PRIVACY LAWS THAT APPLY TO EFTEL
Eftel is required to comply with the Privacy Act 1988 (Cth) and is bound by the Australian Privacy Principles ('APPs') set out in that Act. The APPs establish minimum standards for the collection, use, disclosure and handling of personal information. They apply to personal information in any form, including electronic and digital form. The APPs can be accessed at the website of the office of the Australian Information Commissioner: www.privacy.gov.au.
Eftel is also subject to other laws relating to the protection of personal information. In particular, Eftel is subject to privacy obligations under the Telecommunications Act 1997 (Cth). Eftel's direct marketing activities must also comply with the Do Not Call Register Act 2006 (Cth) and the Spam Act 2010 (Cth). If Eftel collects health information, it may be required to comply with statutory requirements relating to health records.
WHY DOES EFTEL COLLECT PERSONAL INFORMATION?
Eftel collects personal information in order to:
Eftel needs to be able to collect personal information for most of its business activities, although the information we require depends on the particular circumstances. If we are unable to collect the personal information we need, we may be unable to meet the expectations of our customers or provide the products and services they wish to receive.
WHOSE PERSONAL INFORMATION DOES EFTEL COLLECT?
Eftel collects or holds personal information about individuals who are:
Eftel may treat current and past customers as prospective customers for other Eftel products and services.
Eftel may collect personal information about associates of its customers, such as family members, employees or agents. For example, Eftel may collect personal information about nominated or authorised representatives, the holder of a credit card that is used to pay a customer's account, a person who acts as a secondary account holder, a person who acts as guarantor for a credit contract, the landlord of a tenanted property or the nominated contact on a business account.
Eftel may in rare circumstances collect personal information from people who are under the age of 18. If Eftel does this, Eftel may also collect personal information about the parent or guardian of that person.
Eftel also collects personal information about all the individuals who are involved in providing Eftel products and services. This includes:
CAN YOU DEAL WITH EFTEL WITHOUT IDENTIFYING YOURSELF?
In some limited situations customers and other individuals may be able to deal with Eftel anonymously or using a pseudonym. For example, if you make a general inquiry to one of our call centres, or want to make a complaint or log a service fault unless the inquiry or complaint relates to a particular account.
However, if you do not wish to be identified we may not be able to provide the information or assistance you require.
WHAT PERSONAL INFORMATION DOES EFTEL USUALLY COLLECT?
Eftel collects a wide range of personal information about its customers, but the type and amount of information collected depends on the particular business context. However, Eftel seeks at all times to ensure that it only collects the personal information that is necessary for the purposes of its business activities.
Eftel needs to collect basic identifying and contact information for all customers, including prospective customers. This will usually include name, date of birth, email address, telephone number(s) and residential address. For corporate and business customers, Eftel collects information about nominated contacts, including name and title or position, date of birth, telephone number(s) and email and business addresses.
Eftel also collects information about purchasing patterns, consumer preferences and attitudes from prospective and current customers for marketing purposes, including to analyse markets, develop marketing strategies and to identify and develop products and services that may be of interest to its customers.
When you become, or apply to become, a Eftel customer, Eftel collects a range of other information that that it needs to assess your application and manage your account(s). This includes:
We also collect information about the way our customers use Eftel products and services. This includes information about:
We collect information about our employees and prospective employees for the purpose of making employment decisions and managing our staff. We also collect information about suppliers, service providers, agents and affiliates, and their staff, for the purposes of conducting our day-today business activities.
HOW DOES EFTEL COLLECT PERSONAL INFORMATION?
We collect personal information by various means and via various media, depending on the particular business context.
We collect information about prospective customers both directly and via our agents, service providers and affiliates. We may collect this information:
When you become or apply to become a Eftel customer, in addition to collecting personal information directly from you, we may also collect information about you from our agents and affiliates, credit reporting agencies, your past and present employers, current service providers, family members or associates and other third parties.
When you apply to become a Eftel customer, we will ask you to consent to us collecting information from particular third parties. We will only collect personal information from those parties if you consent. If you do not consent, we may not be able to provide the service or product you require. We are authorised to collect some personal information from third parties under Privacy Law.
Eftel receives unsolicited personal information from time to time. In accordance with its obligations under Privacy Law, Eftel will decide whether it would have been permitted to solicit and collect that information and if it would not have been, will destroy or de-identify the information (provided it is lawful to do so).
WHAT INFORMATION WILL EFTEL GIVE YOU WHEN IT COLLECTS PERSONAL INFORMATION?
