Last Update: January 27, 2021
This website (‘the site”) and Byte IQ (Byte) are owned and operated by Byte IQ Pty Ltd. This document outlines the policy in relation to the management of personal information collected, used and stored by Byte
This version of our Policy is effective 1 May 2020. We may update this policy from time to time. Any updated policy will be published on the website.
Byte takes seriously its obligations in relation to the collection, usage and storage of personal information seriously. Byte at all times complies with its obligations under the Privacy Act 1988 (Cth) (“the Act”) and the Australian Privacy Principles (APP) contained in Schedule 1 of the Act.
Byte uses appropriate tools and procedures to protect the personal information which it collects. Byte uses tier-one world class service providers for data storage and processing services. Byte uses industry standard encryption technologies to protect any personal information during communication and at rest. Byte uses access control and audit records (among other security tools and technologies) to protect the personal information held and used by Byte. In addition the personal information collected is stored only in Australia. This information remains under the control of Byte and the usage of ant personal information collected is primarily in the provision of the services offered by byte inclusive of analysis and machine learning services for the client’s of Byte.
Open and Transparent Management of Personal information
Anonymity and Pseudonymity
In accordance with the APP’s, where necessary, Byte will provide an option to any individual who utilises this website or any associated services of Byte to not identify themselves or utilise a pseudonym in the provision of any personal information.
Collection of Personal and Sensitive Information
To provide the service to client’s for which Byte is engaged, it is reasonable necessary to collect personal information. The types of information which Byte may collect include:
- Name, addresses, gender, job titles, e-mails, phone numbers and social media contact details of clients, contractors or third party suppliers
- Financial information surrounding clients inclusive of balance sheet information, profit and loss information, bank account information, practice utilisation rates, patient details including patient numbers, names, ages, gender and other demographic information.
- Utilisation rates of Byte website which is collected by way of cookies and other tracking technologies
- Website analytics data including user location, IP addresses, information about devices accessing our website
As part of the services offered by Byte we maybe required to collect sensitive information such as health information. This information will be provided by clients of Byte and Byte has ascertained that any client has fully complied with their obligations under the Privacy Act 1988 (Cth) and obtained consent from any person for the provision of this information to Byte.
Byte only collects personal information by lawful means. Byte collects personal information from and through Clients and in the process of engageing with suppliers or other third party contractors. This information maybe collected in a number of ways:
- When clients complete any application form;
- When clients provide data and personal information to enable Byte to supply the services for which it is engaged by clients;
- Through any e-mails, letters of other correspondence received from any clients or potential clients;
- When any client completes a survey or any questionnaire which Byte may distribute;
- When any contractors, business partner or suppliers provide any personal information in the process of engageing with Byte;
- When we trade business cards with any person;
- Through our website and through any public registers and directories such as business name and company searches;
- In the course of providing our services to clients and engagement with suppliers and Third party contractors or business partners;
In the event that Byte collects any personal information about an individual from a source other than the individual concerned then Byte will take all steps which maybe reasonably necessary in the circumstances to;
- Notify any person that Byte has collected the personal information;
- Advise as to the circumstances which lead to the collection of the personal information;
- Provide details as to the purpose for which the information is collected;
- Outline the circumstances in which Byte may disclose the personal information to an overseas recipient.
Use or Disclosure of Personal Information
Byte will collect and hold personal information in the data storage facilities utilised by Byte which facilities are protected by industry standard tier one encryption technologies. Byte will use personal information collected for the following purposes:
- To provide the services for which it is engaged by clients;
- To communicate with clients, subcontractors, business partners and any end users, whether by post, e-mail or telephone, all of whom have Privacy policies which comply with the Privacy Act, 1988 (Cth);
- To handle any complaints received surrounding the collection, use or disclosure of any personal information;
- To provide to any solicitor, accountant or other third party engaged to assist Byte in respect to any complaint, investigation or other activity surrounding any breach of the data held by Byte and/or any allegation of improper disclosure of information by Byte to any third party whether such disclosure is made knowingly or otherwise;
- To send marketing material to any clients or other individuals who have consented to the provision of such newsletters from our database
- To send marketing material to clients inclusive of invitations to events and other business opportunities
- For conducting any research or developments of our products and services;
- To provide to hosting providers of the website of Byte and the contractors who store the data of Byte;
Byte will disclose any personal information collected for the purposes set out above which are the primary purposes for which the information is collected and otherwise as may be required by operation of law or to any enforcement body inclusive of the Office of the Information Commissioner and State and Federal Police, as requested and in accordance with the APP.
Quality and Security of Personal Information
Byte will take all setps as are reasonable in the circumstances to ensure that the personal information which it collects is accurate, up to date and complete
Byte will take all steps as needed to ensure the security of any personal information held by it. These steps include the secure storage of the information in encrypted data storage facilities, as well as password protection to the accessing of information by any personnel or employee of Byte. Byte will ensure that all steps necessary to protect the information from misuse, interference and loss have been undertaken inclusive of prevention of unauthorised access, modification and disclosure.
In circumstances where Byte holds personal information which is no longer required for the stated purposes in this policy, or as required by any state or federal legislation, then Byte will take all necessary steps to ensure that such information is de-identifed in accordance with the AAP.
Access to Personal information
Byte will provide access to any lawful request by any person for whose personal information is held. Such request must be in writing and sent to the Privacy Officer of Byte at email@example.com
Any lawful request will be responded to within Thirty (30) days of receipt of the request by Byte. Byte will advise the person who makes such a request as to any fees or charges for providing access which fees or charges will not be unreasonable. Byte will refuse any request for access to personal information in the following circumstances:
- Where Byte reasonably believes where giving access would pose a serious threat to life, health or safety of an individual, or to public health or public safety;
- Giving access would have an unnecessary impact on the privacy or other individuals
- The request is frivolous or vexatious;
- The access relates to existing or anticipated legal proceedings between Byte and the requestor for the information, and such information would not be available by the process of discovery in those proceedings;
- The giving of access would be unlawful;
- The denial of access is required or authorised under Australian Law or by Order of a Court or Tribunal;
- The giving of access is likely to prejudice one or more enforcement relation activities by or on behalf of an Australian enforcement body inclusive of the State and Federal Police and the Office of the Information Commissioner;
- Any other lawful reason as provided for by the APP;
In the event that Byte refuses an individual access to information then Byte will provide written notification of this refusal which notification will set out the reasons for the refusal and the process available to complain about such refusal.
Correction of Personal information
In the event that Byte is satisfied that any personal information it holds is inaccurate, out-of-date, or misleading then Byte will take all steps which are reasonable in the circumstances to correct such information having regard for the purpose for which such information is held.
If an individual whose personal information is held by Byte make a request, which request must be in writing, for the correction of such information, then Byte will so correct the personal information held. In the event that Byte refuses such request it will notify the individual, in writing, as to the reason for the refusal to comply with the request and the process available to complain about such refusal.
Any and all questions surrounding this policy and any complaint to be made to Byte in relation to the personal information held is to be directed to the Privacy Officer of Byte at firstname.lastname@example.org