Last updated: October 26, 2020
SKYREACH GROUP
PRIVACY STATEMENT AND CREDIT REPORTING PRIVACY POLICY
Privacy Statement
The Skyreach Group [1] is committed to protecting the privacy of its customers, employees, business associates and trading partners. The Skyreach Group is bound by the Privacy Act 1988 (“the Act”) and adheres to the Australian Privacy Principles (“APP”). The APP sets out 13 principles to be adhered to by APP entities in dealing with Personal Information as defined by the Act. The term “Personal Information” is defined in section 6 of the Act as follows:
“Personal Information means information or an opinion about an identifiable individual, or individual who is reasonably identifiable:
- whether the information or opinion is true or not; and
- whether the information or opinion is recorded in a material form or not.”
To find out more about the APP you can contact the Office of the Australian Information Commissioner (“OAIC”) by email at the following address: enquiries@oaic.gov.au. Specific information about the APP may be accessed via the following link: https://www.oaic.gov.au/privacy/australian-privacy-principles/
This Privacy Statement is the Privacy Policy of the Skyreach Group and sets out the way that we manage personal and other information that our customers, employees and trading partners may provide to us. It also details how you can make a complaint to the office of the OAIC if you feel that we are not adhering to our obligations under the Act.
The Kinds of Personal Information Collected and Held by the Skyreach Group
Depending upon the circumstances, the Skyreach Group may collect and hold a range of Personal Information associated to its commercial dealings with you. This information may include the following:
- your name, date of birth, contact details including phone numbers, addresses and e-mail, employment;
- company information including ACN, ABN names and contact details of officers and representatives;
- financial information including, but not limited to, information concerning your income, cash flow, financial institution accounts, credit cards and financial position;
- credit reporting information;
- repayment history;
- default-information;
- payment information;
- court and tribunal proceeding information;
- personal insolvency information; and
- publicly available information about your identity and creditworthiness.
How the Skyreach Group Collects and Holds Your Personal Information
The Skyreach Group collects your personal information via a range of different means including but not limited to:
- directly from you during the course of a meeting, by telephone, written correspondence in electronic or paper form, by submission of an account application form, guarantee and indemnity, request for quotes, agreement, purchase order or order request;
- indirectly via third parties such as your trading references or related entities and/or Credit Reporting Bodies;
- directly from reports available through industry activity consultants;
- via publicly available databases including but not limited to information held by the Australian Securities and Investment Commission, the Australian Financial Services Authority, or via internet search engines;
- via our website and mobile Apps. (ie. online forms, cookies, log files etc).
The Skyreach Group also uses Google Analytics to collect information about how individuals use its website. The information obtained is used to help the Skyreach Group understand its user’s needs so that we can offer a better user experience. Google Analytics uses cookies to collect information about which pages you visited, how long you were on the site, how you got there (for example from a search engine, a link, an advertisement, etc) and what you select. Information collected by the cookies (including your IP address) is transmitted to and stored by Google on servers in Australia and overseas. You can opt out of Google analytics if you disable or refuse the cookie, disable JavaScript, or use the opt-out service provided by Google. Our online services may contain links to other websites. The Skyreach Group is not responsible for the privacy practices or policies of those sites and we recommend that you review their privacy policies.
Under the APP, you have the right to anonymity and pseudonymity in your dealings with us. However, if you fail to provide us with Personal Information, we may decline to enter into business dealings with you.
The Skyreach Group may hold your Personal Information in electronic and/or hard copy format, both at our head office and branch premises and with our agents and/or service providers. We implement a range of reasonable measures to ensure the security and integrity of your Personal Information. Careful measures are also undertaken in respect of destroying personal information that is no longer required to be held or needed for any lawful purpose.
How The Skyreach Group Uses Your Personal Information
The Skyreach Group collects and holds your information for the following reasons:
- To provide you with the requested goods and/or services;
- To provide updates, information and promotions on the Skyreach Group products and/or services;
- To gather credit information about existing and/or prospective customers;
- For our administrative, strategic and marketing purposes.
The Skyreach Group will not use your personal information for marketing purposes if you expressly indicate that you do not wish it to do so.
The Skyreach Group may disclose your personal information:
- To its related entities, business partners and/or associates for purposes related to any supply of goods and/or services requested by you;
- To its legal advisors and/or recovery agencies for purposes associated with any debt collection and/or dispute concerning you;
- With your consent, any credit reporting agency for purposes associated with the acquisition of information about your creditworthiness and financing;
- To any party or institution as may be required by law.
