Privacy Statement and Policy of Kerry’s Computer Coaching
1. Introduction
Kerry’s Computer Coaching "KCC" aims to build and maintain long term harmonious relationships with its customers, agents, drop off points, job providers, and the public by maintaining the highest standards of honesty, fairness, proper and ethical dealings, and confidentiality. Part of our business involves the collection, storage and transmission of information about people, businesses, corporate entities. KCC understands and accepts the requirement to protect the privacy and nature of the information held by it.
2. Purpose
This document explains the KCC's privacy policy and how it collects and manages the information given to and held by it. It also discusses how we handle and safeguard "customer data" entrusted to us whilst we possess their computers during repairs.
3. Legislation
The over-arching legislation relevant to this policy is the Commonwealth Privacy Act 1988. This policy embraces the 11 National Privacy Principles enunciated in the Act. Under the Act whenever a business or organisation collects information of a personal nature (definition available), the Privacy Act requires it to:
· Collect only necessary information;
· Provide information about why personal information is being collected and how it is handled;
· Only use or disclose the personal information for the purpose of the collection, unless an exception applies;
· Only retain the information for as long as necessary, consistent with the purpose of collection; and
· Store the information securely, and provide for it to be accessed by the individual if requested.
4. KCC Use and Disclosure
KCC will only use and/or disclose information for the purpose for which it was collected or entrusted. The information obtained or collected by the KCC is generally of three types:
Personal information - information about individuals which is collected and stored on file generally in relation to the repair of computers. We also obtain information from ancillary functions such as applications for employment, applications to become an agent, and the like. The information obtained could include: names, mailing address, telephone numbers, email addresses, credit card data, academic qualifications and so on. More sensitive information such as ethnic origin, religion, political orientation, criminal records or sexual orientation is not generally collected or held by KCC. KCC will not disclose any personal information to third parties without the specific, written consent of the owner of the information. This information is generally held on a paper or electronic file, and is securely destroyed at the end of the mandated holding period. KCC may disclose personal information where it is under a legal obligation to do so or where common sense and normal business pracitice would deem it appropriate to do so for example we may provide name, address and telephone information to a courier to facilitate delivery of a repaired computer.
Information from business and organizational customers - as a business that repairs computers we collect, store and use information to identify our customers and their computers. Customers often disclose sensitive information to us such as server and workstation passwords and other sensitive private data. We do not disclose this information to others for any reason whatsoever.
Information best described as "customer data" is commonly entrusted to KCC as we repair or upgrade their systems. Our policy is that any data obtained by us during data recovery operations, residual data left on traded in computers or faulty hard drives, or from other sources will not be disclosed to others for any reason. As required by law we reserve the right to disclose to the Police any evidence of child pornography. Furthermore, we will not dispose of used computers or storage components thereof that contain customer data without prior erasure.
5. Ethical Data Collection
When KCC is collecting information, either through its website or through individual job sheets or other forms and correspondence, we will tell a client:
· Who is collecting the information
· How KCC can be contacted
· The main purpose of collecting the information
· Whether the information will be disclosed to third parties
· Any privacy implication relevant to specific information collection activities (surveys etc)
6. Privacy Statements
Where feasible, and in good faith, KCC will place this privacy statement on our website and direct individuals and organizations to it when we engage in any collection of personal information. Where appropriate we will put this footnote on forms or material that are used to collect data:
" Privacy Statement: Kerry’s Computer Coaching collects personal or corporate information in the conduct of its normal business activities. Personal information will be protected, and other information will be handled, in accordance with the requirements of the Privacy Act 1988 and the National Privacy Principles. Click on the Privacy Policy button on our website for more information"
7. Information and Data Security
KCC will take all reasonable precautions and steps to protect the personal and organizational information it holds and handles from misuse, and from unauthorized access, disclosure, modification, or theft. This will include password protection of electronic records, security of stored information in locked cabinets, filing systems or rooms, and/or the physical protection of its records within locked and secured office spaces. We will also ensure our staff who handle data comply with our Privacy Policy.
8. Access to Information Held
Individuals or organizations whose information is held by KCC will be given access to the information held by KCC upon request. Information or advice in relation to information may be obtained by visiting the offices of the Kerry’s Computer Coaching or by contacting us by telephone, email or in person. All reasonable requests will be met in a timely manner, unless prevented by a reason as detailed in the Act.
9. Contacting Us about Privacy Matters
The officers responsible for the administration of the KCC Privacy Policy are:
· The owners of Kerry’s Computer Coaching ; and
· The Office Manager.
These KCC staff are authorized to respond to requests for information or advice relating to this policy.
10. Summary
The personal, commercial and general information of its customers, agents, job providers and suppliers is important to the KCC. KCC will take all reasonable measures to ensure that such information is protected and guarded, and not disclosed to those who are not authorized to access it. KCC will abide by the requirements of the Privacy Act 1988, and will review this policy from time to time as necessary.
11. Safeguarding of Customers Own Data
Nothing in this policy should be construed as over-riding our Terms and Conditions of computer repair which clearly state that the customer is responsible for the safeguarding and backup of their own data. We take no responsibility for customer data loss regardless of how it is caused. Whilst clause 7 above refers to data security, this security is of KCC data, not customer data. Please refer to our Terms and Conditions for more information on customer data backup or loss.