About this Policy

Compu-Stor is the trading name of Manford Records Management Pty Ltd. This Privacy Policy sets out how Compu-Stor (collectively, Compu-Stor, we, our or us) will comply with our obligations under the Privacy Act 1988 (Cth) (Privacy Act). We are bound by the Australian Privacy Principles as set out in the Privacy Act, which regulate how we may collect, use, disclose and hold your personal information, and how you may access and correct personal information held about you.

Compu-Stor is committed to providing you with the best possible customer service experience.

We are a Quality Assured company under applicable ISO standards and implement a quality management system in compliance with that standard, which includes in relation to personal information we collect and hold.

This Privacy Policy sets out how we collect your personal information, how we hold it, how we use it and who we disclose it to. It explains what information we may collect from you when you use our websites https://www.compu-stor.com.au/ and https://www.digitaltransformationsolutions.com.au/ (Website) or our products or services. It also explains how you can access and seek correction of your personal information or complain about a breach of your privacy. This Privacy Policy may be amended from time to time if our practices or obligations change.

Given the nature of the services we provide, we collect personal information through the documents we image, scan and store electronically or contained in records we store for in hard copor electronically for our clients.

A current copy of this Privacy Policy is available on our Website or by contacting us on the details provided below. On our Website, you may find links to other websites not operated by us. This Privacy Policy does not apply to those websites – always check the Privacy Policy of any other website you access.

This Privacy Policy is divided into the following separate sections.

1. What information is covered by the Privacy Act?
2. What kinds of personal information do we collect and how?
3. When do we collect your personal information?
4. Why do we collect the personal information and how do we use or disclose it?
5. What is our Cookies policy?
6. Can you choose to remain anonymous?
7. How can you request not to receive direct marketing?
8. Who do we disclose your personal information to?
9. Do we disclose your personal information overseas?
10. How do we hold your personal information and keep it secure?
11. How can you seek access to, and correction of your personal information?
12. How long will we keep your personal information?
13. How can you seek further information or complain about a breach of your privacy?
14. How do you contact us?

What information is covered by the Privacy Act?

“personal information” is information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether the information is true or not, and whether recorded in a material form or not.

“sensitive information”is Personal Information about an individual that includes health information, genetic information, biometric information or templates, or personal information that is also information or an opinion about an individual's race or ethnicity, their religious, political or philosophical beliefs, opinions or affiliations, their sexual orientation or criminal record.

“credit-related information” is information about an individual that includes identification information about that individual, certain information about an individual relating to consumer credit (including eligibility information, repayment history, default and payment information), and information about an individual relating to an application for consumer credit or commercial credit or the individual’s credit worthiness.

What kinds of personal information do we collect and how?

The personal information or credit-related information we collect depends on your relationship with us – whether you are a client, or a prospective employee – and the product or service we are delivering. It may include:

• your contact and professional details (such as name, address, email address, phone number, employer, title);
• delivery and billing address;
• your payment details (such as bank account or credit card details);
• unique name and password for our Website;
• your employment history and qualifications;
• government-related identifiers and information (such as police checks, driver’s licence, working visa); and
• your testimonials, feedback and complaints.

We do not usually collect sensitive information about you and will only do so with your consent unless otherwise required or authorised by law. By supplying sensitive information about yourself, you will be taken to have given your consent to our collection of that information.

When do we collect your personal information?

We collect personal information about you when you:

• contact us by telephone, in person or on-line or lodge requests for a quote for our products and services on-line or in hard copy form;
• pay us;
• are referred to us by one of our clients;
• register and use the secure part of our Website for access to on-line user accounts;
• contribute to one of our social media pages (Facebook, Twitter, Google Plus or Pintrest);
• apply for a job with us;
• participate in our footy tipping; and
• visit our premises – via CCTV footage; and also
• when your personal information is contained in any documents we scan or store.

If you provide personal information about other individuals to us, you must ensure that you have informed those individuals that you are providing their personal information to us and that you have obtained their consent and advised them of our Privacy Policy.

We may also collect personal information about you via third parties including from our suppliers, merchants, direct mail, events or online marketing.

