Delacon's Privacy Statement

Delacon Pty Ltd fully understands and appreciates that privacy is a major concern for all our clients. We ensure that your personal information is protected at all times in accordance with all relevant laws.

DELACON PRIVACY POLICY

1 ABOUT THIS PRIVACY POLICY

1.1 This Privacy Policy applies to Delacon Pty Limited (ABN 42 074 596 553) and its subsidiary and affiliate companies (collectively “Delacon”, “we”, “us”, “our” and “Delacon Group”). It is available on our websites, or you can request a copy in a different format (e.g. a hard copy or email attachment) by emailing privacy@delaconcorp.com or telephoning +61 2 8019 0200.

Privacy laws that Delacon complies with include the Australian Privacy Act 1988 (Cth) (“Privacy Act”) and the Australian Privacy Principles (“APPs”).

1.2 Delacon respects your privacy and is committed to:

• ensuring we comply with the privacy laws, regulations and codes applying to us; and
• dealing effectively with your enquiries and complaints concerning our compliance with privacy laws, regulations and codes.

If you have any queries about Delacon’s privacy practices, please contact our Privacy Officer by emailing privacy@delaconcorp.com or telephoning +61 2 8019 0200.

1.3 This Privacy Policy applies to the personal information that we collect:

• at www.delaconcorp.com and our other websites (collectively, our “Site”),including customer log-in areas and web enquiry forms;
• by telephone and email;
• through Delacon iOS or Android apps; and
• on behalf of our Customers in providing our call analytics services to them.

“Personal information” means information or an opinion about an identified individual or an individual who is reasonably identifiable. For example, the name, address or telephone number of a customer or a person submitting a web enquiry.

Delacon provides call analytics services to small, medium and large businesses (“Customers”). Our services (collectively, “Call Analytics Services”) include:
• helping Customers track and evaluate the performance of their advertising, by measuring and analysing telephone calls generated by online, mobile and offline ad campaigns;
• helping Customers drive sales leads and/or other desired outcomes through targeted ad campaigns, and provide related analytics services; and
• providing Customers with call recording and other data services for their inbound calls.

1.4 Overview

This Privacy Policy explains how we manage: (i) the personal information we collect through our Site and apps, and by telephone and email; (ii) the information we collect on behalf of Customers through our call analytics platform; and (iii) the online information we may collect in connection with customised advertising.
The policy covers:

(a) the types of personal information we collect and hold;
(b) how we collect personal information;
(c) why we collect and hold personal information;
(d) how we use and disclose personal information;
(e) the security measures we use to protect personal information;
(f) how you can access your personal information held by us and have it corrected;
(g) how you can complain about the way we deal with your personal information, and how we will deal with your complaint; and
(h) whether we are likely to disclose your personal information to overseas recipients, and if so the likely location(s) of those recipients.

1.5 Your agreement

Please read this policy carefully to understand how we will treat your personal information. By:

• using any Delacon website (including via mobile phone) or Delacon iOS or Android app; or
• agreeing to the terms and conditions for any of our services,

you confirm you have read and agree to this Privacy Policy.

We will review this Privacy Policy from time to time, and we reserve the right to modify or update it at any time. You acknowledge that we may make changes to this Privacy Policy. Changes to this Privacy Policy will come into effect immediately when uploaded to our Site or Delacon’s iOS or Android apps. If you continue using our products or services after changes to this Privacy Policy are uploaded, you will be taken to have accepted those changes.

1.7 Delacon will rely on any applicable exemption in the Privacy Act or other privacy legislation relating to “employee records”. This means that, in relation to personal information Delacon holds about its current or former employees (relating to their employment), Delacon:

• will not be bound by the requirements of the Privacy Act in many cases; and
• may also not be bound by the requirements of other privacy laws.

1.8 Our Site may contains links to other third-party sites. We have no control over those third-party sites, and we are not responsible or liable for their content or the privacy practices applying to them.

