This policy relates to CIMSability by Liveware’s collection and handling of personal information that is covered by the Privacy Act and the GDPR. It is not intended to cover categories of personal information that are not covered by the Privacy Act or the GDPR.
Collection and use of Personal Information from our website
CIMSability by Liveware collects and holds ‘Personal Information’ which includes both Device Information and Personal Information from visitors to our website. We collect and hold this information when it is necessary for business purposes. The main types of Personal Information CIMSability by Liveware collects and holds relate to information of the visitor’s device and web browser, IP address, time zone, and some of the cookies that are installed on the device. Additionally, we may collect information about the individual web pages that visitors view, what websites or search terms referred a visitor to the Site, and information about how they interact with the Site. We refer to this automatically-collected information as ‘Device Information’. In the course of marketing our professional services, we may collect and hold more detailed personal information. Typically, this information includes names, addresses, telephone numbers, e-mail addresses and job titles.
We collect most information directly from individuals and their devices when they access our website www.cimsability.com.au (‘the site’). The Device Information we collect include the following technologies, Cookies, Log Files and Web beacons.
Because of the nature of our business, we use the Device Information that we collect to help us screen for potential risk and fraud (your IP address), and more generally to improve and optimize our Site (for example, by generating analytics about how our customers browse and interact with the Site, and to assess the success of our marketing and advertising campaigns).
In order to properly manage our website and applications, we may log certain statistics about the users of the facilities, for example the users’ domains and browser types. None of this information specifically identifies an individual and it is used solely to ensure that our websites and applications present the best possible navigational experience for users and detect fraudulent activity and company risk.
If you are a European resident we note that we are processing your information for business purposes (example if you make an enquiry through the Site), or otherwise to pursue our legitimate business interests. Additionally, please note that your information will be transferred outside of Europe, including to Canada and the United States.
Collection and use of Personal Information for Marketing and Client Management:
to provide our services;
to respond to an individual’s request;
to maintain contact with clients;
to keep potential clients and other contacts informed of the services we offer and to notify them of marketing and advertising campaigns;
for general management and reporting purposes, such as invoicing and account management;
for purposes related to the employment of our personnel and providing internal services to our staff;
for the detection of potential risk, fraudulent sites, links and activity; and
other purposes related to our business.
If you choose not to provide us with personal information, we may be unable to do such activities.
We may collect, hold and use personal information about individuals to market our services, including by email. However, individuals always have the opportunity to elect not to receive further marketing information from us by emailing us at email@example.com. Please allow up to 28 days for your request to be processed.
If we collect, hold or use personal information in ways other than as stated in this policy, we will ensure we do so pursuant to the requirements of the Privacy Act and the GDPR.
Collection and use of Personal Information when providing Services
When providing services, the scope and amount of data collected increases to include confidential and sensitive information. Confidential and sensitive information can be any information which is not accessible to the public. It includes information regarding the affairs of clients and third parties including information concerning any contacts, transactions, trade secrets, client or matter lists, financial information or business and marketing plans;
Non-public information concerning the client’s business, including internal emails or documents containing information about the company, finance, fees or management of the business;
Intellectual property, including program design, training and service tools;
Results of research, investigations, interviews, appointments, discussion conducted by, under the order or direction;
Personnel records, salary and promotional plans, transaction information, any information that has substantial financial value, and
The contents of documents prepared by Liveware, the client or partner of Liveware and/or the client.
The above information about any individual or the organisation will not be disclosed to a third party without written consent.
Liveware have outlined the minimum expectations in their internal Privacy and IT and Social media policies for Employees and Managers to protect confidential and sensitive internal, client and third-party related data and reduce and/or remove the risk of a data breaches occurring.
CIMSability by Liveware Employees have a responsibility to report all data breaches no matter how big or small to the Operations Manager or Managing Director.
CIMSability by Liveware Management are responsible for ensuring employees are following the strategies to protect confidential and sensitive internal, client and third-party data.
CIMSability by Liveware Management are the first point of escalation in the event of a data breach. CIMSability by Liveware Management will follow our Internal Data Breach Procedure.
A breach of this Policy will be dealt with seriously and may result in disciplinary action, up to and including termination. For contractors who are found to have breached this Policy, there may be consequences including termination of contract. Where inappropriate use under this Policy constitutes a breach of any law, action may also be taken in accordance with that law by Liveware.
CIMSability by Liveware does not routinely disclose confidential and sensitive information to other organisations unless:
use or disclosure is permitted by this policy;
some or all of the assets or operations of Liveware are or may be transferred to another party as part of the sale of some or all of Liveware’ business;
you give your consent;
such disclosure is otherwise required or permitted by law, regulation, rule or professional standard;
to protect the rights, property or personal safety of any member of the public or a customer of Liveware or the interests of Liveware;
we believe it is necessary to provide you with a product or service which you have requested.
We may also share non-personal, de-identified and aggregated information for research or promotional purposes. Except as set out in this policy, we do not sell to or trade personal information with third parties.
CIMSability by Liveware uses a range of service providers to help us maximise the quality and efficiency of our services and our business operations. This means that individuals and organisations outside of CIMSability by Liveware will sometimes have access to personal information held by CIMSability by Liveware and may collect or use it from or on behalf of CIMSability by Liveware. This may include, but is not limited to, independent contractors and consultants, travel service providers, mail houses, information technology providers, event managers, credit managers and debt collecting agencies. We require our service providers to adhere to our privacy guidelines and not to keep, use or disclose personal information we provide to them for any unauthorised purposes.
CIMSability by Liveware aims to achieve industry best practice in the security of personal information which it holds. It is our policy not to retain personal information once there is no longer a legal or business need for us to do so.
Access to Information
We will provide access to personal information upon request by an individual, except in the limited circumstances in which it is permitted for us to withhold this information (for instance, where granting access would infringe another person’s privacy).
When you make a request to access personal information, we will require you to provide some form of identification (such as a driver’s licence or passport) so we can verify that you are the person to whom the information relates.
If at any time you want to know what personal information we hold about you, you may contact us by emailing us at firstname.lastname@example.org.
Corrections and Concerns
If you believe that information we hold about you is incorrect or out of date, or if you have concerns about how we are handling your personal information, please contact us and we will try to resolve those concerns.
If you wish to have your personal information deleted, please let us know and we will take reasonable steps to delete it (unless we need to keep it for legal, auditing or internal risk management reasons).
Effect of Policy
CIMSability by Liveware operates in a dynamic business environment and we aim to review this policy annually to keep it current.
The amended policy will apply between us even though we have not given you specific notice of any change.
Last Updated: 28 June 2018