1.2.2 it will then apply through your acceptance of it by subsequent or continued use of the Platform and/or our Services.
2.1 Primary purpose. We collect your personal information to lawfully carry out our functions and activities and provide you our Services (Primary Purpose).
2.2 Related purposes. In addition to the Primary Purpose, we may use the personal information we collect and you consent to us using your personal information to:
2.2.1 provide you with further information about the Services you requested and any other services and events you may be interested in;
2.2.2 personalise and customise your experiences with us;
2.2.3 help us review, manage and enhance our Services and develop insights used in reports or other content developed by us;
2.2.4 when considering making offers to job applicants and prospective employees or for employment purposes
2.2.5 communicate with you, including by email, telephone and mail;
2.2.6 conduct surveys or promotions;
2.2.7 to process payments and administer your account;
2.2.8 investigate any complaints about or made by you, or if we have reason to suspect you have breached any relevant terms; or
2.2.9 as required or permitted by any law.
3.1 Personal information we collect about you may include:
3.1.1 identification information such as your name, address, telephone number, gender, hobbies, interests, email address and location; and
3.1.2 financial Information such as identification documents, passwords, credit card details, bank account details and other related financial information.
3.2 We will only collect, hold, use or disclose your sensitive information with your consent.
4.1 It is our policy to protect customers sensitive data related to payment processing at all times through the use of secure banking technology.
4.2 We do not collect and store your credit card number. PCI Compliance is managed by NAB Bank via their ecommerce enabled gateway, NAB Transact which truncates and hides all but the first 6 and the last 3 digits of your credit card number as soon as the transaction is processed.
5.1 How we collect. Your personal information may be collected:
5.1.1 when you complete an application, consent, purchase, account sign-up or similar form in paper, via our Platform or otherwise;
5.1.2 when you contact us to make a query or request;
5.1.3 when you post information or otherwise interact with the Platform, including when you provide information to a user group, a forum post, private member messaging and or chat messages;
5.1.4 when you participate in one of our Services, competitions or surveys;
5.1.5 from those who request our Services on your behalf, including your agents and representatives;
5.1.6 from publicly available sources of information;
5.1.7 from government regulators, law enforcement agencies and other government entities;
5.1.8 from business contacts, external service providers and suppliers;
5.1.9 from prospective employees; or
5.1.10 by other means as we will reasonably inform you of (as relevant).
5.5 Anonymity. You are not obliged to give us your personal information. If you would like to access any of our Services on an anonymous basis we will take reasonable steps to comply with your request, however:
5.5.1 you may be precluded from taking advantage of some of our Services; and
5.5.2 we will require you to identify yourself if:
5.6 Destruction. We will destroy or de-identify your personal information if the purpose for which we collected the personal information from you no longer exists or applies. Where a relevant legal requirement otherwise applies, we will retain in a secure manner your personal information for a period of seven years after which we may destroy it.
6.1 Primary use. We will only use and disclose your personal information:
6.1.1 for purposes which are related to the Primary Purpose; or
6.1.2 if we otherwise get your consent to do so,
6.2 We will not use your personal information for any purpose for which you would not reasonably expect us to use your personal information.
6.3 We will not sell, trade, rent or licence your personal information to third parties.
6.4 Direct marketing. At the time you provide your personal information, we will offer you a choice as to whether you want to receive direct marketing communications about services. If you choose not to receive these communications, we will not use your personal information for this purpose. We will otherwise only use or disclose your personal information for the purposes of direct marketing if:
6.4.1 we collected the information from you;
6.4.2 it is reasonable in the circumstances to expect that we would use or disclose the information for direct marketing purposes;
6.4.3 we provide you with a simple means to ‘opt-out’ of direct marketing communications from us; and
6.4.4 you have not elected to ‘opt-out’ from receiving such direct marketing communications from us.
6.5 You may opt out of receiving such communications by:
6.5.1 checking the relevant box on the form used to collect your personal information;
6.5.2 clicking a link on the email communication sent to you; or
6.5.3 contacting us using our contact details below.
6.6 We may offer you the opportunity to receive information from third parties regarding products or services that may be of interest to you. If you choose to receive such information, we may forward messages from such third parties to you. If we do so, we will not provide such third parties with any of your personal information.
7.1 How we disclose. We may disclose personal information and you consent to us disclosing such personal information to:
7.1.1 third parties engaged by us to perform functions or provide products or Services on our behalf;
7.1.2 your referees and former employers;
7.1.3 our professional advisors, including our accountants, auditors and lawyers;
7.1.4 our related bodies corporate;
7.1.5 persons authorised by you to receive information held by us;
7.1.6 a government authority, law enforcement agency, pursuant to a court order or as otherwise required by law;
7.1.7 a party to a transaction involving the sale of our business or its assets; and
7.1.8 any persons as required or permitted by any law.
7.2 We will not disclose your sensitive information without your consent, unless there is a need to disclose such information in accordance with the Privacy Act or to comply with any other regulatory requirement.
8.1 Access. You have a right to access your personal information, subject to certain exceptions provided for in the Privacy Act.