2 TYPES OF INFORMATION WE COLLECT AND HOLD

The type(s) of personal information we collect from you and hold depend on:

• how you are dealing with us; and
• requirements of the laws, regulations, codes, licences and rules applying to us.

Below is a list of the main types of information, however it is not exhaustive.

2.1 Opening a customer account

If you wish to become a customer of Delacon, or you are a director, officer, employee or contractor acting on behalf of a customer or prospective customer of Delacon, we will need your:

• name;
• residential and email addresses; and
• telephone number.

We may also ask for:

• copies of documents confirming your identity, such as your: driver’s licence, passport, birth certificate and/or utility bills; and
• other information, such as your credit card or bank account details (which may include a photocopy or scanned image of the front and back of your credit card). That information may be used to set up a direct debit, for example.

2.2 Our Site: enquiries, blogs, forums, social media

If you send us an enquiry through our Site, we may collect your name, phone number and email address. We may also collect your responses to our correspondence and to any promotions running on the Site.

Our Site may include publicly accessible blogs or community forums. Please note that any information you provide in these public areas may be read, collected, and used by other internet users. To request removal of your personal information from a Delacon blog or community forum, contact us at privacy@delaconcorp.com. We may not be able to remove personal information in every case – if we cannot comply with your request we will let you know and explain why.

Our Site may include social media features (for example, Facebook and Twitter buttons and widgets). These features may collect information, including your IP address, which page you are visiting on our Site, and may set a cookie to allow the feature to function properly. Social media features are either hosted by a third party or hosted directly on our Site. Please note that your interactions with each social media feature on our Site are governed by the privacy policies of the company providing that feature. For information about those companies’ privacy practices and how they may use your personal information, please visit the company websites.

2.3 Online behaviour of Customers and Site users

COOKIES: as is standard for most websites, Delacon and our service providers may use cookies (persistent or single session) and other tracking technologies (described below) to obtain statistics about the use of our Site.

What are cookies? Cookies are pieces of data (alphanumeric identifiers) sent by a website to your computer’s hard drive through your web browser. They allow the website to identify and interact with your computer. Some cookies we use may make it easier for you to navigate our Site. Others can enable a faster log-in process for your Delacon account (including verifying that the person operating the account is you) or allow us to track your activities at our Site. We also use cookies to provide our Call Analytics Services (see section 2.4 for more information). Information we collect from cookies may include:

• your IP address;
• information on your browser software
• page(s) you visited (including the time and date of visit);
• keyword searches you conduct.

We do not use cookies to retrieve information that was not originally sent by us to you in a cookie. For more general information about cookies, please visit: http://www.aboutcookies.org/

HOW TO OPT OUT FROM COOKIES

Usually a web browser will automatically accept cookies, but you can set your web browser to reject new cookies, or notify you when a cookie is sent, or disable cookies altogether (use the “Help” function on your browser to get more information). If you block or disable our cookies, you may still use our Site, but you may not have access to certain areas and some features may not function.

Please note: If you do not set your web brower to block or disable cookies sent by or on behalf of Delacon, you will be taken to have consented to the use of those cookies.

Tracking technologies: Delacon and our partners and suppliers of analytics and other services may use tracking technologies such as web beacons, e-tags, and Javascripts to analyze trends, administer our Site, track users’ movements around our Site, and obtain demographic information about our user base. Reports generated from the use of these technologies may be provided to us, containing data grouped on an individual and/ or an aggregated basis.

2.4 Delacon’s Call Analytics Services

In providing our Call Analytics Services to our Customers, we collect online usage and analytics data from Customer and third-party websites. We may link that information with other online information we collect from third parties (including cross-device information), as well as information we collect offline.

Information we collect in providing our Call Analytics Services includes:

IP address, date and time stamp, device ID, cookie ID, URL and referring URL, browser type, advertising identifiers, header information, and other information about the ad or web page or mobile application the user was viewing.

This information is collected automatically using cookies and pixel tags, and we may collect it directly or from third party providers. We also collect data on calls placed to our Customers, such as caller ID information, and may link that information to:

• the online activity we have collected;
• to information collected from third parties (which may include cross-device information); and/ or
• information we have collected offline.

