This Policy outlines the obligations which JAMLAB has in managing the personal information held about clients, potential clients, contractors and others.
JAMLAB is bound by the National Privacy Principles (NPPs) contained in the Privacy Act 1988 (Cth) (Privacy Act).
In summary, ‘personal information’ is information or an opinion relating to an individual which can be used to identify that individual.
Why does JAMLAB collect personal information?
JAMLAB collects personal information in order to conduct its business, to provide and market its services and to meet its legal obligations.
About whom does JAMLAB collect personal information?
The type of information JAMLAB may collect and hold includes (but is not limited to) personal information about:
- clients, business associates and potential clients and their employees
- suppliers and their employees
- prospective employees, employees and contractors;
What kinds of personal information does JAMLAB collect?
In general, the type of personal information JAMLAB collects and holds includes (but is not limited to): names, addresses, contact details, occupations and other information which assist in conducting its business, providing and marketing its services and meeting its needs.
In most cases, if personal information they request is not provided, JAMLAB may not be able to supply the relevant product or service.
How does JAMLAB collect personal information?
Personal Information you provide
JAMLAB will generally collect personal information by way of forms filled out by people, face-to-face meetings, interviews, business cards, telephone conversations and from third parties.
Personal Information provided by other people
In some circumstances JAMLAB may be provided with personal information about an individual from a third party, for example a report provided by a medical professional or a reference from another person.
Web site Collection
How might JAMLAB use and disclose your personal information?
JAMLAB may use and disclose your personal information for the primary purpose for which it is collected, for reasonably expected secondary purposes which are related to the primary purpose and in other circumstances authorised by the Privacy Act.
In general, JAMLAB use and disclose your personal information for the following purposes:
- to conduct its business;
- to provide and market its services;
- to communicate with you;
- to purchase from you;
- to help manage and enhance its services.
To whom might JAMLAB disclose your personal information?
JAMLAB may disclose your personal information to:
- other members of JAMLAB;
- other companies or individuals who assist JAMLAB in providing services or who perform functions on its behalf.
- anyone else to whom you authorise JAMLAB to disclose it.
JAMLAB also collects personal information from these organisations and individuals, and deal with that information in accordance with this Policy.
Sending information overseas
JAMLAB will not send your personal information to recipients outside of Australia without:
- obtaining your consent (in some cases this consent will be implied); or
- otherwise complying with the NPPs.
Some personal information which JAMLAB collects is ‘sensitive information’. Sensitive information includes: information relating to a businesses website logon details, company documents or important files.
Sensitive information will be used and disclosed only for the purpose for which it was provided or a directly related secondary purpose, unless you agree otherwise, or where certain other limited circumstances apply (eg, where required by law).
JAMLAB takes reasonable steps to protect personal information held from misuse and loss and from unauthorised access, modification or disclosure, for example by use of physical security and restricted access to electronic records.
JAMLAB endeavour to ensure that the personal information it holds is accurate, complete and up-to-date. Contact JAMLAB in order to update any personal information it holds about you. Contact details are set out below.
Updates to this Policy
This Policy will be reviewed from time to time to take account of new laws and technology, changes to operations and practices and the changing business environment. The most current version of this Policy is located at http://jamlab.com.au and can be obtained by contacting JAMLAB.
If you have any questions about privacy-related issues please
contact JAMLAB at firstname.lastname@example.org
We collect information from you when you voluntarily submit information to the Web Site. The following are examples of Personal Information that we may collect from you:
Examples of information we collect may include:
first name, last name
financial information such as payment details and your transactional history with us.
We may collect Personal Information directly from you in the following circumstances:
When you fill in and submit forms on the Web Site, including forms submitted at the time of subscribing to use the Web Site or any of the Services, posting content, reporting a problem with the Web Site or requesting customer service from us.
When you contact us via online submission, telephone, electronic mail or regular mail, we may keep a record of that correspondence.
When you engage in any transactions through the Web Site or for Services and submit information for the fulfilment of anything you order or subscribe to through the Web Site or the Services.
Your Personal Information will not be distributed or shared with third parties unless it is to transact such Services as you have contracted us to do or to comply with any legal processes and/or law enforcement requests. We may also use your Personal Information for the marketing and/or promotion of our products or services. We may outsource all of these tasks to third parties. If you have received an email from us, and you wish to no longer receive emails, please click the unsubscribe link found at the bottom of the email.
