• Contact Us

PISKIE IT Education & Training - PRIVACY POLICY

This Policy applies to Piskie IT Education and Training  (referred to as "Piskie IT", "we", "our", "us") and extends to and covers all operations and functions of those organisations. The word "individual" refers to all persons whose personal information we collect, use or disclose. All contractors, sub-contractors, vendors, service providers, customers, agents or any other organisations that have access to and/or utilise personal information collected and/or held by Piskie IT must abide by this Privacy Policy. This Policy outlines Piskie IT's obligations to manage and protect personal information. Piskie IT is bound by the National Privacy Principles ('NPPs') contained in the Privacy Act 1988 (C'th) ('Privacy Act'). In this Policy: "Personal information" means information or an opinion relating to an individual, which can be used to identify that individual. "Privacy Officer" means Steven Goldsmith, tel. 1300 794436 "Sensitive information" is personal information that includes information relating to a person's racial or ethnic origin, political opinions, religion, trade union or other professional or trade association membership, sexual preferences and criminal record, and also includes health information. "Third Parties" means customers, suppliers, sub-contractors, agents or people having a commercial relationship with us. How we collect personal information We generally collect personal information directly from the individual. For example, an individual may deal with us in person at their own or at our premises, on the phone, or send us correspondence (by letter, fax or email). Also, we will collect personal information from forms filled out by customers, interviews, business documents (such as credit application forms, sales orders, purchase orders or agreements) and from other people. Typically, the type of personal information we collect about the individual includes name, age, date of birth, occupation, mailing address, phone numbers, email address, and other information that is relevant to the services we provide. Piskie IT may also collect personal information about its customers, including bank account details, date of birth, and marital and spouse details. From our employees, we collect personal and sensitive information such as address, date of birth, marital status and spousal details, medical history and the employee's workcover claim history. Piskie IT will not collect sensitive information unless the individual has consented, or it is required by law - or in other special specified circumstances, for example, relating to the provision of health services and individual or public health or safety. In some circumstances, Piskie IT may be provided with personal information about an individual from somebody else, for example a referral from another person. Where this happens, Piskie IT will take reasonable steps to ensure that the individual is or has been made aware of the matters set out in this Privacy Policy. If the personal information we request is not provided, we may not be able to process an individual's application for credit, or provide customers with the benefit of our services, or meet an individual's needs appropriately. About whom do we collect personal information?

The type of information we may collect and hold includes (but is not limited to) personal information about: customers, including purchasers of our training, certification and point of sale technology solutions; customers with whom we have licensing, support and maintenance agreements; suppliers, from whom we purchase parts and materials; prospective employees, employees and contractors; third parties; and other people with whom we come into contact.

Web site Collection Piskie IT collects personal information from the web site www.PiskieIT.com.au through receiving emails. We may also use third parties to analyse traffic at that web site, which may involve the use of cookies. Information collected through such analysis is anonymous. Our website privacy policy can be accessed by clicking on the privacy button on our website. Why does Piskie IT collect personal information? Piskie IT collects personal information for the following purposes: to provide services to our customers in providing them with training, certification and education, point of sale technology solutions, and/or the support and maintenance services supplied in relation to the software; to assess applications by individuals for commercial credit; to provide our customers with marketing information, and also to invite customers to functions, special events and customer program launches; to conduct our business; to comply with our legal obligations; and to help us manage and enhance our business.

