Privacy policy
Red 29 Pty Limited (‘Red 29’, ‘us’, ‘we’) is committed to protecting your privacy and safeguarding the personal information that we collect and hold about you in accordance with the Commonwealth Privacy Act 1988 (‘the Privacy Act’) and the Australian Privacy Principles (‘APPs’).
The purpose of this privacy policy is to inform you about the way that Red 29 will deal with your personal information.
1. The kinds of information we hold and collect
The Privacy Act defines personal information to be ‘any information or an opinion about an identified individual or an individual who is reasonably identifiable.’1 The information will be considered to be ‘personal information’ whether the information or opinion is true or not and whether the information or opinion is recorded in a material form or not.
If you request services from us (being either ‘consulting services’ or ‘technical support services’, and we agree to provide such services, we will require that you complete a ‘Service Order Form’ or a ‘Statement of Work’, together with a Master Services Agreement. We will require that you nominate individuals within your organisation that you authorise to engage with us. We will collect the following personal information about those nominated individuals: name, title, address, suburb/city, postcode, phone number, fax number, e-mail address, and mobile number.
We do not collect ‘sensitive information’ without your consent and unless it is reasonably necessary for the services we provide to you.2 If we receive sensitive information inadvertently from you, we will only hold and use the information in accordance with the requirements of the Privacy Act and the APPs.
If you log onto our website and read and download information, we will in addition, collect the following non-personally identifying information in relation to each visit to our website:
browser type
version and language
operating system
pages viewed while browsing the site
page access times, and
referring website address.
The collected information is used solely internally for the purposes of gauging visitor traffic, trends and delivering personalised content to you while you are at this site.
You are not required to provide us with your personal information. There are many aspects of our website which can be viewed without providing personal information. However, for access to future Red 29 customer support features you are required to submit personally identifiable information. This may include but is not limited to, a unique username and password, or providing sensitive information in the recovery of your lost password.
If you wish to engage the services of Red 29 but not provide the personal information we require, we may decline to engage with you on the basis that it would be impracticable for us to adequately provide you services in such circumstances.
2. How we collect and hold your personal information
We collect your personal information by requesting that you complete and enter into a Service Agreement and Statement of Work with us and provide your personal details.
We also collect de-identified personal information at any time that you visit our website and browse the web pages.
We store your personal data on a secure electronic database/secure server located within Australia. However, see below regarding disclosure of information to overseas recipients.
3. The purposes for which we collect, hold, use and disclose your personal information
We collect, hold and use your personal information for the purpose of providing you with personalised consulting or technical support services as agreed in the letter of engagement that we enter into with you.
As part of our formal engagement with you, you may choose to authorise us to access your network via a remote connection. This may involve providing us access to your confidential information, including any personal information you may hold in relation to your customers and/or employees and contractors. We will ensure that any Red 29 staff, employees, agents, subcontractors or other representatives of Red 29 treat any personal information accessed in the course of providing services to you strictly in accordance with our obligations under the Privacy Act and the APPs.
We may occasionally hire other companies to provide services on your behalf including but not limited to handling customer support enquiries, processing transactions or customer freight shipping. Those companies will be permitted to obtain only the personal information they need to deliver the service. Red 29 takes reasonable steps to ensure that these organisations are bound by confidentiality and privacy obligations in relation to the protection of your personal information, and that your personal information is only used for the purpose for which it was collected from you.
4. The way you can access the personal information that we hold and seek correction if it is wrong
We rely on you to provide us with up-to-date and correct personal details. If at any time you believe that the information that we hold about you is not accurate, complete or up-to-date, or if your information has changed, please let us know as soon as possible by contacting our privacy officer, whose details are shown below. For security reasons, we may require that you put any such requests in writing.
We do not charge a fee for requesting access to the information we hold about you, however we may do so in some circumstances, where, for example, your request is complex or time consuming. Unless an exception in the Privacy Act applies, we will notify you of the reasons (if any) for denying you access to your personal information.
5. How you can make a complaint and the way we deal with complaints
You may contact our privacy officer at any time if you have further inquiries or you wish to lodge a complaint (email: privacy@red29.net). The privacy officer will consider the complaint and provide you with a response in a timely manner. Where appropriate, the privacy officer will also outline the reasons for any decision that has been made in relation to your complaint.
If you are not satisfied with the response you receive from us, you may contact the Office of the Australian Information Commissioner (by email enquiries@oaic.gov.au or by writing directly to GPO Box 5218 NSW 2001).
6. Whether we are likely to disclose personal information to overseas recipients
Red 29 processes personal information on our servers in Australia. However, in some cases, encrypted data which is stored locally may be replicated and backed up on servers located overseas. As such, your personal information in those circumstances is likely to be disclosed to overseas recipients.
By providing us with your personal information, you are giving your consent to that personal information being disclosed to overseas recipients in the circumstances described above. Whilst Red 29 deals only with reputable service providers when disclosing personal information, it is however important that you are aware that countries outside of Australia may not be subject to any privacy obligations or to any principles similar to the APPs. By giving your consent you acknowledge that APP 8 will not apply to you. This means that if the overseas recipient mishandles personal information and consequently breaches the APPs, Red 29 may not be accountable under the Privacy Act, and you may not be able to seek redress under the Privacy Act.
If you do not wish to provide the consent set out above, or you wish to withdraw your consent, please contact us at privacy@red29.net.
1 Section 6(1), Privacy Act.
2 ‘Sensitive Information’ means information about an individual’s racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual orientation or practices or criminal record (in all cases which is also personal information), health information about an individual, genetic information that is not otherwise health information, biometric information that is to be sued for the purposes of automated biometric verification or biometric identification or biometric templates (section 6, the Privacy Act).