1) Purpose of the Policy
1.1 CAN DO! Content Pty Ltd ABN 36 633 603 371 (we, us or our) provides the services offered through candocontent.com.
1.2 This Privacy Policy has been adopted to ensure that we have standards in place to protect the Personal Information that we collect about individuals that is necessary and incidental to:
(a) Providing the system and services that CAN DO! Content Pty Ltd offers; and
(b) The normal day-to-day operations of our business.
1.3 This Privacy Policy follows the standards of the Australian Privacy Principles set by the Australian Government for the handling of Personal Information under the Privacy Act 1988 (Cth) (Privacy Act) and to the extent applicable, the EU General Data Protection Regulation (GDPR).
1.4 The publication of this Privacy Policy is aimed to make it easy for our clients and the public to understand what Personal Information is collected and stored, why we do so, how we receive and/or obtain that information, and the rights an individual has with respect to their Personal Information in our possession.
1.5. You may contact us in writing at Po Box 3, Glenorie, NSW 2157, Australia of via email hello[at]candocontent.com for further information about this Privacy Policy.
2) Who and What this Policy Applies to
2.1 Our Privacy Policy deals with how we handle “personal information” as it is defined in the Privacy Act (Personal Information).
2.2 We handle Personal Information in our own right and also for and on behalf of our customers and users.
2.3 Our Privacy Policy does not apply to information we collect about businesses or companies, however it does apply to information about the people in those businesses or companies which we store.
2.4 The Privacy Policy applies to all forms of information, physical and digital, whether collected or stored electronically or in hardcopy.
2.5 If, at any time, an individual provides Personal Information or other information about someone other than himself or herself, the individual warrants that they have that person's consent to provide such information for the purpose specified.
2.6 Our website and services are unavailable to children (persons under the age of 18 years). If an individual is under 18 years of age, they can only use our website and services under the supervision of a parent or guardian.
3) Information we Collect
3.1 In the course of business it is necessary for us to collect Personal Information. This information allows us to identify who an individual is for the purposes of our business, share Personal Information when asked of us, contact the individual in the ordinary course of business and transact with the individual. Without limitation, the type of information we may collect is:
(a) Personal Information. We may collect personal details such as an individual’s name, location, date of birth, nationality, family details and other information defined as “Personal Information” in the Privacy Act that allows us to identify who the individual is;
(b) Contact Information. We may collect information such as an individual’s email address, telephone & fax number, third-party usernames, residential, business and postal address and other information that allows us to contact the individual;
(c) Financial Information. We may collect financial information related to an individual such as any bank or credit card details used to transact with us and other information that allows us to transact with the individual and/or provide them with our services;
(d) Statistical Information. We may collect information about an individual’s online and offline preferences, habits, movements, trends, decisions, associations, memberships, finances, purchases and other information for statistical purposes; and
(e) Information an individual sends us. We may collect any personal correspondence that an individual sends us, or that is sent to us by others about the individual’s activities.
3.2 We may collect other Personal Information about an individual, which we will maintain in accordance with this Privacy Policy.
3.3 We may also collect non-Personal Information about an individual such as information regarding their computer, network and browser. This may include their IP address. Where non-Personal Information is collected the Australian Privacy Principles do not apply.
4) How we Collect Information
4.1 Most information will be collected when an individual contacts CAN DO! Content Pty Ltd via email or through the website's contact form either for services or enquiries.
4.2 However we may also receive Personal Information from sources such as advertising, a customer or business's documents/records acquired when completing a task, public records, mailing lists, contractors, staff, and our business partners. In particular, information is likely to be collected as follows:
(a) Supply. When an individual supplies us with goods or services; or
(b) Contact. When an individual contacts us in any way;
4.3 As there are many circumstances in which we may collect information both electronically and physically, we will endeavour to ensure that an individual is always aware of when their Personal Information is being collected.
4.4 Where we obtain Personal Information without an individual’s knowledge (such as by accidental acquisition from a client) we will either delete/destroy the information, or inform the individual that we hold such information, in accordance with the Australian Privacy Principles.