How might we use and disclose personal information? When we refer to "use" of personal information, we mean use within Piskie IT, for the purposes outlined above. When we use the word "disclose", we mean providing the information to persons outside Piskie IT. Piskie IT may use and disclose personal information for the primary purposes for which it is collected, for reasonably expected secondary purposes which are related to the primary purpose and in other circumstances authorised by the Privacy Act. Sensitive information will be used and disclosed only for the purpose for which it was provided or a directly related secondary purpose, unless the individual agrees otherwise, or where certain other limited circumstances apply (eg, where required by law). We use and disclose personal information for the following purposes: to provide services to our customers in providing them with training, certification and education, point of sale technology solutions, and/or the support and maintenance services supplied in relation to the software; to assess applications by individuals for commercial credit; to provide our customers with marketing information, and also to invite customers to functions, special events and customer program launches; to conduct our business; to comply with our legal obligations; and to help us manage and enhance our business. We do not disclose personal information we collect to others for the purpose of allowing them to direct market their products and services. We do not use or disclose sensitive information for direct marketing purposes. We engage other people to perform services for us, which may involve that person handling personal information we hold. In these situations, we prohibit that person from using personal information about the individual except for the specific purpose for which we supply it. In relation to sensitive information held by us, wherever possible, Piskie IT will attempt to de-identify the information. We also undertake to delete all personal information about an individual when it is no longer needed or relevant.

To whom might we disclose personal information? We may disclose personal information to: consultants we engage, such as our lawyers, accountants, and other advisors; organisations involved in a transfer or sale of all or part of our assets or business (including accounts and trade receivables); organisations involved in managing our funding functions; a credit reporting agency; an investigator, lawyer or recovery agent; regulatory authorities, if required by law; and anyone else to whom the individual authorises us to disclose it. We also collect personal information from these organisations and individuals, and deal with that information in accordance with this Policy. Sending information overseas:

We will not send personal information to recipients outside of Australia without: obtaining the individual's consent (in some cases this consent will be implied); or otherwise complying with the NPPs.

Management of personal information The NPPs require us to take all reasonable steps to protect the security of personal information. Piskie IT personnel are bound by a confidentiality agreement to respect the confidentiality of personal information and the privacy of individuals. Piskie IT takes reasonable steps to protect personal information held from misuse and loss and from unauthorised access, modification or disclosure, for example by use of physical security and restricted access to electronic records. All personal information contained in hard copy documents held by Piskie IT are stored in locked cabinets. All personal information stored on Piskie IT computer system is backed up daily and weekly and back-up copies are held in a secure, offsite location. In relation to our computer database, we apply the following guidelines: data ownership is clearly defined within Piskie IT , that is, each person who has access to personal information has the required level of access; passwords are routinely checked to ensure that they are of an appropriate length, and not likely to be easily guessed; we utilise procedures which change an employee’s access capabilities when he/she is assigned to a new position; employees have restricted access to sections of the system which include the marketing database and personnel files; the system automatically logs and reviews all unauthorised access attempts; the system automatically limits the amount of personal information appearing on any one screen, and restricts the capability of 'screen dumps'; unauthorised employees are barred from updating and editing personal information; certain fields are masked to bar unauthorised employees; all personal computers which contain personal information are secured, physically and electronically; where possible, all files containing personal information are scrambled to reduce unauthorised use; data is encrypted during transmission over the network; print reporting of data containing personal information is limited; Piskie IT has created procedures for the disposal of confidential output, and appropriate controls have been instigated (such as required signatures) when confidential data is disseminated to authorised individuals; all obsolete data is routinely shredded; and all personal information contained on magnetic disks is overwritten when the information is no longer required. Piskie IT performs all employment procedures, including application and termination processes, in a confidential manner. All individual job attributes, such as classification information and salaries, are confidential. Where we no longer require the personal information for a permitted purpose under the NPPs, we will take reasonable steps to destroy it.

Identifiers We will not use identifiers assigned by the Government, such as a tax file number, Medicare number or provider number, for our own file recording purposes. Piskie IT endeavours to avoid data-matching, being the comparison of data collected and held for two or more separate purposes in order to identify common features in relation to individuals, as a basis for further investigation or action in relation to those individuals.

