1. Purpose and Scope
Fuji Xerox Document Management Solutions Pty Ltd and its related bodies corporate (which includes Fuji Xerox BusinessForce Pty Ltd) (Fuji Xerox DMS, we, our, us) understands the importance to individuals, its clients and to their customers, as well as to any prospective customers, potential and existing employees and contractors from whom Fuji Xerox DMS collects personal information from or is provided with such information from our clients, of the importance of protecting the privacyand the rights of individuals in relation to their personal information.
We respect your rights to privacy under the:
- Privacy Act 1988 (Cth) (Aus)
- Personal Data Privacy Ordinance (HK)
- Personal Data Protection Act 2010 (Taiwan)
- Personal Data Protection Act 2012 (Singapore)
- Data Privacy Act 2012 (Philippines), and
- Personal Data Protection Act 2010 (Malaysia).
It is our policy to comply with the requirements of the legislation listed above and the Australian Privacy Principles (APPs) contained in that Act in all activities of Fuji Xerox DMS involving the collection, management, use, storage, disclosure and handling of personal information.
2. What is your Personal Information?
In general terms, personal information is any information that can be used to personally identify you. This may include your name, address, telephone number, email address, credit card details, account number and profession or occupation. If the information we collect personally identifies you, or you are reasonably identifiable from it, the information will be considered personal information.
Sensitive information includes health, genetic and biometric information and any personal information about an individual’s race or ethnicity, political opinions or association, philosophical or religious beliefs or association, trade association or union membership, sexual orientation/practices or criminal record.
3. What personal information do we collect and hold?
The personal information we may collect and hold include your name, age or birth date, current and previous addresses, phone numbers, facsimilie numbers, email addresses, profession, preferences for using our website, occupation, job title, credit card information, bank account information, insurance details, customer service issues or details of your credit worthiness and credit history.
We may also collect:
- details of the products or services you have purchased from us or which you have enquired about together with any additional information necessary to deliver those products and services or to respond to your enquiries;
- any additional information relating to you that you provide us directly through our websites or indirectly through use of our websites or online presence, through our representative or otherwise;
- information you provide us through customer surveys or visits by our representatives from time to time; and
- any additional information that is provided by our customers that have outsourced a business process and related function to us.
We may collect or hold sensitive information, to perform a specific function, for example, to provide business processing and related services that have been outsourced to us by our clients, which may include health information or to provide access to certain parts of our sites that require higher level of security and are restricted areas, which include biometric data such as fingerprints. If we do collect and/or hold sensitive information, we will only do so if you have given your consent and it is reasonably necessary for the functions or activities of the collecting party or unless required by an Australian law, court or tribunal.
We may also collect and hold some information that is not personal information because it does not identify you or anyone else. For example, we may collect anonymous data or aggregated information about how users use our websites.
4. How do we collect personal information?
Fuji Xerox DMS will collect personal information by lawful and fair means and not in an unreasonably intrusive way. We collect your personal information directly from you unless it is unreasonable or impracticable to do so. When collecting personal information from you, we may collect in ways including:
- from your access and use of our websites or websites hosted by us;
- during conversations between you and our representatives;
- through your use of telephone and mobile communication with us or our customers;
- through surveillance cameras and fingerprint scanners located at our sites; or
- when you or your organisation submit a document or data containing personal information (for example, emails, contact forms, order forms, application forms, credit applications, assets and liabilities statements, proof of identification, direct debit requests, agreements, statements of work, surveys, promotional forms, competition forms etc).
We may also collect personal information from third parties including:
- from publicly available sources;
- from our customers who have outsourced a business process and related functions to us; or
- from third party companies such as data providers and brokers, credit reporting bodies, law enforcement agencies and other government entities.
Some of the personal information we hold or deal with is not collected by us. As we are an outsourced service provider and provide business process and related services to our clients, some of the data and personal information are provided to us by our clients and has not been directly collected by us from the individual concerned. It is impracticable for us to collect information directly from you when we are acting as the “agent” or service provider of our client as our client has already collected the relevant information from you (or another third party).
In respect of personal information which is provided to us by our clients, we do seek client assurances that all such personal information has been collected lawfully and in compliance with the Acts. We will not be responsible for, and accept no liability in respect of, any failure by a client to do so.
We may log IP addresses (that is, the electronic addresses of computers connected to the internet) to analyse trends, administer the website, track users movements, and gather broad demographic information.
Our systems record a variety of information in relation to interactions with our services. This can include information about software versions used, device identifiers (like IP address), location data (where available and not disabled by the user), dates, times, file metadata, referring website, data entered and user activity such as links clicked.
6. What happens if we can’t collect your personal information?
If you do not provide us with the personal information described above, some or all of the following may happen:
- we may not be able to provide the requested products or services to you, either to the same standard or at all, or we may not be able to supply services to our clients which will enable our clients to do the same; or
- we may not be able to provide you with information about products and services that you may want, including information about discounts, sales or special promotions, or we may not be able to supply services to our clients which will enable our clients to do the same; or
- we may be unable to tailor the content of our websites to your preferences, or we may not be able to supply services to our clients which will enable our clients to do the same; or
- if you are a client of ours, we may not be able to provide you with the products and services you require; or
- if you are a contractor to us, you may not be able to provide your products or services to us.
7. Purposes for which we collect, hold, use and disclose your personal information
We collect personal information about you so that we can perform our business activities and functions and to provide the best possible quality of customer service.