Except as disclosed above, we do not collect Personal Information about visitors to this site or our customers who use this site. We do routinely gather data on Web Site activity, such as how many people visit the site, the pages they visit, where they come from, how long they stay on the site, etc. The data is collected on an aggregate, anonymous basis, which means that no Personal Information is associated with the data. This data helps us improve site content and overall usage. The information is not shared with other organisations for their independent use.
Your browser may offer you a “Do Not Track” option, which allows you to signal to operators of websites and web applications and services (including behavioural advertising services) that you do not wish such operators to track certain of your online activities over time and/or across different websites. Our Services do not support Do Not Track requests at this time, which means that we collect information about your online activity both while you are using the Services and after you leave our Services.
We maintain standard Web logs that record data about all visitors and customers who use the Web Site and we store this information for a while. These logs may contain the Internet domain from which you access the site (such as xyz.com, abc.org, etc.); the IP address which is automatically assigned to your computer when you get on the Internet (a static IP address may be identifiable as being connected to you, while a dynamic address is usually not identifiable); the type of browser and operating system you use; the date and time you visited the site; the pages you viewed on the site; the address of the web site you linked from, if any. If you sign on to this web site to use its secured features, our Web logs will also contain an individual identifier and show the services you have accessed.
All Web logs are stored securely, and may only be accessed by our staff on a need-to-know basis for a specific purpose to use web log information to help us design our site, to identify popular features, to resolve user, hardware, and software problems, and to make the Web Site more useful to visitors.
We may place Internet “cookies” on the computer hard drives of visitors to the Web Site. Information we obtain from cookies helps us to tailor our site to be more helpful and efficient for our visitors. The cookie consists of a unique identifier that does not contain information about you.
You may have software on your computer that will allow you to decline or deactivate Internet cookies, but if you do so, some features of this site may not work properly for you. For instructions on how to remove cookies from your hard drive, go to your browser’s web site for detailed instructions. In addition, further information regarding cookies may be available on other web sites or from your Internet service provider. Firefox and Google Chrome are two common browsers.
We may use a third-party vendor to help us manage some of our e-mail communications with you. While we do supply this vendor with e-mail addresses of those we wish them to contact, your e-mail address is never used for any purpose other than to communicate with you on our behalf. When you click on a link in an email, you may temporarily be redirected through one of the vendor’s servers (although this process will be invisible to you) which will register that you’ve clicked on that link, and have visited the Web Site. We never share any information, other than your e-mail address, with our third-party e-mail vendor, which does not share these e-mail addresses with anyone else.
Even if you have given us permission to send e-mails to you, you may revoke that permission at any time by following the “unsubscribe” information at the bottom of the e-mail.
Disclosure of Personal Information
We may disclose personal information to any person performing audit, legal, operational, or other services for us. We will use information which does not identify the individual for these activities whenever feasible. Information disclosed to vendors or contractors for operational purposes may not be re-disclosed to others by such a vendor or contractor.
We may disclose your personal information to third parties:
In the event that we sell or buy or transfer any business or assets (in part or whole), in which case we may disclose your personal information to the prospective seller, buyer or recipient of such business or assets.
In order to respond to a subpoena, court order or other legal duty or obligation (including without limitations requests or demands from law enforcement and government authorities and regulators).
In order to investigate, prevent, or take action regarding suspected or actual prohibited activities, including but not limited to, fraud and situations involving potential threats to the physical safety of any person or to prevent financial loss to any person or entity, including ABC Pty Ltd., its customers, clients, and other parties.
In order to enforce or apply our Terms and Conditions and other agreements.
Third Party Payment Processors
Third Party Web Sites
We may collect data from third party web sites (“Third Party Sites”). The use of personal data of users from Third Party Sites is restricted to necessary operations of our business and is used by staff on a need-to-know basis. The use of any data derived from Third Party Sites will be utilised in accordance with Third Party Sites terms of services as outlined on such Third Party Site pages.
If a user makes a request to receive information in an ongoing manner through this Web Site by providing their e-mail address (for example, requesting a subscription to one of our online publications), we may send you emails for the marketing and/or promotion of our products or services. If you have received an email from us, and you wish to no longer receive emails, please click the unsubscribe link found at the bottom of the email.
