This is the privacy policy of Negotiating Skills Australia ACN 142 855 785 trading as Scotwork Negotiating Skills (we, our, us).
We recognise and respect the importance of your privacy and understand your concerns about the security of the personal information provided to us.
We are sensitive to privacy issues and take seriously the ongoing trust our clients and associates have placed in us. We have committed to compliance with the Privacy Act 1988 (Cth) (Privacy Act), including the Australian Privacy Principles (APPs), which detail how personal information may be collected, used, disclosed, stored and destroyed, and how an individual may gain access to or make complaints about the personal information held about them.
Personal information is information or an opinion about an identified individual, or about an individual who is reasonably identifiable.
Sensitive information, a sub-set of personal information, is information or an opinion about an individual’s racial or ethnic origin, political opinions, political association membership, religious beliefs or affiliations, philosophical beliefs, professional or trade association membership, trade union membership, sexual orientation or practices or criminal record, and includes health information and genetic information.
We are committed to ensuring your privacy is protected. Any personal information you provide to us will only be used in accordance with this privacy policy.
We may collect, use and store different types of personal information about you, which we have grouped together as follows:
Types of Personal Information |
Description |
Contact |
Your name, email address, telephone number, date of birth, residential, billing and/or postal address and occupation. |
Financial |
Your transaction and purchase information including bank account or credit card payment details |
Social-demographic |
Demographic information such as gender, post code preferences and interests. |
Contractual |
Details about the products and services we provide to you. |
Behavioural |
Details about how you use our products and services |
In certain circumstances, we may collect and maintain sensitive information, including health and medical details, dietary requirements and allergies, emergency contacts and next-of-kin details. We will only use sensitive information in order to provide or facilitate medical assistance where first aid or emergency treatment is required, or as otherwise allowed under the APPs.
In general terms, we collect and use your personal information to:
We rely on the personal information we hold about you to efficiently provide our services. For this reason, it is very important that the personal information we collect from you is accurate, complete and up-to-date. To ensure this, we may disclose your personal information to third parties who specialise in data cleansing. We will ensure that third parties to whom we disclose any personal information are bound by confidentiality and non-disclosure agreements, if they are not otherwise required to adhere to the Privacy Act. For the avoidance of doubt, we confirm that the third parties responsible for data cleansing on our behalf do not hold or use the personal information we share with them.
We will primarily collect, hold, use and disclose your personal information where it is reasonably necessary for us to carry out our organisation’s functions and activities. More specifically, the table below explains how we use your personal information and the reasons that we rely on in doing so. Where these reasons include legitimate interests, we explain what these legitimate interests are.
What We Use Your Information For |
Our Reasons |
Our Legitimate Interests |
To deliver our services |
Contractual performance Legitimate interests Legal obligations |
Being efficient about how we fulfil our legal and contractual duties Complying with regulations that apply to us |
To make and manage customer payments |
||
To manage fees, charges and interest due on customer accounts |
||
To collect and recover money that is owed to us |
||
To run our business in an efficient and proper way. This includes managing our financial position, business capability, planning, communications, corporate governance and audit |
Legitimate interests Legal obligations |
Being efficient about how we fulfil our legal duties Complying with regulations that apply to us |
To improve our products and services and keeping you informed of new services and information you may find of interest |
Consent
Legitimate Interest |
To ensure the financial viability of the business |
To exercise our rights set out in contracts and agreements |
Contractual performance |
Fulfilling the terms of contracts |
As referred to in the table above, we may also use your personal information for related purposes which you would reasonably expect, such as providing you with details about other services offered by us, as well as any promotions or offers that may be of interest to you. You can opt out of receiving offers or information at any time by notifying us.
We aim to collect personal information only directly from you, unless it is unreasonable or impracticable for us to do so. We also use a third party to assist in data cleansing and so may also receive personal information about you from third parties. Where appropriate and practicable, we will confirm with you if this information is inaccurate or incomplete and ask that you assist in updating it if necessary.
We may collect personal information about you (or your business) directly or indirectly from you or from third parties as follows:
Personal information you give to us:
Personal information we collect when you use our services:
Personal information from third parties that we work with:
We may share your personal information with the following third parties:
We will ensure that third parties to whom we disclose are bound by confidentiality and non-disclosure agreements, if they are not otherwise required to adhere to the Privacy Act.
Our business is part of a worldwide group of companies. In the course of doing business with you, we are likely to disclose some of your personal information to overseas recipients within our corporate group. However, we will only do so where:
Our overseas affiliates are located in UK and Europe.
We may also disclose your personal information:
When providing our services, we sometimes use systems to make automated decisions based on personal information we have, or have collected from others, about you and/or your organisation. This helps us to ensure that our decision-making is as efficient as possible.
The types of automated decisions we make are as follows:
If you choose not to give your personal information, it may prohibit us from fulfilling our contractual obligations to you and we may not be able to provide the services you have purchased.
You can be anonymous or use a pseudonym when dealing with us, unless using your true identity is a legal requirement or it is impracticable for us to deal with you on such basis.
We will only retain your personal information for as long as necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, accounting, or reporting requirements. This means we will generally hold your personal information for a minimum of 7 years after the end of our relationship with you. We may also hold your personal information for marketing purposes for so long as we have your consent or are legitimately carrying out marketing activity. If you wish to know how long we may hold your particular personal information as a record of a particular matter then please e- mail the Privacy Officer at info.au@scotwork.com.
