Updated Dec 2019
1. Intygrate commitment to privacy
Intygrate Pty Ltd ACN 613 294 401, its subsidiaries and affiliates in Australia and Singapore (collectively referred to as Intygrate) are committed to managing personal information in accordance with the Australian Privacy Principles under the Privacy Act 1988 (Cth) and in accordance with other applicable privacy laws.
In addition to the Privacy Act 1988 (Cth), individuals located in the European Union (EU) may also have rights under EU based rules known as the General Data Protection Regulation (GDPR). The GDPR has harmonised the data privacy laws of each individual EU country, giving more rights to individuals located in the EU and more obligations to organisations holding their personal information.
Details of additional rights of individuals located in the EU and how we meet them are outlined in Appendix 1.
We take privacy seriously and are committed to ensuring the protection of your personal information, no matter where you are located.
2. About Intygrate
Intygrate is a global organisation comprising a number of divisions including “marketing”
Intygrate offers a complete range of services, including ERP consultancy, software development and integration.
3. What information does Intygrate collect about you?
(a) Client and prospective clients
When you enquire about our services or when you become a client of Intygrate, a record is made which includes your personal information.
The type of personal information that we collect will vary depending on the circumstances of collection and the kind of service that you request from us, but will typically include your:
(ii) address (including previous addresses);
(iii) information about you or your company;
(iv) information about people representing your company;
(v) contact telephone number(s);
(vi) e-mail address(es);
(vii) credit card details;
(viii) account usernames;
(ix) IP addresses;
(x) usage information; and
(xi) other personal information related to the above.
(b) Prospective employees and applicants
We collect personal information when recruiting personnel, such as your name, contact details, qualifications and work history. Generally, we will collect this information directly from you.
We may also collect personal information from third parties in ways which you would expect (for example, from recruitment agencies or referees you have nominated). Before offering you a position, we may collect additional details such as your taxpayer identification number (TIN) and superannuation or pension scheme information and other information necessary to conduct background checks to determine your suitability for certain positions (for example, positions which involve working with children).
(c) Other individuals
Intygrate may collect personal information about other individuals who are not clients of Intygrate. This includes customers and members of the public who participate in events we are involved with, individual service providers and contractors to Intygrate, and other individuals who interact with Intygrate on a commercial basis. The kinds of personal information we collect will depend on the capacity in which you are dealing with Intygrate. Generally, it would include your name, contact details, and information regarding our interactions and transactions with you.
If you are participating in an event we are managing or delivering, we may take images or audiovisual recordings which identify you.
In limited circumstances, Intygrate may collect information which is considered sensitive information. For example, if you are injured at an event promoted or delivered by Intygrate we may collect health information about you in an emergency or otherwise with your consent.
We may collect personal information about children (for example, when children participate in events we are involved with). Where children do not have sufficient maturity and understanding to make decisions about their personal information, we will require their parents or guardians to make decisions on their behalf.
You can always decline to give Intygrate any personal information we request, but that may mean we cannot provide you with some or all of the services you have requested. If you have any concerns about personal information we have requested, please let us know.
(d) Visitors to our websites
The way in which we handle the personal information of visitors to our websites is discussed below.
4. How and why does Intygrate collect and use your personal information?
Intygrate collects personal information reasonably necessary to carry out our business, to assess and manage our clients' needs, and provide services including ERP consultancy, software development and integration. We may also collect information to fulfil administrative functions associated with these services, for example billing, entering into contracts with you or third parties and managing client relationships.
The purposes for which Intygrate usually collects and uses personal information depends on the nature of your interaction with us, but may include to:
(a) provide the services or products that you request;
(b) do all things necessary to administer those services or products;
(c) research, develop, manage, protect and improve our services and products;
(d) conduct customer satisfaction surveys and inform you of any improvements that we have made to our services;
(e) maintain and develop our products;
(f) conduct appropriate checks for credit worthiness and to prevent fraud;
(g) the management, protection and development of our business;
(h) provide you with information about other products and services that may be of interest to you, including information about our business partners' products and services;
(i) assist in arrangements with suppliers in relation to the provision of a product or service;
(j) collect and process payments, through us or a third party;
(k) perform all other administrative and operational tasks (including risk management, systems development and testing, staff training and market or customer satisfaction research);
(l) to facilitate your participation in any loyalty programs that may be set up; and
(m) investigate, detect and protect us and other third parties against negligence, breach of contract, fraud, theft and other illegal activities.
Intygrate generally collects personal information directly from you. We may collect and update your personal information over the phone, by email, over the internet or social media, or in person. We may also collect personal information about you from other sources, for example:
(a) our affiliated and related companies; and
(b) third party suppliers and contractors who assist us to operate our business.
Intygrate also collects and uses personal information for market research purposes and to innovate our delivery of products and services.
5. How does Intygrate interact with you via the internet?
You can use the settings in your browser to control how your browser deals with cookies. However, in doing so, you may be unable to access certain pages or content on our website.
Intygrate's websites may contain links to third-party websites. Intygrate is not responsible for the content or privacy practices of websites that are linked to our website.