5) When is Personal Information Collected & Used
5.1 In general, the primary principle is that we will not use any Personal Information other than for the purpose for which it was collected other than with the individual’s permission. The purpose of collection is determined by the circumstances in which the information was collected and/or submitted.
5.2 We will retain Personal Information for the period necessary to fulfill the purposes outlined in this Privacy Policy unless a longer retention period is required or permitted by law.
5.3 It may be necessary for us to disclose an individual’s Personal Information to third parties in a manner compliant with the Australian Privacy Principles in the course of our business.
5.4 We will not disclose or sell an individual’s Personal Information to unrelated third parties under any circumstances.
5.5 Information is used to enable us to operate our business, especially as it relates to an individual. This may include:
(a) The provision of goods and services between an individual and us;
(b) Verifying an individual’s identity;
(c) Communicating with an individual about:
i Their relationship with us;
ii Our services;
iii Our own marketing and promotions to customers and prospects;
iv Competitions, surveys and questionnaires;
(d) Investigating any complaints about or made by an individual, or if we have reason to suspect that an individual is in breach of any of our terms and conditions or that an individual is or has been otherwise engaged in any unlawful activity; and/or
(e) As required or permitted by any law (including the Privacy Act).
5.6 There are some circumstances in which we must disclose an individual’s information:
(a) Where we reasonably believe that an individual may be engaged in fraudulent, deceptive or unlawful activity that a governmental authority should be made aware of;
(b) As required by any law (including the Privacy Act); and/or
(c) In order to sell our business (in that we may need to transfer Personal Information to a new owner).
5.7 We will not disclose an individual’s Personal Information to any entity outside of Australia that is in a jurisdiction that does not have a similar regime to the Australian Privacy Principles or an implemented and enforceable privacy policy similar to this Privacy Policy. We will take reasonable steps to ensure that any disclosure to an entity outside of Australia will not be made until that entity has agreed in writing with us to safeguard Personal Information as we do.
5.8 General Data Protection Regulation (GDPR) for the European Union (EU)
5.8.1 CAN DO! Content Pty Ltd will comply with the principles of data protection set out in the GDPR for the purpose of fairness, transparency and lawful data collection and use.
5.8.2 We process your personal information as a Processor and/or to the extent that we are a Controller as defined in the GDPR.
5.8.3 We must establish a lawful basis for processing your personal information. The legal basis for which we collect your personal information depends on the data that we collect and how we use it.
5.8.4 We will only collect your personal information with your express consent for a specific purpose and any data collected will be to the extent necessary and not excessive for its purpose. We will keep your data safe and secure.
5.8.5 We will also process your personal information if it is necessary for our legitimate interests, or to fulfil a contractual or legal obligation.
5.8.6 We process your personal information if it is necessary to protect your life or in a medical situation, it is necessary to carry out a public function, a task of public interest or if the function has a clear basis in law.
5.8.7 We do not collect or process any personal information from you that is considered "Sensitive Personal Information" under the GDPR, such as personal information relating to your sexual orientation or ethnic origin unless we have obtained your explicit consent, or if it is being collected subject to and in accordance with the GDPR.
5.8.8 You must not provide us with your personal information if you are under the age of 16 without the consent of your parent or someone who has parental authority for you. We do not knowingly collect or process the personal information of children.
5.8.9 If you are an individual residing in the EU, you have certain rights as to how your personal information is obtained and used. CAN DO! Content Pty Ltd complies with your rights under the GDPR as to how your personal information is used and controlled
5.8.10 Except as otherwise provided in the GDPR, you have the following rights:
(a) to be informed how your personal information is being used;
(b) access your personal information (we will provide you with a free copy of it);
(c) to correct your personal information if it is inaccurate or incomplete;
(d) to delete your personal information (also known as "the right to be forgotten");
(e) to restrict processing of your personal information;
(f) to retain and reuse your personal information for your own purposes;
(g) to object to your personal information being used; and
(h) to object against automated decision making and profiling.
5.8.11 Please contact us at any time to exercise your rights under the GDPR at the contact details in this Privacy Policy.
5.8.12 We may ask you to verify your identity before acting on any of your requests.
6) Hosting and International Data Transfers
6.1. Information that we collect may from time to time be stored, processed in or transferred between parties or sites located in countries outside of Australia. These may include, but are not limited to Australia and USA.
