Contact us
Speak to one of our solution experts today.
Information provided within this form will be handled in accordance with our privacy statement.
Privacy statement – introduction
Data#3 Limited (ABN 31 010 545 267) and its related bodies corporate (“Data#3”, “we”, “our” or “us”) recognise that your privacy is important and we take privacy seriously. This policy sets out how we collect, store, use and disclose your personal information.
As Data#3 predominantly offers its products and services in Australia, this policy is designed to comply with the Privacy Act 1988 (Cth), Australian Privacy Principles and applicable privacy codes (the Privacy Laws).
For users in EEA, Switzerland and UK you may have additional rights under the EU or UK General Data Protection Regulation (GDPR) with respect to your personal data as set out in Annexure A.
For users resident in California, your rights under the California Consumer Privacy Act (CCPA) with respect to your personal data as set out in Annexure B.
We also treat any other information received by Data#3 in relation to you and your business, including information we may receive from third parties, such as our vendors, contractors and customers, in line with this policy (Privacy and Information Policy).
By accessing our websites, products and services, you accept the terms of this Privacy and Information Policy.
Collection of Personal Information
“Personal Information” means information or an opinion about an identified individual or an individual who is reasonably identifiable, whether the information or opinion is true or not and whether the information or opinion is recorded in a material form or not. The type of information we may collect, use, disclose and hold in the course of conducting business includes personal information about:
In general, the type of personal information we collect and hold includes names, addresses, contact details, titles, e-mail addresses, occupation, details of the products and services you have purchased from us or which you have enquired about, together with any additional information necessary to deliver those products and services and to respond to enquiries, information you provide to us through our customer surveys, information associated with Data#3 marketing events and other information which assists us in conducting business, providing and marketing services and meeting legal obligations. We may also collect ‘sensitive information’, such as information about an individual’s criminal record or health information if it is essential for the purpose of the conduct of business, however, we will obtain your written consent prior to us obtaining such sensitive information from you.
If you access our website, we may collect additional personal information about you in the form of your IP address or domain name. Our website may contain links to other websites. We are not responsible for the privacy practices of or content contained in linked websites and any linked websites which are not subject to our privacy policies and procedures.
Use of personal information
As a major provider of a range of information technology products, services and resource solutions, Data#3’s primary purpose for collecting, holding, using and disclosing personal information is to facilitate the efficient provision of quality information technology products and services. Whilst much of this information may not be personal information, some of the information we collect, on its own or when matched with other information, may be personal information about you.
Specifically, we collect personal information so that we can:
We will not collect personal information unless the information is reasonably necessary for or directly related to one, or more of our functions or activities. If you do not agree to provide us with your personal information, this may limit our ability to provide our services and solutions to you effectively. If the personal information you provide to us is incomplete or inaccurate, we may be unable to provide you, or someone else you know, with the services and solutions you, or they, are seeking.
How do we collect personal information
We generally collect personal information:
We may also collect personal information from third parties including your representatives or colleagues, credit reporting agencies, law enforcement agencies, other government entities and other publicly available sources of information.
Disclosure
We may disclose your personal information to our employees and related bodies corporate.
We may also disclose your personal information to:
Some of these organisations and service providers may not be required to comply with this policy. Except as set out above, Data#3 will only disclose personal information if this is required by law or a court/tribunal order or otherwise permitted under the applicable Privacy Laws.
In the event of a security incident involving unauthorised access, use or disclosure of personal information where a third party with whom we share personal information is involved, we will seek to work cooperatively with them to protect the personal information we have shared with them.
Direct Marketing Materials
We may send you direct marketing communications and information about our products and services that we consider may be of interest to you. These communications may be sent in various forms, including mail, SMS and email, in accordance with applicable marketing laws, such as the Spam Act 2003 (Cth). If you indicate a preference for a method of communication, we will endeavour to use that method whenever practical to do so. In addition, at any time you may opt-out of receiving marketing communications from us by contacting us (see the details below) or by using opt-out facilities provided in the marketing communications and we will then ensure that your name is removed from our mailing list.
Cookies
In some cases we may also collect your personal information through the use of cookies. When you access our website, we may send a “cookie” (which is a small summary file containing a unique ID number) to your computer. This enables us to recognise your computer and greet you each time you visit our website without bothering you with a request to register. It also enables us to keep track of products or services you view so that, if you consent, we can send you news about those products or services. We also use cookies to measure traffic patterns, to determine which areas of our website have been visited and to measure transaction patterns in the aggregate. We use this to research our users’ habits so that we can improve our online products and services. Our cookies do not collect personal information. If you do not wish to receive cookies, you can set your browser so that your computer does not accept them.
