PRIVACY POLICY
Lowbake Digital Pty Ltd (we, our, us) recognises and respects the importance of your privacy and understands your concerns about the security of the personal information provided to us.
We are sensitive to privacy issues and take seriously the ongoing trust our customers have placed in us. We have committed to compliance with the Privacy Act 1988 (Cth) (Privacy Act), including the Australian Privacy Principles (APPs), which detail how personal information may be collected, used, disclosed, stored and destroyed, and how an individual may gain access to or make complaints about the personal information held about them.
Scope
This Privacy Policy (Policy) describes how we collect and process your personal information. By submitting your personal information to us, you acknowledge that you have read and understood, and agree to the use of your personal information in accordance with this Policy.
We reserve the right to revise this Policy or any part of it from time to time. Please review the Policy periodically for changes.
Definitions
Personal information means information and/or opinion (including information or opinion forming part of a database), whether true or not, and whether recorded in a material form or not, about an individual who is identifiable, whose identity is apparent, or whose identity can reasonably be ascertained, from the information or opinion.
Sensitive information, a sub-set of personal information, is information or an opinion about an individual’s racial or ethnic origin, political opinions, political association membership, religious beliefs or affiliations, philosophical beliefs, professional or trade association membership, trade union membership, sexual orientation or practices or criminal record, and includes health information and genetic information.
What personal information we collect and hold
We aim only to collect personal information by lawful and fair means, in accordance with the Privacy Act. In the course of doing business with you, we endeavour to collect business information only. However, the collection of personal information in some instances is necessary or unavoidable.
We aim only to collect personal information for purposes which are reasonably necessary for, or directly related to our business functions, the provision of our goods and services, and other activities as permitted under the Privacy Act.
In our business, we provide digital services, including SIMs, apps and customer portal interfaces, and provide data storage services, in respect of connected equipment. The kinds of personal information we collect from you or about you depend on the transaction you have entered into with us, the goods / services you or your organisation have contracted us to provide, and the goods / services you or your organisation are interested in.
If you are a current or prospective customer of our digital services, apps and portals, then the kinds of personal information that we commonly collect and hold from you or about you include, for example:
· your contact details, including email address, mailing address, street address and/or telephone number;
· your installation address;
· your account name, password and other login details;
· your bank account or credit card payment details;
· details of the goods / services we have provided to you and/or that you have enquired about, and our response to you;
· details of any data stored in the online system of the goods;
· SIM details including sim card number, service number, etc;
· IP address and device connection details;
· associated contact with end customers of our goods and services;
· personal information provided or collected in relation to the operation and administration of our portal; and
· any other personal information requested by us and/or provided by you or a third party.
If you are a contractor to our business, then the kinds of personal information that we commonly collect and hold from you or about you include:
· your name;
· your address:
· your contact phone number;
· License details (if applicable);
· Insurance details (if applicable).
Generally, we do not collect sensitive information. However, we may collect sensitive information from you or about you where there is a legal requirement to do so, or where we are otherwise permitted by law. In all other situations, we will specifically seek your consent.
You have the option of not identifying yourself or of using a pseudonym when dealing with us, unless the use of your true identity is a legal requirement or necessary to complete the enquiry or transaction.
Cookies
When you browse our website, use our apps and portals, contact us electronically, or engage with us on social media, we may also record geographical tagging, cookies, your IP address and statistical data from your activity. We may use your personal information to customise and improve your user experience on our website and other social media platforms. By using our website you agree that we can record this information from your device and access them when you visit the site in the future.
If you want to delete any cookies that are already on your computer, please refer to the help and support area on your internet browser for instructions on how to locate the file or directory that stores cookies. Please note that by deleting our cookies or disabling future cookies you may not be able to access certain areas or features of our site.
Our website may also contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
How we collect and hold personal information
We aim to collect personal information only directly from you, unless it is unreasonable or impracticable for us to do so. For example, we may collect personal information directly from you through your telephone calls and other interactions with our employees and contractors, your emails and other correspondence to us or our employees and contractors, your account set up, enquiries, data collected and stored through your use of the software contained within the goods, and contracts for the purchase of our goods and provision and use of our services.
In some instances we may also receive information about you from third parties. Where we obtain personal information about you from third parties we will inform you. As an example, we may collect personal information from you or about you from our trading partners including from our customers who buy our goods and services, or from our customers who utilise our portal services in conjunction with the operation of their physical goods and services. This enables us to remain across and take steps to rectify any complaints or concerns regarding our goods and services.
Our app and portal services are provided to a range of suppliers of various physical goods, services and equipment, whereby our digital interfaces provide [xxx] [MK3] in respect of those physical goods, services and equipment.
Our data storage services are also provided to a range of businesses. Where we offer data storage services, we will obtain and store the personal information that you have provided to your relevant goods and/or services provider.
We will record your email address if you send us an email.
We will ensure that all unsolicited personal information will be afforded the same privacy protection as solicited personal information.
Where unsolicited personal information is received:
· we will assess whether we could have collected the information directly from you; and
· if not, then we will destroy or remove identifying components in the information as soon as practicable, but only if lawful and reasonable to do so.
Why we collect, hold, use and disclose personal information
We will collect, hold, use and disclose your personal information where it is reasonably necessary for us to carry out one or more of our business functions and activities. For example, we collect, hold, use and disclose your personal information as necessary to operate our digital services, apps and portals, provide our goods and services to you, your organisation or end customers. Your personal information associated with the use of our digital services, apps and portals may be directly collected by us, or disclosed to us by the manufacturer, seller, installer and/or warranty provider of your relevant products.