In some circumstances we may receive personal information that we have not requested. If this occurs, we will comply with our obligations under the Privacy Act. You acknowledge that we may de-identify and/or destroy this information unless we are required to keep it by law.

Why do we collect the information and how do we use or disclose it?

We collect, hold, use and disclose your personal information that is reasonably necessary for one or more of our business functions or activities, including to:

• deliver our products and services;
• manage our Website, client system and services;
• develop and enhance our products and services;
• inform you of our new products and services and special offers;
• manage complaints and comply with our legal obligations; and
• investigate security or other incidents and for related purposes.

We may use your personal information for a secondary purpose if that secondary purpose is related to the purposes listed in this clause 4, if we have your consent or if otherwise provided for under the Privacy Act.

Generally, we will only collect and use your personal information in accordance with this Privacy Policy. In the event that we collect or use personal information in ways other than as stated in this Privacy Policy, we will ensure that we do so in accordance with the Privacy Act.

What is our Cookies policy?

When you visit our Website or log in to our client system (CIMS) via our Website, we use cookies to record information about your browsing of the Website and your log in – such as your user ID and log in time from that computer. We may use cookies to collect certain information about your website browsing such as browser type, version and language, operating system, pages viewed while browsing our Website, page access times and referring website address.

We cannot identify you with this information and we use it to gauge visitor traffic and behaviour, and deliver personalised content to visitors to the Website.

You can delete cookies installed on your computer at any time and prevent new cookies being saved and receive notification before installation of a new cookie by configuring your browser software. Check the help section of your browser software for information about how to activate and deactivate these functions. However, you will not be able to log in to our CIMS from any computer that does not accept our cookies.

Can you choose to remain anonymous?

You may elect not to identify yourself or you may use a pseudonym in your dealings with us, including via our Website for some activities, except where it is impracticable for us to deal with you on this basis (for example, we will need to identify you in order to provide most of our products and services and give you access to our secure on-line user accounts). You can always choose not to give us your information or remain anonymous, but if you do, we may not be able to provide you (or our client) with the products and services that you (or they) have asked for or respond fully to your query.

How can you request not to receive direct marketing?

From time to time we may contact you with information about our current and new products and services by e.g. email, mobile messaging, post or telephone, LinkedIn or Facebook. You may ask us at any time to stop sending you direct marketing information or to stop being contacted by or on our behalf, in a particular way or at all. You can do this by emailing us using the details below or by contacting us via our Website.

Who do we disclose your personal information to?

We may disclose your personal information to:

• other companies who provide services on our behalf, including but not limited to customer freight shipping, hosting, data storage, payment systems, printing and scanning providers and debt collectors. We will only disclose to them the personal information they need to deliver their services to us. Compu-Stor takes reasonable steps to ensure that confidentiality and privacy obligations bind these companies in relation to the protection of your personal information;
• to companies that promote and market, or conduct research to help us improve and target, our products and services;
• to social media sites on which we have a presence (LinkedIn and Facebook); and
• where we are required or authorised to do so by law
.

Do we disclose your information overseas?

When making international deliveries, we will need to disclose limited personal information such as contact details and delivery address to providers of freight shipping services who may be located overseas for business related purposes. Such overseas recipients may not be bound by the Privacy Act. We will only disclose your personal information on receipt of your consent. Upon granting your consent, you acknowledge that by consenting to Compu-Stor disclosing your personal information to overseas recipients, APP 8.1 will not apply to the disclosure. This means that we will not be required to take reasonable steps in the circumstances to ensure that the overseas recipient does not breach the APPs in relation to that personal information; and as a result we may not be liable under the Privacy Act if the overseas recipient does not act consistently with the APPs.

How do we hold your personal information and keep it secure?

All Compu-Stor employees must comply with our security requirements including signing a deed of confidentiality when they join us. They are highly trained in all aspects of privacy and confidentiality in relation to protecting personal information we collect and hold.

