We are committed to protecting and maintaining privacy, accuracy and security of personal information in compliance with the Australian Privacy Principles and the Privacy Act 1998 (Cth) (“Privacy Act”) as well as other applicable laws and codes.
Our collection, use, disclosure and processing of your personal information is regulated under the Data Protection Act 2018 (UK) and the General Data Protection Regulation (UK GDPR) and we are responsible as a “controller” or “processor” of personal information for the purposes of the UK GDPR if:
- we undertake activities in the United Kingdom (UK);
- we offer products or services to you and you are located in the UK; or
- we monitor your behaviour as far as that behaviour takes place within the UK.
- who we are;
- how and why we collect, use, disclose, share, transfer, store and handle your personal information; and
- how to contact us (and supervisory authorities) if you have a complaint.
2. The kinds of personal information we collect and hold
We may collect information about you when you visit our website, use our services (including, but not limited to, when you register or become a registered user of our website or our services) or where you otherwise interact with us.
Personal information we collect and hold may include, but is not limited to:
- your contact details, including your name, email address, postal address and phone number;
- other information reasonably relevant to the provision of our services, including tracking and analytic information collected or provided to us for the purposes of delivering our services; and
- any other personal information you provide to us in relation to your access to our website or our services (including provided under any privacy collection statement).
When visiting our website or accessing and using our services, we may also collect and store the following information:
- your IP address;
- your browser type;
- the date and time you access our website or use our services;
- the third party website you were visiting before you came to our website or used our services;
- details of the pages within our website you visit;
- the time spent on those pages, items, and information searched on our website, access times, dates and other statistics; and
- other transactional information about your access to our website or use of our services.
3. How we collect your personal information
We only collect personal information through lawful and fair means, including for the purposes of providing you with access to our website and services. It is our usual practice to only collect personal information directly from you, however, there may be situations where we collect information about you from other sources or third parties, including other customers.
We specifically collect personal information from you in circumstances such as when you:
- apply for, register your interest or enquire about our product or services offerings;
- are browsing or otherwise interacting with our website;
- communicate with us through written correspondence, telephone calls, chats, emails or when you share information with us through other social applications, services or sites; or
- interact with us, our services, content or advertising.
From time to time we obtain or collect personal information about you from other sources or third parties, including:
- your organisation;
- publicly available sources such as public registers;
- other organisations who offer to supply or supply products or services to you, where you have consented to the disclosure of your personal information to us;
- your representatives;
- digital tracking tools such as cookies;
- third party websites, application, platforms or integrations that interface with our website and services; and
- our referral partners.
4. Data security and how we hold and store personal information
We hold personal in a number of ways, which may include:
- as part of customer records and other electronic documents on which personal is contained;
- on our information technology systems and servers, including those operated by third parties who provide services to us in connection with our business; and
- by securely storing hard copy documents, at our various premises and using third party document management and archiving services.
We will take reasonable steps to protect all personal information which we hold from misuse, loss and from unauthorised access, modification or disclosure.
You should be aware that, when using our website or our services, no data transmission over the internet can be guaranteed as completely secure. We do not warrant the security of any information you transmit to us over the internet and you do so at your own risk.
We typically retain personal information for as long as we are providing goods or services to you and for a period of up to six (6) years after we stop providing goods or services to you (or longer if the legal limitation period is greater).
Where the UK GDPR applies your personal information will be stored for a period of up to twelve (12) months after you cease using our services. After this period, your personal information will be disposed of securely.
5. The purposes for which we collect, hold, use and disclose personal information
We will collect, hold, use and disclose your personal information for the purpose of interacting with you and providing our services to you. This includes, without limitation:
- to verify your identity, answer your questions, respond to your complaints and provide you with information or advice;
- internal management purposes;
- to communicate with you, including about us and our services, promotional material and events and other matters which might interest you;
- business development and marketing purposes;
- to perform administrative and operational tasks (including account management, systems development and testing); and
- as otherwise permitted or required by law (such as to comply with obligations under the Privacy Act in relation to mandatory data breach notification)/.
We may also disclose your personal information to:
- third parties that assist us in providing services to you;
- third parties as part of a sale, acquisition or disposal or potential sale, acquisition or disposal of whole or part of RAMMP or its business, including for the purpose of the due diligence required to decide whether to proceed with a transaction or to otherwise ensure the continuation of services to you;
- parties that you authorise us to disclose your personal information;
- government and regulatory authorities, as required or authorised by law;
- our professional advisors; or
- other third parties permitted by law.
Third parties to whom we disclose personal information may from time to time be located overseas, including, but not limited to, our partners and affiliates in the European Union. You consent to any such overseas disclosure and acknowledge APP 8.1 will not apply to such disclosure.
Where the UK GDPR applies, we rely on the following lawful basis to collect and use your personal information and, on occasion, more than one lawful basis set out below may apply to the processing of such personal information:
- our legitimate interests in marketing and providing our products and services, including:
- improving the delivery of our products and services;
- to provide you with the products and services that you have requested, enquired about or otherwise expressed an interest in; and
- to communicate with you in relation to the products and services we offer;
- to perform or enter into any contract we may have with you;
- to comply with our legal obligations;
- to protect your vital interests or that of another person (such as in an emergency); or
- where you consent to the processing where we ask you (such as for certain types of marketing or other processing where the law either requires this or where it is our policy from time to time to see consent for such processing).
