Privacy Policy
Total Spraybooth Care Pty Ltd (we, our, us) recognises and respects the importance of your privacy and understands your concerns about the security of the personal information provided to us.
We are sensitive to privacy issues and take seriously the ongoing trust our customers have placed in us. We have committed to compliance with the Privacy Act 1988 (Cth) (Privacy Act), including the Australian Privacy Principles (APPs), which detail how personal information may be collected, used, disclosed, stored and destroyed, and how an individual may gain access to or make complaints about the personal information held about them.
Scope
This Privacy Policy (Policy) describes how we collect and process your personal information. By submitting your personal information to us, you acknowledge that you have read and understood and agree to the use of your personal information in accordance with this Policy.
We reserve the right to revise this Policy or any part of it from time to time. Please review the Policy periodically for changes.
Definitions
Personal information means information and/or an opinion (including information or opinion forming part of a database), whether true or not, and whether recorded in a material form or not, about an individual who is identifiable, whose identity is apparent, or whose identity can reasonably be ascertained, from the information or opinion.
Sensitive information, a sub-set of personal information, is information or an opinion about (for example) an individual’s racial or ethnic origin, political opinions, political association membership, religious beliefs or affiliations, philosophical beliefs, professional or trade association membership, trade union membership, sexual orientation or practices or criminal record, and includes health information and genetic information.
What personal information we collect and hold
We aim only to collect personal information by lawful and fair means, in accordance with the Privacy Act. In the course of doing business with you, we endeavour to collect business information only. However, the collection of personal information in some instances is necessary or unavoidable.
We aim only to collect personal information for purposes which are reasonably necessary for, or directly related to our business functions, the provision of our goods and services, and other activities as permitted under the Privacy Act.
In our business, we commission and onboard (including by way of digital applications and portals), and provide servicing, maintenance and aftercare, for paint booth equipment and paint shop products and accessories. We also operate an online store at https://totalsprayboothcare.com for the sale of paint booth and paint shop products, parts, accessories and spares. The kinds of personal information that we commonly collect and hold from you or about you depend on the transaction you have entered into with us, the goods / services you or your organisation have contracted us to provide, and/or the goods / services you or your organisation are interested in.
If you are a current or prospective customer, then the kinds of personal information that we commonly collect and hold from you or about you include, for example:
- your name;
- your contact details, including email address, mailing address, street address and/or telephone number;
- your delivery address;
- your bank account or credit card payment details for purchase of goods and services;
- details of the goods / services we have provided to you and/or that you have enquired about, and our response to you;
- any trade licence details (if required); and
- any other personal information requested by us and/or provided by you or a third party.
If you are a contractor to our business, then the kinds of personal information that we commonly collect and hold from you or about you include:
- your name;
- your address;
- your contact details;
- your trade licence details (if required);
- your insurance details (if required);
- your workplace details;
Generally, we do not collect sensitive information. However, we may collect sensitive information from you or about you (eg, in respect of our contractors) where there is a legal requirement to do so, or where we are otherwise permitted by law. In all other situations, we will specifically seek your consent.
You have the option of not identifying yourself or of using a pseudonym when dealing with us, unless the use of your true identity is a legal requirement or necessary to complete the enquiry or transaction.
Cookies
When you browse our website, contact us electronically, or engage with us on social media, we may also record geographical tagging, cookies, your IP address and statistical data from your activity. We may use your personal information to customise and improve your user experience on our website and other social media platforms. By using our website you agree that we can record this information from your device and access them when you visit the site in the future.
If you want to delete any cookies that are already on your computer, please refer to the help and support area on your internet browser for instructions on how to locate the file or directory that stores cookies. Please note that by deleting our cookies or disabling future cookies you may not be able to access certain areas or features of our site.
Our website may also contain links to other websites of interest (eg. the websites of our suppliers and other trading partners). However, once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
How we collect and hold personal information
We aim to collect personal information only directly from you, unless it is unreasonable or impracticable for us to do so. For example, we may collect personal information directly from you through your telephone calls and other interactions with our employees and contractors, your emails and other correspondence to us or our employees and contractors, account set up, and enquiries and contracts for the purchase of our goods or provision and use of our services.
In some instances we may also receive information about you from third parties. As an example, we may collect personal information from you or about you from our trading partners, including our installation service providers and warranty claim administrators. This enables us to remain across and take steps to rectify any complaints or concerns regarding our goods / services.
We will record your email address if you send us an email.
We will ensure that all unsolicited personal information will be afforded the same privacy protection as solicited personal information.
Where unsolicited personal information is received:
- we will assess whether we could have collected the information directly from you; and
- if not, then we will destroy or remove identifying components in the information as soon as practicable, but only if lawful and reasonable to do so.
Why we collect, hold, use and disclose personal information
We will collect, hold, use and disclose your personal information where it is reasonably necessary for us to carry out one or more of our business functions and activities. For example, if you are a retail customer, we collect, hold, use and disclose your personal information as necessary to provide our goods / services, including the administration of our online shop, our account portals, and any warranty provided with or in relation to our goods and services.
We will share your personal information with other entities related to our corporate business group, for purposes including:
- the installation of our goods and other services;
- the administration of warranty claims;
- your use of digital apps, account portals and other digital services in respect of our ‘connected’ goods and services offerings;
If we do not collect, hold, use or disclose your personal information, or if you do not consent, then we may not be able to answer your enquiry, complete the transaction you have entered into, or provide the goods / services that you or your organisation have contracted us to provide. In some instances, the level of personal information that you choose to provide may impact the extent or range of availability of our goods and services (eg, impact the customisation of your browsing experience on our website, and/or impact the level of functionality you can achieve from our goods).
