Osmoflo recognises the importance of protecting personal information and has procedures and systems in place for the management of personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).
“Personal information” is information or opinion about an identified, or reasonably identifiable, individual. It includes an individual’s name, date of birth, contact details and may include information about dealings with Osmoflo.
“Sensitive information” includes details about an individual’s racial or ethnic origin, membership of professional or trade associations, membership of Trade Unions, criminal record or health information.
Collection of Personal Information
Osmoflo will collect information which is directly relevant to its business relationships, and is reasonably necessary to collect in order to provide a complete and comprehensive service. Osmoflo collects information about a person where it is necessary to:
- Provide details for inclusion on any Osmoflo database;
- Become a supplier of any goods or services to Osmoflo;
- Provide Osmoflo with contact details;
- Ensure the health, safety and welfare of individuals in relation to their dealings with Osmoflo;
- Maintain appropriate insurance coverage for Osmoflo’s business dealings; or
- Use Osmoflo’s services in any way.
How Osmoflo collects personal information depends on each business relationship; it may be collected through telephone or internet contact or in person. Osmoflo will generally only collect information about a person directly from that person however, where appropriate, it may collect information indirectly from list purchases, or referrals. If Osmoflo comes into possession of any unsolicited personal information, Osmoflo will destroy it as appropriate, as soon as practicable.
Osmoflo will only collect, use or disclose sensitive information about a person if it is reasonably necessary for Osmoflo to do so to carry out its business activities and if that person has consented to Osmoflo doing so or the law enables Osmoflo to do so without consent.
Security of Personal Information
Osmoflo holds personal information in electronic and manual information management facilities which are maintained securely at all times. Hard copies of any personal information will be stored at Osmoflo’s premises in a secure location. Internal access to personal information is controlled such that the relevant persons are authorised only for access that is required by them to enable them to carry out their job function.
Osmoflo takes a number of steps to protect personal information from misuse, loss, unauthorised access, modification or improper disclosure. These include instructing staff who handle personal information that they have a duty to keep customer information confidential and to respect the privacy of individuals.
When Osmoflo no longer requires personal information, Osmoflo will delete, destroy or de-identify it. Use of Personal Information
Osmoflo will only use personal information for the purpose for which it was collected including:
- To provide goods and services and run its business;
- For communications;
- To obtain services of a third party service provider or contraactor as part of providing Osmoflo’s services; and
- Where Osmoflo is required or authorised to do so by law.
Disclosure of Personal Information
While Osmoflo does contract out some of its services, any personal information will not be disclosed to any third parties without the prior consent being obtained from any affected individual. However, this information is accessible to certain authorised officers of Osmoflo.
Osmoflo will not disclose personal information (including email addresses) to any third party for the purpose of allowing them to market their products or services.
Osmoflo does not ordinarily disclose personal information to any overseas recipients but may do so when it is specifically appropriate in order to provide goods or services to a particular client.
Access to and Correction of Personal Information
An individual has a right to access their personal information held by Osmoflo. They may make request to access or correct their personal information by applying to Osmoflo’s Human Resources Department.
Osmoflo will provide copies of the requested records as soon as practicable. If Osmoflo refuses to provide access to the personal information, it will provide a written notice setting out the reasons for the refusal and information about how a complaint can be lodged.
Enquiries and Complaints
If an individual believes there has been a breach of the APPs, they should contact Osmoflo in writing using the details listed below. Osmoflo will respond within thirty (30) days. If the individual has not received a response within thirty (30) days the individual may refer their complaint to the Office of the Australian Information Commissioner.