How do we keep personal information accurate and up-to-date? Piskie IT takes reasonable steps to ensure that the personal information it holds is accurate, complete and up-to-date. It is Piskie IT policy and practice to audit the information it holds about individuals every 12 months, to ensure that the information is accurate. We encourage individuals to contact us in order to update any personal information we hold about them. Our contact details are set out below.

You have the ability to gain access to your personal information Subject to the exceptions set out in the Privacy Act, individuals may gain access to the personal information which Piskie IT holds about them by contacting the Piskie IT Privacy Officer. If we refuse to provide the information, we will provide reasons for the refusal and inform the individual of any exceptions relied upon under the Privacy Act. When an individual requests access to personal information, which includes evaluative information created by Piskie IT (as defined in NPP 6.2), a representative of Piskie IT will meet the individual personally (where this is possible), and explain the evaluative information to the individual, without giving them a copy of it. An individual's request for access to his/her personal information will be dealt with by allowing the individual to look at his/her personal information at the offices of Piskie IT. We will require identity verification and specification of what information is required. An administrative fee for search and photocopying costs may be charged for providing access. We will advise the likely cost in advance whenever practicable.

Updates to this Policy This Policy will be reviewed from time to time to take account of new laws and technology, changes to our operations and practices and the changing business environment.

Responsibilities It is the responsibility of management to inform employees and other relevant parties that the Privacy Policy is maintained and enforced. Management must ensure that they periodically advise Piskie IT employees and other relevant parties of any changes or any new Privacy Policies in a timely manner. It is the responsibility of all employees and other relevant parties to ensure that they understand and adhere to this Privacy Policy. Ignorance of the existence of the Privacy Policy will not be an acceptable excuse for non-compliance.

Privacy Training All new employees must be provided with timely and appropriate access to Piskie IT's Privacy Policy. All employees must be provided with opportunities to attend appropriate and periodic Privacy awareness training and must ensure that they understand the Privacy related issues that could adversely affect Piskie IT's  position if not properly adhered to.

Non-compliance and disciplinary actions Any Piskie IT employee or relevant third party that identifies, knows about or suspects a Privacy breach must immediately report the matter to management. Employees or other relevant third parties that contravene or do not comply with Piskie IT's Privacy Policy may be subject to disciplinary action.

Incidents/Complaints handling Piskie IT has an effective incident/complaints handling process in place to manage privacy risks and issues. The incidents/complaints handling process involves: identifying (and addressing) any systemic/ongoing compliance problems; increasing consumer confidence in Piskie IT's privacy procedures; and helping to build and preserve Piskie IT's reputation and business.

Contractual arrangements with third parties Piskie IT must ensure that all contractual arrangements with third parties adequately address privacy issues. Piskie IT will make third parties aware of this Privacy Policy. Third parties will be required to implement policies in relation to the management of an individual's personal information in accordance with the Privacy Act. These policies include: regulating the collection, use and disclosure of personal and sensitive information; de-identifying personal and sensitive information wherever possible; ensuring that personal and sensitive information is kept securely, protected from loss or misuse, with access to it only by authorised employees or agents of the third parties; and ensuring that the personal and sensitive information is only disclosed to organisations which are approved by Piskie IT.

Privacy Audits Piskie IT will conduct periodic privacy audits in order to ensure that it is continuing to comply with its obligations under the NPPs.

Enquiries If you have any questions about privacy-related issues, or if you believe that Piskie IT has not protected your personal information as set out in this Privacy Policy you may lodge a complaint with us in any of the following ways: By telephoning 1300 794436 By writing to Piskie IT Privacy Officer, 29 Princes Hwy, Littlehampton SA 5250 By emailing  privacy@piskieit.com.au

What if I am not satisfied with the response? If you are not satisfied with the result of your complaint to Piskie IT you can refer your complaint to the Federal Privacy Commissioner. You can contact the Federal Privacy Commissioner, By telephoning 1300 363 992 By writing to Director of Complaints, Office of the Federal Privacy Commissioner, GPO Box 5218, SYDNEY NSW 1042