6. Can you deal with Intygrate anonymously?
Intygrate will provide individuals with the opportunity of remaining anonymous or using a pseudonym in their dealings with us where it is lawful and practicable (for example, when making a general enquiry). Generally, it is not practicable for Intygrate to deal with individuals anonymously or pseudonymously on an ongoing basis. If we do not collect personal information about you, you may be unable to utilise our services or participate in our events, programs or activities we manage or deliver.
7. How does Intygrate hold information?
Intygrate stores information in paper-based files or other electronic record keeping methods in secure databases (including trusted third party storage providers based in Australia and overseas). Personal information may be collected in paper-based documents and converted to electronic form for use or storage (with the original paper-based documents either archived or securely destroyed). We take reasonable steps to protect your personal information from misuse, interference and loss and from unauthorised access, modification or disclosure.
Intygrate maintains physical security over paper and electronic data stores, such as through locks and security systems at our premises. We also maintain computer and network security, for example, we use firewalls (security measures for the internet) and other security systems such as user identifiers and passwords to control access to our computer systems.
Our websites use encryption to ensure the secure transmission of information via the internet. Nevertheless, users of our websites are encouraged to exercise care in sending personal information via the internet.
We take steps to destroy or de-identify information that we no longer require.
8. Does Intygrate use or disclose your personal information for direct marketing?
Intygrate may use or disclose your personal information for the purpose of informing you about our services, upcoming promotions and events, or other opportunities that may interest you. If you do not want to receive direct marketing communications, you can opt-out at any time by contacting us using the contact details below.
If you opt-out of receiving marketing material from us, Intygrate may still contact you in relation to its ongoing relationship with you.
9. How does Intygrate use and disclose personal information?
(a) For clients
The purposes for which we may use and disclose your personal information will depend on the services we are providing you. For example, if you have engaged us to deliver a service, we may disclose information about you to service providers where this is relevant to our services.
(b) For customers and participants
If you are a customer or participant in an event, we may disclose your personal information to our clients and venues where this is reasonably necessary for, and relevant to, the delivery of the event. We may use images or audio-visual recordings which identify you for promotional purposes where you would reasonably expect this to occur.
(c) Disclosure to contractors and other service prodivders
Intygrate may disclose information to third parties we engage in order to provide our services, including contractors and service providers used for data processing, data analysis, customer satisfaction surveys, information technology services and support, website maintenance/development, printing, archiving, mail-outs, and market research.
Personal information may also be shared between related and affiliated companies of Intygrate, located in Australia and overseas.
Third parties to whom we have disclosed your personal information may contact you directly to let you know they have collected your personal information and to give you information about their privacy policies.
(d) Use and disclosure for administration and management
Intygrate will also use and disclose personal information for a range of administrative, management and operational purposes. This includes:
(i) administering billing and payments and debt recovery;
(ii) planning, managing, monitoring and evaluating our services;
(iii) quality improvement activities;
(iv) statistical analysis and reporting;
(v) training staff, contractors and other workers;
(vi) risk management and management of legal liabilities and claims (for example, liaising with insurers and legal representatives);
(vii) responding to enquiries and complaints regarding our services;
(viii) obtaining advice from consultants and other professional advisers; and
(ix) responding to subpoenas and other legal orders and obligations.
(e) Other uses and disclosures
10. Does Intygrate disclose your personal information overseas?
Intygrate is a global organisation and works with clients, service providers, sponsors and commercial interests across the globe. It is likely that your personal information will be disclosed to overseas recipients.
Unless we have your consent, or an exception under the Australian Privacy Principles applies, we will only disclose your personal information to overseas recipients where we have taken reasonable steps to ensure that the overseas recipient does not breach the Australian Privacy Principles in relation to your personal information.
Entities which are related entities of Intygrate or are otherwise affiliated with Intygrate, have operations in Australia, Singapore and India. In circumstances where your information is disclosed to overseas recipients, those recipients are likely to be located in countries in the regions in which Intygrate and its related entities and affiliates operate.
11. How can you access or seek correction of your personal information?
You are entitled to access your personal information held by Intygrate on request. To request access to your personal information please contact our privacy officer using the contact details set out below.
You will not be charged for making a request to access your personal information but you may be charged for the reasonable time and expense incurred in compiling information in response to your request.
We will take reasonable steps to ensure that the personal information we collect, use or disclose is accurate, complete and up-to-date. You can help us to do this by letting us know if you notice errors or discrepancies in information we hold about you and letting us know if your personal details change.
However, if you consider any personal information we hold about you is inaccurate, out-of-date, incomplete, irrelevant or misleading you are entitled to request correction of the information. After receiving a request from you, we will take reasonable steps to correct your information.
We may decline your request to access or correct your personal information in certain circumstances in accordance with the Australian Privacy Principles. If we do refuse your request, we will provide you with a reason for our decision and, in the case of a request for correction, we will include a statement with your personal information about the requested correction.
12. What should you do if you have a complaint about the handling of your personal information?
You may make a complaint about privacy to the privacy officer at the contact details set out below.
The privacy officer will first consider your complaint to determine whether there are simple or immediate steps which can be taken to resolve the complaint. We will generally respond to your complaint within a week.
