1.The information outlines how we, Incent Loyalty Pty Ltd, ACN 617 123 636 (“Incent Loyalty” or “we”), an Australian incorporated company, comply with the requirements of:
a)the Privacy Act 1988 (Cth); and
b)the Australian Privacy Principles,
in protecting and maintaining the personal information we hold about you.
2.Personal information is any information or opinion about you from which you could reasonably be identified. For example, this may include your name, email address, residential address and contact details. Personal information includes sensitive information such as:
a)your racial or ethnic origin;
b)political opinions or membership of political associations;
c)religious or philosophical beliefs;
d)membership of a professional or trade association or trade union;
e)sexual orientation or criminal record; and
f)health, biometric information, and genetic information.
Sensitive information is subject to stricter requirements under the Privacy Act 1988.
3.We will work to protect your personal and sensitive information in accordance with the Australian Privacy Principles and the Privacy Act 1988.
1.We collect, hold, use and disclose personal and/or sensitive information for the following purposes:
a) provide you with/administer the products and services you request;
b) unless you tell us otherwise, to provide information on products and services offered by us, and external product and service providers for whom we act as agent (if you have provided us with your email or mobile phone details, we may provide information to you electronically with respect to those products and services);
c)monitoring and evaluating products and service;
d)gathering and aggregating information for statistical, actuarial and research purposes;
e)assisting you with queries;
f)taking measures to detect and prevent fraud;
g)for compliance and risk management purposes;
h)to help prevent and detect illegal activity;
i)to comply with our regulatory obligations, including customer verification under Anti-money laundering laws; and
j)for any purpose related to the above.
2. We may de-identify the information in your Account and your Rewards Profile and share it with third parties on an aggregate basis. For the purposes of this provision, 'Aggregate basis' means the information of many members is combined together to form one measurement or quantity that cannot be used to identify any particular person. For example, a client may be told that their advertising campaign is going to be received by 1,000 members between 18 and 25 years of age, and received by 500 members between 25 and 45 years of age.
3.If you do not provide us with the personal information we request, you will not be able to become a verified member of the Service and/or we may not be able to provide you with the services you have requested.
1. We may use or disclose personal information we hold about you for the purpose of direct marketing. Direct marketing means that we can use your personal information to provide you with information on our products and services that may interest you. This may take the form of emails, SMS, mail or other forms of communication, in accordance with the Spam Act and the Privacy Act.
2.You will receive direct marketing emails from us. If you wish to opt-out of receiving marketing information altogether, you can email us on firstname.lastname@example.org.
INFORMATION WE MAY COLLECT
1.The personal and sensitive information we collect generally consists of name, physical address, date of birth, gender, social media accounts, occupation, education, contact details (including telephone, and e-mail), internet use, shopping preferences and habits and financial information.
2.We also collect information about your internet use. This information includes the URL of any website you visit, and how long you spend on any website, if you make purchases online, other online behaviour. We will only collect the root URL of any website you visit, and will not collect information of any subpages of any website.
3.We are required to identify you if you wish to become a verified member and receive INCNT. Anti-money laundering laws may require us to sight and/or record details of certain documents (i.e. photographic and non-photographic documents such as drivers’ licence, passport, birth certificate) in order to meet the standards set under those laws.
HOW WE COLLECT THE INFORMATION
1. We will only collect personal information about you directly from you (rather than someone else), unless it is unreasonable or impracticable to do so. For example, in order to verify your identity we will need to collect information from a third party such as a digital identity service provider or a credit reporting body.
2.We may collect information when you:
2.communicate with us through phone calls, correspondence, email or when you share information with us from other social applications, services or websites; or
3.fill out a membership application form with us, complete a survey (including electronically) or provide further information to support your membership application or as otherwise requested by us.
DISCLOSURE OF PERSONAL INFORMATION
1.The entities we may exchange your personal information with include but are not limited to:
a)affiliated product and service providers and external product and service providers for whom we act as agent;
b)external product or service providers that help us to provide our services;
c)auditors we appoint to ensure the integrity of our operations;
d)any person acting on your behalf, including your solicitor, settlement agent, accountant, executor, administrator, trustee, guardian or attorney;
e)other persons, including government agencies, regulatory bodies and law enforcement agencies, or as required, authorised or permitted by law;
f)other organisations who in conjunction with us provide products and services (so that they may provide their products and services to you); and
g)service providers with whose applications we have integrated.
2.We may disclose personal information if we outsource certain functions, including bulk mailing, market research, direct marketing, statement production, and information technology support. We also seek expert help from time to time to help us improve our systems, products and services.
3.In all circumstances where personal information may become known to our contractors, agents and outsourced service providers, there are confidentiality arrangements in place. Contractors, agents and outsourced service providers are not able to use or disclose personal information for any purposes other than our own.
4.We take our obligations to protect customer information very seriously, and we make every effort to deal only with parties who share and demonstrate the same values.
DISCLOSING PERSONAL INFORMATION TO CROSS-BORDER RECIPIENTS
5.We may disclose personal information outside of Australia to various service providers or suppliers that we may engage.
