Privacy Commitment, respecting your privacy
By providing personal information to us, you consent to the collection, use and disclosure of your information in accordance with this Policy and any other arrangements that apply between us.
WebSteps is committed to complying with the Privacy Act 1988 (Cth), the Australian Privacy Principles and any other relevant laws when handling your personal information. A copy of the Australian Privacy Principles may be obtained from the website of The Office of the Australian Information Commissioner at www.aoic.gov.au.
Who is WebSteps?
WebSteps provides website design, maintenance and search engine optimisation services. We engage third-party partners and suppliers to ensure that the website runs smoothly.
What personal information do we collect and hold?
The types of information that we collect and hold about you could include:
- • ID information such as your name, postal or email address, and telephone number;
- • other details such as website addresses or business ABN;
- • internal website details, such as hosting and DNS records;
- • any existing website content management system; and
- • other information we think is necessary relating to the services we provide.
Over the course of our relationship with you, we may collect and hold additional personal information about you, including transactional information, complaint or enquiries about products or services. We may also hold records of any emails or calls that have occurred between us.
What do we collect via your website?
If you’re a customer of ours, we monitor traffic ongoing to the website and we store any content supplied for the website internally.
We also know that some customers like to engage with us through social media channels. We may collect information about you when you interact with us through these channels. However, for all confidential matters, we’ll ensure we interact with you via a secure forum.
How do we collect your personal information?
How we collect and hold your information
Unless it’s unreasonable or impracticable, we will try to collect personal information directly from you (referred to as ‘solicited information’). For this reason, it’s important that you help us to do this and keep your contact details up-to-date.
There are a number of ways in which we may seek information from you. We might collect your information when you fill out a form with us, when you’ve given us a call or used our website. This may also be done through contact on social media with us. We also find using electronic means, such as email or SMS, a convenient way to communicate with you and to verify your details1.
How we collect your information from other sources
Sometimes, we will collect information about you from other sources as the Privacy Act 1988 permits. We may do this if:
- • we can’t get hold of you and we rely on public information to update your contact details; or
- • you have been referred to our services by another WebSteps customer
What if you don’t want to provide us with your personal information?
If you don’t provide your information to us, it may not be possible:
- • for us to build or maintain your website;
- • provide SEO or E-commerce services;
- • contact you in regards to content updates for the website;
- • provide hosting for your website; and
- • provide digital marketing.
What do we do when we get information we didn’t ask for?
Sometimes, people share information with us we haven’t sought out (referred to as ‘unsolicited information’). Where we receive unsolicited personal information about you, we will check whether that information is reasonably necessary for our functions or activities. If it is, we’ll handle this information the same way we do with other information we seek from you. If not, we’ll ensure we do the right thing and destroy or de-identify it.
1 However we’ll never ask you for your security details in this way – if you are ever unsure, just contact us
When will we notify you that we have received your information?
When we receive personal information from you directly, we’ll take reasonable steps to notify you that we have received it. Usually, this will be done either through use of an email reply or through verbal confirmation.
Sometimes we collect your personal information from third parties. You may not be aware that we have done so. If you would like to know what information we hold about you or your business you can contact us by email or call.
How do we take care of your personal information?
We store information in different ways, including in paper and electronic form. The security of your personal information is important to us and we take reasonable steps to protect it from misuse, interference and loss, and from unauthorised access, modification or disclosure. Some of the ways we do this are:
- • document storage security policies;
- • security measures for access to our systems; and
- • only giving access to personal information to a person who is verified to be able to receive that information.
We may store personal information physically or electronically with third party data storage providers. Where we do this, we use contractual arrangements to ensure those providers take appropriate measures to protect that information and restrict the uses to which they can put that information.
What happens when we no longer need your information?
We’ll only keep your information for as long as we require it for our purposes. We may be required to keep some of your information for certain periods of time under law. When we no longer require your information, we’ll ensure that your information is destroyed or de-identified.
Sensitive information is any information about a person’s racial or ethnic origin, membership of a political association, religious beliefs or affiliations, philosophical benefits, membership of a professional or trade association, membership of a trade union, sexual preferences or practices, criminal record or health information.
We will not ask you to disclose sensitive information and will not store this.
How we use your personal information
What are the main reasons we collect, hold and use your information?
Collecting your personal information allows us to provide you with the products and services you’ve asked for. This means we can use your information to:
- • build new websites or update existing websites; and
- • use search engine optimization to rank your website on Google;
- • assist you in digital marketing your business;
- • allow the website to keep operating through regular maintenance and hosting;
- • contact you for content updates on the website as agreed; and
- • set up and maintain an E-commerce platform for you.
Can we use your information for marketing our products and services?
We may use or disclose your personal information to let you know about other products or services we or a third party make available and that may be of interest to you.
We will always let you know that you can opt-out from receiving marketing offers.
With your consent, we may disclose your personal information to third parties for the purpose of connecting you with other businesses or customers. You can ask us not to do this at any time. We won’t sell your personal information to any organisation.
You can let us know at any time if you no longer wish to receive direct marketing offers from us. We will process your request as soon as practicable.
What are the other ways we use your information?
