Purpose

The purpose of this policy is to summarise the obligations and principles, which Synchro Marketing Australia Pty Limited (Synchro Marketing) ABN 33 064655750 has undertaken in order to control and protect personal and private information and comply with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs) (collectively, Privacy Act), and the Spam Act 2003 (Cth) (Spam Act).

Scope

This policy applies to personal and sensitive information related to Clients, Prospects, Campaign Participants, Employees, Contractors, Suppliers and other third parties that is collected, stored and used as part of Synchro Marketing’s day to day business activities.

By submitting personal information to Synchro Marketing, you acknowledge that you have read and understood, and agree to the use of Personal Information in accordance with this Policy.

We reserve the right to revise this Policy or any part of it from time to time. Please review this Policy periodically for changes.

Definitions

Personal Information – Personal information means information and/or an opinion (including information or opinion forming part of a database), whether true or not, and whether recorded in a material form or not, about an individual who is identifiable, whose identity is apparent, or whose identity can reasonably be ascertained, from the information or opinion. It includes, but not limited to, an individual’s name, address, telephone number, date of birth, work experience, skills, training and qualifications, any performance results, and other information relating to their business and personal interests.

Sensitive Information – a sub-set of personal information, includes information or an opinion about (for example) an individual’s racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual orientations or practices or criminal record.

Policy

Synchro Marketing does not collect or use any personal information unless the information is considered necessary for the effective selling, development, implementation and day-to-day management of our Client Campaigns across Incentive, Employee Engagement Online Learning and Loyalty Programs.

Collection of personal and sensitive information

We only collect personal information for the purposes for which it was originally collected or for a secondary purpose if it is reasonably expected, unless required or authorised by or under law or if the individual concerned has consented to the intended use. This may include:

  • when you contact us asking for information on our services;
  • to provide you with content relevant to you, for example news, Program results, eLearning courses and email communications;
  • when we conduct credit checks on company directors (for credit account application and account administration purposes);
  • when we provide our services, and activities related to that transaction;
  • to fulfil your request for rewards and services;
  • to provide important notifications and updates;
  • to facilitate participation in Programs;
  • to create a better, more personalised experience for you;
  • when you provide information for us to provide our marketing communications;
  • for us to provide advice and support;
  • to conduct research and analysis to provide you with a better overall experience;
  • to answer inquiries and effectively manage the Programs;
  • to contact you; and
  • in terms of employees or potential employees, when you apply for employment with Synchro Marketing.

The information we collect varies depending upon the nature of our business relationship, generally such information comprises of first name, last name, phone number, email, mailing address, occupation, place of work, previous experience etc. Where it is reasonable and practicable to do so, Synchro Marketing will collect personal information about an individual from that person directly using lawful, fair and reasonable methods (e.g. emails, conversations, resumes). Synchro Marketing may collect personal information from third parties (i.e. Supplier, Client or previous Employer). To enable us to successfully manage the Campaign we may also collect personal information from our Clients or your Employer, such as your employment details, contact details, performance results, and any other relevant information we notify you of. Synchro Marketing will only use the personal information provided by third parties, in accordance with the Privacy Act and/or Spam Act.

Synchro Marketing will ensure that all unsolicited personal information will be afforded the same privacy protection as solicited personal information. Where unsolicited personal information is received:

  • we will assess whether we could have collected the information directly from you; and
  • if not, then we will destroy or remove identifying components in the information as soon as practicable, but only if lawful and reasonable to do so.

Synchro Marketing will not generally collect sensitive or health information about an individual unless that person has consented, or such collection is required or authorised by law.

Use and Disclosure of Information

We do not use, sell or pass onto others any personal information without the consent of the individual(s) concerned unless required by law.

We ensure that any personal information we keep is accurate and up to date. Where practical we will only use personal information contained in a record if it is accurate, complete and up to date. In many instances, we rely upon our Client, the Employer or the subject individual to provide accurate and complete information and to advise us should their circumstances change over time.

We do not transfer personal information to overseas recipients. If we are ever in a position where we may need to transfer your personal information to an overseas recipient, where practical, we will notify and seek inferred or expressed consent from you and ensure the foreign organisation/recipients of the data handle in accordance with the Privacy Act.

We generally use your personal information for the purposes described in this Policy, and for related purposes.

If you have agreed or asked, we may also use your personal information to keep you up to date with information about our business, services, and other company updates. If you do not want us to use your personal information in this way or send you any further information, you can always let us know by contacting us through the contact details given below.

We may disclose and transfer your personal information to IT providers, subcontractors and other third-party service providers that assist with the operation of our website, the delivery of our services, and the performance of associated activities.

We may disclose your personal information to law enforcement authorities or other government officials, only when permitted or required by law or by legal process (eg. when necessary to prevent physical harm or financial loss, or in connection with an investigation of suspected or actual fraud or illegal activity).

