Privacy for Victorian organisations such as ours may be governed by various State and Federal laws particularly the Privacy Act 1988 (Cth) (Privacy Act) which includes the Australian Privacy Principles (APP) (Privacy Laws). Depending on the circumstances these laws may also apply to the sending of information overseas. Additionally, there are laws in overseas jurisdictions that must be complied with when information is sent to or gathered from those jurisdictions such as the General Data Protection Regulation (EU) 2016/679 (GDPR) in the European Union.
“Personal Information” is generally defined as being information or an opinion, whether true or not, about an individual who is identified or who is reasonably identifiable (in other words their identity can be reasonably ascertained).
“Sensitive Information” typically includes information about an individual’s racial or ethnic origin, political opinions, religious beliefs or philosophical beliefs, sexual preferences or practices, criminal record, employment and health information provided it meets the definition of Personal Information.
In Victoria health information is dealt with under separate legislation called the Health Records Act 2001 (Vic).
We respect your privacy and understand that it is of paramount importance to you. We are committed to protecting and maintaining the privacy of any of your Information that we deal with and developing and utilising technological resources that give you the most powerful and safe online experience that we can reasonably provide.
In providing our services, including when you access the Cabinetry.Online software
through the CbC Website (the “Services”), we will be transparent about how and why we collect, use and disclose your information.
The Privacy Laws mentioned above contain the APPs which provide for rules on how organisations must handle Information, including such matters as how you can access and correct that Information.
Information on the Privacy Laws and the APPs can be obtained from the Office of the Australian Information Commissioner (OAIC) whose contact details are shown below.
WHAT INFORMATION IS COLLECTED AND HOW IS IT COLLECTED
We may collect and hold the following types of information in order to supply our services:
- identifying details such as your name and questions and answers to security questions;
- contact details such as your address, phone and facsimile number, domain name, email address, skype address and other addresses or contact details;
- financial, commercial and business information about your business partnership or organization such as an ABN/ACN your bank or credit card details;
- anonymous demographic information, such as your post code, age, gender, preferences, interests and favourites;
- information about your computer hardware and software such as your IP address, browser type, domain names, access times, webpages visited, cookies and referring website addresses;
- commercial credit history information and commercial credit scores which may contain information about company directors, secretaries and shareholders including their name, date of birth, appointment date and address;
- log in information including your username and password;
- payment and billing information including account information, billing statements and other payment related information in connection with the purchase of our services;
- records of correspondence and other interactions you have with us;
- information collected from marketing campaigns, product research, surveys and your interactions with us including via social media.
- If you are one of our service providers, we may also collect and hold information about the nature of the goods and services supplied and quotes you have provided
- information such as services that you consider obtaining from us, our suppliers or business associates;
- occupation, employment and position, qualifications, work experience, professional memberships, referee reports, employment history and academic record;
You may provide Information to us in a variety of ways including, but not limited to:
- via our Website or web based forms;
- personally in face to face meetings;
- in the course of our business functions and activities such as in providing products and services to you;
- when you
- register or set up an account to access the CbC Website or the Cabinetry.Online software;
- complete an order form or register to purchase any of our products or services;
- make an inquiry, provide feedback or make a request;
- subscribe to our newsletter;
- interact with us whether in person, online, by email, phone, SMS, social media or in some other form of communication;
- respond to a survey or marketing communication;
- use our communication services such as bulletin boards, chat areas, news groups, forums, webpages or links;
- provide or upload information or otherwise interact directly with the CbC Website or the software;
- make a payment through the online payment system;
or Information may also be provided by other means such as via third party providers, our professional advisers, from publicly available sources and from organisations engaged by us to carry out functions on our behalf such as Amazon Web Services.
Amazon Web Services is the on-demand cloud computing platforms and APIs located at https://aws.amazon.com for individuals, companies, and governments, on a metered pay-as-you-go basis provided by Amazon Web Services Inc. Amazon Web Services manages and maintains servers located in various jurisdictions and is secured by Amazon Web Services software and technology.