Eftel is required by Privacy Law to take reasonable steps to ensure that you are made aware of certain information when it collects personal information about you. For example, we are required to:
If we collect personal information about you from a third party, we take reasonable steps to ensure you receive the information we are required to provide. However, we may do this by requiring the third party to provide the information, rather than us providing the information to you directly.
We may also include information about our collection of personal information in welcome packs, customer account statements, update bulletins, notices and other documents we give to our customers.
EFTEL'S USE AND DISCLOSURE OF PERSONAL INFORMATION
Where Eftel collects personal information for a particular purpose, it may use and disclose the information for that purpose or another purpose that is related to that purpose (or that is directly related to that purpose in the case of sensitive information). For example:
Eftel may use personal information about prospective, current and past customers for the purpose of direct marketing of Eftel products and services or those of other organisations. Direct marketing communications may be sent via post, e-mail, telephone, door to door canvassing, social media sites or other means. However:
Personal information about Eftel staff, agents, affiliates and service providers is used and may be disclosed for the purpose of managing the relationship with the staff member or other entity.
Eftel may disclose personal information about Eftel customers to a range of third parties. For example, depending on the type of product or service, Eftel may disclose customer information to a wholesaler or other third party who provides or assists to provide the service.
Eftel may disclose information to government agencies (such as Centrelink) for the purpose of establishing or verifying eligibility for concessions and similar entitlements.
Eftel may also disclose personal information for credit checking, collection or credit reporting purposes to a credit reporting agency or credit collection agency, in accordance with the requirements of the Privacy Act 1988.
Personal information may also be disclosed to third party agents and service providers who Eftel engages to assist in the provision of products and services. These include:
Personal information Eftel obtains in connection with the provision of telecommunications services may be disclosed in accordance with requirements of the Telecommunications Act 1997 (Cth) and the Telecommunications (Interception and Access) Act 1979 (Cth). This includes disclosure:
Eftel may also disclose personal information without consent as authorised by privacy law for a range of other purposes, including:
In situations other than those described above, Eftel will not disclose personal information without the customer's consent (although consent may be implied).
IS PERSONAL INFORMATION DISCLOSED OUTSIDE AUSTRALIA?
Eftel discloses some personal information to persons or organisations that are outside Australia.
HOW DOES EFTEL PROTECT YOUR PERSONAL INFORMATION?
Eftel recognises the importance of protecting your personal information and of ensuring that it is complete, accurate, up-to-date and relevant.
When you call Eftel, we complete an ID check to verify your identity and to check the details we hold about you are correct and to update them if required. For some safety critical information, for example medical information required to ensure priority assistance, we initiate checks on an annual basis.
We have documented processes for verifying personal information collected for particular transactions, such as proof of occupancy, change of occupier and priority assistance. Our staff are trained to properly handle the different types of information they receive, particularly sensitive information. We have quality assurance measures in place to monitor calls to ensure that our processes are being followed.
While some of the personal information we collect is held in hardcopy form, most personal information is stored in electronic databases.
We have extensive processes in place to ensure that our information systems and files are kept secure from unauthorised access and interference. These include:
CAN YOU ACCESS OR CORRECT PERSONAL INFORMATION EFTEL HOLDS ABOUT YOU?
You have a right to access personal information we hold about you. If your request is particularly complex or requires detailed searching of our records, there may be a cost to you in order for us to provide you with this information.
If you believe there are errors in the information we hold about you, you have a right to ask us to correct the information.
However, we are not required to provide access where we believe doing so would:
If you wish to have access to information Eftel holds about you, you should contact Eftel Customer Service.
DEALING WITH EFTEL ON-LINE
We store the Internet Protocol (IP) address of your computer when you visit our site. This information is used only to create broad demographic summaries of where our users come from. Our use of these IP addresses, however, does not go so far as to identify the actual users of the site.
We collect personal information about the other websites that are visited by computers that are used to visit our site. This information may be aggregated to provide us with information about the types of webpages and websites, or particular webpages and websites, visited by computers that use our site.
COMPLAINTS AND FURTHER INFORMATION
If you believe your privacy has been interfered with and wish to make a complaint, please contact our Privacy Officer. The Privacy Officer will investigate your complaint and notify you of the outcome.
If it appears from your complaint that there has been an interference with privacy by a person other than Eftel, the Privacy Officer may discuss the complaint with that person in an attempt to resolve it.
If you are dissatisfied with the outcome of your complaint, or you do not receive a response to your complaint within 30 days, you may make a complaint to the Office of the Australian Information Commissioner (OAIC). Complaints to the OAIC must be made in writing. Where possible, complaints to the OAIC should be made through the online Privacy Complaint form, available at www.oaic.gov.au/privacy/making-a-privacy- complaint.