The Skyreach Group may also disclose your information to your authorised representatives when you provide us with written authority to do so.
At the time that we collect personal information from you for the purpose of obtaining disclosure to a Credit Reporting Body, the Skyreach Group will notify you of the name and contact details of the body to whom your personal information is to be provided. The name and contact details of the Credit Reporting Body presently used by the Skyreach Group is VEDA Advantage Ltd
The contact details for Veda Advantage Ltd are as follows:
Phone: 1300 921 62
Access to and Correction of Personal Information Held by the Skyreach Group
You may access information held by us about you by submitting a request in writing by email or hard copy using either of the following address:
Or
The Privacy Compliance Officer
Skyreach Pty Ltd
(PO Box 1847) CABOOLTURE QLD 4510
You will need to provide the Skyreach Group with sufficient proof of identity before we will respond to any request for access or correction.
The Skyreach Group will typically respond to your request with 30 days. The information will only be supplied:
- if the Skyreach Group is required to disclose the same under the APP; or
- if the Skyreach Group chooses to do so.
If the Skyreach Group declines your request for access to your Personal Information, it will provide you with written reasons for doing so.
The Skyreach Group will require you to pay its administrative fees for obtaining access to its Personal Information about you including the costs of locating, retrieving, compiling, copying and delivering the requested information.
Once you have obtained access to the Personal Information held by the Skyreach Group about you, you may request that we attend to the correction of any errors and/or omissions. Any request must be put in writing and sent to either of the addresses set out above. The Skyreach Group will typically process your request within thirty (30) days and will notify you of any changes applied by us by return. If the Skyreach Group declines to make any requested changes, it will provide you with written reasons for doing so.
Disclosure of Personal Information to Overseas Recipients
The third parties to whom we disclose personal information may be located in Australia and overseas. We undertake steps to ensure that all our service providers agree to protect the privacy and security of your personal information and to use the information only for the purpose for which it is disclosed.
How You May Complain about the Skyreach Group for an Alleged Breach of the Australian Privacy Principles or a Registered APP Code
If you wish to make a complaint about the way in which the Skyreach Group deals with personal information and/or its adherence to the APP and/or any registered APP Code, you may direct your complaint in writing to either of the following addresses:
Or
The Privacy Compliance Officer
Skyreach Pty Ltd
(PO Box 1847) CABOOLTURE QLD 4510
The Skyreach Group will typically respond to your complaint in writing within thirty (30) days unless your complaint requires us to obtain further information from you or to make its own enquiries. The Skyreach Group will endeavour to deal with your complaint as quickly as possible given the circumstances. If it is likely that a conclusive response will not be given within thirty (30) days of receipt of your complaint, the Skyreach Group will notify you of the reasons for the delay and provide you with a revised timeframe for delivery of its response.
If you are dissatisfied by our response, you may make a complaint to the Office of the Australian Information Commissioner. For detailed information on how to make a complaint to the OAIC, please visit the following web link:
http://www.oaic.gov.au/privacy/making-a-privacy-complaint
The contact information of the OAIC is set out below:
1300 363 992
Fax 02 9284 9666
Post: Sydney Office, GPO Box 5218 Sydney NSW 2001
How Eligible Data Breaches are Handled
Eligible data breaches happen where there is an unauthorised access to or unauthorised disclosure of or loss of personal information held by us which may result in serious harm to an individual.
Pursuant to the Australian Privacy Protection Principles, the Skyreach group must take all reasonable steps to protect personal information from misuse, interference and loss, and from unauthorised access, modification and disclosure.
A data breach response plan outlines processes as to how a data breach will be contained, evaluated and managed. The plan also outlines how we decide whether it is necessary to notify an individual of a data breach.
Our data breach response plan is as follows:
- Contain the breach;
- Initiate a preliminary assessment by the Data Breach Response team;
- Assess the risks for individuals associated with the breach;
- Determine who needs to be made aware of the breach;
- Review the incident and take action to prevent future breaches
When deciding whether an individual is required to be notified, the following factors will be considered:
- Whether there is a risk of serious harm to the individual;
- whether notification will avoid or mitigate possible harm;
- whether the compromised information is sensitive or likely to cause humiliation or embarrassment for the individual; and
- whether there are legal and/or contractual obligations to notify.
