- how and why we collect, store, use and disclose personal information;
- how individuals can access and update personal information held by us; and
- how individuals can make a complaint about how we have handled their personal information.
The types of personal information we collect and hold (and why)
Ascention collects personal information primarily to provide services to our clients. We may collect and hold the following personal information:
- our clients’ and/or their employees’ names and contact details;
- personal information (including sensitive information) about our clients, their employees or third parties in the course of providing our clients with a service;
- personal information from employment candidates provided to us in applications for employment with us.
How we collect personal information
Where it is practical to do so, we aim to collect personal information directly from the individual it relates to. However, there may be circumstances where we need to collect personal information from a third party (such as a client we are providing services to). Also, we may collect personal information indirectly because it is included in a communication with us or because it is part of data held by a client that we need to handle in order to provide services to that client.
Some examples of how we collect personal information include (but are not limited to):
- directly from individuals and clients during telephone calls or in meetings;
- through our website enquiry form and through other forms of communication such as when clients email us;
- by handling data in the course of providing services to our clients, including (but not limited to) project development/implementation services and IT Managed Services; and/or
- through our social media pages and social media networks.
The Privacy Policies for Twitter and LinkedIn can be accessed on their websites.
Storage and security of personal information
We take the security of your personal information seriously. All Ascention staff handle personal information sensitively and in accordance with the APPs.
The personal information we hold is stored electronically on a secured network consistent with industry (or higher) standards. This network has restricted access, and is only accessible by employees and/or agents who have special access rights.
We take all reasonable steps to protect the personal information that we hold from misuse, interference and loss; and from unauthorised access modification or disclosure. These steps include using electronic and physical security measures, such as password protected software and hardware, and/or multi-factor authentication requirements for staff requiring access to specific systems or data.
If we no longer need the physical copies of the personal information we hold, we take all reasonable steps to destroy or de-identify that information. It may be necessary for us to retain personal information to comply with our legal obligations, or for insurance or audit purposes. We may securely store personal information electronically for indefinite periods for IT back up and electronic audit trail purposes.
How we use personal information and for what purpose
We use personal information in order to provide our clients with services.
We may use personal information for audit or quality assessment purposes; billing and invoicing; and for staff and/or client training.
Where necessary, we may also use personal information to enable us to comply with our legal obligations.
We only use personal information in accordance with the APPs, and while maintaining confidentiality.
Disclosure of personal information
In order to provide our services and conduct our business, we may disclose personal information to third parties.
In some limited circumstances this may include sensitive information as defined in the Privacy Act. We do not disclose sensitive information about individuals unless the individual agrees, or would reasonably expect us to do so.
We may disclose personal information that is not sensitive information:
- if the individual to whom the information relates agrees to the disclosure;
- where the disclosure is for the purpose that the personal information was collected;
- in circumstances where the individual about whom the personal information relates would reasonably expect this disclosure to occur; and/or
- where required to do so by law.
In some circumstances, we may disclose limited personal information provided by our clients overseas in order to provide our Help Desk services to our clients. We only disclose personal information overseas in accordance with the APPs and any other contractual data protection obligations.
How individuals can access the personal information we hold about them
Individuals can seek access to the personal information we hold about them by contacting us at the address below under ‘Contact details’. We will need to verify the identity of the person requesting access.
How to update or correct personal information
You can request to update or correct personal information that we hold about you by contacting us at the address under ‘Contact details’.
How to make a privacy complaint
If we are unable to resolve your complaint to your satisfaction, you can contact the Office of the Australian Information Commissioner at:
GPO Box 5218, Sydney NSW, 2001
1300 363 992
To request access to the personal information we hold about you, or to make a privacy complaint, contact the Privacy Officer at:
Phone: +61 2 8004 6475
Address: Ascention Services Pty Ltd, 15 Devere Ave, Belrose NSW 2085