ENM Solutions Pty Ltd

March 2021
Version 2.0

Introduction

ENM Solutions is committed to the protection of personal privacy and have adopted a policy to protect information about individuals. The Privacy Act 1988 (Cth) (Privacy Act) and the Australian Privacy Principles (APPs) govern the way in which we must manage your personal information. This policy describes the information we collect and hold, how we use that information, how that information maybe disclosed, the security of that information, how the information can be accessed and corrected and other relevant details concerning customer privacy.This Policy is addressed to all Clients, Customers, Suppliers, Employees and others such that ENM Solutions may have dealings with.

Collection of Information

Types of Information Collected
We may collect and hold personal information about you, that is, information that can identify you, and is relevant to providing you with the products and services you are seeking. If you are a client, we are likely to provide you with products and services on credit terms (that is, you will pay for those products or services after we start providing them to you). As such, we may collect and hold various information related to your financial position and your creditworthiness (such as ‘credit information’, ‘credit eligibility information’, ‘CRB derived information’, and ‘CP derived information’ (as those terms are defined in the Privacy Act), detailed further below).

The kinds of information we collect from you depends on our relationship with you. We interact with individuals who purchase our products and services (‘clients’), individuals who purchase products or services from our clients (‘customers’), individuals who supply us with products and services (‘suppliers’),users of our website or social media channels and individuals seeking information about our products and services (‘users’), and employees, contractors, and job applicants.

Personal Information
The kinds of personal information we typically collect from our clients and customers includes names, contact details, and other personal information relevant to providing you with the goods and services you are, or someone else you know is, seeking.

The kinds of personal information we typically collect from suppliers includes names, contact details, and other personal information relevant to you providing us with the relevant goods and services.

The kinds of personal information we typically collect from employees, contractors and job applicants includes names, contact details, personal information contained within a job application or resume, bank account and superannuation fund information, tax file number and ABN (with respect to sole traders).

During your engagement with us, we may also collect and hold sensitive information about you, including health information, racial or ethnic background, sexual orientation or practices, criminal record, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association or trade union, genetic information, biometric information, and biometric templates.

The kinds of personal information we typically collect from users includes information collected through the use of our website and digital platforms, including user preferences, ‘cookie’ information, and geographical location. Additional personal information we collect from users includes name and contact details, and any other personal information relevant to providing the information you are seeking.

Method of Collection

Personal Information
Personal information will generally be collected directly from you through a variety of avenues, including the use of any of our standard forms, when you sign up to receive our emails or other communications, using our website or social media accounts, via email, through a telephone conversation with you, in person, or through an employment application from you.

There may, however, be some instances where personal information will be collected indirectly because it is unreasonable or impractical to collect personal information directly from you. We will usually notify you about these instances in advance, or where that is not possible, as soon as reasonably practicable after the information has been collected.

If you are a job applicant, we may collect and hold personal information about you provided by referees, recruiters, or past employers.

Credit-Related Information
This section applies to clients only. Where possible, we will collect credit-related information directly from you through the use of our standard forms, via email, through a telephone conversation with you, in person, or via our website. However, we will also collect credit-related information from credit reporting bodies. In certain situations, credit eligibility information may be disclosed to us from another credit provider (for example, where we have entered into a co-financing arrangement with a third party credit provider). We may also collect credit-related information about you from third parties acting on your behalf.

Unsolicited Information

If we receive unsolicited information about you that we do not ask for or which is not directly related to our functions or activities, we may be required to destroy or de-identify that information, provided it is lawful and reasonable to do so.

Purpose of Collection

Personal Information
The personal information we collect and hold about you depends on your interaction with us. Generally, we will collect, use and hold your personal information if it is reasonably necessary for or directly related to the performance of our functions and activities and for the purposes of:

  1. providing goods and services or information to you or someone else you know (managingservices; and equipment and infrastructure procurement services);
  2. facilitating our internal business operations, including:
    (i) fulfilment of any legal requirements (including maintaining employment records);
    (ii) establishing our relationship with you (as well as job applications);
    (iii) maintaining and managing our relationship with you and communicating with you in theordinary course of that relationship (including response to enquiries, feedback orcomplaints);
    (iv) maintaining and managing the engagement of an employee or contractor, andterminating that engagement;
    (v) analysing our services and customer needs with a view to developing new or improvedgoods and services;
    (vi) contacting you to provide a testimonial for us; and
  3. providing you with information about other goods and services that we and other organisations that we have affiliations with, offer that may be of interest to you.

Except as otherwise permitted by law, we only collect sensitive information about you if you consent to the collection of the information and if the information is reasonably necessary for the performance of our functions, as set out above.

Failure to Provide Information

If the personal information you provide to us is incomplete or inaccurate, we may be unable to provide you with the goods and services you are seeking, and we will not be able to assess your job application. Failure to provide all or some of the information required of an employee may adversely affect our ability to comply with our legal obligations of your employment.

Internet Users

If you access our website, we may collect additional personal information about you in the form of your IP address and domain name.

Our website may contain links to other websites. We do not have any control over those websites. We are not responsible for or liable for the privacy practices of linked websites and linked websites are not subject to our privacy policies and procedures.

Our website uses cookies. The main purpose of cookies is to identify users and to prepare customised web pages for them. Cookies do not identify you personally, but they may link back to a database record about you. We use cookies to monitor usage of our website and to create a personal record of when you visit our website and what pages you view so that we may serve you more effectively.

