Introduction

Nehos Communications Pty Ltd (“Seller”) is committed to protecting the privacy of its customers. This Privacy Policy outlines how we collect, use, disclose, and manage your personal information in accordance with the Privacy Act 1988 (Cth) (“the Act”), including the Privacy Amendment (Notifiable Data Breaches) Act 2017, and other applicable laws.

Definition of Personal Information

All emails, documents, images, or other recorded information held or used by the Seller are Personal Information, as defined and referred to in this clause, and therefore considered Confidential Information. The Seller acknowledges its obligation in relation to the handling, use, disclosure, and processing of Personal Information pursuant to the Privacy Act 1988 (“the Act”) including Part III C of the Act being the Privacy Amendment (Notifiable Data Breaches) Act 2017 (NDB) and any statutory requirements, where relevant in a European Economic Area (“EEA”), under the EU Data Privacy Laws (including the General Data Protection Regulation “GDPR”) (collectively, “EU Data Privacy Laws”).

Data Breach Response Plan

The Seller acknowledges that in the event it becomes aware of any data breaches and/or disclosure of the Customer’s Personal Information held by the Seller that may result in serious harm to the Customer, the Seller will notify the Customer in accordance with the Act and/or the GDPR. Our data breach response plan includes steps to contain the breach, assess the risks, and remediate any harm caused.

Use and Disclosure of Personal Information

Any release of such Personal Information must be in accordance with the Act and the GDPR (where relevant) and must be approved by the Customer by written consent, unless subject to an operation of law. The Seller may use or disclose personal information for the primary purpose for which it was collected, for a related secondary purpose, or as otherwise permitted by law. Secondary purposes may include but are not limited to, improving our services, marketing, and where required or authorised by law.

Cookies and Tracking Technologies

Notwithstanding the clause above, privacy limitations will extend to the Seller in respect of Cookies where transactions for purchases/orders transpire directly from the Seller’s website. The Seller agrees to display reference to such Cookies and/or similar tracking technologies, such as pixels and web beacons (if applicable). Such technology allows the collection of Personal Information such as the Customer’s:

  • IP address
  • Browser type
  • Email client type and other similar details
  • Tracking website usage and traffic
  • Reports are available to the Seller when the Seller sends an email to the Customer, so the Seller may collect and review that information (collectively, “Personal Information”)

To enable/disable the collection of Personal Information by way of Cookies, the Customer shall have the right to enable/disable the Cookies first by selecting the option to enable/disable, provided on the website prior to proceeding with a purchase/order via the Seller’s website.

Credit Information

The Customer agrees for the Seller to obtain from a credit reporting body (CRB) a credit report containing personal credit information (e.g., name, address, D.O.B, occupation, driver’s license details, electronic contact (email, Facebook or Twitter details), medical insurance details or next of kin and other contact information (where applicable), previous credit applications, credit history) about the Customer in relation to credit provided by the Seller.

Use of Credit Information

The Customer agrees that the Seller may exchange information about the Customer with those credit providers and with related body corporates for the following purposes:

  • To assess an application by the Customer
  • To notify other credit providers of a default by the Customer
  • To exchange information with other credit providers as to the status of this credit account, where the Customer is in default with other credit providers
  • To assess the creditworthiness of the Customer, including the Customer’s repayment history in the preceding two (2) years

The Customer consents to the Seller being given a consumer credit report to collect overdue payments on commercial credit. The Customer agrees that personal credit information provided may be used and retained by the Seller for the following purposes (and for other agreed purposes or as required by law):

  • The provision of Products
  • Analyzing, verifying, and/or checking the Customer’s credit, payment and/or status in relation to the provision of Products
  • Processing of any payment instructions, direct debit facilities, and/or credit facilities requested by the Customer
  • Enabling the collection of amounts outstanding in relation to the Products

Disclosure to Credit Reporting Bodies

The Seller may give information about the Customer to a CRB for the following purposes:

  • To obtain a consumer credit report
  • To allow the CRB to create or maintain a credit information file about the Customer, including credit history

The information given to the CRB may include:

  • Personal Information as outlined above
  • Name of the credit provider and that the Seller is a current credit provider to the Customer
  • Whether the credit provider is a licensee
  • Type of consumer credit
  • Details concerning the Customer’s application for credit or commercial credit (e.g., date of commencement/termination of the credit account and the amount requested)
  • Advice of consumer credit defaults, overdue accounts, loan repayments, or outstanding monies which are overdue by more than sixty (60) days and for which written notice for request of payment has been made and debt recovery action commenced, or alternatively, that the Customer no longer has any overdue accounts and the Seller has been paid or otherwise discharged and all details surrounding that discharge (e.g., dates of payments)
  • Information that, in the opinion of the Seller, the Customer has committed a serious credit infringement
  • Advice that the amount of the Customer’s overdue payment is equal to or more than one hundred and fifty dollars ($150)

Access and Correction of Personal Information

The Customer shall have the right to request (by e-mail) from the Seller:

  • A copy of the Personal Information about the Customer retained by the Seller and the right to request that the Seller correct any incorrect Personal Information
  • That the Seller does not disclose any Personal Information about the Customer for the purpose of direct marketing

Security of Personal Information

The Seller takes reasonable steps to protect the personal information it holds from misuse, interference, and loss, as well as from unauthorized access, modification, or disclosure. These steps include the use of secure servers, encryption, and other technical and administrative security measures.

Overseas Disclosure

The Seller may disclose personal information to overseas recipients in order to provide its services. The Seller will take reasonable steps to ensure that any overseas recipient complies with the Australian Privacy Principles or is bound by similar privacy laws.

Destruction of Personal Information

The Seller will destroy Personal Information upon the Customer’s request (by e-mail) or if it is no longer required unless it is required in order to fulfil the obligations of this Contract or is required to be maintained and/or stored in accordance with the law.

Complaints Handling

The Customer can make a privacy complaint by contacting the Seller via e-mail at [insert email address]. The Seller will respond to that complaint within seven (7) days of receipt and will take all reasonable steps to make a decision as to the complaint within thirty (30) days of receipt of the complaint. In the event that the Customer is not satisfied with the resolution provided, the Customer can make a complaint to the Information Commissioner at www.oaic.gov.au.