We may log IP addresses (that is, the electronic addresses of computers connected to the internet) to analyse trends, administer the website, track users’ movements, and gather broad demographic information.
Data quality, access and correction
You may request access to personal information we hold about you by making a written request. We will respond to your request within a reasonable period and as required under the relevant Privacy Laws. We may charge you a reasonable fee for processing your request (but not for making a request for access).
We may decline a request for access to personal information in circumstances prescribed by the applicable Privacy Laws, and if we do, we will provide you with a written notice that sets out the reasons for the refusal (unless it would be unreasonable to provide those reasons).
If, upon receiving access to your personal information, or at any other time, you believe the personal information we hold about you is inaccurate, incomplete or out of date, please notify us immediately. We take reasonable steps to correct the information so that it is accurate, complete and up to date. If we refuse to correct your personal information, we will provide you with a written notice that sets out the reasons for our refusal (unless it would be unreasonable to provide those reasons) and provide you with a statement regarding the mechanisms available to you to make a complaint.
How do you make a privacy related complaint?
If you have any questions about privacy related issues or wish to complain about a potential breach of the applicable Privacy Laws or the handling of your personal information by us, please contact our Privacy Officer. We may ask you to lodge your complaint in writing. Any complaint will be investigated by the Privacy Officer and you will be notified of the making of a decision in relation to your complaint as soon as is practicable after it has been made, usually within 30 days.
Address: Data#3 Privacy Officer, Level 1, 555 Coronation Drive, TOOWONG, QLD, 4066
Telephone: 1300 23 28 23
E-mail: privacy@data3.com.au
Are we likely to disclose your personal information overseas?
We store and retain your personal information in Australia. However, we may disclose your personal information to the following overseas recipients:
Such access will be provided under secure protocols (see below for further information on how we manage other information about your business).
We will take steps to contractually ensure that overseas recipients of your personal information provide a level of protection for your personal information which is equivalent to the requirements contained in the applicable Privacy Laws.
Information security and storage
As an information technology company, Data#3 will use all reasonable endeavours to ensure the integrity and security of your personal information is maintained. Data#3 also employs physical and administrative safeguards which we consider are consistent with Australian industry standards. We hold personal information in either paper-based records, in secure access controlled premises or in electronic form in databases and email files which require logins and passwords. Data#3 personnel are also contractually bound by confidentiality obligations.
Despite the high level of information security employed within Data#3 and its commitment to your privacy, the company is unable to provide an absolute assurance that personal information will remain secure at all times. Data#3 therefore does not accept any responsibility for incidences of unauthorised access to personal information, which is provided at your own risk. Likewise Data#3 does not guarantee the security or privacy compliance of any websites that are accessible through links provided on any of its websites. In the event of a security incident we have in place procedures to promptly investigate the incident and determine if there has been a data breach, and if so, to assess if it is a breach that would require notification. If it is, we will notify affected parties in accordance with the applicable Privacy Law requirements.
Data#3 will take reasonable steps to destroy or de-identify your personal information held by the company on your request or if we no longer need your personal information, except where Data#3 is required by law to retain the information.
Your personal information and our marketing practices
We might, from time to time, let you know – including via mail, SMS, email, telephone or online – about news, special offers, products and services that you might be interested in. We will use your personal information to engage in marketing unless you tell us otherwise. You can contact us to update your marketing preferences at any time.
Changes to our policy
We may change this policy from time to time. Any updated versions of this policy will be posted on our website. Please review it regularly. You will be deemed to have consented to such variations by your continued use of Data#3’s products and services following such changes being made.
Openness
Data#3’s Privacy and Information Policy is available on its website.
Anonymity
Data#3’s personnel will respect a request for anonymity however some of Data#3’s business processes cannot be completed effectively if you remain anonymous
How we manage other information about your business
This Privacy and Information Policy applies to all information received by Data#3 from third parties, including from its vendors, contractors and customers, whether or not such information falls within the meaning of “personal information”.
While Data#3 will endeavour to comply with the obligations contained in this Policy with respect to all information it collects, stores, uses and discloses in the course of its business, Data#3 is not required to, and does not warrant or represent that it will in all instances, comply with the Privacy Laws to the extent that the information does not fall within the meaning of “personal information”.
General
This Privacy and Information Policy applies to the Data#3 commerce portal for non-AUD orders is effective as at 23 September 2024.
Annexure A
Processing of Personal Data (Residents of EEA, Switzerland and UK)
This section provides additional information to users based in the EEA, Switzerland and United Kingdom to comply with data protection laws. If you are a resident of these areas you may have additional rights under the EU or UK General Data Protection Regulation in respect of your Personal Data.
If there are any conflicts between this section and any other provision of this Privacy Policy, the part which is more protective of Personal Data will take precedence to the extent of the conflict.
