This Privacy Policy applies to all personal information collected by XCEL TECH PTY LTD (“We”/”we” and all derived word forms) via this website located at www.xceltech.com.au (“Website”) from the Website visitors (“You”/”you” and all derived word forms). If the information provided on this Website does not disclose your identity or enable your identity to be ascertained, it will in most cases not be classified as “personal information” and will not be subject to this Privacy Policy.
What is “Personal Information”?
- The Privacy Act 1988 (Cth) currently defines “personal information” as meaning information or an opinion about an identified individual or an individual who is reasonably identifiable:
- whether the information or opinion is true or not; and
- whether the information or opinion is recorded in a material form or not.
(b) If the information does not disclose your identity or enable your identity to be ascertained, it will in most cases not be classified as “personal information” and will not be subject to this privacy policy.
Who can visit the Website?
Anyone may visit the Website without identifying themselves.
If you identify yourself (for example, by providing your contact details in an enquiry form), any personal information you provide to us will be managed in accordance with this Privacy Policy.
Who Has the Right to Refuse to Provide Personal Information?
Anyone can refuse to provide their personal information.
- We respect anyone’s right to decline to give any personal information we request.
- We also respect your choice to hide your identity under a pseudonym in your dealings where it is lawful and practicable to do so (for example, when making a general enquiry on this Website).
- However, it is not practicable for us to deal with individuals anonymously or pseudonymously on an ongoing basis. Refusing to provide personal information may mean we cannot provide some or all of the services requested by you.
Why Do We Collect Personal Information?
- The primary purpose for which we collect personal information is to provide you with the best service experience possible on the Website.
- We collect personal information reasonably necessary to carry out our day-to-day business operations, assess and manage customer and third-party needs, and provide them with services.
- We may also collect information to fulfil administrative functions associated with our business operations, for example billing, entering into contracts with customers or third parties and managing client relationships.
- By using our website, you consent to the receipt of direct marketing material. We will only use your personal information for this purpose if we have collected such information direct from you, and if it is material of a type which you would reasonably expect to receive from us. We do not use sensitive personal information in direct marketing activity. Our direct marketing material will include a simple means by which you can request not to receive further communications of this nature.
Do We Collect Sensitive Information?
We do not collect, use, store or disclose your sensitive information such as:
- racial or ethnic origin;
- political opinions;
- linguistic background;
- family status or household composition;
- membership of a political association;
- religious or philosophical beliefs;
- sexual preferences;
- membership of a trade union or other professional body;
- criminal record; or
- health information (unless requested by Queensland or federal health authorities).
How Do We Collect Personal Information?
- We may collect personal information from you whenever you input such information into the Website.
- We also collect cookies from your computer which enable us to tell when you use the website and also to help customise your website experience. As a general rule, however, it is not possible to identify you personally from our use of cookies.
What Information Do We Collect?
When you enquire about our services or when you become a customer of our company, we will create a record which includes your personal information which will vary depending on the circumstances of collection and the kind of service that you request, but will typically include:
- your full name and contact details (such as e-mail address, postal address, physical address, contact phone number);
- your professional details (such as what company you represent, where your company is located, or what scope of activity your company has); and
- any additional personal information you may provide, or authorise us to collect, as part of interacting with us.
Do We Use Cookies?
- The Website uses cookies. A “cookie” is a small file stored on a computer’s browser, which assists in managing customised settings of the website and delivering content. We collect certain information such as your device type, browser type, IP address, pages you have accessed on the Website and on third-party websites.
- You can use the settings in your browser to control how your browser deals with cookies. However, in doing so, you may be unable to access certain pages or content on the Website.
- The Website may contain links to third-party websites. We are not responsible for the content or privacy practices of websites that are linked to the Website.
- The Website does not necessarily use encryption or other technologies to ensure the secure transmission of information via the Internet. You are encouraged to exercise care in sending personal information via the Internet.
