Accsys Consulting is bound by the Privacy Act 1988 (Cth) (the Act) and the Australian Privacy Principles (APPs) contained in Schedule 1 of that Act. The APPs govern how we can handle and manage “personal information”, including “sensitive information”, about our clients, or other persons who have business with the firm and employees.
The Act defines “personal information” as information or an opinion about an identified individual or an individual who is reasonably identifiable, whether true or not, and whether recorded in material form or not. Some personal information is also “sensitive information” and is afforded a greater level of protection under the Act.
We collect information about you that is reasonably necessary for us to carry out our functions and activities, being financial management and information technology consulting services for public and private sector organisations.
Types of personal information we may collect and hold include:
We may collect this information from you directly, or from other third parties (such as private businesses, not-for-profit organisations or government agencies that we have contracts with) where you consent, where it is unreasonable or impractical to collect the information from you directly, or where we are required or authorised to do so by law.
Given the nature of the work we do, we may come into contact with personal information held in our clients’ systems. We will not handle, use or disclose this information unless it is reasonably necessary for us to perform our duties.
Privacy, information security and client confidentiality are important to us and we take care to handle all information, including client files, with care and in confidence. Where possible, we do not store client data on our personal computers, but if it is necessary to do so then appropriate IT security measures are employed. Any client data that we come into contact with is kept secure and disposed of through our secure document destruction service if no longer required.
In general, we collect your personal information in order to deliver our services and managing our business, including:
For the purposes set out above, we may disclose your personal information to third parties from time to time under instruction from our clients (e.g. to auditors). We may also disclose information about our employees to the Australian Taxation Office and to superannuation funds as required or authorised by law.
We use and disclose personal information for the purpose(s) for which it is collected. We will only use personal information for secondary purposes where we are permitted to do so in accordance with the Act. For example: where you have consented, for a reasonable expected secondary purpose related to the primary purpose, or where it is required or authorised by law.
Accsys Consulting may, on occasion, disclose personal information to overseas recipients. This includes:
These recipients may have servers and processing centres located in the United States of America as well as other locations around the world. You may contact us at 2 Napier Close, Deakin ACT 2600 to find out further specific details in relation to any overseas recipients your information has been provided to.
Subject to exceptions set out in the Act, you may gain access to or request amendment of personal information which Accsys Consulting holds about you by contacting us at 2 Napier Close Deakin ACT 2600.
We will require you to verify your identity and to specify what information you require or wish to amend. A fee may be charged for providing access. We will advise you of the likely cost in advance.
We will respond to your request within a reasonable period.
Accsys Consulting is committed to protecting the personal information we hold. In accordance with the APPs, we take reasonable steps to protect personal information from loss, misuse, interference and unauthorised access, modification or disclosure. This includes using physical and information security measures, restricted access to physical and electronic records and staff training and procedures.
Where we no longer require your personal information for any permitted purpose under the APPs, we will take reasonable steps to destroy it.
If you believe we may have breached your privacy, you may contact us to make a complaint at 2 Napier Close Deakin ACT 2600. In order to ensure we fully understand the nature of your complaint and the outcome you are seeking, we prefer that you make your complaint in writing.
It may be difficult to properly investigate or respond to a complaint if you provide insufficient information on the circumstances giving rise to your complaint. You may submit an anonymous complaint, however if you do it may not be possible for us to properly investigate and respond to you.
If you are not satisfied with the way we have handled a privacy complaint in the first instance, you may contact the Office of the Australian Information commissioner (www.oaic.gov.au) to refer your complaint for further investigation.