Privacy Policy
Effective From 22 July 2015
1. Introduction
This Policy outlines how we deal with “personal information”, which is information about an individual whose identity is apparent, or can reasonably be ascertained, from that information (Personal Information).
Redshift Consulting Pty Ltd (ACN 165 362 970) (we, us or our) has adopted this Privacy Policy, in accordance with the Australian Privacy Principles in the Privacy Act 1988 (Cth) (APPs).
We collect Personal Information in conjunction with our consulting services (Services).
2. How we collect Personal Information
We collect Personal Information in three main ways:
(a) collecting specific information relevant to providing our services to you (Active Collection);
(b) collection via automated electronic means in accordance with standard business practice on the internet (Automated Collection); and
(c) collecting Personal Information from persons other than the individual to which it relates (Third Party Collection).
We engage in Active Collection:
(a) (Contract) when an individual or business contracts with us for services;
(b) (Contact) when an individual or business contacts us via any medium, including telephone, fax or email, or through an inquiry on our website;
(c) (Sub-contractors) when we interview, negotiate or contract with sub-contractors, employees, agents and other personnel;
(d) (Services) when our consulting services require us to analyse and apply our skills to information that contains personal information.
We and some of the third party service providers we use (such as Google Analytics) engage in Automated Collection as follows:
(a) (Logs) when you visit our website or use the Services, our server and analytics service may log details about your visit such as your IP address, the time and duration of visit, the link from which you visited, and information about your browser and operating system; and
(b) (Cookies) we will likely place a cookie on your device when you visit our website.
We engage in Third Party Collection when:
(a) (Client documents and databases) clients provide us with access to their documents or databases containing Personal Information;
(a) (Referrals) a third party refers us business; and
(b) (Research) we conduct research on potential clients, and the individuals associated with those potential clients.
3. The kinds of Personal Information that we collect and hold
Through the processes above, we collect the following categories of Personal Information about individuals:
(a) (Identity Information) name, signature, location, website address, date of birth, nationality, employment details, and educational qualifications;
(b) (Contact Information) email address, social media profiles, telephone & fax number, residential, business and postal addresses;
(c) (Behaviour Information) habits, movements, trends, decisions, webpage views, online activity, associations, memberships, finances, purchases;
(d) (Internet Data) Internet Protocol or “IP address”, referring web site addresses, browser type, operating system, domain name, access times and other data typically collected by analytics services like Google Analytics; and
(e) (Business Information) business or project, if it is run in the individual’s personal capacity, including information on professional affiliations or services offered.
4. How we hold Personal Information
We hold and store Personal Information using:
(a) (Storage Services) third party data storage services, which are businesses that professionally manage information technology infrastructure;
(b) (Business Devices) devices operated by employees of our business; and
(c) (Paper Files) printed paper and archival storage services.
We may combine or link Personal Information about you that we collect on one occasion with Personal Information about you that we collect on other occasions.
5. How we secure Personal Information
We will take reasonable precautions to protect Personal Information from unauthorised access. This includes appropriately securing our physical facilities and electronic networks.
We secure Personal Information that we collect with two factor authentication process for access to hardware containing personal information, passwords, pins, encryption, session expiry, firewalls, and through the use of reputable vendors when we use third party services. For more information on security, please contact us using the contact details below.
Our standard operating procedure for dealing with client files that contain personal information about individuals such as their customers is as follows:
(a) on receipt of the data, delete any portion of the record that contains personal or sensitive information, unless that information is necessary for us to provide our Services; and
(b) at the close of a project, delete or remove digital files and destroy physical files containing client information, unless the information is needed for further Services.
6. The purposes of collection, holding and use
We collect, hold and use Personal Information for the purpose of providing the Services.
Our handling of Personal Information includes holding and using the Personal Information so that we can:
(a) (Communicate) communicate with individuals for the purpose of providing the Services, including notifications, support; communications about our goods and services; marketing and promotions; and competitions, surveys and questionnaires;
(b) (Transact) transact with individuals for the purpose of providing the Services;
(c) (Analyse) analyse and optimise our clients’ business practices; and
(d) (Business Development and UX) assess the progress and success of our Services, develop business opportunities, and enhance client experience of our Services.
We tend not to use information collected via automated means in order to identify specific individuals. Rather, it is generally used for data analysis. For example, we may use cookies and log information to ascertain the number of unique visitors to our website, whether or not those visitors are repeat visitors, and the source of the visits.
7. How and when we share or disclose Personal Information
When we use the services of companies that we work with to provide our Services, this may involve providing some degree of access to Personal Information. Such third party services may include:
(a) (Sub-contractors) consultants with whom we sub-contract to assist us in the performance of the Services; and
(b) (Hosting) Cloud and web hosting service providers, including Dropbox (see https://www.dropbox.com/privacy for details of their privacy practices).
We will only share Personal Information with these third parties to the extent reasonably necessary to perform their functions.
For more information on the third party service providers we use, and their privacy policies, please contact us using the details listed below.
For information on disclosures to overseas recipients, see below.
8. Contacting us to access, change or delete Personal Information
Users may edit content and account details within the Services.
However, you can also contact us using the details below to arrange access or correction to and, where appropriate, deletion of your Personal Information.
Position Title: Office Manager
Email: admin@redshiftconsulting.com.au
We reserve the right to refuse access or correction where there are reasonable grounds for doing so, for example if providing access would be unlawful or would compromise the privacy of another person.
9. Complaints process
(a) If you have a complaint relating to an alleged breach of the APPs, you should contact us using the details listed in the previous section of this Privacy Policy.
(b) When you notify us of a complaint about our handling of your Personal Information, we will deal with the complaint by responding to it in writing within a reasonable period (usually 10 business days from the day we receive your email).
(c) We will endeavour to work with you to resolve the complaint entirely within 30 days, although that period may be longer if it is reasonable to take longer given the nature of your complaint.
(d) If you are unsatisfied with our response, you may make refer the complaint to the Office of the Australian Information Commissioner.
10. Disclosure of Personal Information to overseas recipients
(a) Our use of third party service providers may result in the processing of your Personal Information overseas, including in the United States.
(b) You may not have the same rights in relation to the handling of your Personal Information by overseas recipients as you would under Australian privacy law.
(c) By providing us with Personal Information, you consent to the transfer of your Personal Information to recipients outside Australia.
(d) If you consent to such transfer, we will not be accountable for overseas recipients’ handling of your Personal Information. In any event, we take reasonable steps to ensure that the Personal Information that has been transferred will not be held, used or disclosed by the recipient of the information inconsistently with the APPs.
11. Amendment
We may amend the Privacy Policy at our sole discretion. If you continue to use the Services after receiving notice from us of such an amendment to the Privacy Policy, you agree to be bound by the Privacy Policy as amended.