Policy relates to any personal information that we collect, hold, disclose and/or use via our related social media pages, applications (Applications), internal websites, intranet or websites (Websites), including but not limited to – Https://civilcast.com.au
This Policy is effective from Jan 2021.
Throughout this Policy we refer to “Personal Information” which is information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether the information or opinion is true or not and whether the information or opinion is recorded in a material form or not.
“Sensitive Information” is a subset of Personal Information, and includes information or an opinion about a person’s racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual orientation or practices, criminal record, or health, genetic or biometric information.
We will not collect Sensitive Information unless the person to whom it relates consents to the collection of that information, and the information is reasonably necessary for one or more of our functions or activities, except where the collection is required or authorised by law, is necessary to prevent or lessen a serious and imminent threat to the person’s (or another person’s) life or health, or is necessary in relation to legal proceedings (current, anticipated or potential), or another permitted exception in the Privacy Act applies.
How do we collect and hold Personal Information?
- Directly from customers when you provide Personal Information. For example when requesting quotes/information via website enquiries, purchasing goods or services over the telephone, facsimile or email or submitting a form.
- When you interact and/or browse the Website or any Application associated with it, generally or for a specific purpose.
- Directly from customers when you provide Personal Information to submit a credit account application.
Collected via our collection of websites; including but not limited to opt-in forms, enquiries, log data and cookies, from your website, from media and publications, from other publicly available sources and from third parties, such as a credit reporting body.
Third party providers
Data is collected, processed and stored using third party analytics software that is to the best of our knowledge secure and confidential. Analytical data is used to gain an understanding of user behaviour, perform system critical operations, and in extraordinary circumstances, for legal reasons. Anonymous user data is shared between third party services in order to gain insight as to aggregate user behaviour.
Analytic data insights are also used to target users through remarketing, demographics, interests and website behaviour. Third party vendors, including but not limited to Adroll, Google and Facebook may show our ads on sites across the internet. We and third party vendors, including but not limited to Adroll, make use of third party cookies together in order to inform, optimise and serve ads based on past visits to a website. We make use of demographic data (such as age, gender and interests) obtained through third party tools in order to, but not limited to: influence marketing spend and communicate internally and externally the aggregate behaviour.
Combining/linking Personal Information
Other than as referred to elsewhere in this Policy, we will not facilitate the merging of personally identifiable information with non-personally identifiable information without prior user consent to that merger to optimise our Website and Website marketing. For example, we may collate Personal Information data and aggregate data for the purpose of comparing marketing costs with revenue on a transactional basis.
Passive collection of information – Direct Marketing and Behavioural Advertising
As you navigate through our Websites and access our Applications, certain information can be passively collected (that is, gathered without your actively providing the information) using various technologies, such as cookies, Internet tags or web beacons, and navigational data collection (log files, server logs, and clickstream data).
For example, we may collect information about matters including but not limited to the date, time and duration of visits and which pages of a Website or Application are most commonly accessed. This information is generally not linked to the identity of visitors, except where a Website or Application is accessed via links in an email or another electronic message we have sent or where we are able to uniquely identify the device or user accessing a Website or Application, such as when you are logged into an account.
We may share hashed portions of your information with certain strategic partners to make our business more responsive to your interests and/or those of like-minded consumers. For example, we may aggregate your email address together with the email addresses of others who place Enquiries on our Site, locally hash such data, and transmit the resulting hashed data to third parties including but not limited to Adroll/Facebook/LinkedIn/Google for the purpose of creating “Custom Audiences” (where targeted advertisements are sent to people on Facebook who have already been on our Site), and “Lookalike Audiences” (where targeted advertisements are sent to people on Adroll/Facebook/LinkedIn/Google who have similar characteristics to people on our Custom Audience list).
Where we use Personal Information for promotional or direct marketing purposes, a person may at any time request that we not use their Personal Information for sending direct marketing material to that person including if you wish to opt-out of the use of certain hashed portions of your Personal Information. Such a request can be made by contacting us in writing at the contact details below. There is no fee for making such a request.
Direct marketing can include for example: Displaying an advertisement on a social media site that an individual is logged into, using Personal Information, including data collected by cookies relating to websites the individual has viewed.
Cookies & Pixels
We may use web Pixels on the Websites from time to time. Pixels are small pieces of code placed on a web page to monitor the behaviour and collect data about the visitors viewing a web page. For example, web beacons can be used to count the users who visit a web page or to deliver a cookie to the browser of a visitor viewing that page.
Your information is being used for our own marketing purposes. Our advertising Partner, NextRoll, Inc., performs a hash of your email address in order to serve targeted advertising to other devices connected to you (via cross-device tracking). By submitting forms on this website, you acknowledge NextRoll, Inc.’s hashing and cross-device activity. For more information, please see NextRoll’s Privacy Notice.
You can contact us in relation to lodging a complaint about a breach of the APP, a binding registered APP code or in relation to a credit reporting issue, via our contact details below. We will make an assessment of the complaint and will respond to you within a reasonable timeframe. Any further action following this initial response will vary depending on the nature of the complaint. If necessary, the complaint may be taken to the Office of the Australian Information Commissioner or to another review body if an external review is required.
Freedom of Information Act 1982 (Cth)
You also have the right under the Freedom of Information Act 1982 (Cth) to request access to documents that we hold and ask for information that we hold about you to be changed or annotated if it is incomplete, incorrect, out-of-date or misleading.
6. Disclosure of Personal Information
Where we receive your personal information and we did not solicit the information we will do our best to notify you of our receipt of your personal information within a reasonable time. If we determine that we could not have received the information under the APP we will use our best endeavours to destroy the information. We may use or disclose the information to make such a determination.
We may disclose your personal information to our related companies, service providers and specialist advisers who have been contracted with administrative or other services, insurers, credit providers, a person authorised by you to access the information. We may also disclose personal information to others if required to do so by law. We do not guarantee website links or policy of authorised third parties.
We do not sell, publish or give away your information to any other party that can be associated with you.
We act to safeguard the security and privacy of your information, whether you interact with us personally, by telephone, mail, over the internet or other electronic medium. We strive to take reasonable steps to protect the information we hold from misuse, interference, loss and unauthorised access modification or disclosure; however, we cannot guarantee its absolute security.
We store information both in hard copy paper form and in soft copy electronic form. Where the information is of a sensitive nature, we will take particular steps to secure the information.
In certain circumstances we use third party IT service providers to manage and store bac-up data and for cloud data storage to hold information that is stored in soft copy electronic form.
When your personal information is no longer needed for the purpose for which it was obtained, we will take reasonable steps to destroy or permanently de-identify your personal information. However most personal information is stored in client files which will be kept for a minimum of seven years.
9. Contact Us
PO Box 278, Emu Plains 2750
P: 1300 01 CAST (2278)
Head Office & Warehouse
26-30 Sommerville Circuit,
Emu Plains, NSW 2750