We take all reasonable steps to ensure that the personal information we hold is protected from misuse, interference and loss, and unauthorised access, modification or disclosure by the use of various methods. Given the nature of the services we provide, all of the information contained in documents we store is kept in highly restricted, swipe card access warehouses that can only be entered by authorised personnel. We maintain a secure, temperature controlled vault and operate CCTV cameras inside and outside our premises.

We also hold personal information in electronic files. We may store it with one or more third party data storage providers (and we require them to keep all information secure and only process it for the purpose for which it was provided). We provide a secure server environment to back up data. Our computers are password protected and we have SSL and firewalls in place.

We may combine personal information we receive about you with other information we hold about you. This includes information received from third parties.

When we no longer require or are required to keep the personal information we hold, we securely destroy it in a secure destruction facility if it is contained in hard copy and we issue destruction certificates. We permanently delete electronic copies from our system.

Please contact us immediately if you become aware or have reason to believe there has been any unauthorised use of your personal information that we hold.

Part IIIC of the Privacy Act established the Notifiable Data Breaches Scheme (NDB scheme) in Australia. The NDB scheme sets out obligations for notifying affected individuals, and the Australian Information Commissioner (Commissioner), about a data breach which is likely to result in serious harm.

Where serious harm to affected individuals is likely, we will notify those individuals and the Commissioner in accordance with our legal obligations. You may contact our Privacy Officer (details below) should you require additional information.

How can you seek access to, and correction of your information?

Access: You have the right to access the personal information we hold about you, subject to some exceptions under the Privacy Act. We may be bound by obligations of confidentiality to our clients that prevent us from disclosing personal information. You can seek access by contacting us at any time at the contact details below. You may be required to put your request in writing for security reasons and we will need to verify your identity before we can give you access.

We will promptly acknowledge receipt, and we will endeavour to deal with and respond to your request within a reasonable time (usually within 5 business days) and give you access in the manner requested if possible, depending on our security protocols.

If we refuse your request for any reason, we will explain our decision in writing, and how you can complain if you are not satisfied with our decision.

You will not be charged for making a request for your personal information. However, we may charge a fee to search for and provide your information based on costs incurred. We will inform you of any fee at the time your request is made to cover these costs.

Correction: If you wish to update your personal information or if you believe that any personal information we hold about you is inaccurate, incomplete, out-of-date or irrelevant, you may ask us to correct it. We may ask you to put your request in writing for security purposes and we will need to identify you. We will take reasonable steps to correct it unless we disagree with your reasons. If we refuse to correct your personal information we will give you a written explanation why. All updates to the information we hold in our on-line management system is audited.

How long will we keep your personal information?

We will keep your personal information only for as long as required for our business purposes and otherwise as required by Australian law.

Where we no longer need to keep your personal information in accordance with this clause 12, we will take reasonable steps to destroy or de-identify your personal information.

If you wish to have your personal information destroyed or de-identified, please let us know and we will take reasonable steps to do so (unless we need to keep it for legal, auditing or internal risk management reasons, or as otherwise required by law).

How can you seek further information or complain about a breach of your privacy?

If you believe Compu-Stor has handled your personal information in a way that is inconsistent with this Privacy Policy or breaches your rights, you can make a complaint. Please put your complaint in writing with sufficient details to enable to us understand your complaint. Our State Manager will be responsible for investigating your complaint and you will receive an initial response from us in 48 hours. We will notify you of our final decision in relation to the complaint and our proposed resolution, as soon as practicable after it is received.

If we are unable to satisfactorily resolve your concerns about our handling of your personal information, you can contact the Australian Privacy Commissioner’s office at:

GPO Box 5218 Sydney NSW 2001 Tel: 1300 363 992 www.oaic.gov.au

How do you contact us?

Please contact us by any of the methods below during business hours, Monday to Friday if you have any questions about this Privacy Policy, or would like further information, or wish to seek access to or request correction of your personal information or you wish to make a complaint.

Phone: 1300 559 778

Post: Attn: Privacy Officer

Compu-Stor PO Box 441 BELMONT WA 6984

E-mail: accounts@compu-stor.com.au

This Privacy Policy was last updated in April 2018.