We’ve just told you some of the main reasons why we collect your information, so here’s some more insight into the ways we use your personal information including:
- • identifying you;
- • telling you about other products or services we make available and that may be of interest to you, unless you tell us not to;
- • allowing us to run our business efficiently and perform general administrative tasks;
- • preventing any fraud or crime or any suspected fraud or crime;
- • as required by law, regulation or codes binding us; and
- • any purpose to which you have consented.
Who do we share your personal information with
To make sure we can meet your specific needs and for the purposes described in ‘How we use your personal information’, we sometimes need to share your personal information with others. We may share your information with other organisations for any purposes for which we use your information.
Sharing Your Information
We may use and share your information with other organisations for any purpose described above.
Sharing with your representatives and referees We may share your information with:
- • your representative or any person acting on your behalf (for example, lawyers, settlement agents, accountants or real estate agents); and
- • others in your business, like your employees or employer, to confirm details about you.
Sharing with third parties
We may share your information with third parties in relation to services we provide to you. Those third parties may include:
- • referrers that referred your business to us;
- • third party suppliers necessary to complete our obligations under the contract;
- • government or regulatory bodies (including ASIC and the Australian Tax Office) as required or authorised by law. In some instances, these bodies may share the information with relevant foreign authorities;
- • any third party to which you consent to us sharing your information.
Some of the recipients to whom we disclose your personal information may be based overseas. Where we may be transferring personal information overseas, we will either inform you and seek your consent to the arrangement or ensure that appropriate contractual measures are in place to ensure that the overseas entity protects the personal information to the same level as required by Privacy Act.
We may store your information in cloud or other types of networked or electronic storage. As electronic or networked storage can be accessed from various countries via an internet connection, it’s not always practicable to know in which country your information may be held.
How do you access your personal information?
How you can generally access your information
We‘ll always give you access to your personal information unless there are certain legal reasons why we can’t. You can ask us in writing to access your personal information that we hold. In some cases we may be able to deal with your request over the phone.
We will give you access to your information in the form you want it where it’s reasonable and practical. We may charge you a
small fee to cover our costs when giving you access, but we’ll always check with you first.
We’re not always required to give you access to your personal information. Some of the situations where we don’t have to give you access include when:
- • we believe there is a threat to life or public safety;
- • there is an unreasonable impact on other individuals;
- • the request is frivolous;
- • the information wouldn’t be ordinarily accessible because of legal proceedings;
- • it would prejudice negotiations with you;
- • it would be unlawful;
- • it would jeopardise taking action against serious misconduct by you;
- • it would be likely to harm the activities of an enforcement body (e.g. the police); or
- • it would harm the confidentiality of our commercial information.
If we can’t provide your information in the way you’ve requested, we will tell you why in writing.
What happens if there is a Data Breach?
In the unlikely event that we suspect that there has been a data breach that may cause you serious harm, we will take all reasonable steps to assess if your data has been accessed or lost, and if this information being accessed or lost may cause you serious harm. This assessment will always be completed expeditiously and within 30 days.
If we find that there has been a data breach that has the potential to cause you serious harm, this will be reported to the Office of the Information Commissioner and you directly.
How do you correct your personal information?
How we correct your information
Contact us if you think there is something wrong with the information we hold about you and we’ll try to correct it if it’s:
- • inaccurate;
- • out-of-date;
- • incomplete;
- • irrelevant; or
- • misleading.
If you are worried that we have given incorrect information to others, you can ask us to tell them about the correction. We’ll try and help where we can - if we can’t, then we’ll let you know in writing.
How do you make a complaint?
How do you generally make a complaint?
If you have a complaint about how we handle your personal information, we want to hear from you. You are always welcome to contact us.
You can contact us by using the details below:
Bonnie Ten Hoorn
16/9 Elite Way, Carrum Downs, Victoria, 3201
Mob: 1300 057 335
We are committed to resolving your complaint and doing the right thing by our customers. Most complaints are resolved quickly, and you should hear from us within five business days.
Need more help?
If you still feel your issue hasn't been resolved to your satisfaction, then you can raise your concern with the Office of the Australian Information Commissioner:
Phone: 1300 363 992
Fax: +61 2 9284 9666
Mail: GPO Box 5218 Sydney NSW 2001 or GPO Box 2999 Canberra ACT 2601
You may take your complaint directly to our external dispute resolution scheme or the Office of the Australian Information Commissioner. You are not required to let us try to fix it first.
We care about your privacy. Please contact us if you have any questions or comments about our privacy policies and procedures. We welcome your feedback.
You can contact us by using the details below:
Bonnie Ten Hoorn
16/9 Elite Way, Carrum Downs, Victoria, 3201
Mob: 1300 057 335
What if you want to interact with us anonymously or use a pseudonym?
If you have general enquiry type questions, you can choose to do this anonymously or use a pseudonym. We might not always be able to interact with you this way, however, as we are often governed by regulations that require us to know who we’re dealing with. In general, we won’t be able to deal with you anonymously or where you are using a pseudonym when:
- • it is impracticable; or
- • we are required or authorised by law or a court/tribunal order to deal with you personally.
Updated Nov, 2021