Privacy Policy

About our privacy policy

Our privacy policy seeks to:

communicate our personal information handling practices
enhance the transparency of our operations
give individuals a better and more complete understanding of the personal information we hold and the way in which we deal with that information.

We review our privacy policy regularly and publish it on our website. If you would like to access a copy of our privacy policy in another form, or have feedback on our privacy policy, you can contact us.

The Privacy Act

The Privacy Act 1988 (Privacy Act)External Link protects personal information and requires that we comply with the Australian Privacy Principles (APPs) set out in Schedule 1 of the Privacy Act in our handling of personal information.

Under the Privacy Act, ‘personal information’ means 'information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether the information is true or not and whether the information is recorded in a material form or not'.

Under the Privacy Act, we:

have a Privacy Champion and a Privacy Officer
undertake privacy impact assessments (PIAs) and publish a version of those PIAs on our Privacy impact assessment register.

Our undertaking to you

We undertake to collect personal information about you in a fair and lawful way and in a manner that is not unreasonably intrusive. This means that we will not use any form of deception or threat when we collect personal information, either from you or from anyone else.

We undertake to respect your privacy and to keep your information confidential. We handle your personal information as required by the Privacy Act.

We will be transparent and open about what personal information we collect, hold, use and disclose, as well as how you can make a privacy complaint if you think your privacy has been interfered with.

Why we collect, hold, use and disclose personal information

What personal data we collect and why we collect it:

Comments:

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

After approval of your comment, your profile picture may be visible to the public in the context of your comment. We also collect, hold, use and disclose personal information in relation to our other functions and activities, including:

to manage enquiries and other contacts with us
to verify your identity
in the course of procuring goods and services
as an employer under the Fair Work Act 2009 (Fair Work Act) and the Fair Work Regulations 2009.

Personal information we collect, hold, use and disclose

We collect, hold, use and disclose personal information about individuals, government employees and contractors that is necessary for or related to the administration of tax and super laws and other programs of work we administer.
Personal information includes:
• names, addresses, email addresses, phone and fax numbers
• dates of birth, occupations, gender
• business and financial information, bank account and financial institution details
• student numbers and institution codes
• trustee and accountant details
• health fund and super fund details
• business ownership details, business transaction reports, and sales data.

Superannuation records

We collect, hold, use and disclose personal information about:
• super guarantee obligations and entitlements of employers and employees
• self-managed super fund members, trustees and directors of corporate trusts.

Tax file numbers

A tax file number (TFN) is a unique identifier.

TFNs are protected by sections 8WA and 8WB of the Taxation Administration Act 1953External Link and the Privacy (Tax File Number) Rule 2015External Link. We handle TFN information in accordance with those pieces of legislation.

Forms on our website

Forms on our website are designed to support your interactions with us. Personal information we collect though online forms is used to contact you and administer our business. If you do not provide that information, we may not be able to take further action on the form you submit.

Our forms clearly indicate the information you must provide (mandatory fields) before you can submit a form.
Where possible, we highlight that you shouldn't include sensitive information in free-text fields.
Any additional information you provide to support your enquiry is done so at your discretion.

Employee records

We collect, hold, use and disclose personal information in personnel records that is reasonably necessary for the purposes of tax registrations and regulations.

Web browsing records

When you visit ictprocure.com.au or ictprocure.com we'll collect information from your browser relating to:

your server address, operating system and top-level domain name
the date and time of your visit
the pages you accessed and documents you downloaded
the previous site you visited
the type of browser you used.

No attempt is made to identify users or their browsing activities except in the event of an investigation where a law enforcement agency may exercise a warrant to inspect our internet web server logs.

When you authenticate with online ICT Procure systems directly, certain information about your device, your browser and the authentication process will also be logged by us, such as:

your internet provider number (IP address)
the date and time of the use of the authentication service
the authentication information you provided
successful and unsuccessful attempts at authenticating.

We may use this information to:

confirm your identity
compile statistics and reports to enhance our systems and services
identify and respond to issues that may indicate authentication integrity is at risk

When you contact us

We must be certain of your identity before we can discuss our business affairs with you. If you contact us to discuss your affairs, you must be able to prove your identity. This ensures that we are able to protect your personal information by only giving it to you or someone who can prove that they are lawfully authorised to act on your behalf.

For example, if you phone us, you can prove your identity by giving us your:

date of birth
address (as notified to us previously).

Other information can be used as proof of identity, depending on the circumstances.

If you have a general enquiry that does not involve discussing your personal information, you do not have to provide identification. In these situations, you will be able to deal with us without identifying yourself.

How we collect personal information

We collect personal information:

directly from you
from other persons acting on your behalf
from third parties, including
- government agencies
- employers
- your clients or customers (if applicable)
- publicly available sources.

If we receive unsolicited information, we will handle it in accordance with Australian Privacy Principle 4.

How we hold personal information

We take steps to ensure that the personal information we collect about you is accurate, up-to-date and complete. These steps include updating personal information when you tell us that your personal information has changed and at other times as necessary.

We take steps to protect the personal information we hold against:

misuse
interference
loss
unauthorised access, modification and disclosure.

We may apply industry-best security methods, where not cost prohibitive including:

information technology and physical security audits
penetration testing
industry best practice risk management

system security technologies.