OPTING-OUT

In supplying our Call Analytics Services we are providing information collection services to our Customers, and do not have a direct relationship with the individuals whose information we process. If you are an individual who no longer wishes to be contacted by one of our Customers, please contact that business directly.

For information about how to opt out of having your information collected in mobile applications, please visit: https://www.ghostery.com/support/global-opt-out/.

To help manage their advertising and websites, our Customers may use our Call Analytics Services together with Google products such as AdWords, Google Analytics, and DoubleClick-branded services. For information about using Google Ads Settings to manage the Google ads you see, and opting out of Google Ads Personalization, please visit: https://www.google.com/policies/technologies/ads/

2.5 Supplying goods or services to Delacon

If you are a supplier of goods or services to Delacon, or are employed or engaged by such a supplier, we may collect personal information about you, including your:

• name;
• position;
• business and email addresses; and
• telephone numbers.

2.6 Sharing within the Delacon Group

Companies in the Delacon Group may share personal information with other companies in the group (i.e. subsidiary or affiliate companies), such as: your name, your contact details, copies of identification documents, and recordings of telephone calls you have made to us.

2.7 Working for Delacon

If you wish to be employed or engaged by Delacon, we will require personal information about you, which may include:

• name;
• residential and email addresses;
• telephone number;
• academic results and qualifications;
• expertise and experience;
• employment history;
• personal interests;
• current salary and salary expectations; and
• background information about you (for example, your criminal record).

We may also search government records and publicly available sources, including social media and other internet sources, for background information about you. Background information allows us to confirm the identity, and ensure the integrity, of people who are currently working at Delacon or who applied to work for us. When doing background checks we may be legally required to disclose information about you to third parties such as regulators.

2.8 Credit in formation and credit eligibility information

Sometimes we may provide credit to Customers. In order to do that, we may collect and hold credit information and credit eligibility information about those Customers.

3 HOW WE COLLECT PERSONAL INFORMATION

We generally collect your personal information directly from you, through our Site or Delacon iOS or Android apps (including using cookies and tracking technologies – see section 2.3 for detailed information), or via telephone, by mail or in person.

As part of our Call Analytics Services:

• we may collect your online usage data directly from Customer and third-party websites, using cookies and pixel tags;
• we may also collect your online usage data from third party providers; and
• we collect data on telephone calls placed through our systems (eg caller ID number).

We may collect personal information from a third party if it isn’t reasonable or practicable to collect it from you or if necessary to meet our legal obligations. For example, we may collect your personal information from:
(a) a referee nominated by you when you apply for a job with us;
(b) your employer if you are employed by a company that supplies goods or services to Delacon;
(c) other members of the Delacon Group;
(d) government agencies in connection with legal proceedings;
(e) public sources such as social media sites, Google and other websites (e.g. as part of our background checks for employees or service providers);
(f) credit reporting bodies, if you have or apply for credit with us;

Phone calls: Calls to Delacon offices and service centres may be recorded for verification and quality assurance purposes.

Credit information: We may obtain credit information from your dealings with us, e.g. when you make payments to us. We may combine credit reporting information from a credit reporting body with our own information about your credit worthiness, and we may use that combined information to determine whether to offer credit to you.

Third-party analytics services. We may use automated devices and third-party applications, such as Google Analytics and Marketo, to evaluate the usage of our Site and the effectiveness of our email marketing. We and our third-party providers may also use other analytic technologies (e.g. clear GIFs) to evaluate and improve our Site, its performance and our users’ experience. To perform their services, the third party service providers may use cookies and other tracking technologies. Those third parties may also combine the information that we provide about you with other information that they have collected. Please note this Privacy Policy does not cover any third party providers of analytics services or their use of data they collect.

