i) our clients and other parties to their transactions and other representatives of those other parties;
- (ii) Government Departments and Authorities, Banks and other institutions as necessary to effect transactions;
- (iii) our clients’ and our own accountants and auditors and advisers, including quality auditors and advisers if necessary for them to provide their services or conduct their business;
- (iv) contractors that provide information technology services and the like if necessary for them to provide their services to our business, and
- (v) other persons or organisations that need to be given personal information in order for us to provide our services and conduct our businesses properly;
- (e) any law that requires the particular information to be collected - there is currently no legislation that requires us to collect information, but should obligations arise we will make the necessary people aware; and
- (f) the main consequences (if any) for you if all or part of the information is not provided - if you do not provide all your details, our data base will not be as comprehensive as it might be and we will not be able to provide our services to you or our clients properly.
- 1.4 If it is reasonable and practicable to do so, we collect personal information about you only from you.
- 1.5 If we collect personal information about you from someone else, we take reasonable steps to ensure that you are, or have been, made aware of the matters listed in subclause 1.3. We collect personal information from:
These organisations should have, or will have, advised the persons of the matters listed in 1.3 above, where applicable, at our request and so there is no need for us to do so again.
- (a) the Australian Securities & Investments Commission (“ASIC”) databases, national business name databases, electoral rolls, telephone books, other public databases and credit agencies; and
- (b) other organisations that are required to comply with the Act.
- 2. Use and Disclosure
- We do not use or disclose personal information about you for a purpose (a secondary purpose) other than the primary purposes mentioned in 1.3(c) above if:
- (a) both of the following apply:
- (i) the secondary purpose is related to the primary purpose of collection, and
- (ii) you would reasonably expect us to use or disclose the information for the secondary purpose; or
- (b) you have consented to the use or disclosure; or
- (c) the use or disclosure is required or authorised by or under law.
- 3. Data Quality
- We take reasonable steps to make sure that the personal information we collect, use and disclose is accurate, complete and up to date.
- 4. Data Security
- 4.1 We take reasonable steps to protect the personal information we hold from misuse, loss, and from unauthorised access, modification or disclosure.
- 4.2 We take reasonable steps to destroy or permanently de identify personal information if it is no longer needed for any purpose for which the information may be used or disclosed, but we do archive the information.
- 5. Openness
- 5.1 This document sets out our policies on the management of personal information. We make this document available to anyone who asks for it. Updated versions will be published at www.accountsflow.com/privacy.
- 5.2 On request by a person, we take reasonable steps to let the person know, generally:
… by first of all giving them a copy of this document and providing further information if required.
- (a) what sort of personal information we hold, usually: name, home address, business address, telephone, fax, e-mail, and information needed in order to provide services to our clients;
- (b) for what purposes we use the personal information, namely those listed in 1.3(c) above;
- (c) how we collect the information, including from the following sources: our clients, other parties to transactions and court actions involving our clients and their representatives, from public databases such as those held by ASIC and Electoral Offices, associations that we represent ;
- (d) how we hold the information, namely in our client files, archived files, and in our computer system and on backup tapes;
- (e) how we use the information - for various purposes listed in 1.3(c) above; and
- (f) how we disclose that information - on an “as needs” basis to the persons and organisations listed in 1.3(d) above,
- 6. Access and Correction
- 6.1 If we hold personal information about you, we provide you with access to the information on your request, except to the extent that:
- (a) providing access would have an unreasonable impact upon the privacy of other individuals; or
- (b) the request for access is frivolous or vexatious; or
- (c) the information relates to existing or anticipated legal proceedings between you and us, and the information would not be accessible by the process of discovery in those proceedings; or
- (d) providing access would reveal the intentions of our organisation in relation to negotiations with you in such a way as to prejudice those negotiations; or
- (e) providing access would be unlawful; or
- (f) denying access is required or authorised by or under law; or
- (g) providing access would be likely to prejudice an investigation of possible unlawful activity; or
- (h) providing access would be likely to prejudice:
by or on behalf of an enforcement body; or
- (i) the prevention, detection, investigation, prosecution or punishment of criminal offences, breaches of a law imposing a penalty or sanction or breaches of a prescribed law; or
- (ii) the enforcement of laws relating to the confiscation of the proceeds of crime; or
- (iii) the protection of the public revenue; or
- (iv) the prevention, detection, investigation or remedying of seriously improper conduct or prescribed conduct; or
- (v) the preparation for, or conduct of, proceedings before any court or tribunal, or implementation of its orders;
- (i) an enforcement body performing a lawful security function asks us not to provide access to the information on the basis that providing access would be likely to cause damage to the security of Australia.