We also collect, hold, use and disclose your personal information for purposes related to our business that you would reasonably expect, such as our administrative and accounting functions, record keeping, payment processing, fraud checks, providing you with details about other goods and services offered by us, providing you with information about launches of new goods and services, marketing and promotions, market research, customer feedback and quality assurance surveys, warranty claims, potential product recalls, statistical collection, social media analysis and website traffic analysis.
Where we wish to use or disclose your personal information for other purposes, we will obtain your consent.
Where we use your personal information for marketing and promotional communications, you can opt out at any time by notifying us. Opt out procedures are also included in any of our marketing communications.
We may also collect, hold, use and disclose your personal information in circumstances that are required or permitted by law, where that is necessary for us to comply with our legal obligations.
We generally use your personal information for the purpose described in this Policy, and for related purposes.
We may disclose or transfer your personal information to IT providers, subcontractors and other third party service providers that assist with the operation of our website, payment gateways, the delivery of our goods, the provision of our services, and the performance of associated activities.
We may disclose your personal information to law enforcement authorities or other government officials, only when permitted or required by law or by legal process (eg. when necessary to prevent physical harm or financial loss, or in connection with an investigation of suspected or actual fraud or illegal activity).
If our business is acquired or merged with another company, your personal information may be transferred to the new owners so that they may continue to sell goods and provide services to you.
How we hold, store and keep secure your personal information
Your personal information is held and stored electronically, on paper, or both. We have physical, electronic and procedural safeguards in place for personal information and take reasonable steps to ensure that your personal information is protected from misuse, interference and loss, and from unauthorised access, modification and disclosure. For example:
- Data held and stored on paper is stored in lockable filing cabinets. Our premises has secured entry and monitored alarms.
- Data held and stored electronically, including “in the Cloud”, is protected by internal and external firewalls, limited access via file passwords, user passwords and network passwords, and files can be designated read-only or no access. We also require our IT contractors and other third parties to implement privacy safeguards.
Destruction and de-identification
We take steps to protect the personal information we hold against loss, unauthorised access, use, modification or disclosure and against other misuse.
We will retain your personal information whilst it is required for any of our business functions, or for any other lawful purpose.
We will take reasonable steps and use secure methods to destroy or permanently de-identify your personal information when it is no longer required for any purpose for which the personal information may be used under this Policy and otherwise in accordance with the Privacy Act.
As an example, our destruction and de-identification methods may include:
- paper records being placed in security bins and shredded; or
- electronic records being deleted from all locations to the best of our ability, or encrypted and/or placed beyond use.
Overseas Disclosure
Our business is affiliated with other businesses located overseas. In the course of doing business with you, we may disclose some of your personal information to overseas recipients, particularly where we have identified commercial opportunities that may benefit you. However, we will only do so where:
- it is necessary to complete the transaction you have entered into; and
- you have provided consent; or
- we believe on reasonable grounds that the overseas recipient is required to deal with your personal information by enforceable laws which are similar to the requirements under the APPs; or
- it is otherwise permitted by law.
Our overseas affiliates provide IT and marketing types of services for our business and are located in India and the Philippines.
Requests for Access and Correction
We will take reasonable steps to ensure that the personal information we use or disclose is accurate and up to date, having regard to the purpose of the use or disclosure.
We have procedure in place for dealing with and responding to requests for access to, and correction of, the personal information held about you.
When you request access to the personal information we hold about you, or request that we change that personal information, we will allow access or make the changes unless we consider that there is a sound and permitted reason under the Privacy Act or other relevant law to withhold the information and/or not make the changes.
In most cases, we expect that we will be able to comply with your request. However, if we do not agree to provide you access or to correct the personal information as requested, we will give you written reasons why. For further information, please contact us.
We will provide you with written notice if we refuse to correct the personal information as requested by you. The written notice will set out:
- the reason for refusal (unless this would be unreasonable);
- the mechanisms available to complain about the refusal; and
- any other matter prescribed by the Privacy Act.
We will respond to a correction request within a reasonable period. We will not charge for making the request, for correcting the information, or for association any statement with the personal information.
To assist us to keep our records up to date please notify us of any changes to your personal information.
Data Breaches
In Australia, if we suspect that a data breach has occurred, we will undertake an assessment into the circumstances of the suspected breach within 30 days after the suspected breach has occurred. Where it is ascertained that a breach has actually occurred and where required by law, we will notify the Privacy Commissioner and affected customers as soon as practicable after becoming aware that a data breach has occurred.
Complaints and Concerns
We have procedures in place for dealing with your complaints and concerns about our practices in relation to the Privacy Act and the APPs, and any alleged breach of this Policy. We will respond to your complaint in accordance with the relevant provisions of the APPs.
Our Privacy Officer can be contacted to discuss or attempt to resolve any complaints relating to the collection, storage and use of your personal information. For further information, please contact our Privacy Officer at [email protected].
Contact Us
Privacy Officer
Total Spraybooth Care Pty Ltd
511 Hammond Road,
Dandenong South, Victoria 3175 Australia
Phone: (03) 9797 5555
Email: [email protected]
Last updated: August 2024