6.2. We and our other group companies have offices and/or facilities in Australia and USA. Transfers to each of these countries will be protected by appropriate safeguards, these include one or more of the following: the use of standard data protection clauses adopted or approved by the European Commission which you can obtain from the European Commission Website; the use of binding corporate rules, a copy of which you can obtain from CAN DO! Content Pty Ltd's Data Protection Officer.
6.3. The hosting facilities for our website are situated in Australia and USA. Transfers to each of these Countries will be protected by appropriate safeguards, these include one or more of the following: the use of standard data protection clauses adopted or approved by the European Commission which you can obtain from the European Commission Website; the use of binding corporate rules, a copy of which you can obtain from CAN DO! Content Pty Ltd's Data Protection Officer.
6.4. Our Suppliers and Contractors are situated in Australia and USA. Transfers to each of these Countries will be protected by appropriate safeguards, these include one or more of the following: the use of standard data protection clauses adopted or approved by the European Commission which you can obtain from the European Commission Website; the use of binding corporate rules, a copy of which you can obtain from CAN DO! Content Pty Ltd's Data Protection Officer.
6.5. You acknowledge that personal data that you submit for publication through our website or services may be available, via the internet, around the world. We cannot prevent the use (or misuse) of such personal data by others.
7) Safety and Security of Personal Information
7.1 We may appoint a Privacy Officer to oversee the management of this Privacy Policy and compliance with the Australian Privacy Principles and the Privacy Act. This officer may have other duties within our business and also be assisted by internal and external professionals and advisors.
7.2 We will take all reasonable precautions to protect an individual’s Personal Information from unauthorised access. This includes appropriately securing our physical facilities and electronic networks.
7.3 The security of online transactions and the security of communications sent by electronic means or by post cannot be guaranteed. Each individual that provides information to us via the internet or by post does so at their own risk. We cannot accept responsibility for misuse or loss of, or unauthorised access to, Personal Information where the security of information is not within our control.
7.4 We are not responsible for the privacy or security practices of any third party (including third parties that we are permitted to disclose an individual’s Personal Information to in accordance with this policy or any applicable laws). The collection and use of an individual’s information by such third parties may be subject to separate privacy and security policies.
7.5 If an individual suspects any misuse or loss of, or unauthorised access to, their Personal Information, they should let us know immediately.
7.6 We are not liable for any loss, damage or claim arising out of another person’s use of the Personal Information where we were authorised to provide that person with the Personal Information.
8) How to Access and/or Update your Personal Information
8.1 Subject to the Australian Privacy Principles, an individual has the right to request from us the Personal Information that we have about them, and we have an obligation to provide them with such information within 28 days of receiving their written request.
8.2 If an individual cannot update his or her own information, we will correct any errors in the Personal Information we hold about an individual within 7 days of receiving written notice from them about those errors.
8.3 It is an individual’s responsibility to provide us with accurate and truthful Personal Information. We cannot be liable for any information that is provided to us that is incorrect.
8.4 We may charge an individual a reasonable fee for our costs incurred in meeting any of their requests to disclose the Personal Information we hold about them.
9) Complaints and Disputes
9.1 If an individual has a complaint about our handling of their Personal Information, they should address their complaint in writing to us via filling out our contact form/via our email with the subject.
9.2 If we have a dispute regarding an individual’s Personal Information, we both must first attempt to resolve the issue directly between us.
9.3 If we become aware of any unauthorised access to an individual’s Personal Information we will inform them at the earliest practical opportunity once we have established what was accessed and how it was accessed.
10) Contacting Individuals
10.1 From time to time, we may send an individual important notices, such as changes to our terms, conditions and policies. Because this information is important to the individual’s interaction with us, they may not opt out of receiving these communications.
11) Additions to this Policy
11.1 If we decide to change this Privacy Policy, we will post the changes on our webpage at candocontent.com. Please refer back to this Privacy Policy to review any amendments.
11.2 We may do things in addition to what is stated in this Privacy Policy to comply with the Australian Privacy Principles, and nothing in this Privacy Policy shall deem us to have not complied with the Australian Privacy Principles.
Privacy Policy