- 6.2 However, where providing access would reveal evaluative information in connection with a commercially sensitive decision-making process, we may give you an explanation for the commercially sensitive decision rather than direct access to the information.
- 6.3 If we are not required to provide you with access to the information because of one or more of paragraphs 6.1(a) to (i) (inclusive), we will, if reasonable, consider whether the use of mutually agreed intermediaries would allow sufficient access to meet the needs of both parties.
- 6.4 If we charge for providing access to personal information, those charges:
- (a) Will not be excessive; and
- (b) will not apply to lodging a request for access.
- 6.5 If we hold personal information about you and you are able to establish that the information is not accurate, complete and up-to-date, we take reasonable steps to correct the information so that it is accurate, complete and up-to-date.
- 6.6 If we disagree with you about whether the information is accurate, complete and up-to-date, and you may ask us to associate with the information a statement claiming that the information is not accurate, complete or up-to-date, and we will take reasonable steps to do so.
- 6.7 We will provide reasons for denial of access or a refusal to correct personal information.
- 7. Identifiers
- 7.1 We do not adopt as our own identifier for you, an identifier for you that has been assigned by a Federal Government Agency or agent or contracted service provider thereof. However, it is permissible to use your name or ABN (as defined in the A New Tax System (Australian Business Number) Act 1999) and we use names and ABNs as identifiers.
- 7.2 We will not use or disclose an identifier assigned to you by an agency, or by an agent or contracted service provider mentioned in subclause 7.1, unless unless:
- (a) the use or disclosure is necessary for us to fulfil our obligations to a Federal Government Agency; or
- (b) the use or disclosure is required or authorised by or under law; or
- (c) the use or disclosure is by a prescribed organisation of a prescribed identifier in prescribed circumstances.
- 7.3 In this clause identifier includes a number assigned by an organisation to an individual to identify uniquely the individual for the purposes of the organisation’s operations. However, an individual’s name or ABN (as defined in the A New Tax System (Australian Business Number) Act 1999) is not an identifier.
- 8. Anonymity
- Wherever it is lawful and practicable, you have the option of not identifying yourself when providing personal information to us, but this is rarely feasible.
- 9. Trans-Border Data Flows
- As a rule, we do not send information overseas but, in the rare case that we might do so, we only transfer personal information about you to someone (other than us or you) who is in a foreign country if:
- (a) your consent to the transfer; or
- (b) we reasonably believe that the recipient of the information is subject to a law, binding scheme or contract which effectively upholds principles for fair handling of the information that are substantially similar to the National Privacy Principles of the Act; or
- (c) the transfer is necessary for the performance of a contract between you and us, or for the implementation of pre contractual measures taken in response to your request; or
- (d) the transfer is necessary for the conclusion or performance of a contract concluded in your interest between us and a third party; or
- (e) all of the following apply:
if it were practicable to obtain such consent, you would be likely to give it; or
- (i) the transfer is for your benefit;
- (ii) it is impracticable to obtain your consent to that transfer;
- (f) we have taken reasonable steps to ensure that the information which it has transferred will not be held, used or disclosed by the recipient of the information inconsistently with the National Privacy Principles of the Act.
- 10. Sensitive Information
- 10.1 In the Act “Sensitive Information” means:
- (a) health information; or
- (b) personal information which is also about the individual’s:
- (i) racial or ethnic origin;
- (ii) political opinions;
- (iii) membership of a political association;
- (iv) religious beliefs or affiliations;
- (v) philosophical beliefs;
- (vi) membership of a professional or trade association;
- (vii) membership of a trade union;
- (viii) sexual preferences or practices, or
- (ix) criminal record.
- 10.2 We do not currently collect sensitive information about you.
- 10.3 In the future, we will not collect sensitive information about you unless:
- (a) you have consented; or
- (b) the collection is required by law; or
- (c) the collection is necessary for the establishment, exercise or defence of a legal or equitable claim.
See www.privacy.gov.au for more information on Privacy Issues.
Release 1 - 27 January 2010
Copyright © Michael Paterson & Associates 2009