Personal Information About Underage Individuals
- In normal circumstances, we do not collect information about underage individuals.
- In special circumstances, we may collect underage individuals’ personal information when they participate in events we are involved with).
- If we have been made aware that an underage individual’s personal information has been collected by us, or will be collected by us, in such cases where the underage individual does not have sufficient maturity and understanding to make decisions about their personal information, we will require their parents or guardians to make decisions on their behalf. According to the APPs Guidelines referenced above, an individual aged under 15 is presumed not to have capacity to consent.
Disclosure of Personal Information
- We may disclose your personal information in a number of circumstances including the following:
- for a range of our business administration, operational and management purposes including:
- administering billing and payments and debt recovery;
- planning, managing, monitoring and evaluating services;
- quality improvement activities;
- statistical analysis and reporting;
- training staff, contractors and other workers;
- risk management and management of legal liabilities and claims (for example, liaising with insurers and legal representatives);
- responding to enquiries and complaints regarding our services;
- obtaining advice from consultants and other professional advisers; and
- responding to subpoenas and other legal orders and obligations.
- to third parties we engage in order to provide our services to you, including contractors and service providers used for data processing, data analysis, customer satisfaction surveys, information technology services and support, website maintenance/development, printing, archiving, mail-outs and market research. Third parties to whom we have disclosed your personal information may contact you directly to let you know they have collected your personal information and to give you information about their privacy policies.
- where you have engaged us to deliver a service, we may disclose information about you to service providers where this is relevant to our services;
- where you are a customer or participant in an event we are part of or we organise, we may disclose your personal information to our customers and venues where this is reasonably necessary for, and relevant to, the delivery of the event. We may use images or audio-visual recordings which identifies you for promotional purposes where you would reasonably expect the event to occur;
- where your personal information is requested by our related and affiliated companies, located in Australia or overseas; and
- where required or authorised by law (for instance, the COVID-19 vaccination record if requested by Queensland or federal health authorities).
- We may use or disclose personal information to direct marketing services or platforms for the purpose of informing prospective customers about our services, upcoming promotions and events, or other opportunities that may be of interest. If you do not want to receive direct marketing communications, you can opt-out at any time by contacting [email protected] or via our Customer Relationship Management (CRM) system.
- If you opt-out of receiving marketing material from us, we may still contact you in relation to our ongoing relationship with you.
Security of Personal Information
We will store personal information in a manner that reasonably protects it from misuse and loss and from unauthorized access, modification or disclosure.
- We store information in paper-based files or other electronic record keeping methods in secure databases (including trusted third-party storage providers based in Australia or overseas). Personal information may be collected in paper-based documents and converted to electronic form for use or storage (with the original paper-based documents either archived or securely destroyed). We take reasonable steps to protect all personal information from misuse, interference and loss and from unauthorised access, modification or disclosure.
- We maintain physical security over paper and electronic data stores, such as through locks and security systems at our premises. We also maintains computer and network security, for example, using firewalls (security measures for the Internet) and other security systems such as user identifiers and passwords to control access to our computer systems.
- When your personal information is no longer needed for the purpose for which it was obtained, we will take reasonable steps to destroy or permanently de-identify the details included in that personal information through the following means:
- If the information is stored in a hard copy (such as a paper-based register of contact tracing information or printed copies of COVID-19 digital certificates), secure disposal might include methods such as secure shredding before recycling or throwing away; or
- If the information is stored electronically, such as in cloud-based storage, servers, USBs or with a third-party provider, we will ensure that the digital records are permanently destroyed, including in any back-up system or offsite storage.
- If we collect new customer information about a customer and verifies it, we will keep the original customer identification procedure records for the duration of our relationship with the customer and for an additional seven (7) years after we stop providing any designated services to them, in full compliance with AUSTRAC (Australian Transaction Reports and Analysis Centre) regulations regarding record-keeping obligations of Australian companies (for more information, please access AUSTRAC Regulations of Record-Keeping).