6.We will take reasonable steps to ensure that any overseas recipient will deal with such personal information in a way that is consistent with the Australian Privacy Principles.
SECURITY OF PERSONAL INFORMATION
1.We may hold your personal information in either electronic or hard copy form. We are committed to ensure that we protect any personal information we hold from misuse, interference, loss, unauthorised access, modification and disclosure.
2.Accordingly, we have a range of practices and policies in place to provide a robust security environment. We ensure the adequacy of these measures by regularly reviewing them on an ongoing basis.
3.Our security measures include, but are not limited to:
a)educating our staff as to their obligations with regard to your personal information;
b)requiring our staff to use passwords when accessing our systems;
c)encrypting data sent from your computer to our systems during Internet transactions and customer access codes transmitted across networks;
d)employing firewalls, intrusion detection systems and virus scanning tools to protect against unauthorised persons and viruses from entering our systems;
e)destroying and de-identifying data when it is no longer required;
f)using dedicated secure networks or encryption if we transmit electronic data for purposes of outsourcing; and
g)providing secure storage for physical records.
However, we cannot guarantee the security of your information.
ADOPTION, USE, OR DISCLOSURE OF GOVERNMENT IDENTIFIERS
1. We will not adopt a government related identifier of an individual as our own identifier unless required or authorised to do so by or under an Australian law, regulation or court/tribunal order.
2.Before using or disclosing a government related identifier of an individual, we will ensure that such use or disclosure is reasonably necessary for us to verify your identity for the purposes of our activities or functions or required or authorised by law.
ACCESS TO, AND CORRECTION OF, PERSONAL INFORMATION
1.You can request us to provide you with access to the personal information we hold about you. If we deny you access to your personal information, we will let you know why.
2.Requests for access to limited amounts of personal information, such as checking to see what address or telephone number we have recorded, can generally be handled over the telephone.
3.If you would like to request access to more substantial amounts of personal information such as details of what is recorded in your account file, we will require you to complete and sign a “Request for Access to Personal Information” form.
4. Following receipt of your request, we will provide you with an estimate of the charge for processing your request and confirm that you want to proceed. We will not charge you for making the request for access. Any processing charge will reflect the costs we incur in giving you access to the requested personal information.
5.We will respond to your request as soon as possible and in the manner requested by you. We will endeavour to comply with your request within 14 days of its receipt but, if that deadline cannot be met owing to exceptional circumstances, your request will be dealt with within 30 days. It will help us provide access if you can tell us what you are looking for.
6.Your identity will be confirmed before access is provided.
REFUSAL TO GIVE ACCESS, AND OTHER MEANS OF ACCESS
1.In particular circumstances we are permitted by law to deny your request for access, or limit the access we provide. We will let you know why your request is denied or limited if this is the case. For example, we may give an explanation of a commercially sensitive decision rather than direct access to evaluative information connected with it.
2.If we refuse to give access to the personal information or to give access in the manner requested by you, we will give you a written notice setting out the reasons for the refusal, the mechanisms available to complain and any other relevant matter.
3.Additionally, we will endeavour to give access in a way that meets both yours and our needs.
CORRECTION OF PERSONAL INFORMATION
1. We will correct all personal information that we believe to be inaccurate, out of date, incomplete, irrelevant or misleading given the purpose for which that information is held or if you request us to correct the information.
2.Please contact us if any of the details you have provided to us change, or if you believe that the information we have about you is not accurate or up to date.
3.If we correct your personal information that we previously disclosed to another APP entity you can request us to notify the other APP entity of the correction. Following such a request, we will give that notification unless it is impracticable or unlawful to do so.
REFUSAL TO CORRECT INFORMATION
1.If we refuse to correct the personal information as requested by you, we will give you a written notice setting out the reasons for the refusal, the mechanisms available to complain and any other relevant information.
2. If we refuse to correct the personal information as requested by you, you can request us to associate with the information a statement that the information is inaccurate, out of date, incomplete, irrelevant or misleading. We will then associate the statement in such a way that will make the statement apparent to users of the information.
1. Sometimes you may be directed to a third party’s web site where an advertiser or market research company asks you to provide your personal information. It is your choice whether to provide your personal information to that third party. We cannot be held responsible for the privacy practices or actions of any third party.
CONTACT US AND COMPLAINTS
1. If you have any questions or would like further information about our privacy and information handling practices, please email us on email@example.com.
2.We offer a free internal complaint resolution scheme to all of our customers. Should you have a privacy complaint, please contact us to discuss your concerns using the following details:
3. To assist us in helping you, we ask you to follow a simple three-step process:
a)Gather all supporting documents relating to the complaint.
b)Contact the Privacy Officer using the contact details set out above and we will review your situation and if possible resolve your complaint immediately.
c)If the matter is not resolved to your satisfaction, please contact our Complaints Officer on firstname.lastname@example.org
4.If you are still not satisfied, you can contact the Office of the Australian Information Commissioner using any of the following details:
GPO Box 5218
Sydney NSW 2001
Phone: 1300 363 992
Effective: January 2018