4 WHY WE COLLECT AND HOLD PERSONAL INFORMATION

4.1 Reasons for collecting and holding your personal information

These include:

(a) to identify you;
(b) to manage, administer, and control the quality of, the services we provide to you;
(c) to provide our Call Tracking Services generally;
(d) to market our products and services to you, and to enable selected third party partners to market products and services to you;
(e) if we offer you credit, to:
• assess your credit application;
• assist with managing complaints and legal proceedings; and
• manage and recover debts owed by you; and
• participate in the credit reporting system in accordance with the Privacy Act;
(f) to consider any job application you may make to Delacon;
(g) to deal with our suppliers (you may supply products and services to us, or you may work for a supplier);
(h) to do research and analysis related to our services, and to develop and improve our services;
(i) to ensure the security of any Delacon customer account you hold;
(j) to identify your behaviour, habits and preferences;
(k) to assist with your enquiries or complaints;
(l) to assess whether you pose a risk to our business;
(m) to protect our rights and property;
(n) to comply with our legal obligations (for example, we may be legally required to collect personal information:
• under telecommunications laws or the conditions of any licences applying to us); or
• for the purpose of investigations by law enforcement agencies like the Australian Federal Police or the Australian Competition and Consumer Commission); and
(n) any other purpose required or permitted by law.

4.2 What happens if we don’t collect your personal information?

If we cannot collect your personal information we may not be able to provide our services to you, and/or any Delacon customer account you hold may not function correctly. For example:

• if you do not provide the necessary identification documents, we may be unable to open a customer account for you;
• if you do not provide us with an email address will not be able to send you the email notifications that are an important part of our Call Tracking Service;
• if you do not give us sufficient information about your identity, qualifications and experience, we may not be able to consider you for a job opportunity with us.

5 HOW WE USE AND DISCLOSE PERSONAL INFORMATION

Information about how we use and disclose personal information is below. Please note we may sometimes give your personal information to other third parties not on this list (e.g. professional advisors or insurers), where required or permitted by law.

5.1 Our employees and contractors: We may disclose personal information to our employees and contractors, but only as needed to perform their jobs (they have obligations to treat the personal information they access as confidential).

5.2 Service providers: We may disclose personal information to the organisations that assist us to:

(a) electronically verify your identity (including online);
(b) provide, manage and administer our products and services, our business and our business systems (including providers of email marketing platforms, providers of customer relationship management (CRM) and affiliate management platforms, mailing houses, printers, advertising agencies, postal services, product development consultants, software providers, IT consultants, website developers, providers of payment processing and identity verification services and data centre providers);
(c) develop and market our products and services (including strategy consultants); and
(d) comply with Payment Card Industry Standards, and securely manage processing of your credit card payments and storage of your credit card details,

but we only permit these companies to use the information to perform the services they are contracted to provide to us.

5.3 Provision of our Call Analytics Services: Data collected through our call analytics platform is used to provide our Call Analytics Services to Customers. In particular, we use the information to provide Customers with:
• call analytics, advertising and performance measurement services; and
• reports and metrics about the success of their advertising campaigns.
Our Customers may use the data we provide to target their advertising content based on anonymous identifiers. See section 2.4 for information on how to opt-out of our Call Analytics Services.

5.4 As required by law or to protect our rights and property: We may disclose your personal information:

(a) to regulators and law enforcement agencies and other relevant government authorities and agencies; and
(b) as otherwise required by law (e.g. in connection with subpoenas, search warrants, court orders or other legal processes).

We may also disclose personal information to enforce our Terms of Service, and as evidence in litigation that we are involved in. We may exchange information with third parties for the purposes of fraud detection or protection, and otherwise in connection with suspicious or illegal activities.

5.5 Marketing – general: We may use and disclose your personal information for marketing purposes, including to:

(a) identify your behaviours, habits and preferences;
(b) send you information about Delacon’s products and services and let you know about our upcoming events, promotions and new products/services or other opportunities, via direct mail, email, SMS, MMS and/or phone calls (or any other means of marketing communication);
(c) send you product and service information on behalf of selected third party partners; and
(d) enable different members of the Delacon Group and selected third party partners to send you product and service information directly.

