What kinds of business information do we collect and hold?
We collect and hold:
- your contact details, such as office address, home address, telephone numbers and email address;
- your personal details, such as date and place of birth, gender, qualifications, titles, whether or not you are Aboriginal or a Torres Strait Islander, the languages you speak;
- your professional details, your work history, personal financial details necessary to provide advice;
- your business information, trading history, tax returns, tax records and communications, all financial
information we consider relevant and necessary;
- records of your communications and other interactions with us.
We generally collect your business information directly from you. However, in some cases, we may receive your business information from a third party (for instance if we receive information from your bank or accountant) and when it is relevant to our research and enquiries.
What would happen if we did not collect your business information?
Without your business information we may not be able to provide you with some or all of our services.
What are the purposes for which we collect and hold your business information?
We collect and hold your business information to:
- comply with our contractual obligations to provide you with the services set out in our contract;
- understand the needs of and challenges to your business;
- fully research the market place in which you and your business operate;
- properly map out the growth strategies necessary for your business;
- fully research and develop a succession plan for you and your business
- provide information on programs, services and benefits available to you and your business;
- respond to your enquiry, request for information or use of our services;
- conducting research for the benefit of our clients;
- allowing use of personal information in a controlled manner by related entities distributing information relevant to clients;
- provide information to third parties as authorised or required by law.
Use and Disclosure of your business information
We do not use your business information or disclose it to another organisation unless:
- it is reasonably necessary for one of the purposes described above;
- having regard to the nature of the information or the circumstances of collection we believe you would expect us to use the information or make the disclosure;
- required or authorised by law or court or tribunal;
- the assets and operations of our business are transferred to another party as a going concern; or
- you have provided your consent.
If you do not want your business information to be disclosed
If you do not want your business information to be disclosed (for instance, you want to have your name excluded from commercial mailing lists) you should manage your subscriptions via the CFO website or advise CFO in writing. We will accommodate your request provided that the disclosure is not required by law.
Storage and security of business information
We take reasonable precautions to protect the business information we hold from misuse, loss, unauthorised access, modification or disclosure. Where practicable we implement measures to require organisations to whom disclosure is made to comply with the Privacy Act. If a third party is given access to business information we take reasonable steps to ensure that the information is held securely and used only for the purpose of providing the relevant service or activity.
Internet transmission of information
Where appropriate we use secure transmission facilities. However, no transmission of information over the Internet can be guaranteed to be completely secure and we do not warrant the security of any information transmitted by or to us over the Internet.
We collect business information through software such as cookies. A cookie is a text-only string of information that a website transfers to the cookie file of the browser on the hard disk of a user’s computer so that the website can remember that user. Without cookies, websites and their servers have no memory. This means that every time a user opens a new webpage on a website, the server where that webpage is stored will treat the user as new and require logon and password. In short, a cookie facilitates a user’s passage through a website.
Rights to access and correction of your business information
You have the right to access your business information unless we are permitted by law to withhold that information. Any requests for access to your business information should be made to the CFO Privacy Officer (see below) in writing. You also have the right to request the correction of any of your business information which is inaccurate. Any corrections should be advised to CFO in writing.
In some circumstances it may be appropriate and lawful for us to deny access, including if:
- providing access would have an unreasonable impact on the privacy of another individual;
- the request is frivolous or vexatious;
- the information relates to existing or anticipated legal proceedings between you and us and the information would not be accessible by the process of legal discovery in those proceedings;
- giving access would reveal our intentions in relation to negotiations with you and prejudice those negotiations;
- providing access would be unlawful or if denying access is required or authorised under Australian law or a court/tribunal order.
Further information and complaints
If you require any further information about our management of business information or have a complaint about our handling of your business information, you should initially write to the CFO Privacy Officer, who will respond to you within a reasonable time, usually 30 days.
If you are not satisfied with the outcome of your complaint you may contact us further to advise of your concerns and, if we are unable to reach a satisfactory resolution you may write to the Office of the Australian Information Commissioner using the form available at this link: http://www.oaic.gov.au/privacy/making-a-privacy-complaint for further review of your complaint.