Privacy policy

PRIVACY POLICY 
1 Introduction 
1.1 From time to time the Company is required to collect, hold, use and/or disclose personal 
information relating to individuals (including but not limited to, its customers, 
contractors, suppliers and employees) in the performance of its business activities. 
1.2 This policy sets out guidelines to assist the Company and its employees to comply with 
the requirements of the Privacy Act 1998 (Cth) (“Privacy Act”) and the Australian Privacy 
Principles (“APP”)
1.3 The APPs relaced the National Privacy Principles from March 12, 2014 and now regulate 
the handling of personal information. Further information can be found at 
https://www.oaic.gov.au/privacy/the-privacy-act
2 Scope 
2.1 This policy applies to the collection, holding, use and disclosure by the Company (or a 
person acting on behalf of the Company) of records containing individual’s personal 
information in Australia. 
2.2 This policy does not apply to the collection, holding, use or disclosure of personal 
information where the personal information is an employee record. 
3 Definitions 
3.1 Employee record is a record of personal information relating to the employment of an 
employee. Examples of personal information relating to the employment of the 
employee include, but are not limited to, health information and information about the 
engagement, training, disciplining, resignation, termination, terms and conditions of 
employment of the employee. 
3.2 Personal Information means information or an opinion (including information or an 
opinion forming part of a database), whether true or not, and whether recorded in a 
material form or not, about an individual whose identity is apparent, or can reasonably 
be ascertained, from the information or opinion. 
3.3 Sensitive Information includes, but is not limited to, information or an opinion about 
racial or ethnic origin, political opinions, religious beliefs, philosophical beliefs, 
membership of a trade union, sexual preferences, criminal record, health information or 
genetic information. 
3.4 Unsolicited Personal Information is personal information that he Company receives 
which it did not solicit. 
4 The collection of sensitive information 
4.1 The Company will only collect sensitive information where you consent to the collection 
of the information and the information is reasonably necessary for one or more of the 
Company’s functions or activities. 
5 The destruction of unsolicited personal information 
5.1 Unless the Company determines that it could have collected the personal information in 
line with the APPs , or the information is contained within a Commonwealth record, it 
must destroy the information to ensure it is de-identified. 
6 Kinds of information the Company collects and holds 
6.1 The Company collects personal information that is reasonably necessary for one or more 
of its functions or activities. 
6.2 The type of information the Company collects and holds may depend on the relationship 
with the Company. For example: 
6.2.1 Candidate: the Company may collect and hold information including the 
candidate’s name, address, email address, contact telephone number, gender, 
age, employment history, references, resume, medical history, emergency 
contact, taxation details, qualifications and payment details; 
6.2.2 Customer: the Company may collect and hold information including the name, 
address, email address, contact telephone number, gender and age of the 
customer; 
6.2.3 Supplier: the Company may collect and hold information including the name, 
address, email address, contact telephone number, business records, billing 
information and information about goods and services supplied to the Company 
by the supplier; 
6.2.4 Referee: the Company my collect and hold information including the name, 
contact details, current employment information and professional opinion of the 
referee relevant to any candidate being considered for employment by the 
Company. 
7 How the Company collects and holds personal information 
7.1 The Company must collect personal information only by lawful and fair means. The 
Company will collect personal information directly from you if it is reasonable and 
practicable to do so. 
7.2 The Company may collect personal information in a number of ways, including without 
limitation: 
7.2.1 through application forms; 
7.2.2 by email or written mechanisms; 
7.2.3 over a telephone call; 
7.2.4 in person; 
7.2.5 through transactions; 
7.2.6 through our website/s; 
7.2.7 through surveillance camera/s; 
7.2.8 by technology that is used to support communication between us; 
7.2.8.1 through publically available information sources (which may include 
telephone directories, the internet and social media sites); 
7.2.8.2 direct marketing database providers; 
7.3 When the Company collects personal information about you through publicly available 
information sources, it will manage such information in accordance with the APPs. 
7.4 Either before, at, or as soon as reasonably practicable after the Company collects 
personal information, the Company must take reasonable steps in the circumstances to 
either notify you or otherwise ensure that you are made aware of the following: 
7.4.1 that the Company has collected personal information from someone other than 
you 
7.4.2 the purpose for which the Company has collected the personal information 
7.4.3 the consequences if the Company does not collect some or all of the personal 
information 
7.4.4 any other third party to which the Company may disclose the personal 
information 
7.4.5 whether the Company is likely to disclose personal information to overseas 
recipients and the countries in which those recipients are likely to be located 
7.4.6 the Company’s Privacy Policy (this Policy) contains information about how you 
may access and seek correction of personal information held by the Company 
and how you may complain about a breach of the APPs. 
8 Purposes for which the Company collects, holds, uses and/or discloses personal information 
8.1 The Company will collect personal information if it is reasonably necessary for one or 
more of its functions or activities. 
8.2 The main purposes for which the Company may collect, hold, use and/or disclose 
personal information may include but are not limited to: 
8.2.1 recruitment functions; 
8.2.2 customer service management; 
8.2.3 training and events; 
8.2.4 surveys and general research, and 
8.2.5 business relationship management. 
8.3 The Company may also collect, hold, use and/or disclose personal information if you 
consent, or if required or authorised under law. 
8.4 Direct marketing: 
8.4.1 the Company may use or disclose personal information (other than sensitive 
information) about you for the purpose of direct marketing (for example, 
advising you or new goods and/or services being offered by the Company); 
8.4.2 the Company may use or disclose sensitive information about you for the 
purpose of direct marketing if you have consented to the use or disclosure of the 
information for that purpose; 
8.4.3 you can opt out of receiving direct marketing communications from the Company 
by contacting ganeshr@digistor.com.auin writing, or if permissible, accessing the 
Company’s website and unsubscribing. 
9 Disclosure of personal information 
9.1 The Company may disclose your personal information for any of the purposes for which 
it was collected, as indicated in Clause 8 above, or where it is under a legal duty to do so. 
9.2 Disclosure will usually be internally, to related entities or to third parties such as 
contracted service providers. 
9.3 Before the Company discloses personal information about you to a third party the 
Company will take steps, as are reasonable in the circumstances, to ensure the third 
party does not breach the APPs in relation to the information. 
10 Access to personal information 
10.1 If the Company holds personal information about you, you may request access to that 
information by putting the request in writing and sending it to ganeshr@digistor.com.au