8.2 If you require access to your personal information, please contact us using our contact details below.
8.3 You are required to put your request in writing and provide proof of identity.
8.3.1 Your request will be accompanied by the payment of an AUD five dollar admin fee
8.4 We are not obliged to allow access to your personal information if:
8.4.1 we reasonably believe that giving access would pose a serious threat to the life, health or safety of any individual, or to public health or public safety;
8.4.2 giving access would have an unreasonable impact on the privacy of other individuals;
8.4.3 the request for access is frivolous or vexatious;
8.4.4 the information relates to existing or anticipated legal proceedings between you and us and would not ordinarily be accessible by the discovery process in such proceedings;
8.4.5 giving access would reveal our intentions in relation to negotiations with you in a way that would prejudice those negotiations;
8.4.6 giving access would be unlawful;
8.4.7 denying access is required or authorised by or under an Australian law or a court/tribunal order;
8.4.8 we have reason to suspect that unlawful activity, or misconduct of a serious nature relating to our functions or activities has been, is being or may be engaged in and giving access would be likely to prejudice the taking of appropriate action in relation to the matter;
8.4.9 giving access would be likely to prejudice one or more enforcement related activities conducted by, or on behalf of, an enforcement body; or
8.4.10 giving access would reveal internal evaluative information in connection with a commercially sensitive decision-making process.
8.5 If you make a request for access to personal information, we will:
8.5.1 respond to your request within 14 days or otherwise within a reasonable period; and
8.5.2 if reasonable and practicable, give access to the information in the manner requested.
8.6 If we refuse to give access to the personal information because of an exception or in the manner requested by you, we will give you a written notice that sets out at a minimum:
8.6.1 our reasons for the refusal (to the extent it is reasonable to do so); and
8.6.2 the mechanisms available to complain about the refusal.
8.7 Correction. We request that you keep your personal information as current as possible. If you feel that information about you is not accurate or your details have or are about to change, you can:
8.7.1 contact us using our contact details below and we will correct or update your personal information; or
8.7.2 if you have created an account via our Platform then you can log on to your account to change your details.
8.8 If you otherwise make a request for us to correct your personal information, we will:
8.8.1 respond to your request within 14 days or otherwise within a reasonable period; and
8.8.2 if reasonable and practicable, correct the information in the manner requested.
8.9 If we refuse a request to correct personal information, we will:
8.9.1 give you a written notice setting out the reasons for the refusal and how you may make a complaint; and
8.9.2 take reasonable steps to include a note with your personal information of the fact that we refused to correct it.
9.1 In relation to all personal information, we will take all reasonable steps to:
9.1.1 ensure that the personal information we collect is accurate, up to date and complete;
9.1.2 ensure that the personal information we hold, use or disclose is, with regard to the relevant purpose, accurate, up to date, complete and relevant; and
9.1.3 protect personal information from misuse, loss or unauthorised access and disclosure.
9.2 We store your personal information on a secure server behind a firewall and use procedures including security software and encrypted databases accessible only be authorised personnel to protect your personal information from unauthorized access, destruction, use, modification or disclosure. Any payment transactions will be encrypted. We require staff and service providers to respect the confidentiality of personal information.
9.3 Your financial Information will always be stored and protected in compliance with the Payment Card Industry Data Security Standards and will be reviewed and updated from time to time.
9.4 If you become aware of or suspect any misuse or loss of your personal information, please contact us immediately.
10.2 Click-stream data. When you visit our Platform, our server collects certain anonymous information known as click-stream data, including: the type of browser and system you are using; the address of the site you have come from and move to after your visit; the date and time of your visit; your server’s ISP address including your IP address (location); your geographic location; and whether this is your first visit to the site or how many times access to the site has come from your IP Address or mobile device (as the case may be).
10.3 We may collect this information for statistical purposes to find out how our Platform is used and navigated, including the number of hits, the frequency and duration of visits, most popular session times. We may use this information to develop a profile based on your use of the Platform and to evaluate and improve our Platform’s performance.
10.4 We may in some circumstances disclose aggregate Platform visitor information to advertisers. This information does not personally identify you, but allows advertisers to evaluate the number of users that have seen or linked to their advertisements on our Platform. Providing this information to advertisers helps us improve the Platform and ensure that it remains free.
11.1 If you have a complaint about how we collect, use, disclose, manage or protect your personal information, or consider that we have breached the Privacy Act or APPs, please contact us using our contact details below. We will respond to your complaint within 14 days of receiving the complaint.
11.2 Once the complaint has been received, we will try to resolve the matter in a number of ways:
11.2.1 Request for further information: We may request further information from you. You should be prepared to provide us with as much information as possible, including details of any relevant dates and documentation. This will enable us to investigate the complaint and determine an appropriate solution.
11.2.2 Discuss options: We will discuss options for resolution with you and if you have suggestions about how the matter might be resolved you should raise these with our Privacy Officer.
11.2.3 Investigation: Where necessary, the complaint will be investigated. We will try to do so within a reasonable time frame. It may be necessary to contact others in order to proceed with the investigation. This may be necessary in order to progress your complaint.
11.2.4 Conduct of our employees: If your complaint involves the conduct of our employees we will raise the matter with the employees concerned and seek their comment and input in the resolution of the complaint.
11.3 After investigating the complaint, we will give you a written notice about our decision.
11.4 You are free to lodge a complaint directly with the Office of the Australian Information Commissioner (OAIC) online, by mail, fax or email. For more information please visit the OAIC website at http://www.oaic.gov.au/privacy/making-a-privacy-complaint.
356 Kings Road, Federal NSW 2480
T: 0405 473 431
13.1 Personal pronouns: Except where the context otherwise provides or requires:
13.1.1 the terms we, us or our refers to MRM Squared (ABN 54398770649); and
13.1.2 the terms you or your refers to a user of the Platform and/or a customer to whom we provide the Services.
13.2 Terms italicised and defined in the Privacy Act have the meaning given to them in the Privacy Act.
APPs means any of the Australian Privacy Principles set out in Schedule 3 of the Privacy Act.
Platform means our website at mrmsquared.com.au
Privacy Act means the Privacy Act 1988 (Cth) as amended from time to time.
Services means all our products, marketing and online social media sharing, networking and community services that we provide from time to time.