We have physical, electronic and procedural safeguards in place and takes reasonable steps to ensure that your information is protected from misuse, interference and loss, and from unauthorised access, modification and disclosure.
Your data is stored on Salesforce’s cloud technology which utilizes some of the most advanced technology for Internet security available today including Secure Socket Layer (SSL), encryption, a secure server environment and a firewall.2 In addition to this, data is backed up nightly to tape and is stored on mirrored disks that are mirrored across different storage cabinets and controllers ensuring data reliability.
Your data may also held by Scotwork on Microsoft Azure Infrastructure in Australia and backed up on a daily basis. Microsoft security procedures meet rigorous industry standards for compliance such as ISO 27001, HIPAA, FedRAMP, SOC 1, SOC 2 and Australia IRAP.
2 https://help.salesforce.com/articleView?id=000325217&mode=1&sfdcIFrameOrigin=null&type=1
Any hard copy data (example course registration documents) is stored in our filing cabinets which are only accessible by authorised employees.
Data you provide via our website will be used to:
We will seek your consent for information to be sent to you on the website and provide the opportunity to opt out of further contact with us at any point.
Please be aware that personal information provided by email may not be secure. If you have any concerns regarding the security of the personal information you provide to us via this means, please provide it in an alternate form, such as facsimile or in hard copy.
You have the right to request a copy of the personal information about you that we hold. In most cases, you will be able to gain access to personal and sensitive information held about you by us. We may provide you with this information verbally or in writing, as may be appropriate. Where we do not agree to provide you with details of personal information, we will give you written reasons for our decision.
We rely on the personal information we hold about you to efficiently provide our services. We want to make sure that your personal information is accurate, complete and up to date and you may ask us to correct any personal information about you that you believe does not meet these standards. We will take reasonable steps to amend or correct your personal information to keep it accurate and up to date.
You have the right to ask us to delete personal information about you where:
You have the right at any time to require us to stop using your personal information for direct marketing purposes. In addition, where we use your personal information to perform tasks carried out in the public interest or pursuant to the legitimate interests of us or a third party then, if you ask us to, we will stop using that personal information unless there are overriding legitimate grounds to continue.
In some cases, you may ask us to restrict how we use your personal information. This right might apply, for example, where we are checking the accuracy of personal information about you that we hold or assessing the validity of any objection you have made to our use of your information. The right might also apply where this is no longer a basis for using your personal information but you don't want us to delete the data. Where this right to validly exercised, we may only use the relevant personal information with your consent, for legal claims or where there are other public interest grounds to do so.
If we process personal information that you provide to us on the basis of consent or because it is necessary for the performance of a contract to which you are party, and in either case that processing is carried out by automated means, then you have the right to have that personal information transmitted to you in a machine readable format. Where technically feasible, you also have the right to have that personal information transmitted directly to another controller.
If we use your personal information on an automated basis to make decisions which significantly affect you, you have the right to ask that the decision be reviewed by an individual to whom you may make representations and contest the decision. This right only applies where we use your information with your consent or as part of a contractual relationship with you.
Where we use your personal information with your consent you may withdraw that consent at any time and we will stop using your personal information for the purpose(s) for which consent was given.
Please contact us in any of the ways set out in the Contact information and further advice section if you wish to exercise any of these rights.
In Australia, if we suspect that a data breach has occurred, we will undertake an assessment into the circumstances of the suspected breach within 30 days after the suspected breach has occurred. Where it is ascertained that a breach has actually occurred and where required by law, we will notify the Privacy Commissioner and affected customers as soon as practicable after becoming aware that such a data breach has occurred.
We keep this privacy statement under regular review and will place any updates on this website. Paper copies of the privacy statement may also be obtained by contacting our Privacy Officer at info.au@scotwork.com. We suggest that you visit our website regularly to keep up to date with any changes.
This privacy statement was last updated on 18th February 2020.
Scotwork Negotiation Australia
Privacy Officer
Suite 2 | Level 17 | 25 Bligh Street, Sydney NSW 2000 info.au@scotwork.com
+61 2 9211 3999
We have procedures in place for dealing with your complaints and concerns about our practices in relation to the Privacy Act, and any alleged breach of this Policy. We will respond to your complaint in accordance with the relevant provisions of the APPs.
We seek to resolve directly all complaints about how we handle personal information. The Office of the Australian Information Commissioner requests you to contact us first. Our Privacy Officer can be contacted to discuss or attempt to resolve any complaints relating to the collection, storage and use of your personal information. For further information, please contact our Privacy Officer at info.au@scotwork.com
If for some reason we do not respond within 30 days of your contacting us or if you are unhappy with our response – you have the right to lodge a complaint with the Information Commissioner’s Office. This must be done in writing:
Via online complaint form: https://forms.business.gov.au/smartforms/landing.htm?formCode=APC_PC
By downloading the privacy complaint form: https://www.oaic.gov.au/assets/privacy/privacy- complaints/Privacy-Complaint-Form.docx which can then be emailed (address below), faxed (02 9284 9666 or posted (GPO Box 5218, Sydney NSW 2001)
By email: enquiries@oaic.gov.au
LAST UPDATED: NOVEMBER 2020