MARKETING CONSENT AND OPT-OUT

By submitting an enquiry form from our Site or agreeing to the terms and conditions for Delacon’s services, you consent to:
(a) all of the marketing uses and disclosures listed above; and
(b) receiving marketing material from our selected third party partners.

This consent will last indefinitely (including after your Delacon customer account(s) are closed), but:
• each time a member of the Delacon Group sends you a marketing communication, you will be able to opt-out from future marketing communications from the Delacon Group;
• you can opt-out from future marketing communications from the Delacon Group at any time (email: privacy@delaconcorp.com). We will promptly action any opt-out request; and
• you may withdraw your consent to receiving third party marketing material at any time – please follow the instructions in the advertising material or on that party’s website, or email: privacy@delaconcorp.com.

5.6 Marketing – customised online advertising:

(a) Display of Delacon ads on third party websites: We may engage third parties, such as network advertisers, to display Delacon ads to you on third-party websites after you visit our Site. The way that Delacon advertisements are displayed to you on third-party sites would depend on your use of our Site, other websites and mobile apps. The aim of Delacon and the third parties is to customise the advertising you see for you. Third-party ad network providers, advertisers, sponsors, and traffic measurement services may use cookies, JavaScript, web beacons (including clear GIFs),
and other technologies to measure ad effectiveness and to customise advertising for you. Those third-party cookies and other technologies are not covered by this Privacy Policy, but are governed by each third party’s own privacy policy.

(b) Non-personal information provided to third party advertisers from our Site: Delacon may share non-personal information about your use of our Site with the third-party advertisers mentioned above, as well as business partners, sponsors, and other advertisers and third parties. The non-personal information may include: your IP address, pages(s) you visited and keyword searches you performed on our Site. This kind of information may allow the third parties to customise their advertising for you.

Note we do not share your personal information collected on our Site (such as your name, email address, telephone number or other personal information) with these third parties, nor do we allow third parties to collect that information through our Site.

OPTING OUT OF NETWORK ADVERTISING

It’s possible to opt out of many website third-party ad networks, including those run by members of the Network Advertising Initiative (“NAI”) and Digital Advertising Alliance (“DAA”). For more information visit: www.networkadvertising.org/optout_nonppii.asp (NAI) and www.aboutads.info/choices (DAA). If you are in the European Union, you can opt out of many ad networks via http://www.youronlinechoices.eu.

Please note: if you opt out of one or more NAI member or DAA member networks, it just means those network(s) will no longer be used deliver targeted content or ads to you. It does not mean you will stop receiving all customised content or ads on our Site or other websites. Also, if your browsers are set to reject cookies when you visit an opt-out page, or you later delete all your cookies, use a different computer or change web browsers, your opt out may stop being effective.

5.7 Delacon Group: We may disclose personal information within the Delacon Group:
(a) to ensure all members of the group can comply with their obligations under applicable laws, regulations and licence conditions;
(b) so different members of the group can send you marketing information directly (see section 5.5); and
(c) as otherwise required or permitted by law.

5.8 Credit reporting bodies: If you have or apply for credit with us, we may disclose personal information about you to credit reporting bodies:
(a) to assess your credit application;
(b) which may include the fact that we provide you with consumer credit and the day on which the credit arrangement begins; and
(c) which may be included in reports that a credit reporting body provides to other credit providers to assist them in assessing your credit worthiness.

If you fail to meet your payment obligations or commit a serious infringement, we may also be entitled to disclose this information to credit reporting bodies under the Privacy Act.

5.9 Monitoring of customer accounts, including emails: We may monitor your customer account(s), including the emails you send to us. We may use and disclose information gathered during that monitoring in any of the ways described in this section 5 (including disclosing your
personal information to government authorities where legally required). We will not tell you when we monitor your account or if we disclose any personal information obtained.