Where the UK GDPR applies to any transfer of personal information, either by us or by a third party to whom we provide your personal information, such transfer will be subject to appropriate or suitable safeguards (such as a legally binding contract containing approved model clauses or terms consistent with them for the purposes of the UK GDPR).
RAMMP is based in Australia and if you are accessing our website or services from outside Australia, including the UK or other regions with laws governing collection and use of personal information, please note that in connection with our business, administrative, management and legal purposes, we may transfer your personal information from the country you are accessing our website or services to RAMMP in Australia. Where this is the case, we will ensure such transfer is subject to and in accordance with appropriate or suitable safeguards in accordance with the relevant privacy laws governing collection and use of personal information.
6. Access to and correction of your personal information
We take reasonable steps to make sure that the personal information we collect, use and disclose is accurate, complete and up-to-date.
If you need to access or correct any personal information we hold about you, please contact us using the “Contact Details” set out below. We request that you provide us with as much detail as you can about the particular information you seek access to or correction of, in order to help us retrieve it. We will endeavour to process your request as soon as practicable.
An access fee may be charged to cover our costs of providing the requested information to you. In certain circumstances, we may refuse to provide you with access or to correct your personal information including, but not limited to where:
- giving access would pose a serious threat to the life, health or safety of any individual, or to public health or public safety;
- giving access would have an unreasonable impact on the privacy of other individuals;
- the request for access is frivolous or vexatious;
- giving access would be unlawful; or
- denying access is otherwise required or authorised by law.
If we refuse to provide you with access to or to correct your personal information, we will give you our reasons for that decision. Where we decide not to update your personal information, you can request us to attach to the personal information a statement of the update sought. In some circumstances where we correct a record, we may still require the retention of the original record.
We may utilise "cookies" and other tracking software which enable us to monitor traffic patterns and to serve you more efficiently if you revisit the website and to assist with your use of our services as well as for our general analytics purposes.
A cookie does not identify you personally but it does identify your computer. You can set your browser to notify you when you receive a cookie and this will provide you with an opportunity to either accept or reject it in each instance.
If you have registered with us and have an account on our website, our software may identify you personally based on the information you have provided on your account. Otherwise, non-registered users will not be personally identified by our software.
Where the UK GDPR applies we will ask for consent to set any cookies (and to process any personal information collected by these cookies). These cookies are not strictly necessary to make our pages work and you can set your preferences at any stage by clicking the cookies option button in the footer of each page. Where cookies are strictly necessary, we consider that we have legitimate interest in processing the personal information they collect to ensure our services can be delivered appropriately and sufficiently to you. You can always withdraw your consent by clearing cookies from the cache in your computer and rejecting them next time you visit our website.
8. Opting out of promotional and marketing content
You may elect to opt-out of receiving direct marketing and promotional communications by contacting us using the contact details provided below, or by any other simple means to opt-out that we provide you. However, some of our services may include a direct marketing and promotional communications feature as part of the service which cannot be removed and, as such, you may not be able to access or use some of our website or services if you elect to opt-out of all direct promotional and marketing communications.
9. Third Party Sites
Our website may contain links and pointers to other websites maintained by third party providers. These links are provided for your convenience only.
These third party websites are not under our control and we are not responsible for such sites (including the suitability for your intended use of those sites). We do not endorse or recommend any third party website or any associated provider organisation or third party products or services. You are responsible for reading the privacy policies or statements of those third party websites.
10. Your rights under the UK GDPR (if applicable)
Under the UK GDPR (where it applies to you), you have a number of important rights free of charge. In summary, those include rights to:
- access to your personal information and to certain other supplementary information;
- require us to correct any mistakes in your personal information which we hold;
- require the erasure of personal information concerning you in certain situations;
- receive the personal information concerning you which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit that data to a third party in certain situations;
- object at any time to processing of personal information concerning you for direct marketing;
- object to decisions being taken by automated means which produce legal effects concerning you or that significantly affect you;
- object in certain other situations to our continued processing of your personal information;
- where the processing of your personal information is based on your consent, you may withdraw your consent at any time; and
- otherwise restrict our processing of your personal information in certain circumstances.
For further information on each of those rights, including the circumstances in which they apply, see for example the Guidance from the UK Information Commissioner’s Office (ICO) on individuals’ rights under the UK GDPR. If You would like to exercise any of those rights, please email, call or write to us (using the contact details below) with sufficient information to identify you and the information to which your request relates.
11. Contact Details
We ask that any complaint should be made first in writing to us. We will then respond to your complaint in writing and in accordance with any timeframes required by law. We may request you to provide further information about your complaint to duly assess your complaint.
For information about privacy generally, or if your concerns are not resolved to your satisfaction, you may contact the Office of the Australian Information Commissioner at www.oaic.gov.au and on 1300 363 992.
Where you reside in the UK, the supervisory authority in the UK is the Information Commissioner who may be contacted at https://ico.org.uk/concerns/ or telephone: 0303 123 1113.