How do we use and disclose your information?

Generally, we only use or disclose personal information and credit-related information about you for the purposes for which it was collected (as set out above). We may disclose your personal information and, if you are a customer, credit-related information about you, to:

  1. our employees to facilitate our and their internal business processes;
  2. third parties who assist us in operating our business and providing services to you (including payment processors, cloud data storage suppliers, information technology service providers, mail distribution service suppliers, or professional advisers such as lawyers, accountants, and auditors) and these third parties may not be required to comply with our privacy policy;
  3. other organisations with whom we have affiliations so that those organisations may provide you with information about services and various promotions (we will not disclose credit-related information to these entities);
  4. third parties to whom you have agreed we may disclose your information; and
  5. as otherwise permitted and required by law.

If we disclose your information to other credit reporting bodies in the future, we will update this collection statement.

Equifax may include your information in reports provided to other credit providers to assist them to assess your credit worthiness. If you do not pay for the products and services that we provide to you, if you commit fraud or try to do so, or if you otherwise commit a serious credit infringement, we may disclose this information to Equifax. This may affect your ability to obtain credit in the future.

You may (by using the contact details set out above) request that Equifax does not:

  1. use your credit reporting information for the purposes of pre-screening of direct marketing; or
  2. disclose your credit reporting information if you reasonably believe that you have been, or arelikely to be, a victim of fraud.

We may expand or reduce our business and this may involve the sale and/or transfer of control of all or part of our business. Personal information or credit-related information, where it is relevant to any part of the business for sale and/or transfer, may be disclosed to a proposed new owner or newly controlling entity for their due diligence purposes, and upon completion of a sale or transfer, will be transferred to the new owner or newly controlling party to be used for the purposes for which it was provided under this privacy policy.

We will also disclose your personal information or credit-related information to a third party where the personal information or credit-related information was collected from you for the purposes of passing that information on.

The Owner(s) or Owner(s)’ Manager where you reside may request that we provide them with your personal information for the purposes of contact you to sign you up with a different provider. We will not disclose your personal information in these circumstances.

We won’t sell, trade, or exchange your personal information or credit-related information without your permission.

Disclosure of information overseas

We are assisted by a variety of external service providers to operate our business and deliver our products and services, some of whom may be located overseas, and to whom we are likely to disclose your information. These third parties are too numerous to list, and they change from time to time. Some examples of the types of third parties include technology service providers who may be located in United States of America. We take reasonable steps to ensure these third parties have appropriate security for your personal information.

Security of Information

We store your personal information and credit-related information in different ways, including in paper and in electronic form. The security of your information is important to us. We take all reasonable measures to ensure that your information is stored safely to protect it from interference, misuse, loss, unauthorised access, modification or disclosure, including electronic and physical security measures.

Some of the information we collect is hosted on third party data servers, which may be located outside of Australia. We take reasonable steps to ensure any third party data storage suppliers we partner with have appropriate cyber and physical security controls in place.

Where information we hold is no longer necessary, we delete the information or permanently deidentify it, subject to specific laws in respect of data retention.

Access and Correction of Personal Information

You may access the personal information or credit-related information we hold about you, upon making a written request. We will respond to your request within a reasonable period. We may charge you a reasonable fee for processing your request (but not for making the request for access).

We may decline a request for access to information in circumstances prescribed by the Privacy Act, and if we do, we will give you a written notice that sets out the reasons for the refusal (unless it would be unreasonable to provide those reasons), including details of the mechanisms available to you to make a complaint.

When making a request to access credit-related information, you should also request access to credit related information held by credit reporting bodies.

If, upon receiving access to your personal information or credit-related information or at any other time, you believe the information we hold about you is inaccurate, incomplete or out of date, please notify us immediately. We will take reasonable steps to correct the information within 30 days (or another timeframe agreed with you in writing) so that it is accurate, complete and up to date.

If we refuse to correct your information (for example, where it would be unlawful), we will give you a written notice that sets out our reasons for our refusal (unless it would be unreasonable to provide those reasons), including details of the mechanisms available to you to make a complaint.

Complaints and Feedback

If you have any queries or concerns about our Privacy and Credit Reporting Policy or the way we handle your personal information or credit-related information, or you wish to make a complaint about a breach of the Privacy Act, the APPs, or the Code, please contact us using the details below and we will take reasonable steps to investigate your complaint in accordance with our Complaint Handing and Dispute Resolution Policy, and respond to your queries and concerns within 30 days (or another time frame agreed with you in writing).

Email address: Info@ENMSolutions.com.au
Telephone: 1300 000 366
Website: www.ENMSolutions.com.au

For more information about privacy in general, you can visit the Office of the Information Commissioner’s website at www.oaic.gov.au.

If after this process you are not satisfied with our response, you can submit a complaint to the Office of the Information Commissioner. To lodge a complaint, visit the ‘Complaints’ section of the Information Commissioner’s website, located at http://www.oaic.gov.au/privacy/privacy-complaints, to obtain the relevant complaint forms, or contact the Information Commissioner’s office.

Amendments to this Policy

We may change this Policy from time to time to accommodate changes in the collection and use of personal information by us or to accommodate new laws, regulations or industry codes. If we amend the policy, we will post the amended policy on our website and it will be effective from the date of posting. Any information we hold will be governed by the most current Privacy and Credit Reporting Policy.