outlining the personal information handling practices of Web Coach including the collection, holding, use and disclosure of your personal information to allow Web Coach to carry out the various functions and/or activities. The functions and/or activities include but, are not limited to:
- taking other regulatory action under any relevant legislation
- responding to any requests or complaints
- communicating with the public, stakeholders and the media including through websites and social media
- assessing suitable candidates for career opportunities.
- providing any information if compelled to by law or any other order or direction.
Collection of your personal information
There are many aspects of the site which can be viewed without providing personal information and we will endeavour to only collect the information we need specifically for the function and/or activities we are carrying out which are generally required for consumers or to access to future Web Coach customer support features which require the submission of personally identifiable information. This may include but, is not limited to a unique username and password and also may require you to provide sensitive information in the recovery of your lost password. The main way in which Web Coach collects personal information is when it is supplied by the customer or client to us directly. Such information which may be supplied by you to us is contact details, login details or passwords
, review, complaint, data breach notification and/or details of reports by the following:
- if you contact us to ask for information
- if you make a complaint about a privacy breach to us
- if you make a complaint
- if you notify us about a potential or actual breach
- if you report a matter for investigation
- if you apply for employment position with us
In the event that we further investigate a complaint or review a policy, we then may also request further information from you or take an opinion from you in relation to a matter. If you are in a situation where you are participating in a meeting or involved in our of our committees, then we may also take additional information from you. If we need to, we may take sensitive information from you about your health, ethnicity or background when for example, we are managing a complaint. In the course of handling and resolving a complaint, data breach notification, review or an investigation, we may collect personal information (including sensitive information) about you indirectly from publicly available sources or from third parties such as:
- your authorised representative, if you have one
- applicants, complainants, respondents to a complaint, investigation, application or data breach notification or the third parties’ employees and witnesses.
We also collect personal information from publicly available sources to enable us to contact stakeholders who may be interested in our work or in participating in our consultations.
Where possible, we will allow you to interact with us anonymously or using a pseudonym. For example, if you contact our Enquiries line with a general question we will not ask for your name unless we need it to adequately handle your question. However, for most of our functions and activities we usually need your name and contact information and enough information about the particular matter to enable us to fairly and efficiently handle your inquiry, request, complaint or application, or to act on your report.
Collecting through our websites
Web Coach has its own public website (www.Webcoach.com.au) and we manage the website. There are a number of ways in which we collect information through our website.
We use (Google Analytics) to collect data about your interaction with our website. Google Analytics is hosted by a third party. The sole purpose of collecting your data in this way is to improve your experience when using our site. The types of data we collect with these tools include:
- your device’s IP address (collected and stored in an anonymized format)
- device screen size
- device type, operating system and browser information
- geographic location (country only)
- referring domain and out link if applicable
- search terms and pages visited
- date and time when website pages were accessed
Cookies are small data files transferred onto computers or devices by websites for record-keeping purposes and to enhance functionality on the website. Most browsers allow you to choose whether to accept cookies or not. If you do not wish to have cookies placed on your computer, please set your browser preferences to reject all cookies before accessing our website.
Email lists, registrations and feedback
. When subscribing to one of our mailing lists, you will be asked verbally to give your express consent that Web Coach may use your data for marketing purposes. Analytics are performed when you click on links in the email, or when you download the images in the email. They include which emails you open, which links you click, your mail client (eg ‘Outlook 2016’ or ‘iPhone’), if your action occurred on ‘mobile’ or ‘desktop’, and the country geolocation of your IP address (the IP address itself is not stored). Social Networking Services:-
We use social networking services such as Twitter, Facebook and YouTube to communicate with the public about our work. When you communicate with us using these services we may collect your personal information, but we only use it to help us to communicate with you and the public. The social networking service will also handle your personal information for its own purposes. These services have their own privacy policies. You can access the privacy policies for Twitter
(a Google company) on their websites.
In the event you wish to make a complaint, notify us of any actual or potential breach, application or enquiry for a job we will send you an appropriate form. If a complainant or applicant requests that only limited information is disclosed to the respondent, we may not have enough information to be able to fairly proceed with the matter. The respondent must have sufficient information to respond to the matter in a meaningful way.