We may collect commercial credit history information from a credit reporting agency such as Equifax. The Equifax group of companies in Australia (formerly the Veda group of companies) is an information services and aggregation business. Equifax Australia Information Services and Solutions Pty Ltd operates a credit reporting business in Australia which involves collecting, holding and disclosing personal information which may contain information about company directors, secretaries, other office holders and employees and shareholders.
We may also monitor and record telephone conversations with you from time to time for training purposes and improving our service to you.
We may also receive unsolicited Information in the course of our business activities and we will deal with this unsolicited Information in accordance with the Privacy Laws.
Where possible we will collect Personal Information directly from you or from your authorised representative. If the information is collected from another party, we will contact you, if we are able and it is reasonable to do so in the circumstances, unless an exception applies such as where the collection:
- occurs when you have given your consent or reasonably expect the collection to occur;
- is required or authorised by law;
- is for investigative purposes or to deal with personnel issues; or
- is for the purpose of litigation or for obtaining legal advice.
WEBSITE USAGE INFORMATION & COOKIES
We gather statistical information on our Website to collect information about the number of visitors to the Website. The information gathered is non identifying information and only records the IP address of the visitor. It is used to improve the performance and structure of the Website and to ascertain which areas of the Website are the most popular.
We may also place a unique alphanumeric identifier known as a cookie on your computer hard drive during your visit to our Website. A cookie is used to help identify the number of visitors to our Website and the source of the visits. A cookie does not identify you personally but it does identify your computer. Personal Information cannot be gathered from them. They are simply an identifier shared between you and us to improve the services we offer through the Website.
The purpose of a cookie is to tell the web server that you have returned to a specific page. For example, if you personalise any of our webpages, register with our site or for our services, a cookie helps us to recall your specific information on subsequent visits. This simplifies the process of recording your personal information, such as billing addresses, shipping addresses, and so on. When you return to the same webpage, the information you previously provided can be retrieved, so you can easily use the features that you customised.
You have the ability to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. If you choose to decline cookies, you may not be able to fully experience the interactive features of our Website or our services and this may reduce the functionality of the Website and our ability to provide services to you.
This Website uses Google Analytics, a web analytics service provided by Google Inc. The information generated by the cookie about your use of the Website will be transmitted to and stored by Google Inc on its servers in the USA. Google Inc uses the information to evaluate your use of the Website and compile reports on website activity for our use. Google Inc may transfer the information to third parties where the law requires it and where third parties process the information on Google Inc’s behalf.
We may collect information that links to you individually, for example, if you log in as a registered user of the services provided by us. In that case, we may store information such as pages viewed and links you click on.
We may collect information that is not Personal Information which many include browser name, the type of computer and technical information about the means of connection to our Website, such as the operating system being used and the Internet Service Provider utilised and other such information.
DEALING WITH US ANONYMOUSLY OR BY USING A PSEUDONYM
We will collect Personal Information only where it is provided voluntarily.
Where it is possible and if you wish to do so, you may contact us anonymously or through the use of a pseudonym (unless there is a legislative requirement to the contrary).
So you may have the option of not identifying yourself when you are making an enquiry or providing feedback to us.
You may withdraw your consent to our use of your information, including by opting out of receiving marketing or promotional materials or our newsletters.
If you choose to deal with us in this way, you should bear in mind that there may be instances where we will not be able to respond to you or deal with an enquiry or complaint properly if you do not provide contact details or adequate information.
Additionally, if you do not wish to provide information, or the information you provide is incorrect, in complete or inaccurate we may not be able to:
- provide you with our products or services;
- provide you with access to protected areas of the Website including the ability to utilise the software;
- consider your application for employment with us; or
- respond to your enquiry or request.