If your complaint requires more detailed consideration or investigation, we will acknowledge receipt of your complaint within a week and endeavour to complete our investigation into your complaint promptly. We may ask you to provide further information about your complaint and the outcome you are seeking. We will then typically gather relevant facts, locate and review relevant documents and speak with individuals involved.
In most cases, we will investigate and respond to a complaint within 30 days of receipt of the complaint. If the matter is more complex or our investigation may take longer, we will let you know.
If you are not satisfied with our response to your complaint, or you consider that Intygrate may have breached the Australian Privacy Principles or the Privacy Act, a complaint may be made to the Office of the Australian Information Commissioner. The Office of the Australian Information Commissioner can be contacted by telephone on 1300 363 992 or by using the contact details on the website www.oaic.gov.au.
14. How can you contact Intygrate?
Appendix 1: Additional rights for individuals located in the European Union
The European Union (EU) General Data Protection Regulation (GDPR) has harmonised the data privacy laws of each individual EU country, giving more rights to individuals located in the EU and more obligations to organisations holding their personal information. In this Appendix, “personal information” means any information relating to an identified or identifiable natural person (the meaning given to the term “personal data” in the GDPR).
Personal information must be processed in a lawful, fair and transparent manner. As such, if you are located in the EU, GDPR requires us to provide you with more information about how we collect, use, share and store your personal information as well as advising you of your rights as a ‘data subject’.
If you are located in the EU and have an enquiry relating to your rights under the GDPR, please contact email@example.com
What personal information do we collect?
Special Categories of Personal Information
The GDPR provides additional protection for personal information about your racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, biometric data (for example your fingerprints), or data concerning your health, sex life or sexual orientation. We will only process this type of personal information with your consent or where otherwise lawfully permitted.
How long we keep your personal information
We will keep your personal information while you are a customer of Intygrate. We aim to keep your personal information for only as long as we need it.
We generally keep your personal information for up to 7 years after you stop being a customer but we may keep your personal information for longer:
- To fulfil legal or regulatory obligations
- For internal research and analytics
- To respond to a question or complaint
How we use your personal information
We can only collect and use your personal information if we have a valid lawful reason to do so. For Intygrate, these reasons are:
- Contract: We need to process your personal information in order to fulfil a contract you have with us, or because you have asked us to take specific steps before entering into a contract.
- Legal obligations: We need to process your personal information for us to comply with the law (not including contractual obligations).
- Consent: You have given clear consent for us to process your personal information for a specific purpose.
- Legitimate interests: We need to process your personal information for our legitimate interests or the legitimate interests of a third party unless there is a good reason to protect your personal information which overrides these legitimate interests.
We may use your information for direct marketing purposes. We will only do this with your consent.
Your rights as a data subject
The right to be informed how personal information is processed
You have the right to be informed how your personal information is being collected and used. If we require your consent to process your personal information you can withdraw consent at any time. If you withdraw consent, we may not be able to provide certain products or services to you. The right to withdraw only applies when the lawful basis of processing is consent.
The right of access to personal information
You can access your personal information that we hold by emailing: firstname.lastname@example.org
The right to rectification
You have the right to question any personal information we have about you that is inaccurate or incomplete. If you do, we will take reasonable steps to check the accuracy and correct it.
The right to erasure
You have the right to ask us to delete your personal information if there is no need for us to keep it. You can make the request verbally or in writing. There may be legal or other reasons why we need to keep your personal information and if so we will tell you what these are.
The right to restrict processing
You have the right to ask us to restrict our use of your personal information in some circumstances. We may be able to restrict the use of your personal information. In this situation we would not use or share your personal information while it is restricted. This is not an absolute right and only applies in certain circumstances.
The right to data portability
In some circumstances you have the right to request we provide you with a copy of the personal information you have provided to us in a format that can be easily reused.
The right to object
In some circumstances you have the right to object to us processing your personal information.
Rights in relation to automated decision making and profiling
We sometimes use systems to make automated decisions (including profiling) based on personal information we have collected from you or obtained from other sources such as credit reporting bodies. These automated decisions can affect the products or services we offer you. You can ask that we not make decisions based on automated score alone or object to an automated decision and ask that a person review.
The right to lodge a complaint with a supervisory authority
You have the right to complain to the regulator if you are not happy with the outcome of a complaint.
See the ‘Regulator Contact Details’ section for more information.
The individual regulator websites will tell you how to report a concern.
Please note that while any changes you make to your personal information will be reflected in active user databases instantly or within a reasonable period of time, we may retain all information you submit for backups, archiving, prevention of fraud and abuse, analytics, satisfaction of legal obligations, or where we otherwise reasonably believe that we have a legitimate reason to do so.
You may decline to share certain personal information with us, in which case we may not be able to provide to you some of the features and functionality of our products and services.
Minors and Children's Privacy
We will seek parent or guardian consent to collect the details of children under 16.
Regular Contact Details
The UK data protection authority is:
Information Commissioner’s Office
Wycliffe House, Wilmslow
Cheshire SK9 5AF, UK
For other European jurisdictions please refer to the European Commission website for details of the relevant data protection authorities.