If we reasonably believe there is a risk of serious harm to the individual due to a data breach, we will notify the Commissioner. In some situations, we may also notify other third parties.
CREDIT REPORTING PRIVACY POLICY
This Statement is the Credit Reporting Privacy Policy of the Skyreach Group and sets out the way that we manage and deal with Credit Information, Credit Eligibility Information and Credit Providers (CP) Derived Information. It also details how you can make a complaint to the Office of the Australian Information Commissioner if you feel that we are not adhering to our obligations under the Privacy Act 1988.
The Skyreach Group is a ‘credit provider’ within the meaning of section 6G of the Privacy Act 1988 and is subject to the provisions of Part IIIA Division 3 of the Act. The Skyreach Group, in the course of its dealings with you, may provide ‘credit’ within the meaning of the Act associated with the goods and services it supplies. This Credit Reporting Policy is made for the purposes of section 21B of the Act.
To find out more about the Skyreach Group’s Obligations under Part IIIA Division 3 of the Privacy Act 1988 and the Credit Reporting Code you can contact the office of the Australian Information Commissioner by email at the following address: enquiries@oaic.gov.au. Specific information about our obligations under Part IIIA Division 3 of the Privacy Act 1988 and the Credit Reporting Code may be accessed via the following link: https://www.oaic.gov.au/privacy/credit-reporting/
The Kinds of ‘Credit Information’ and ‘Credit Eligibility Information’ Collected and Held by the Skyreach Group
Depending upon the circumstances, the Skyreach Group may collect and hold a range of credit information associated with its commercial dealings with you. This Credit Information may include the following:
- identification information;
- financial information including, but not limited to, financial institution accounts, credit cards and business financial statements;
- repayment history;
- default-information;
- payment information;
- court proceedings information;
- publicly available information about your creditworthiness including but not limited to State and Federal Court and Tribunal databases, ASIC and the NPII database; a
- information concerning your dealings with other credit providers from credit reporting bodies;
- compilation information sourced from credit reporting bodies; and
- information provided by Trade References.
Credit Information and Credit Eligibility Information is collected and held by the Skyreach Group in the manner and circumstances described in its privacy policy under the heading “How the Skyreach Group Collects and Holds Your Personal Information”.
How the Skyreach Group Collects, Holds and Uses Credit Information and Credit Eligibility Information
The Skyreach Group collects, holds and uses Credit Information and Credit Eligibility Information for the purpose of assessing your creditworthiness and whether it will agree to supply you with credit. Should any Credit Information and Credit Eligibility Information prove unsatisfactory to the Skyreach Group in its absolute and sole discretion, then the Skyreach Group may decline to provide you with the credit or make the provision of credit subject to further terms and/or conditions.
Access to and Correction of Credit Information and Credit Eligibility Information Held by the Skyreach Group
You may obtain access to and correction of Credit Information and Credit Eligibility Information held by the Skyreach Group in the manner and circumstances described in its Privacy Statement under the heading “Access to and Correction of Personal Information Held by the Skyreach Group”.
How You May Make a Complaint about the Skyreach Group for an Alleged Breach of Part IIIA Division 3 of the Privacy Act 1988 and the Credit Reporting Code
You may make a complaint about the Skyreach Group for an alleged breach of Part IIIA Division 3 of the Privacy Act 1988 or a registered CR Code by the same means described in its Privacy Policy under the heading ‘How You May Complain about the Skyreach Group for an Alleged Breach of the Australian Privacy Principles or Registered APP Code’.
Disclosure of Credit Information or Credit Eligibility Information to Overseas Recipients
The third parties to whom we disclose personal information may be located in Australia and overseas. We undertake steps to ensure that all our service providers agree to protect the privacy and security of your personal information and to use the information only for the purpose for which it is disclosed
Glossary of Terms
- ABN means ‘Australian Business Number’
- The Act means ‘the Privacy Act 1988’
- The APP means ‘Australian Privacy Principles’
- ACN means ‘Australian Company Number’;
- OAIC means ‘Office of the Australian Information Commissioner’.
[1] For the purpose of this statement, the Skyreach Group includes the following entities: Skyreach Pty Ltd A.C.N. 076 542 955, Skyreach (NSW) Pty Ltd A.C.N. 142 415 638, Skyreach (Vic) Pty Ltd A.C.N. 119 453 315 and Skyreach Equipment Sales Pty Ltd A.C.N. 083 374 654.