5.10 Monitoring phone calls: We may record calls to Delacon offices and service centres – see section 3. We may use and disclose information in or relating to these call recordings in any of the ways described in this section 5 (including disclosing your personal information to government authorities where legally required). We will not notify you of those disclosures.

To request a copy of your recorded telephone calls, please send a written request (including your email address) to: Delacon Privacy Officer, Suite 703, Level 7, 35-43 Grafton Street, Bondi Junction, NSW 2022, Australia, or: privacy@delaconcorp.com. We will use our reasonable efforts to respond to your request within 30 days.

5.11 Sharing our Site: If you wish to share our website with one or more people (e.g. sending a blog article or job post to a friend), we may ask you to provide the recipients’ name(s) and email address(es). We may then send those people an email about our website. The details you provide will only be used to send that one email and will not be stored.

5.12 Change of owner: If the ownership of the Delacon Group or part of it is transferred (e.g. as the result of a corporate merger, or bankruptcy), then some or all of:

• the personal information we hold; and
• the non-personal information collected by us (e.g. through or Site or as part of our Call Analytics Services),
may be transferred to the new owner.

6 SECURITY OF PERSONAL INFORMATION

Delacon takes reasonable precautions to protect the personal information it holds from:

(a) misuse, interference and loss; and
(b) unauthorised access, modification or disclosure.

These include, for example, the protection of passwords using industry standard encryption; measures to preserve system security and restrict unauthorised access; and back-up systems to reduce the risk of accidental or malicious loss of data.

Currently we do not use third party providers to store personal information electronically. If we use third party providers in future, we will take reasonable steps to ensure the information is held securely. Documents verifying your identity and any credit card information you send us will be stored in a secure database with limited access requiring a password or other unique identifier. Unfortunately there is always risk involved in sending information through any channel over the Internet. You send information over the Internet entirely at your own risk.

7 HOW CAN I ACCESS AND CORRECT MY PERSONAL INFORMATION?

We will take reasonable steps to ensure the personal information we hold about you is accurate, up-to-date and complete. Please let us know if there is a change to any of the details you have given to us.

If you wish to access, or seek correction or deletion of personal information collected as part of our Call Analytics Services, you should direct your query to the Customer concerned (who controls the data). Where Customers request Delacon to correct or delete personal information, we will respond within a reasonable time.

7.1 Access: You have a right to ask for access to the personal information Delacon holds about you. Please contact our Privacy Officer at:

Suite 703, Level 7, 35-43 Grafton Street, Bondi Junction, NSW 2022, Australia Telephone: +61 2 8019 0200 email: privacy@delaconcorp.com

Your personal information will usually be available within 30 days of your request. If there is a fee for accessing your personal information, we will confirm the amount before providing the information. Sometimes we may decline to grant you access to your personal information (for example, if the release of your personal information would have an unreasonable impact on the privacy of others).

If we refuse access to your credit information or credit eligibility information based on an exception in the Privacy Act, we will (where reasonable) give you a written notice explaining the reasons for our refusal and your rights to refer the matter to an external dispute resolution scheme or the Office of the Australian Information Commissioner.

We may require evidence of your identity when processing your request for access to your personal information. If you request access to credit information or credit eligibility information about you that is no longer in our possession, we will advise you of the credit reporting body from which you may obtain a copy.

7.2 Corrections: You have a right to ask us to correct the personal information we hold about you. Please contact our Privacy Officer at:

Suite 703, Level 7, 35-43 Grafton Street, Bondi Junction, NSW 2022, Australia Telephone: +61 2 8019 0200 email: privacy@delaconcorp.com

We cannot always remove or modify information in our databases, but we will take reasonable steps to correct your personal information to ensure it is accurate, up-to-date, complete, relevant and not misleading. If we decline to make your requested correction, you may request us to attach to your personal information a statement that it is inaccurate, out-of-date, incomplete, irrelevant or misleading. We will take reasonable steps to do this. If we disclosed your personal information to a third party before correcting it, you may request us to notify the third party of the correction we’ve made. We will take reasonable steps to give that notification, unless it would be impractical or unlawful. There will not be any charge for requesting a correction, for making a correction or for associating a statement with a record.