Please note that data that is transported over an open network, such as the Internet or e-mail, may be accessible to anybody. We cannot guarantee the confidentiality of any communication or material transmitted via such open networks. When disclosing any Personal Information via an open network, you should remain mindful of the fact that it is potentially accessible to others, and consequently, can be collected and used by others without your consent. Your data may be lost during transmission or may be accessed by unauthorised parties. We do not accept any liability for direct or indirect losses as regards the security of your Personal Information or data during its transfer via Internet. Please use other means of communication if you think this is necessary or prudent for security reasons.
For network security purposes and to ensure that the Web Site remains available to all users, we employ commercial software programs to monitor network traffic and attempt to identify unauthorised attempts to upload or change information, or otherwise cause damage. All payment information is transmitted via Secure Socket Layer (SSL) technology, encrypted into our payment gateway, and accessible only by those authorised with special access rights to such systems who are required to keep the information confidential.
Password-protected areas of the Web Site can be accessed only with a valid user name and password. Each password owner is responsible for keeping the password confidential and safe, as we have no control or responsibility for this type of user information. If the password may have been stolen or might otherwise be misused, it is the responsibility of the password owner to notify us immediately for further action.
If you are a resident of the European Union (“EU”), United Kingdom, Lichtenstein, Norway, or Iceland, you may have additional rights under the EU General Data Protection Regulation (the “GDPR”) with respect to your Personal Data, as outlined below.
For this section, we use the terms “Personal Data” and “processing” as they are defined in the GDPR, but “Personal Data” generally means information that can be used to individually identify a person, and “processing” generally covers actions that can be performed in connection with data such as collection, use, storage and disclosure. Company will be the controller of your Personal Data processed in connection with the Services.
What Personal Data Do We Collect From You?
We collect Personal Data about you when you provide such information directly to us or when Personal Data about you is automatically collected in connection with your use of our Services.
Information we collect directly from you
We receive Personal Data directly from you when you provide us with such Personal Data, including without limitation the following:
First and last name
Credit/debit card information
Information we automatically collect when you use our Services
Some Personal Data is automatically collected when you use our Services, such as the following:
Web browser information
Page view statistics
Transaction information (e.g. transaction amount, date and time such transaction occurred)
Cookies and other tracking technologies (e.g. web beacons, pixel tags, SDKs, etc.)
Log data (e.g. access times, hardware and software information)
How Do We Use Your Personal Data?
We process Personal Data to operate, improve, understand and personalise our Services. For example, we use Personal Data to:
Create and manage user profiles
Communicate with you about the Services
Contact you about Service announcements, updates or offers
Provide support and assistance for the Services
Personalise website content and communications based on your preferences
Meet contract or legal obligations
Respond to user inquiries
Fulfil user requests
Comply with our legal or contractual obligations
Protect against or deter fraudulent, illegal or harmful actions
Enforce our Terms and Conditions
We will only process your Personal Data if we have a lawful basis for doing so. Lawful bases for processing include consent, contractual necessity and our “legitimate interests” or the legitimate interest of others, as further described below.
Contractual Necessity: We process your first and last name, email address, location and credit/debit card information as a matter of “contractual necessity”, meaning that we need to process the data to perform under our Terms of Service with you, which enables us to provide you with the Services. When we process data due to contractual necessity, failure to provide such Personal Data will result in your inability to use some or all portions of the Services that require such data.
Legitimate Interest: We also process the Personal Data above when we believe it furthers our legitimate interests, examples of which include:
Operation and improvement of our business, products and services
Marketing of our products and services
Provision of customer support
Protection from fraud or security threats
Compliance with legal obligations
Completion of corporate transactions
Consent: In some cases, we process Personal Data based on the consent you expressly grant to us at the time we collect such data. When we process Personal Data based on your consent, it will be expressly indicated to you at the point and time of collection.
Other Processing Grounds: From time to time we may also need to process Personal Data to comply with a legal obligation, if it is necessary to protect the vital interests of you or other data subjects, or if it is necessary for a task carried out in the public interest.
How and With Whom Do We Share Your Data?