If we do not collect, hold, use or disclose your personal information, or if you do not consent, then we may not be able to answer your enquiry, complete the transaction you have entered into, or provide the goods and services that you or your organisation have contracted us to provide. In some instances, the level of personal information that you choose to provide may impact the extent or range of availability of our goods and services (eg, impact the customisation of your browsing experience on our website, and/or impact the level of functionality you can achieve from our digital services, apps and portals).
We also collect, hold, use and disclose your personal information for purposes related to our business that you would reasonably expect, such as our administrative and accounting functions, record keeping, payment processing, fraud checks, providing you with information about other goods and services offered by us, providing you with information about launches of new goods and services, marketing and promotions, market research, customer feedback and quality assurance surveys, warranty claims, troubleshooting and helpdesk, potential product recalls, statistical collation, social media analysis and website traffic analysis.
Where we wish to use or disclose your personal information for other purposes, we will obtain your consent.
Where we use your personal information for marketing and promotional communications, you can opt-out at any time by notifying us. Opt-out procedures are also included in our marketing communications.
We may also collect, hold, use and disclose your personal information in circumstances that are required or permitted by law, where that is necessary for us to comply with our legal obligations.
We may disclose or transfer your personal information to IT providers, subcontractors and other third party service providers that assist with the operation of our digital services (including our website, apps and portals), payment gateways, the provision of our services, and the performance of associated activities.
We may disclose your personal information to law enforcement authorities or other government officials, only when permitted or required by law or by legal process (eg. when necessary to prevent physical harm or financial loss, or in connection with an investigation of suspected or actual fraud or illegal activity).
If our business is acquired or merged with another company, your personal information may be transferred to the new owners so that they may continue to operate and support our digital services offerings.
How we hold, store and keep secure your personal information
Your personal information is held and stored electronically, on paper, or both. We have physical, electronic and procedural safeguards in place for personal information and take reasonable steps to ensure that your information is protected from misuse, interference and loss, and from unauthorised access, modification and disclosure. For example,
• Data held and stored electronically, including “in the Cloud”, is protected by internal and external firewalls, limited access via file, user password and network passwords, and files can be designated read-only or no access. We also require our IT contractors and other third parties to implement privacy safeguards.
Destruction and de-identification
We take steps to protect the personal information we hold against loss, unauthorised access, use, modification or disclosure and against other misuse.
We will retain your personal information whilst it is required for any of our business functions, or for any other lawful purpose.
We will take reasonable steps and use secure methods to destroy or de-identify personal information that is no longer required for any purpose for which the personal information may be used under this Policy in accordance with the Privacy Act.
As an example, our destruction and de-identification methods may include:
· Paper records being placed in security bins and shredded; or
· Electronic records being deleted from all locations, to the best of our ability, or encrypted and/or placed beyond use.
Overseas Disclosure
Our business is affiliated with other businesses located overseas. In the course of doing business with you, we may disclose some of your personal information to overseas recipients, particularly where we have identified commercial opportunities that may benefit you. However, we will only do so where:
· it is necessary to complete the transaction you have entered into; and
· you have provided consent; or
· we believe on reasonable grounds that the overseas recipient is required to deal with your personal information by enforceable laws which are similar to the requirements under the APPs; or
· it is otherwise permitted by law.
Our overseas affiliates provide data storage, troubleshooting and support desk and IT and marketing types of services for our business, and are located in India and the Philippines.
Requests for Access and Correction
We will take reasonable steps to ensure that the personal information we use or disclose is accurate, complete and up to date, having regard to the purpose of the use or disclosure.
When you request access to the personal information we hold about you, or request that we change that personal information, we will allow access or make the changes unless we consider that there is a sound and permitted reason under the Privacy Act or other relevant law to withhold the information and/or not make the changes.
In most cases, we expect that we will be able to comply with your request. However, if we do not agree to provide you access or to correct the personal information as requested, we will give you written reasons why. For further information, please contact us.
We will provide you with written notice if we refuse to correct the personal information as requested by you. The written notice will set out:
· the reason for refusal (unless this would be unreasonable);
· the mechanisms available to complain about the refusal; and
· any other matter prescribed by the Privacy Act.
We will respond to a correction request within a reasonable period. We will not charge for making the request, for correcting the information, or for associating any statement with the personal information.
To assist us to keep our records up-to-date, please notify us of any changes to your personal information.
Data Breaches
In Australia, if we suspect that a data breach has occurred, we will undertake an assessment into the circumstances of the suspected breach within 30 days after the suspected breach has occurred. Where it is ascertained that a breach has actually occurred and where required by law, we will notify the Privacy Commissioner and affected customers as soon as practicable after becoming aware that a data breach has occurred.
Complaints and Concerns
We have procedures in place for dealing with your complaints and concerns about our practices in relation to the Privacy Act and the APPs, and any alleged breach of this Policy. We will respond to your complaint in accordance with the relevant provisions of the APPs.
Our Privacy Officer can be contacted to discuss or attempt to resolve any complaints relating to the collection, storage and use of your personal information. For further information, please contact our Privacy Officer at [email protected]
Contact Us
Privacy Officer
Lowbake Digital Pty Ltd
20 Luisa Ave, Dandenong South VIC 3175, Australia
Phone: +61 3 9794 8533
Email: [email protected]
Last updated: October 2024