WHY IS INFORMATION COLLECTED AND HOW IS IT USED
We collect Information because:
- you have given it to us;
- we need it to provide a product or service you have requested;
- to enable us to provide services and undertake our activities and manage and support our services;
- we need it to manage financial matters such as payments;
- we need it to deal with a complaint (including in relation to privacy);
- we need it for a purpose directly related to the above.
We use information, including personal information, for the primary purpose for which it was collected. In other words, to deliver and manage our services to you.
Information is gathered to improve our service and your experience in using our services. Unless you object, this information is used, but is not limited to:
- manage the relationship between you and us, including to provide you with the information, services, advice and materials requested by you;
- operating, supporting and maintaining the quality of the Website and our software;
- pursue our business activities and functions, including billing and account management;
- providing you with a customised and personalised experience when you use our Website;
- delivering the products and services you have requested;
- identifying, and informing you of offers, events, products and services from CbC, its affiliates and business partners that may be of interest to you (where you have opted in to receive direct marketing);
- providing company news, updates and product and service information;
- providing assistance and customer support;
- providing account maintenance including resetting the password on your account;
- following up on your correspondence, responding to an enquiry or request and providing additional information as requested by you;
- administering and managing our relationship with you including providing access to the platform;
- resolving disputes or addressing complaints;
- in the case of applications for employment, assessing your application for employment with us;
- protecting our property, rights, and security, and the rights, property, and security of third parties;
- monitor who is accessing the Website or using services offered on the Website;
- disclosing business-related data and information (including Personal Information) to a potential buyer or other successors in the event of a merger, divestiture, restructuring, reorganization, dissolution, or other sale or transfer of some or all of our assets, whether as a going concern or as part of bankruptcy, insolvency, liquidation, or similar proceedings; and
- for internal and administrative purposes such as planning, auditing, data analysis, internal benchmarking, reporting, procedural assessments, risk management, product and service development, quality control, staff training, research, accounting and billing;
- comply with the law.
We may also collect, hold, use and disclose your Personal Information for other purposes which are within reasonable expectations, we have told you about at the time we collected the information, or where permitted or required by law.
You consent to us using your Information in the above ways by direct mail, telemarketing, email, SMS and MMS messages.
The nature of the Internet means that some Personal Information may be transferred, stored, processed or used overseas if we outsource activities overseas or if transactions, information, services or products have an overseas connection.
Where you have provided consent to the receipt of direct marketing materials, we will provide you with a means to make a request to not receive such materials.
Your e-mail message content may be monitored by us for trouble-shooting or maintenance purposes or if any form of e-mail abuse is suspected. We will preserve the content of any e-mail you send us if we believe we have the legal requirement to do so.
All personal information which we collect (including your contact details and credit card details) is kept confidential to the best of our reasonable ability. You will appreciate, however, that we cannot guarantee the security of all transmission over the internet.
We adopt appropriate data collection, storage and processing practices and security measures to protect against unauthorised access, disclosure or destruction of your personal information, user name, password transaction information and data stored on our Website.
When we hold, use or disclose your Personal Information we will take reasonable steps to:
• ensure that your information is accurate, complete and up to date;
• protect your information from misuse, loss and unauthorised access, modification or disclosure; and
• destroy or de-identify your information if the information is no longer required for a purpose that is allowed under the Privacy Act.
We conduct regular system audits and staff training to ensure adherence to our protective and Information Technology practices.
We regularly assess the risk of misuse, interference, loss, and unauthorised access, modification or disclosure of Personal Information, and take measures to address those risks including conducting real time monitoring of our security systems efficacy using specialised software tools.
We secure your Personal Information using password protection on computer servers in a controlled, secure environment. When Personal Information (such as a credit card number) is transmitted to other websites, it is protected through the use of encryption, such as the secure socket layer (SSL) protocol and is not stored electronically in our systems.
We also use cloud based solutions in Australia to securely store your personal information. We may, from time to time, expand our operations or change the cloud-based or other secure storage solutions we use. We can do this without notifying you, but we will take reasonable steps to maintain the same level of security and protection.