Access and Correction of Personal Information

Unless otherwise agreed or a lawful exception applies, individuals have the right to access, make copies of and update/correct their personal information in the possession of Synchro Marketing.

To make a request to inspect such records, individuals are to contact the Privacy Officer (see below) who will assess the request under the Privacy Act.

We always provide individuals with an opportunity to review, amend or request to delete any personal information stored in our system or opt-out of receiving future offers via e-mail. You have the right at any time to withdraw your consent to the use of your personal information in the future. Simply send an e-mail to the Privacy Officer at the details below.

In addition to the above, you may request that we provide you with a copy of the Personal Information we hold about you in a portable and machine-readable form.

Cookies

Through our Campaigns, we automatically receive and record information from your computer and browser, including your details, IP address, cookie information, software and hardware attributes, and the page(s) you access to:

  • improve our services, web site and online experience
  • provide anonymous reporting for internal use and .

If you do not wish for information to be collected through the use of cookies, you can disable, remove or block the use of cookies in your internet browser.

Confidentiality and Security

We have physical, electronic, and procedural safeguards that comply with ISO 27001 Standards and federal regulations to protect your personal information and minimise the risk of unauthorised access, modification, disclosure, misuse or loss. These safeguards include:

  • storing personal information held on paper in locked offices in secure premises;
  • physical locks and security systems and computer and network security technologies, such as firewalls, intrusion prevention software, antivirus software, email filtering and strict passwords policies;
  • protecting personal information electronically on Synchro Marketing's secure system in accordance with our ISO 27001 Information Security Certified Policies and Procedures; and
  • where we disclose personal information to third parties, our contractual arrangements with those third parties contains specific privacy requirements.

We limit access to private and personal information to Employees or trusted Third Parties who we believe reasonably needs to come into contact with that information to deliver our services and or in order to do their jobs. All Employees, Third Parties and Contractors are under strict confidentiality agreements to ensure individual’s privacy is maintained.

Synchro Marketing takes all reasonable steps to secure the personal information we collect, use and store. However you acknowledge that all activities in which you intentionally or unintentionally supply information to Synchro Marketing carries an inherent risk of loss of, misuse of, or unauthorised access to such information. Synchro Marketing cannot be held responsible for such actions where the security of the personal information is not within our control, or where we cannot reasonably prevent such an incident. Additionally, you acknowledge that the collection and use of your personal information by authorised Third Parties may be subject to separate privacy policies.

Destruction and De-Identification

In respect of our ongoing commitment to reducing the risk of loss of, misuse of, or unauthorised access of personal information, we archive, destroy or permanently de-identify personal information that is no longer needed as per our Data Retention and Destruction Policy.

We will retain your personal information while it is required for any of our business functions or for any other lawful purpose. When the personal information that we collect is no longer required, we use secure methods to destroy or permanently de-identify your personal information.

Employee and External Party Responsibilities

All Employees and Third Parties, Clients and Suppliers of Synchro Marketing are under an obligation to preserve the privacy of Prospects, Customers, Clients, Agents, Contractors, Suppliers, Distributors and Employees of Synchro Marketing. In preserving this privacy, all individuals must refrain from disclosing confidential information about any of these people. This obligation extends to out of hours conduct and any breach of privacy in this regard may be subject to an investigation by Synchro Marketing.

Whilst Synchro Marketing will attempt to ensure all transfer of data to a third party and use by a third party is secure, Synchro Marketing cannot be held responsible for the theft of data by a third party, or the consequences resulting from the loss of data where that loss is associated with the technical malfunction, tampering by a third party, viruses, computer bugs, or any action or event beyond the reasonable control of Synchro Marketing.

Where an individual is unsure whether the information is confidential or not, they are to contact the Privacy Officer for clarification and advice before taking any action, or disclosing information.

Data Breach Response Plan

Synchro has prepared a Data Breach Response Plan to reduce the risk of harm to individuals of a data breach.

If we suspect that a data breach has occurred, we will undertake an assessment into the circumstances of the suspected breach within 30 days after the suspected breach has occurred. Where it is ascertained that a breach has actually occurred and where required by law, we will notify the Privacy Commissioner and affected individuals as soon as practicable after becoming aware that a data breach has occurred.

Changes to this Policy

Synchro Marketing Pty Limited may, without notice, change this Policy from time to time for any reason. We ask that you visit this website regularly in order to remain up to date with our current Policy.

Formal applications for personal data access and any complaints about alleged personal data misuse must be directed to:

Privacy Officer

privacy@synchro.com.au , or
Synchro Marketing Australia Pty Limited
Level 7, 8 West St, North Sydney
+ (612) 9957 1299
Last updated: August 2023