- This is the privacy and credit reporting policy of Painted Steel Technologies Pty Limited ACN 634 241 624 and its related entities (‘Nexteel’, ‘we’ or ‘us’). The purpose of this policy is to ensure that any individual who provides information to Nexteel is protected under Australian law, in accordance with the Privacy Act 1988 (Cth) (‘Privacy Act’).
- Nexteel will be considered a credit provider in relation to providing credit under the Privacy Act when it provides credit terms of more than 7 days to its customers who are sole traders (individuals) or in a partnership. Nexteel will in such circumstances comply with the Privacy (Credit Reporting) Code in relation to the credit.
- Words defined in the Privacy Act have the same meaning when used in this policy.
2 Protecting your privacy
We seek to protect and maintain the privacy, accuracy and security of your personal information. We will comply with the Australian Privacy Principles (‘APPs’) in the Privacy Act.
3 Collection of information
- We may collect personal information about you such as:
- your name, current address, previous address details;
- date of birth and gender;
- email addresses and telephone and or mobile numbers;
- current and previous employment information; and
- your credit-related personal information (see clause 3.2 below).
- We collect information when you use our website. Please refer to the website section of this policy for further details.
- We do not collect sensitive information about you such as your racial or ethnic origin, political opinions, religious beliefs or affiliations.
- If there is another person named in any correspondence, you may need to provide their personal information and you warrant that the other person has consented to the collection of their personal information for the reasons it is being collected.
3.2 Credit-Related Personal Information
- Nexteel sometimes provides goods and services to customers on credit as well as extending advances to its customers and suppliers. In connection with this credit (or advance), Nexteel does in some cases handle certain consumer credit related personal information described below (‘credit-related personal information’), including information from credit reporting bodies (‘CRBs’). For example, Nexteel may handle this information in providing credit (or advances) to sole traders, or where individuals such as directors provide personal guarantees for credit Nexteel provides to their companies.
- We may collect credit-related personal information about you such as:
- your name, sex, date of birth, driver’s licence number, builder’s licence, employer and address;
- confirmation of previous information requests to CRBs made by other credit providers and credit insurers about you;
- details of previous credit applications, including the amount and type of credit and credit limit;
- details of current and previous credit arrangements, including credit providers, start/end dates and certain terms and conditions;
- permitted payment default information, including information about related payment arrangements and subsequent repayment;
- information about serious credit infringements (e.g. fraud);
- information about adverse court judgments and insolvency;
- publicly available information about the individual’s credit worthiness; and
- any credit score or credit risk assessment indicating a CRB’s or credit provider’s analysis of the individual’s eligibility for consumer credit.
4 If you do not provide personal information
The main consequence for you, if some or all of the above personal information is not collected by us is that we may not be able to provide goods, services (including on credit), and advance or information to you, or be able to provide them to the same standard as if we had the information requested.
5 How we collect personal information
We collect personal information in a variety of ways. We mainly collect information from you when you knowingly provide it to us via our website, mailing list, email or by phone, when you contract with us or make a request or enquiry of us.
5.2 Suppliers & Business Customers
- We collect personal information from our suppliers and commercial customers when they provide it to us as part of an application to supply goods and/or services or when they request Nexteel to provide goods and/or services or an advance to them.
- We may also collect personal information about you from your representatives, including your spouse, business partner or professional adviser (where it is reasonable and practical to do so).
- We may collect credit-related information from the “trade references” or bankers you list in our credit application, or such other credit providers named in a credit report issued by a credit reporting agency.
- Nexteel may obtain a credit report from a credit reporting agency about your personal credit worthiness and activities, or where it is relevant to collecting overdue payments, in respect of credit provided to you, information in relation to collecting overdue payments.
5.3 Third Party
In the course of our business, it may be necessary to collect personal information about an individual from a third party. If we collect personal information about you from a third party we will, where required, take reasonable steps to ensure that you are notified or aware that we are holding personal information about you, how we will use and disclose it, and that you may contact us to gain access to and correct and update the information.
6 Why we collect, hold and use and disclose personal information
- We collect, hold, use and disclose personal information about individuals when it is necessary for us to carry on our business functions or to comply with laws.
- We may collect, hold, use and disclose your personal information to answer your enquiry or to provide the information or service that you requested.
- We may also collect, hold, use or disclose your personal information:
- to conduct checks for credit worthiness or fraud;
- to enable us to develop, administer and manage our services and business;
- to verify your identity;
- to customise services to better meet your needs and preferences;
- for statistical purposes;
- to provide you with warranties for our products;
- for future promotional and marketing purposes including direct marketing;
- for research purposes to better improve our websites, products or services;
- for other customer support purposes;
- in the process of procuring advice from legal and accounting firms, auditors, contractors, consultants and other advisors;
- in the ongoing administration of the shareholder register;
- where you have given us your consent (express or implied);
- to deal with complaints, queries or feedback; and
- when authorised or required by law.
7 How we hold personal information
- We will generally hold personal information in physical records, records on our servers, and in some cases, records on third party servers, which may be located overseas.
