20.1 All emails, documents, images or other recorded information held or used by the Contractor is Personal Information, as defined and referred to in clause 20.3, and therefore considered Confidential Information. The Contractor acknowledges its obligation in relation to the handling, use, disclosure and processing of Personal Information pursuant to the Privacy Act 1988 (“the Act”) including the Part IIIC of the Act being Privacy Amendment (Notifiable Data Breaches) Act 2017 (NDB) and any statutory requirements, where relevant in a European Economic Area (“EEA”), under the EU Data Privacy Laws (including the General Data Protection Regulation “GDPR”) (collectively, “EU Data Privacy Laws”).
The Contractor acknowledges that in the event it becomes aware of any data breaches and/or disclosure of the Clients Personal Information, held by the Contractor that may result in serious harm to the Client, the Contractor will notify the Client in accordance with the Act and/or the GDPR. Any release of such Personal Information must be in accordance with the Act and the GDPR (where relevant) and must be approved by the Client by written consent, unless subject to an operation of law.
20.2 Notwithstanding clause 20.1, privacy limitations will extend to the Contractor in respect of Cookies where transactions for purchases/orders transpire directly from the Contractor’s website. The Contractor agrees to display reference to such Cookies and/or similar tracking technologies, such as pixels and web beacons (if applicable), such technology allows the collection of Personal Information such as the Client’s: (a)IP address, browser, email client type and other similar details; (b)tracking website usage and traffic; and (c) reports are available to the Contractor when the Contractor sends an email to the Client, so the Contractor may collect and review that information (“collectively Personal Information”).
In order to enable / disable the collection of Personal Information by way of Cookies, the Client shall have the right to enable / disable the Cookies first by selecting the option to enable / disable, provided on the website prior to proceeding with a purchase/order via the Contractor’s website.
20.3 The Client agrees for the Contractor to obtain from a credit reporting body (CRB) a credit report containing personal credit information (e.g. name, address, D.O.B, occupation, driver’s license details, electronic contact (email, Facebook or Twitter details), medical insurance details or next of kin and other contact information (where applicable), previous credit applications, credit history) about the Client in relation to credit provided by the Contractor.
20.4 The Client agrees that the Contractor may exchange information about the Client with those credit providers and with related body corporates for the following purposes:
(a)to assess an application by the Client; and/or
(b)to notify other credit providers of a default by the Client; and/or
(c) to exchange information with other credit providers as to the status of this credit account, where the Client is in default with other credit providers; and/or
(d)to assess the creditworthiness of the Client including the Client’s repayment history in the preceding two (2) years.
20.5 The Client consents to the Contractor being given a consumer credit report to collect overdue payment on commercial credit.
20.6 The Client agrees that personal credit information provided may be used and retained by the Contractor for the following purposes (and for other agreed purposes or required by): (a)the provision of Services; and/or (b) analysing, verifying and/or checking the Client’s credit, payment and/or status in relation to the provision of Services; and/or(c) processing of any payment instructions, direct debit facilities and/or credit facilities requested by the Client; and/or (d) enabling the collection of amounts outstanding in relation to the Services.
20.7 The Contractor may give information about the Client to a CRB for the following purposes: (a)to obtain a consumer credit report; (b) allow the CRB to create or maintain a credit information file about the Client including credit history.
20.8 The information given to the CRB may include:
(a) Personal Information as outlined in 20.3 above;
(b) name of the credit provider and that the Contractor is a current credit provider to the Client;
(c) whether the credit provider is a licensee;
(d)type of consumer credit;
(e) details concerning the Client’s application for credit or commercial credit (e.g. date of commencement/termination of the credit account and the amount requested); (
f) advice of consumer credit defaults, overdue accounts, loan repayments or outstanding monies which are overdue by more than sixty (60) days and for which written notice for request of payment has been made and debt recovery action commenced or alternatively that the Client no longer has any overdue accounts and the Contractor has been paid or otherwise discharged and all details surrounding that discharge(e.g. dates of payments);
(g)information that, in the opinion of the Contractor, the Client has committed a serious credit infringement; (h) advice that the amount of the Client’s overdue payment is equal to or more than one hundred and fifty dollars ($150).
20.9 The Client shall have the right to request (by e-mail) from the Contractor: (a) a copy of the Personal Information about the Client retained by the Contractor and the right to request that the Contractor correct any incorrect Personal Information; and (b)that the Contractor does not disclose any Personal Information about the Client for the purpose of direct marketing.
20.10 The Contractor will destroy Personal Information upon the Client’s request (by e-mail) or if it is no longer required unless it is required in order to fulfil the obligations of this Contract or is required to be maintained and/or stored in accordance with the law.
20.11 The Client can make a privacy complaint by contacting the Contractor via e-mail. The Contractor will respond to that complaint within seven (7) days of receipt and will take all reasonable steps to make a decision as to the complaint within thirty (30) days of receipt of the complaint. In the event that the Client is not satisfied with the resolution provided, the Client can make a complaint to the Information Commissioner at www.oaic.gov.au.