There are also system and managerial controls which restrict your commercial credit information from being accessed, used or disclosed by anyone other than you, without your consent.
We are committed to handling any suspected or actual data breach expeditiously and in accordance with our data breach reporting obligations.
Although we take reasonable steps, we are not responsible for third party circumvention of security measures on our electronic databases or at any of our premises. We are also not responsible for unlawful access or interception by a third party of any transmissions or private communications.
As a result, while we strive to protect your Personal Information, we cannot ensure or warrant, and do not warrant, the security, privacy or confidentiality of any information, including Personal Information that you transmit to us, and you do so at your own risk.
Further, while we use password controls and other physical and managerial controls to secure your information, we cannot guarantee that only authorised persons will access your Personal Information. Please notify us immediately if you believe there has been any unauthorised access to your information.
You are solely responsible for maintaining the security of your passwords or any account information.
Where the Personal Information we collect is no longer required, we delete it or permanently de identify it.
Nevertheless, we ask that you are cautious about protecting your Personal Information when using digital services that are provided by third parties, such as social media (including blogs, Instagram, twitter, facebook, linkedin etc), as our ability to protect Personal Information in such environments is limited.
In order to carry out the above-mentioned purposes, we may disclose your Personal Information to persons, related bodies corporate or other organisations such as our professional advisers and regulatory bodies. We may also disclose your Personal Information to the organisations from which we collect your information.
We may disclose your Personal Information to third parties to:
- provide the services you wish to use;
- research in order to improve the performance, quality and maintenance of our services;
- customise and promote our services to you;
- provide technical support;
We may also disclose your Personal Information if permitted or required by law or otherwise with your consent.
We do not sell, rent or lease customer lists to third parties and we will not disclose, sell or license any Personal Information about you or make any other use of your Personal Information, for any purpose which is not incidental to your use of this Website or the provision of information by you unless you have provided your express consent or the other circumstances set out in this policy apply.
The types of entities we disclose Personal Information to include:
- companies or individuals we have employed to perform services:
- technology or cloud service providers;
- mailing houses;
- electronic network administrators;
- debt collection agencies;
- lawyers, accountants and business advisors;
- trusted partners;
- credit card processing companies; and
- in the case of employee information, to third parties that manage our payroll system and employee records;
If you request us not to use Personal Information in a particular manner or at all, we will adopt all reasonable measures to observe your request but we may still use or disclose that information if we:
- subsequently notify you of the intended use or disclosure and you do not object to that use or disclosure;
- believe that the use or disclosure is reasonably necessary to assist a law enforcement agency or an agency responsible for government or public security in the performance of their functions;
- believe that such action is required in order to comply with a legal process served on us in relation to our business or Website;
- are required by law to disclose the information.
Often we will impose contractual restrictions on third parties that we enter into contracts with which deal with the collection and use of Personal Information. All third party contractors are engaged in accordance with our obligations under Privacy Laws and prohibited from using Personal Information except to provide their services to us. They are also required to maintain the confidentiality and security of any Information and to honour our privacy and security policies in the handling of Information.
However, in some cases, such as in social media (including blogs, Instagram, twitter, Facebook, Linkedin etc) our ability to apply contractual restrictions is limited.
When using digital, online or mobile platforms we therefore ask that you exercise care and caution in disclosing Personal Information as it is ultimately your responsibility in such situations to be careful.
Third party recipients of Information provided by you may handle the Information in accordance with their own privacy policies and to the maximum extent allowed by law, we are not responsible for the way they handle your Information.
From time to time, we may disclose your Personal Information to overseas recipients if it is necessary to conduct our business, to provide the services to you, or if it is required by law. We will not transfer your information overseas for any other reason without your express consent.