Common situations in which we disclose information are detailed below.
Data breach notifications
If you notify the relevant authority about a data breach we will not disclose personal information about you unless you agree, or would reasonably expect us to unless we are compelled to by law.
Review of decisions
We may disclose personal information to another review body if a complainant, applicant or respondent seeks an external review of a decision or makes a complaint to the Commonwealth Ombudsman.
Publication of decisions and reports
Generally, when we publish decisions, determinations or reports (on our website) if you are a party who is an individual we will not publish your name unless you ask for it to be published. We may also publish other information about cases that we have resolved without a formal decision. We will not publish your name.
Disclosure to the media
We generally only provide the media with personal information relating to a complaint if you have agreed.
Disclosure to service providers
We use a number of service providers to whom we disclose personal information. These include providers that host our website servers, manage our IT services. To protect the personal information we disclose we:
- enter into a contract or memorandum of understanding which requires the service provider to only use or disclose the information for the purposes of the contract or memorandum of understanding
- include special privacy requirements in the contract or memorandum or understanding, where necessary.
Disclosure of sensitive information
We only disclose your sensitive information for the purposes for which you gave it to us or for directly related purposes you would reasonably expect or if you agree, for example, to handle a complaint.
Disclosure to other regulators or external dispute resolution schemes
We may disclose information that relates to complaints or investigations to other Australian or international regulators, or to external dispute resolution (EDR) schemes. We will generally only disclose your personal information to other regulators or EDR schemes if you agree and where the information will assist us or the other regulator or EDR scheme investigate a matter.
Disclosure of personal information overseas
Generally, we only disclose personal information overseas so that we can properly handle the complaint or application. For example, if:
- the complainant or respondent to a complaint is based overseas
- an Australian-based respondent is a related body corporate to an overseas company
- you have complained to an overseas entity and us about the same or a related matter.
Web traffic information is disclosed to Google Analytics when you visit our websites. Google stores information across multiple countries. When you communicate with us through a social network service such as Facebook or Twitter, the social network provider and its partners may collect and hold your personal information overseas.
Quality of personal information
To ensure that the personal information we collect is accurate, up-to-date and complete we:
- record information in a consistent format
- where necessary, confirm the accuracy of information we collect from a third party or a public source
- promptly add updated or new personal information to existing records
- regularly audit our contact lists to check their accuracy.
We also review the quality of personal information before we use or disclose it.
Storage and security of personal information
We take steps to protect the security of the personal information we hold from both internal and external threats by:
- regularly assessing the risk of misuse, interference, loss, and unauthorised access, modification or disclosure of that information
- taking measures to address those risks, for example, we keep a record (audit trail) of when someone has added, changed or deleted personal information held in our electronic databases and regularly check that staff only access those records when they need to
- conducting regular internal and external audits to assess whether we have adequately complied with or implemented these measures.
We destroy personal information in a secure manner when we no longer need it. We generally destroy complaint records after two years.
How to make a complaint
If you wish to complain to us you should complain in writing. If you need help lodging a complaint, you can contact us. If we receive a complaint from you about how we have handled your personal information we will determine what (if any) action we should take to resolve the complaint. If we decide that a complaint should be investigated further, the complaint will usually be handled by a more senior officer than the officer whose actions you are complaining about. We will assess and handle complaints about the conduct of Web Coach or any of our officers or employees within the guidelines according to any relevant legislation (if such legislation is applicable). We will tell you promptly that we have received your complaint and then respond to the complaint. If you are not satisfied with our response you may ask for a review by a more senior officer within Web Coach (if that has not already happened) or you can complain to the Commonwealth Ombudsman.
How to contact us
You can contact us by calling 1300 920 881 or emailing [email protected]
Sharing of your personal information
We may occasionally engage third parties to provide services on our behalf, including but not limited to handling customer support enquiries, provision of services, processing transactions or customer freight shipping. Those parties may be permitted to obtain only the personal information they need to deliver the service. Web Coach takes reasonable steps to ensure that these parties are bound by confidentiality and privacy obligations in relation to the protection of your personal information.