1.1 O’Brien Accountants & Advisors (Company) respects your privacy and is committed to protecting your privacy. The Company understands the importance you attach to information that identifies you (your ‘personal information’) and we want to help you protect it.
2. How do we collect personal information from you?
2.1 We will only collect personal information which you have voluntarily provided to us or consented to us collecting the information. We may collect personal information about you in a variety of ways, for example:
2.2 From time to time, you may be able to visit our website or deal with us anonymously or by pseudonym. However, we require certain personal information to be able to provide you with the services and information you request. If you do not provide us with certain personal information, we may not be able to provide you with access to those services or respond to your request.
3. What type of personal information do we collect?
3.1 The type of personal information we may collect from you includes (but is not limited to):
4. How do we use your personal information?
4.1 The Company will use the information you supply for the purpose of providing you with the service(s) agreed under our engagement, such as accounting or business advisory services.
4.2 We may also use the information we collect for our internal business and management processes (for example, accounting or auditing purposes), monitoring and improving our website, keeping you informed about our services and company news, and for any other purposes that would be reasonably expected by you and to allow us to comply with our obligations under the law.
4.3 The Company may also use your personal information for the purpose of marketing our services. If you do not want to receive marketing material from us, you can unsubscribe by contacting us as detailed below:
5. How do we disclose your personal information?
5.1 Your personal information will only be disclosed to those employees or consultants of the Company related to the agreed provision of services. Depending on the nature of the engagement, we may need to disclose your personal information to third parties which may include service and content providers (for example accounting or auditing service providers or our website hosting service providers), dealers and agents, or our contractors and advisors.
5.2 Important Notice: in the event that the processing or use of your personal information involves the disclosure of any information outside Australia, you acknowledge that by providing us with your personal information, you consent to such overseas disclosure. By consenting to such disclosure, you acknowledge and accept that:
5.3 The Company shall not knowingly provide personal information to any third party for any other purpose without your prior consent unless ordered to do so by a law enforcement body, court of law or other governmental or regulatory body or agency.
5.4 The Company may store, process or back-up your personal information on servers that are located overseas (including through third party service providers). The privacy laws in other countries might not be the same as in Australia. However, where the Company provides your personal information to third parties overseas, the Company will take such steps as are reasonable to ensure that your information is handled and stored in accordance with Australian privacy laws and this Policy.
6. Access to your personal information
6.1 You can request us to provide you with access to personal information we hold about you by sending us an email: email@example.com (no spam please) or writing to us at Suite 2, 50 Upper Heidelberg Road, Ivanhoe, Victoria, 3079.
6.2 We may allow an inspection of your personal information in person, or provide copies or a summary of relevant documents, depending on what is the most appropriate in the circumstances. Any charge we make for providing access will be reasonable and will not apply to lodging a request for access. Your request to access your personal information will be dealt with in a reasonable time.
6.3 Note that we need not provide access to personal information if a request is frivolous, or where to provide access would pose a threat to health or public safety, unreasonable interference with another person’s privacy, or be a breach of the law. If we refuse access, we will provide you with reasons for doing so.
7. Accuracy and correction
7.1 To enable us to keep our records properly, please notify us if you believe that any information we hold about you is inaccurate, incomplete or out of date and we will take reasonable steps, in the circumstances, to ensure that it is corrected. You can notify us by sending us an email: firstname.lastname@example.org (no spam please) or writing to us at Suite 2, 50 Upper Heidelberg Road, Ivanhoe, Victoria, 3079.
8. Our security procedures
8.1 The Company takes your privacy very seriously. We will take reasonable steps in the circumstances to protect any personal information you provide to us from misuse, interference or loss and unauthorised access, modification and disclosure.
8.2 We will also deidentify and destroy the personal information we hold about you once our legal obligations cease. Our security procedures are reviewed from time to time and we update them when relevant.
8.3 Please be aware that the transmission of data over the internet is never guaranteed to be completely secure. It is possible that third parties not under the control of the Company may be able to access or intercept transmissions or private communications without the Company’s permission or knowledge. The Company takes all reasonable steps, in the circumstances, to protect your personal information. However, we cannot ensure or warrant the security of any information you transmit to us. Such transmissions are done at your own risk.
9. Data breach notification
9.1 Under the Privacy Amendment (Notifiable Data Breaches) Act 2017 (Cth), the Company is required to give notice to the Office of the Australian Information Commissioner (OAIC) and affected individuals of an “eligible data breach”. This means that if we hold personal information about you, and there is unauthorised access to or disclosure of your personal information, and if you, as the “affected individual” would be likely to suffer serious harm from this access or disclosure, we must notify both you and the OAIC.
9.2 “Serious harm” could include identity theft, threats to physical safety, economic and financial harm, harm to reputation, embarrassment, discrimination or harassment. The test is whether a “reasonable person” would expect you to suffer serious harm.
9.3 If you are likely to suffer serious harm from a data breach, we will notify you of:
9.4 We will notify you using the same method that we usually use to communicate with you. If it is not practicable for us to notify you personally, we will publish the notification on our website.
9.5 There are some circumstances in which we do not have to notify you of a data breach. These include:
9.6 Depending on the nature of the breach and the harm, we will also consider informing other third parties such as the police or other regulators or professional bodies.
10.1 We will not adopt as our own, any government identifiers you may provide to us such as TFNs etc.
11. Links to other sites
12. Collecting data
12.1 The Company’s website may deposit “cookies” in a visitor’s computer. Cookies are pieces of information that a website transfers to an individual’s hard drive for record keeping purposes. Cookies are only sent back to the website that deposited them when a visitor returns to that site.
12.2 Cookies make it easier for you by saving your preferences while you are at our site. We never save personal identifiable information in cookies. Most web browsers are initially set up to accept cookies. You can, however, reset your browser to refuse all cookies or to indicate when a cookie is being sent.
14. Complaints resolution
14.1 The Company is committed to providing a fair and responsible system for the handling of complaints from parties whose personal information we hold. If you have any concerns regarding the way we have handled your privacy, please send us an email at email@example.com or write to us at Suite 2, 50 Upper Heidelberg Road, Ivanhoe, Victoria, 3079. We will address any concerns you have through our complaints handling process and we will inform you of the outcome of your complaint within a reasonable timeframe.
14.2 If after receiving our response, you still consider that your privacy complaint has not been resolved, you may refer your concerns to the Office of the Australian Information Commissioner at www.oaic.gov.au