Fraud prevention service providers
Analytics service providers
Hosting service providers
We also share Personal Data when necessary to complete a transaction initiated or authorised by you or provide you with a product or service you have requested, including to other users (where you post information publicly or as otherwise necessary to effect a transaction initiated or authorised by you through the Services)
We also share Personal Data when we believe it is necessary to:
Comply with applicable law or respond to valid legal process, including from law enforcement or other government agencies
Protect us, our business or our users, for example to enforce our terms of service, prevent spam or other unwanted communications and investigate or protect against fraud
Maintain the security of our products and services
We also share information with third parties when you give us consent to do so.
Furthermore, if we choose to buy or sell assets, user information is typically one of the transferred business assets. Moreover, if we, or substantially all of our assets, were acquired, or if we go out of business or enter bankruptcy, user information would be one of the assets that is transferred or acquired by a third party, and we would share Personal Data with the party that is acquiring our assets. You acknowledge that such transfers may occur, and that any acquirer of us or our assets may continue to use your Personal Information as set forth in this policy.
How Long Do We Retain Your Personal Data?
We retain Personal Data about you for as long as you have an open account with us or as otherwise necessary to provide you Services. In some cases we retain Personal Data for longer, if doing so is necessary to comply with our legal obligations, resolve disputes or collect fees owed, or is otherwise permitted or required by applicable law, rule or regulation. Afterwards, we retain some information in a depersonalised or aggregated form but not in a way that would identify you personally.
What Security Measures Do We Use?
We seek to protect Personal Data using appropriate technical and organisational measures based on the type of Personal Data and applicable processing activity, including by using data hosting service providers to host the information we collect.
Personal Data of Children
We do not knowingly collect or solicit Personal Data from anyone under the age of 16. If you are under 16, please do not attempt to register for the Services or send any Personal Data about yourself to us. If we learn that we have collected Personal Data from a child under age 16, we will delete that information as quickly as possible. If you believe that a child under 16 may have provided us Personal Data, please contact us at email@example.com
What Rights Do You Have Regarding Your Personal Data?
You have certain rights with respect to your Personal Data, including those set forth below. For more information about these rights, or to submit a request, please email ??? Please note that in some circumstances, we may not be able to fully comply with your request, such as if it is frivolous or extremely impractical, if it jeopardises the rights of others, or if it is not required by law, but in those circumstances, we will still respond to notify you of such a decision. In some cases, we may also need to you to provide us with additional information, which may include Personal Data, if necessary to verify your identity and the nature of your request.
Access: You can request more information about the Personal Data we hold about you and request a copy of such Personal Data. You can also access certain of your Personal Data by accessing your account profile.
Rectification: If you believe that any Personal Data we are holding about you is incorrect or incomplete, you can request that we correct or supplement such data. You can also correct some of this information directly by accessing your account profile.
Erasure: You can request that we erase some or all of your Personal Data from our systems.
Withdrawal of Consent: If we are processing your Personal Data based on your consent (as indicated at the time of collection of such data), you have the right to withdraw your consent at any time. Please note, however, that if you exercise this right, you may have to then provide express consent on a case-by-case basis for the use or disclosure of certain of your Personal Data, if such use or disclosure is necessary to enable you to utilise some or all of our Services.
Portability: You can ask for a copy of your Personal Data in a machine-readable format. You can also request that we transmit the data to another controller where technically feasible.
Objection: You can contact us to let us know that you object to the further use or disclosure of your Personal Data for certain purposes, such as for direct marketing purposes.
Restriction of Processing: You can ask us to restrict further processing of your Personal Data.
Right to File Complaint: You have the right to lodge a complaint about Company’s practices with respect to your Personal Data with the supervisory authority of your country or EU Member State.
Transfers of Personal Data
The Services are hosted and operated in Australia (“AU”) through Company and its service providers, and if you do not reside in AU, laws in AU may differ from the laws where you reside. By using the Services, you acknowledge that any Personal Data about you, regardless of whether provided by you or obtained from a third party, is being provided to Company in AU and will be hosted on AU servers, and you authorise Company to transfer, store and process your information to and in AU, and possibly other countries.
Questions, Complaints, and Contacts
If you have any questions about this Privacy Statement, our policies and practices concerning this site, your rights under this statement, and your dealings with this web site, you can contact JAMLAB by sending a message to firstname.lastname@example.org