Cookies

Cookies are pieces of information that a website can transfer to an individual's computer hard drive or mobile device for record keeping. Cookies can make websites easier to use by storing information about your preferences on a particular website. The information remains on your device after the internet session finishes.
The first time you visit our website one cookie will be stored on your device. On each visit to our website the system checks whether there is an ato.gov.au cookie on your device. If so, it simply notes its presence and records your visit as a 'previous user'. If not, it will store one and record your visit as a 'first time visitor'. This cookie will be stored permanently unless you choose to delete it. The information is used by us to help improve our website by understanding how it is used. There is no attempt made to identify individual users in any way.
On each use a 'session cookie' is temporarily placed on your device, which is used to maintain navigation information during your site visit. These session cookies are deleted from your device at the end of each internet session.
In addition, we may make use of third-party sites such as X (formerly Twitter), VioStream, Facebook, LinkedIn and YouTube to deliver content. Such third-party sites may send their own cookies to your device. We do not control the setting of third-party cookies and suggest you check the third-party websites for more information about their cookies and how to manage them.
We use Google Analytics to understand how our websites are being used in order to improve the services we offer. Google Analytics uses cookies to analyse how you use our websites. No identifying information is collected by Google Analytics and parts of your IP address are masked so your identity remains anonymous. Data captured by Google Analytics is processed and stored in the USA. If you don’t want your data being used by Google Analytics when visiting our website, you can opt out by using the Google Analytics opt-out browser add-onExternal Link.
You can also disable cookies and JavaScript in your browser. However, this may prevent you from accessing certain services and functionality.
For more information about your privacy when using Google services, see the Google Privacy PolicyExternal Link.

When you contact us

For example, if you phone us, you can prove your identity by giving us your:

date of birth
address (as notified to us previously).

Other information can be used as proof of identity, depending on the circumstances.

When we contact you

You have the right to be told why we are asking for your personal information and what legal authority we are relying on to request it from you.

Generally, when we collect personal information from you, we will tell you:

about your rights and obligations under the law as early as possible, including the main consequences of not providing the requested information
how you can make a complaint if you think your privacy has been compromised.

Disclosing to our Principal, advisers, contractors and outsourcing

We work under commission agreements with a Principal (or Principals) from outside our business, our Principal and its employees are bound by privacy and confidentiality provisions when dealing with your information. We also ensure that the privacy and confidentiality of your personal information is addressed in our commission agreements. Sometimes we engage recognised expert advisers from outside our business, such as independent legal advisers, for assistance and advice.

If a third party is contracted to carry out some of our functions, such as processing forms, the contractor and its employees are bound by privacy and confidentiality provisions when dealing with your information. We also ensure that the privacy and confidentiality of your personal information is addressed in these contracts.

How you can access your personal information and seek its correction

You can contact us to amend any incorrect information held.

Where you require access to documents that you cannot obtain through our online services or through our administrative access arrangements, you can lodge a request for those documents.

We will respond to your request for access or amendment to your personal information within 30 days.

In circumstances where we refuse to provide you with access to your own personal information or our ability to amend, we will give you a written notice that sets out the reasons for the refusal (unless it would be unreasonable to do so).

We will advise you how to complain about a refusal.

We will not charge you for making a request or for giving you access to your own personal information.

We will take reasonable steps to correct personal information that we hold about you to ensure that, having regard to the purpose for which the information is held, it is accurate, up to date, complete, relevant and not misleading. We will also take reasonable steps to correct personal information in circumstances where you request us to correct the information.

If we refuse your amendment request, we will give you a written notice that sets out the reasons for the refusal, except to the extent that it would be unreasonable to do so.

We will advise you how to complain about a refusal.

We will not charge you for making an amendment request or for correcting personal information about you.

Vendor records

We collect, hold and use personal information about tenderers and suppliers to ICT Procure and the Principal(s) we act under. The information is used to evaluate responses from tenderers for our procurement requirements and to manage supplier arrangements. Personal information collected, held and used may include:

names and addresses
contract details
tender responses
curricula vitae and employment histories of individual contractors
bank account and payment details
financial statements, credit ratings, cash securities and bank guarantees
declarations of pecuniary interests
character check records
security clearances
confidentiality undertakings
contract performance reports.

Some personal information relating to contractors may be published on the Australian Government’s procurement information systems. This will include the names of contractors, how much the contract was awarded for, business address and ABN.

General privacy questions

If you have a general question about privacy or wish to report an instance where you think your privacy may have been compromised, you can email our Privacy Hotline on admin@ictprocure.com.au

Privacy information for ICT Procure employees

ICT Procure cares about the privacy of its employees and we take our obligations under the Privacy Act seriously. If you are an ICT Procure employee and wish to make a complaint about a privacy matter relating to your tax affairs, you may wish to do so using the complaints process described above.

If you are an ICT Procure employee and have concerns that your privacy has been breached at work, or your personal information has not been treated as required under the Privacy Act at work, you can do one or more of the following:

refer to the ICT Procure SharePoint page on privacy breaches and concerns
speak to your manager – we would recommend this in the first instance where possible

If you are not satisfied with how we deal with your complaint, the Privacy Commissioner at the Office of the Australian Information Commissioner may be able to help you. Visit the

Privacy complaints and How we deal with privacy complaints

If you are not satisfied with how we have collected, held, used or disclosed your personal information, you can make a formal complaint.

You can lodge a complaint by:

writing to us via email to our Privacy Hotline on admin@ictprocure.com.au
We treat complaints seriously and try to resolve them fairly and quickly.
If you make a complaint, we aim to contact you within 3 working days. We will work with you to resolve your complaint and keep you informed of its progress.
If you are not satisfied with how we deal with your complaint, the Privacy Commissioner at the Office of the Australian Information Commissioner may be able to help you. Visit the Office of the Australian Information CommissionerExternal Link website for more information, or phone 1300 363 992.