In this Annexure A we use the terms Personal Data and Processing as defined in the GDPR. However, Personal Data is information about you (a “data subject”) the use of which is governed by applicable data protection laws. It will include any information from which you can be identified, directly or indirectly, in particular by reference to an identifier such as your name, an identification number, location data, an online identifier or other information about your identity.
Collection of Personal Data
The Personal Data we collect from our customers in the EEA, Switzerland and UK through the Data#3 Commerce Portal. We will be the controller of your personal data in the Data#3 system. Please see the following table which lists the Personal Data we collect, its category and the categories of third parties with whom we share Personal Data.
Category of Personal Data | Examples of Personal Data we collect | Categories of third parties with whom we share Personal Data |
Profile or Contact Data |
|
|
Device Data |
|
|
Other identifying information that you voluntarily choose to provide |
|
|
We will collect this Personal Data from you, or from a business with which you have a relationship (including your employer or a related body corporate to the company you are employed by).
Legal basis for processing Personal Data
Data#3 will only process your Personal Data if there is a lawful basis to do so. Lawful bases for processing include where you provide consent for processing, to comply with contractual obligations, to comply with a legal obligation, or for our legitimate interest.
Consent – We process Personal Data based on any consents you expressly grant to us at the time we collect the data.
Compliance with Contractual Obligations – We process the following Personal Data in order to comply with our obligations under contracts with you, including providing you our products and services. If you do not provide this Personal Data, it may result in your inability to access some or all portions of the goods and services we provide:
Legitimate Interest – We process the following Personal Data when we believe it furthers the legitimate interest of Data#3, for example, for the improvement of our services.
Transfer and Recipients of Personal Data
Please refer to the section above titled ‘Collection of Personal Data’ for the categories of third parties who may receive your Personal Data.
We store and retain your personal data in Australia. If you are accessing our Services from outside of Australia, please be aware that your information may be transferred to, stored, and processed by us in our facilities and by those third parties with whom we may share your personal data in Australia or other countries as listed above in the section titled ‘Are we likely to disclose your personal information overseas?’. If you are a resident in the EEA, Switzerland or the UK, then these countries may not necessarily have data protection laws or other similar laws as comprehensive as those in your country. However, we will take reasonable measures to protect your Personal Data in accordance with this privacy notice and applicable law. We have implemented measures to protect your personal data, including as set out above in the section titled ‘Information Security and Storage’.
Where your Personal Data is Transferred to our Business Partners, the relevant Business Partner becomes a controller of such data and will handle it in accordance with their privacy notices.
Retention of Personal Data
We retain personal data for as long as necessary to provide you with our services and perform the commercial purposes for collecting your Personal Data as described in this Privacy and Information Policy.
Your Data Subject rights
If you are an individual you will have certain rights with respect to your Personal Data including the below.
To exercise these rights, please contact: privacy@data3.com.au. The same applies if you have questions about data processing in our company. Please note that we may not be able to fully comply with your request in cases such as where it is frivolous or extremely impractical, if it negatively affects the rights of others or if not required by law. Where we cannot fully comply with your request, we will tell you why. In some cases we also may require further information from you in order to provide a full response. You also have the right to appeal to the data protection supervisory authority.
Annexure B California Resident Rights
If you are a California resident, you have the rights regarding your personal information set out in this Annexure B granted by the California Consumer Privacy Act (CCPA). In this section, where we refer to personal information, it is as defined in the CCPA.
You or your authorised agent may exercise the following rights by emailing your request privacy@data3.com.au and provide:
Your Rights
Access: You have the right to request certain information about our collection and use of your personal information over the past 12 months. We you exercise this right, we will provide you the following information:
Deletion: You have the right to request that we delete Personal Information we have collected about you. This right is subject to exceptions under the CCPA (for example, we may need to retain your Personal Information to provide you with services or complete a transaction you requested, or if deletion would involve a disproportionate effort. In such cases we may deny your request.
Correction: You have the right to request we correct any incorrect Personal Information it has collected about you. Under the CCPA this right is subject to certain exceptions (such as if we decide based on the totality of circumstances that the personal information we hold is correct). In such circumstances we may deny your request.
Processing of Sensitive Personal Information opt-out: California consumers have certain rights over the processing of their sensitive information. Data#3 does not collect sensitive categories of Personal Information of California residents.
Selling Opt-Out: California consumers have certain rights to opt-out of Data#3 sharing or selling their Personal Information to third parties for the purposes of direct marketing. Data#3 does sell customer’s personal information to third parties.
Data#3 will not discriminate against you for exercising your privacy rights.
Speak to one of our solution experts today.
Information provided within this form will be handled in accordance with our privacy statement.