10.2 The Company will respond to any request within a reasonable time. 
10.3 There are certain circumstances in which the Company may refuse to grant you access 
to the personal information. In such situations the Company will give you written notice 
explaining: 
10.3.1 the reasons for the refusal; 
10.3.2 the mechanisms available to you to make a complaint. 
11 Correction of personal information 
11.1 If the Company holds personal information that is inaccurate, out-of-date, incomplete, 
irrelevant or misleading, it must take reasonable steps to correct the information. 
11.2 If the Company holds personal information and you make a request in writing addressed 
to ganeshr@digistor.com.auto correct the information, the Company must take 
reasonable steps to respond within a reasonable period and to correct the information. 
11.3 There are certain circumstances in which the Company may refuse to correct the 
personal information. In such situations the Company will give you written notice 
explaining: 
11.3.1 the reasons for the refusal; 
11.3.2 the mechanisms available to you to make a complaint. 
11.4 If there is a need to correct personal information previously supplied to a third party and 
you request us to notify the third party of the correction, the Company will take 
reasonable steps to provide that notification unless impracticable or unlawful to do so. 
12 Integrity and security of personal information 
12.1 The Company will take reasonable steps in the circumstances to ensure the personal 
information it: 
12.1.1 collects is accurate, up-to-date and complete; and 
12.1.2 uses or discloses, having regard for the purpose of the use or disclose, is 
accurate, up-to-date and complete. 
12.2 The Company will take reasonable steps in the circumstances to protect the personal 
information from misuse, interference, loss and inform unauthorised access, 
modification and/or disclosure. 
12.3 If the Company holds personal information it no longer needs for any purpose and/or 
the information is not contained in any Commonwealth record and/or the Company is 
not required by law to retain that information, it will take reasonable steps to destroy 
the information or to ensure it is de-identified. 
13 Anonymity and pseudonymity 
13.1 You have the option of not identifying yourself, or using a pseudonym, when dealing 
with the Company in relation to any matter. This does not apply: 
13.1.1 where the Company is required, or authorised by, or under an Australian law, or 
a count/tribunal order, to deal with individuals who have identified themselves; 
or 
13.1.2 where it is impracticable for the Company to deal with individuals who have not 
identified themselves, or who have used a pseudonym. 
13.2 However, in some cases, if you do not provide the Company with your personal 
information when requested, the Company may not be able to respond to your request 
or provide you with the goods or services that you are requesting. 
14 Complaints 
14.1 You have a right to complain about the Company’s handling of your personal 
information if you believe the Company has breached the APPs. 
14.2 If you wish to make such a complaint to the Company, you should first contact 
ganeshr@digistor.com.au in writing. Your complaint will be dealt with in accordance 
with the Company’s grievance procedure and the Company will provide a response 
within a reasonable period. 
14.3 If you are not satisfied with the Company’s response to your complaint, you may refer 
your complaint to the Office of the Australian Information Commissioner at 
www.oiac.gov.au. 

 

Back to top