Access to Personal Information
- You are entitled to access your personal information we hold on request. To request access to your personal information, contact [email protected].
- No charge will be demanded for making a request to access personal information, but you may be charged for the reasonable time and expense incurred in compiling information in response to your request.
- We will take reasonable steps to ensure that the personal information we collect, use or disclose is accurate, complete and up to date. You can notify us if you notice errors or discrepancies in personal information that we hold about you and also inform us of your personal details change.
- However, if you consider any personal information that we hold about you is inaccurate, out-of-date, incomplete, irrelevant or misleading, you are entitled to request correction of that information. After receiving such request in writing, we will take reasonable steps to correct outdated information.
- We may decline requests to access or correct personal information in certain circumstances in accordance with the Australian Privacy Principles (for instance, you’re your personal information is included in Commonwealth records, which can only be destroyed or altered in accordance with the Archives Act 1983 (Archives Act)). If we do refuse a request, we will provide you with a reason for our decision and, in the case of a request for correction, we will include a statement with your personal information about the requested correction.
Access and Correction
- Australian Privacy Principle 12 permits you to obtain access to the personal information we hold about them in certain circumstances.
- Australian Privacy Principle 13 allows you to correct inaccurate personal information subject to certain exceptions.
- If you would like to obtain access to the personal information we hold about you, contact us at [email protected].
Overseas Transfer
- We will not disclose your personal information to recipients outside Australia with the exception of the terms set out in the section “Disclosure of Personal Information” of this Privacy Policy (see above) or unless the Website visitors expressly request us to do so.
- If you request us to transfer your personal information to an overseas recipient with the exception of the terms set out in the section “Disclosure of Personal Information” of this Privacy Policy (see above), the overseas recipient will not be required to comply with the Australian Privacy Principles, and we will not be liable for any mishandling of your information in such circumstances.
Complaint Handling Procedure
If you are dissatisfied with the manner in which we have handled your personal information, you are invited to follow the procedure described below.
Stage One: Lodging a Complaint with Us
If you have any questions or concerns about this Privacy Policy or about the way in which your personal information has been handled, contact us as follows:
- at any time via the Website;
- on the phone on +61 7 3171 7808 during regular business hours (Monday to Friday, 8:00 AM to 5:00 PM, except public holidays); or
- via email at [email protected].
We will endeavour to rectify mishandling your personal information and provide you with a response in writing within seven (7) days according to the following procedure:
- The Website Administrator will first consider the complaint to determine whether there are simple or immediate steps which can be taken to resolve the complaint. The Website Administrator will generally resolve simple complaints and respond within seven (7) days.
- If the complaint requires more detailed consideration or investigation, the Website Administrator will acknowledge receipt of the complaint within seven (7) days and endeavour to complete investigation into the complaint promptly. The Website Administrator may ask you to provide further information about your complaint and the outcome you are seeking. The Website Administrator will then typically gather relevant facts, locate and review relevant documents and speak with individuals involved.
- In most cases the Website Administrator will investigate and respond to a complex complaint within thirty (30) days of receipt of the complaint. If the investigation may take longer, the Website Administrator will inform you accordingly.
Stage Two: Lodging a Complaint with the OAIC
If you are not satisfied with the Website Administrator’s response to your complaint, or you consider that we may have breached the Australian Privacy Principles or the Privacy Act 1988, you can lodge a complaint with the Office of the Australian Information Commissioner (OAIC). OAIC can be contacted by telephone on 1300 363 992 or by using the contact details on their website (www.oaic.gov.au).
Maintaining the Currency of Personal Information
We will take reasonable steps to ensure all personal information is up-to-date, accurate and complete. If you find that the information we have is not up to date or is inaccurate or incomplete, you are invited to advise us as soon as practicable so that personal information records could be updated to ensure continuity in providing services and operating the business.
If you have any comments about this Website Privacy Policy, please write to [email protected] with your concerns.