- We take reasonable steps to hold all hard copy and electronic records of your personal information in a secure manner to ensure that it is protected from misuse, interference and loss, and unauthorised access, modification or disclosure. Despite taking appropriate measures to protect personal information used and collected by us, please be aware that no data security measures can guarantee 100% security all the time. We cannot guarantee the security of any information transmitted to us by the internet and such transmission is at your own risk.
- You are solely responsible for maintaining the secrecy of any passwords and other account information pertaining to our platform or services.
- We will destroy or de-identify your personal information once it is no longer needed for a valid purpose or required to be kept by law.
8 When we may disclose your personal information to third parties
In the course of conducting our business we may provide your personal information to:
(a) credit providers and credit reporting agencies;
(b) employees, contractors and subcontractors;
(c) an individual’s representatives;
(d) government and regulatory authorities; and
(e) our professional advisers, including our lawyers, auditors and accountants.
We may disclose your personal information to third parties:
(a) to meet the purpose for which it was submitted;
- if we have your consent to do so or otherwise when we are authorised by law;
- if we are required by law to disclose the information.
Nexteel may disclose your personal information to its subcontractors or consultants when it engages third party service providers to undertake works as part of its service delivery to its customers.
Nexteel may exchange personal information with its contractors who provide services to Nexteel including third parties who undertake internal business processes, including:
(b)billing and debt recovery functions; and
9 Credit Related Personal Information
Nexteel may disclose credit-related personal information to CRBs to assist the CRBs to maintain information about individuals to provide to other credit providers for credit assessments.
Nexteel may collect credit-related personal information from CRBs for purposes including, to the extent permitted by law, to assess relevant credit or guarantee applications, manage and review the credit or guarantee, assign debts, collect overdue payments and produce assessments and ratings in respect of the individual’s credit worthiness Nexteel may also exchange credit-related personal information with guarantors, debt buyers and other credit providers.
Nexteel may use Equifax as a CRB.
10 Overseas recipients
We may disclose personal information to overseas recipients where:
(a) the overseas recipient is a party to the matter for which you have engaged us; or
(b)we have engaged an overseas recipient to provide services to us, such as SaaS (software as a service) or cloud-based storage solutions.
The countries in which such recipients are located will depend on the nature of the services being provided by us and the particular matter involved. We will, where practicable, advise you of the countries in which overseas recipients are likely to be located.
Please note that the use of overseas service providers to store personal information will not always involve a disclosure of personal information to that overseas provider. However, by providing us with your personal information, you consent to the storage of such information on overseas servers and you acknowledge and agree that APP 8.1 will not apply to the extent that such storage constitutes a cross-border disclosure. It should be noted however, that international recipients may not have data protection laws that provide the same level of protection that exists under the Australian Privacy Principles, and in the event that an overseas recipient breaches the Australian Privacy Principles, that entity will not be bound by, and you will not be able seek redress under the Privacy Act.
All personal information held by us will be handled and stored in accordance with our obligations under the Privacy Act. We will take reasonable steps to:
- make sure that the personal information we collect, use or disclose is accurate, complete and up to date;
- protect the information from misuse, interference, loss or unauthorised access, modification or disclosure both physically and through security methods; and
- destroy or permanently de-identify the information if it is no longer needed for any purpose.
- When you visit our websites, we or agencies on our behalf and our internet service provider may monitor and take a record of your visit and log “clickstream data” for statistical purposes such as your server’s IP address.
- Any link on the Nexteel website to external entities are not covered within this policy. The terms and conditions set out in this privacy statement only cover the domain name of www.nexteel.com.au.
- At your request we will provide details of the personal information we hold about you. The release of information is subject to some exceptions such as information relating to existing or any anticipated legal proceeding, together with exceptions provided by the Privacy Act.
- Unless unusual circumstances apply, we should provide access of your personal information to you within 30 days of the request.
- We reserve the right to charge a fee for providing access to your information when permitted by law. We will not charge the individual for the making of the request, for correcting the personal information or for associating the statement with the personal information (as the case may be).
- To protect your personal information, the request to us must be in writing and can be sent by letter or facsimile or email. All correspondence should be addressed to:
Mail: Attention: Kate Elies
Painted Steel Technologies Pty Ltd
5-17 Taminga Street
Regency Park SA 5010
- Our objective is to respond to any request within a reasonable timeframe.
- We also aim to ensure that your personal information is accurate, up to date and complete. Amendment of personal information will be conducted upon written request from you. You can contact us by writing to the address above to do this.
- We are committed to the protection of your privacy and personal information. Complaints you may have about your personal information can be lodged with us by using the contact details above.
- We will attempt to resolve any complaints within 10 working days. If resolution is not possible within this timeframe, we will contact you to discuss the matter further.
- You also have the right under the Privacy Act to make a complaint to the Information Commissioner.
15 Changes to this policy
This policy is subject to change over time without prior notice. We may amend this policy by updating this posting.
16 Copies of this policy
You can ask us to provide you with a copy of this policy, including a hard copy, by contacting us using the contact details above.
Date published: March 2020