Protecting Your Privacy
Ochre and Salt Pty Ltd ABN [25 635 401 964] (“Ochre and Salt”) is committed to providing you with exceptional service, and this includes protecting your privacy and being open and transparent about what we do with your personal information. In abiding with the Australian Privacy Principles and the Privacy Act 1988, we take all possible steps to ensure information about you, is not disclosed to or accessed by unauthorised persons.
When we refer to ‘personal information’ we mean information from which your identity is reasonably apparent. This information may include information or an opinion about you.
Collecting your information
In the course of our business we collect and hold information about our customers, including former and potential customers. This information is usually personal information (any information including sensitive information from which your identity is apparent). Generally we only collect personal information from you unless it is not reasonable or practical to do so.
Information we collect from you
We collect personal information about you and your interactions with us, for example if you make an enquiry about our products and services, if you enter into an agreement with us in relation to our products and/or services, there has been a complaint made, and when you phone, email or write to us, or visit our website. The personal information we collect from you may include your name and contact details (including residential address, phone numbers and email address), and any other information we may need to identify you and/or comply with applicable legislation.
When you use our website we may store some information (commonly known as a “cookie”) on your computer when you look at this website. We are able to read these cookies for information purposes when you revisit this website. The type of information we collect as a result of a cookie being accepted by you is specific to your PC and includes the IP address, the date and time the PC visited the website, what parts of this website were looked at and whether the web pages requested were delivered successfully. This information is anonymous; it represents a computer rather than a person. We use the cookie information to improve our knowledge of the traffic and user activation of this web site and to enable us to be able to ascertain whether this website is operating at an optimal level. This allows us to enhance our web offerings to you and to provide an enjoyable and an innovative online experience. You can erase or block this information by changing the settings on your computer (please refer to your help screens or manuals). If you do erase or block this information you may not be able to utilise some features of this website.
Information we collect from others
We also collect personal information from others, such as your lawyer, financial advisor, accountant, agent, goods or service providers and our clients or third party intermediaries and you have agreed for that information to be shared with us. For example when you enquire about our products or services through your representative; or you have provided a trades or finance reference as part of applying to enter into an agreement with us.
Using your information
We collect, use and exchange your personal information so that we can:
establish and verify your identity;
providing, managing or administering our products and/or services provided to you;
process a payment, including credit card payment;
contact you and manage our relationship with you;
identify and tell you about other products or services that we think may be of interest to you (unless you tell us not to);
conduct, manage and improve our business and our customers experience with us;
design, price and administer our products and services;
manage our risks and help identify and investigate illegal activity, such as fraud; and
comply with our legal obligations and assist government and law enforcement agencies or regulators.
We may also collect, use and exchange your personal information in other ways where permitted by law.
If you don’t want to receive direct marketing, you can tell us by emailing our Director at email@example.com.
Exchanging your information
We may exchange (i.e. collect from and disclose to) your personal information with the following parties for the following purposes:
any of our related entities, associated entities, contractors, agents, intermediaries and service providers who provide products or services used by us to assist us to provide our products or services to you. Such as real estate agents, financial consultants, accountants, lawyers, auditors, insurers, valuers, surveyors and advisers;
anybody who represents you, such as finance advisors, lawyers, and accountants;
anyone, where you have provided us consent;
any person considering acquiring an interest in our business or assets;
any organisation providing online verification of your identity or bank account, credit card or other payment information;
those to whom we outsource certain functions, for example, marketing services, administration functions, accounting functions, postage, direct marketing, statement production, and information technology support;
claims-related providers, such as assessors and investigators, who help us with claims;
financial institutions, for example so that we can process a claim for mistaken payment;
any industry body, tribunal, court, government and law enforcement agencies or regulators in relation to any legal, regulatory or compliance matter;
entities established to help identify illegal activities and prevent fraud; and
any person where we are required by law to do so.
We will take all reasonable steps to protect your personal information from misuse, loss, unauthorised access, modification or disclosure. We will destroy or permanently de-identify personal information we no longer need or which we are no longer required by law to retain. We have physical, electronic and procedural safeguards to protect your information which is held by us. Your information, both hard-copy and/or electronic records, are held at our secure office premises and at secure offsite premises using trusted third parties. Our office premises are protected against unauthorised access. Access to information stored, including electronic records which require login and password authorisation, is restricted to our staff whose job purpose requires access. All our staff undertake information security and privacy training. We have firewalls, intrusion detection systems and virus scanning tools to protect against unauthorised persons and viruses accessing our systems.
Wherever it is lawful and practicable, we will give you the option of not providing information when entering into transactions with us. However, in most cases, if you do not provide the full and complete information requested we will be unable to provide our products or services to you.
How do you access your information?
You may ask us what personal information we hold about you, and you may make a request to access to this information at any time. You may make a request by us by contacting our Director (see below contact details). We may ask you to complete a PERSONAL INFORMATION REQUEST FORM and will process your request within a reasonable time and try to make this information available within 30 days of your request. Before we give you the requested information we will need to confirm your identity.
We generally will not charge you a fee in respect of such access but reasonable administrative costs may be charged in some circumstances. If there is an access charge, we will give you an estimate first and ask you to confirm that you would like us to proceed, if you would like us, upfront payment will be required. Generally, the access charge is based on an hourly rate plus any other reasonable costs incurred by us, such as photocopying and postage. We do not need to provide access to your information in several circumstances; for example, the information is commercially sensitive, the request is frivolous or would unreasonably interfere with another person’s privacy or be in breach of the law, or, where to provide access would pose a threat to health or public safety. If we refuse you access we will advise you of our reasons for doing so.
How do you correct or update your information?
You may ask us at any time to correct the information we hold about you or that we have provided to others by contacting our Director (see below contact details). We will process your request within a reasonable time and try to correct the information within 30 days. If it looks like it will take longer, we will let you know the reason for the delay and try to agree to an extended timeframe with you.
If we are able to correct your information because it is inaccurate, we will inform you when it is so corrected.
If we disagree with you that the information is inaccurate and should be corrected, we will inform you in writing of our reasons. You may request that we attach a statement to the information noting that you consider it is inaccurate misleading, incomplete, irrelevant or out-of-date. We will take reasonable steps to comply with such a request.
What can you do if you have a complaint?
If you are not happy in respect of how we have dealt with your personal information or in gaining access to it, please contact our Director to discuss your concerns (see below contact details). If we do not resolve your complaint to your satisfaction or we are unable to resolve your complaint, you have the right to refer the matter to the Office of the Federal Privacy Commissioner – Privacy Hotline on 1300 363 992 or visit their website at www.oaic.gov.au or writing to GPO Box 5218 Sydney NSW 2001.
How to contact us:
Eliza Pross, Director Ochre and Salt Pty Ltd
0431 471 183