PERSONAL INFORMATION WE COLLECT
The types of personal information we collect depends on the nature of our engagement with you.
Examples of personal information we may collect include:
- Names, job titles, contact and address details
- Your Email address
- Your Internet Protocol (IP) address
- Your browser type
- Your operating system
- Your company information including address, postcode, ABN or ACN.
- Bank account details
- Credit Card information
- Complete information about your IT Environment including:
- Detailed information on Hardware and Software
- Hardware information
- Installed Applications
- Warranty Information
- 3rd Party Contracts and Invoice details
- Server and other device logs
- Site Photographs (Server rooms and Cabinets)
It is generally not practical to remain anonymous or to use a pseudonym when dealing with DSC IT as usually we need to use your personal information to provide specific services to you, or which relate to or involve you.
- HOW WE COLLECT AND MANAGE PERSONAL INFORMATION
2.1. How we collect personal information
Generally we collect your personal information from you directly (for example, when we deal with you in person or over the phone, when you send us correspondence (including via email), when you complete a questionnaire, form or survey, when you subscribe to our publications, when you use our website or our social media) or when we conduct an audit.
Sometimes it may be necessary for us to collect your personal information from a third party. For example, we may collect your personal information from your employer where they are our client, from your personal representative, or a publicly available record.
We may also collect personal information about you from your use of our websites and information you provide to us through contact mailboxes or through the registration process on our websites.
2.2. Where you provide us with personal information about someone else
2.3. Holding personal information
DSC IT holds personal information in hard copy and electronic formats. We take security measures to protect the personal information we hold including physical (for example, security passes to enter our offices and storage of files in lockable cabinets) and technological (for example, restriction of access, firewalls, two factor authentication, the use of encryption, passwords and digital certificates).
We also have policies and processes which govern document retention and data breach incidents. In some cases, DSC IT engages third parties to host electronic data (including data in relation to the services we provide) on our behalf.
2.4. Purpose for collecting, holding, using and disclosing personal information
DSC IT collects, holds and uses personal information for a number of purposes including:
- to provide and enhance our services
- to respond to requests or queries
- to maintain contact with our clients and other contacts, and keep them informed of our services, industry developments, seminars and other events
- to verify your identity
- for administrative purposes, including processing payment transactions
- for seeking your feedback
- to meet any regulatory obligations
- As part of an engagement, if you are a customer, an employee, a contractor or supplier of services to one of our clients, then we may disclose your personal information as part of providing services to that client.
2.5. Disclosure of personal information and sharing personal information
We may also store, process or back-up your personal information on servers that are in Australia (including through third party service providers).
DSC IT strives to ensure the security, integrity and privacy of personal information.
We will take all reasonable steps to protect the personal information you may transmit to us or from our products and services. Once we do receive your transmission, we will also make our best efforts to ensure its security on our systems.
Specific security measures Office Solutions undertakes to ensure the security of personal information includes:
- Two Factor Authentication (2FA) Protections on all systems that contain Client Information
- 24 x 7 Monitoring by Security Operations Centre of all logs and systems.
- Data at rest encryption for all systems containing client information
- Isolated network and infrastructure for all encrypted backup data
- Stringent cyber security breach policies and processes for employees.
- All DSC IT staff members are cleared by a national police certificate.
- DIRECT MARKETING
DSC IT may use your personal information for the purpose of marketing its services to you.
If you do not want to receive marketing material from us, you can contact us as detailed below:
- for electronic communications, you can click on the unsubscribe function in communications; or
- or, through our contact us page on our website.
- PRIVACY ON OUR WEBSITES
5.1. Automatic collection of personal information
Cookies, web beacons and other technologies are used by DSC IT and its service providers on some DSC IT websites and through email to automatically collect certain types of information. The collection of this information allows us to customise your online experience (including tailored DSC IT marketing), to improve the performance, usability and effectiveness of DSC IT’s online presence and to measure the effectiveness of our marketing activities
5.1.1 IP address
An IP address is a number assigned to your computer whenever you access the internet. It allows computers and servers to recognise and communicate with one another.
Public IP addresses from which visitors appear to originate may be recorded for IT security and system diagnostic purposes. This information may also be used in aggregate form to conduct web site trend and performance analysis, and to enhance user experiences.