8 MAKING COMPLAINTS

If you have a concern about how we have handled your personal information, please let us know so we can address it. You can contact our Privacy Officer at:

Suite 703, Level 7, 35-43 Grafton Street, Bondi Junction, NSW 2022, Australia Telephone: +61 2 8019 0200 email: privacy@delaconcorp.com

To make a formal complaint, please send details to the Privacy Officer in writing. We will aim to respond within a reasonable time, usually 30 days. Delacon takes all privacy complaints seriously and our Privacy Officer aims to efficiently resolve any issue arising from a complaint. Please cooperate with us in our investigations.

If your complaint is about credit-related personal information and is not resolved by our Privacy Officer, you may be able refer it to an external dispute resolution scheme. The Privacy Officer will give you the relevant details.

If your complaint is not resolved by our Privacy Officer or an external dispute resolution scheme, you can refer it to the Office of the Australian Information Commissioner, at: GPO Box 2999 Canberra ACT 2601 Australia Telephone: 1300 363 992 Fax: 02 9284 9666 Website: www.oaic.gov.au

9 DISCLOSURE OF PERSONAL INFORMATION OVERSEAS

Delacon’s headquarters are in Australia, with affiliates in several other countries. Some of our integration partners and the organisations that assist us to provide our services (e.g. those that provide customer relationship and email marketing services) are located outside Australia. We may disclose your personal information to those partners and organisations. If we share your personal information with an organisation located outside of your home country, we will take reasonable steps to require that the information is handled in accordance with this Privacy Policy and the applicable privacy laws. We may transfer your personal information to Australia and other countries. The location of our overseas service providers may vary from time to time.

We only disclose personal information collected in Australia to a recipient outside Australia if:

(a) we’ve taken reasonable steps to ensure that recipient does not breach the APPs (other than APP 1);
(b) we reasonably believe that:
• a law or scheme in the country of the recipient includes requirements that are substantially similar to the requirements of the APPs; and
• you can take action to enforce that law or scheme;

(c) we have informed you of the disclosure and we have your express consent; or
(d) the APPs otherwise allow it.

We do not currently disclose credit information or credit eligibility information (other than identification information) to overseas recipients.

10 SENSITIVE INFORMATION

Sometimes we may collect sensitive information as part of providing services to our Customers. Sensitive information includes information or an opinion (that is also personal information) about your: (a) racial or ethnic origins; (b) political opinions; (c) religious or philosophical beliefs; (d) sexual orientation or practices; (e) criminal record; or (f) health information.

However, we will only collect sensitive information if:
• you consent; or
• it is required or authorised by law; or
• it is needed for you to work at Delacon, or in connection with an application to work at Delacon (e.g. health information Delacon needs in order to set up your workspace correctly).

11 HOW LONG CAN DELACON KEEP MY PERSONAL INFORMATION?

If Delacon:
• no longer needs to use or disclose your personal information for any purpose authorised under the APPs or any other applicable privacy law or regulation; and
• is not legally required to retain that information,

then we will take reasonable steps to destroy the personal information or have it de-identified.

12 MEANING OF “CREDIT INFORMATION”, “CREDIT ELIGIBILITY INFORMATION”

Below are general explanations of the meaning of “credit information” and “credit eligibility information”.

Credit information includes: identification information (e.g. your name, address, date of birth and employer); details of consumer credit accounts that you hold or have held (such as the type of account, maximum credit limit and terms and conditions for repayments); and details of whether or not you have made repayments on your consumer credit accounts by the applicable deadlines.

Credit eligibility information includes:

– credit reporting information about you disclosed to Delacon by a credit reporting body under the Privacy Act; and
– information relating to your credit worthiness that Delacon obtains about you from credit reporting information, that may be used to establish your eligibility for consumer credit.

Detailed definitions of these and related terms are in the Privacy Act, which can be accessed at www.oaic.gov.au.

Policy last updated: 9 March 2017