We may disclose Personal Information to third parties overseas where:
- we have an affiliated entity assisting us with our business activities and functions;
- we have a supplier assisting us with our business activities and functions, for example for the supply of domain name services, website design, SEO and other services;
- our Website or any hosting services used to support our services is hosted by us or a third party and the hosting facilities or disaster recovery or backup sites are located overseas;
- a third party application such as email or skype is being used in our interactions with you;
We will take all reasonable steps to ensure that such parties provide commitments to use and protect Information to at least the same level as required under Privacy Laws.
We may share generic aggregated demographic information not linked to any Personal Information regarding visitors and users with our business partners, trusted affiliates and advertisers for the purposes outlined in this policy.
We may use your Personal Information, including your contact details, to provide you with information about products and services, including those of third parties which we consider may be of interest to you.
You may opt out at any time if you no longer wish to receive marketing information. In order to do so you will need to request that we no longer send marketing materials to you or disclose your information to other organisations for marketing purposes. You may make this request by using the contact details provided in this policy or by unsubscribing from email marketing messages.
SURVEYS & NEWSLETTERS
We use both internal survey software and third parties for the collection and analysis of survey data.
Your contact details may be shared with external organisations so that you may be contacted to take part in such surveys to assist us in improving our services.
We will not disclose your Information for any other purpose without your consent.
If you do not want your Personal Information being stored overseas, you can decline to provide it by not taking part in the surveys.
In subscribing to newsletters you are providing us with Personal Information. We will not disclose that information without your consent. You will be asked to provide an email address in order to complete your subscription.
You can unsubscribe at any time and your email address will be listed in a ‘do not contact’ database. This may be done by clicking on the unsubscribe button within each email or newsletter you have subscribed to or you may contact us via the Website.
If you do not wish your information to be stored overseas, please do not submit the Personal Information to us.
HOW TO MAKE ENQUIRIES OR COMPLAINTS AND ACCESS / CORRECT PERSONAL INFORMATION
We welcome feedback about privacy issues and will attend to all questions and complaints promptly.
You have the right to request access to personal information that is held by us about you and we will provide you with that access if it is reasonable and practical to do so.
You also have the right to request the correction of any of your Personal Information that we hold. We will take reasonable steps to make appropriate corrections to Personal Information so that it is accurate, complete and up-to-date.
We may ask you for verification of your identity to ensure that you are seeking to access or correct your own Personal Information.
In certain instances we may charge you a reasonable fee for giving you access of correcting your information but we will not charge you a fee for making a request. We will notify in advance on the details of any fee.
In the unlikely event that we disagree about the accuracy of the Personal Information provided and we are unable or unwilling to change it, we will, to the extent reasonable, provide you a written response as to our reasons. You can make a complaint if you think we have wrongly refused to correct or give you access to your personal information by using the contact details below.
To seek access to, or correction of, your Personal Information or to discuss any privacy issues with us please contact us through our Privacy Officer as follows:
By email: email@example.com
By telephone: +61 3 5254 3274
Physical Address: Privacy Officer
Cabinets by Computer Pty Ltd 192 - 246 Staceys Road Conneware Vic 3227
By mail: Privacy Officer
Cabinets by Computer Pty Ltd 192 - 246 Staceys Road Conneware Vic 3227
Our response will be in writing and may be to provide or refuse access or correction or to advise of an expected timeframe for finalising your request if we encounter difficulties in dealing with your request.
We will acknowledge receipt of your complaint within 5 business days.
If we take more than 30 days to respond to your privacy complaint, or if you are dissatisfied with the outcome, you can make a complaint to the Privacy Commissioner at the Office of the Australian
The OAIC can be contacted as follows:
By email: firstname.lastname@example.org
By telephone: 1 300 363 992
By mail: Office of the Australian Information Commissioner GPO 5218
Sydney NSW 2001
By facsimile: +61 2 9284 9666
If you believe that the information contained in your credit report is inaccurate or incomplete, please contact the credit reporting agency involved.
Last Updated: 9 February 2023