Cookies may be placed on your computer or internet-enabled device whenever you visit us online. This allows the site to remember your computer or device and serves a number of purposes.
Although most browsers automatically accept cookies, you can choose whether or not to accept cookies via your browser’s settings (often found in your browser’s Tools or Preferences menu).
You may also delete cookies from your device at any time. However, please be aware that if you do not accept cookies, you may not be able to fully experience some of our websites’ features.
Cookies by themselves do not tell us your email address or otherwise identify you personally. In our analytical reports, we may obtain other identifiers including public IP addresses, but this is for the purpose of identifying the number of unique visitors to our web sites and geographic origin of visitor trends, and is not used to identify individual visitors.
5.1.3 Analytics Tools
DSC IT uses analytics tools, such as Google Analytics and Adobe Analytics. To provide website visitors with more choice on how their data is collected by Google Analytics, Google have developed the Google Analytics Opt-out Browser Add-on.
The Google Analytics Opt-out Browser Add-on does not prevent information from being sent to the website itself or to other web analytics services.
More information about how Google Analytics is used by DSC IT can be found here:
5.1.4 Web beacons
A web beacon is a small image file on a web page that can be used to collect certain information from your computer such as an IP address, the time that content was viewed, a browser type, and the existence of cookies previously set by the same server.
DSC IT or its service providers may use web beacons to track the effectiveness of third party websites that provide us with recruiting or marketing services or to gather aggregate visitor statistics and manage cookies.
You have the option to render some web beacons unusable by rejecting their associated cookies. The web beacon may still record an anonymous visit from your IP address but cookie information will not be recorded.
In some of our newsletters and other communications, we may monitor recipient actions such as email open rates through embedded links within the messages. We collect this information to gauge user interest and to enhance future user experiences.
5.1.5 Location-based tools
DSC IT may collect and use the geographical location of your computer or mobile device. This location data is collected for the purpose of providing you with information regarding services which we believe may be of interest to you based on your geographic location, and to improve our location-based products and services.
5.1.6 Social media widgets and applications
Some DSC IT websites and services may include functionality to enable information sharing via third party social media applications, such as the Facebook Like button and Twitter widget.
These social media applications may collect and use information regarding your use of DSC IT websites. Any personal information that you provide via such social media applications may be collected and used by members of that social media application separate to DSC IT.
Such interactions that are monitored by social media applications are governed by the privacy policies of the relevant companies that provide the applications. We do not have control over, or responsibility for, those companies or their use of your information.
In addition, DSC IT websites or affiliate websites may host blogs, forums, crowd-sourcing and other applications or services (collectively “social media features”). The purpose of social media features is to facilitate the sharing of knowledge and content.
Any personal information that you provide on any DSC IT social media feature may be shared with other users of that social media feature (unless otherwise stated at the point of collection), over whom we may have limited or no control.
5.2. Links to third party websites
Unless expressly advised, DSC IT does not endorse, approve or recommend the services or products provided on third party websites.
5.3. Your choices
You have several choices regarding your use of DSC IT websites. In general, you are not required to provide personal information when you visit our websites. However, if you make an enquiry or subscribe to receive information about our services, events and industry updates or wish to apply for a job, provision of certain personal information will generally be required to facilitate such requests.
- GAINING ACCESS TO PERSONAL INFORMATION WE HOLD
You can request access to your personal information, subject to some limited exceptions as permitted or required by law. Such request must be made in writing to DSC IT. Please see ‘How to contact us’ for details.
If you wish to make a complaint to DSC IT about our handling of your personal information, you can contact DSC IT as set out in ‘How to contact us’. Following your initial contact, you will be asked to set out the details of your complaint in writing in a form provided.
DSC IT will endeavour to reply to you within 30 days of receipt of the completed complaint form and, where appropriate, will advise you of the general reasons for the outcome of the complaint.
In some circumstances, DSC IT may decline to investigate the complaint (for example if the complaint relates to an act or practice that is not an interference with the privacy of the person making the complaint).
If you are not satisfied with the outcome of your complaint, you can refer your complaint to the Office of the Australian Information Commissioner.