We collect, hold, use and disclose your personal information for the following purposes, either on our own behalf or when acting on behalf of a client:
- to provide products and services to you and/or your organisation and to send communications requested by you or your organisation;
- to answer enquiries and provide information or advice about existing and new products or services;
- to provide you with access to protected databases and/or protected areas of our sites;
- to conduct business processing and related functions including providing personal information to our related bodies corporate, clients, contractors, service providers or other third parties;
- for the administrative, marketing (including direct marketing), planning, product or service development, quality control and research purposes of Fuji Xerox DMS, its related bodies corporate, contractors or service providers;
- to obtain products or services from you;
- to update our records and keep your contact details up to date;
- to assess the provision of, and provide credit to you;
- to process and respond to any complaint made by you; and
- to comply with any law, rule, regulation, binding determination, decision or direction of a regulator, or in co-operation with any governmental authority of any country (or political sub-division of a country).
We may also use your personal information for the other purposes related to those described above which would be reasonably expected by you. When acting on behalf of the client, we use personal information as directed by the client.
We do not disclose personal information we obtain when acting on behalf of one client, to any other client, unless directed by the client.
We may disclose your personal information to:
- our employees, related bodies corporate, clients, contractors or service providers for the purposes of operation of our websites or our businesses, fulfilling requests by you, and to otherwise providing products and services to you and our clients including, without limitation, web hosting providers, IT systems administrators, mailing houses, couriers, payment processors, data entry service providers, electronic network administrators, debt collectors, and professional advisors such as accountants, solicitors, business advisors and consultants;
- suppliers, clients and other third parties with whom we have commercial relationships, for business, marketing, credit reporting and related purposes;
- any organisation for any authorised purpose with your express consent.
We may combine or share any information that we collect from you with information collected by any of our related bodies corporate. Our clients may do the same.
8. Direct Marketing
We may send you direct marketing communications and information about our products and services that we, or our clients, consider may be of interest to you. These communications may be sent in various forms, including mail, SMS, fax and email, in accordance with applicable marketing laws, such as the Spam Act 2003 (Cth). At any time you may opt-out of receiving marketing communications from us by contacting us (see the details below) or by using opt-out facilities provided in the marketing communications and we will then ensure that your name is removed from our mailing list (or where we are using a mailing list provided by our client, we will pass your request on to our client).
We do not provide your personal information to other organisations for the purposes of direct marketing. However, where we are engaged by our clients to act on their behahalf in collecting, holding or processing personal information, then we will pass that personal information on to our client, to our client’s other agents or to third party suppliers as directed by the client or to fulfil our obligations to our client.
9. Accessing and correcting personal information
You may request access to any personal information we hold about you at any time by contacting us (see the details below). Where we hold information that you are entitled to access, we will try to provide you with suitable means of accessing it (for example, by mailing or emailing it to you). If we hold personal information on behalf of a third party (for example, on behalf of a client that has outsourced a business process and related function to us) then we may direct you to contact that third party for the purposes of accessing and correcting your information.
There may be instances where we cannot grant you access to the personal information we hold. For example, we may need to refuse access if granting access would interfere with the privacy of others or if it would result in a breach of confidentiality. If that happens, we will give you written reasons for any refusal.
If you believe that personal information we hold about you is incorrect, incomplete or inaccurate, then you may request us to amend it. We will consider if the information requires amendment. If we do not agree that there are grounds for amendment then we will add a note to the personal information stating that you disagree with it.
10. Process for complaining about a breach of privacy?
If you believe that your privacy has been breached, please contact us using the contact information below and provide details of the incident so that we can investigate it.
Our procedure for investigating and dealing with privacy breaches is to ascertain all relevant facts and correspond with those involved (including where relevant our clients), reach a view as to the existence, scope and cause of the issue, and where relevant and appropriate, implement corrective or rectification measures.
A request for access to the personal information held by Fuji Xerox DMS concerning an individual can be made by that individual to our Privacy Officer on the numbers or address mentioned below or, in cases where we are acting on behalf of a client, to our client.
11. Disclosure of Personal Information outside Australia
We may disclose personal information to our related bodies corporate and third party suppliers and service providers located overseas for some of the purposes listed above.
We take reasonable steps to ensure that the overseas recipients of your personal information do not breach the privacy obligations relating to your personal information.
We may disclose your personal information to entities located outside of Australia, including the following:
- our related bodies corporate located in Hong Kong, Taiwan, Philippines, Singapore, Japan, Thailand, Malaysia, South Korea and New Zealand;
- our data hosting and other IT service providers or suppliers, located in Singapore, India, Indonesia and the United States of America; and
- such foreign countries we or our clients disclose to you at the time of collecting your personal information.
We take reasonable steps to ensure your personal information is protected from misuse and loss and from unauthorised access, modification or disclosure. We may hold your information in either electronic or hardcopy form. Personal information is destroyed or de-identified when no longer needed.
As our websites are linked to the internet, and the internet is inherently insecure, we cannot provide any assurance regarding the security of transmission of information communicated online.
We also cannot guarantee that the information you supply will not be intercepted while being transmitted over the internet. Accordingly, any personal information or other information which you transmit to us online is transmitted at your own risk.
- information we collect and hold about individuals who are directors of a company, when providing commercial credit to that company;
- information we collect and hold about individuals who provide a personal guarantee to us in relation to commercial credit we provide to a company; and
- information we collect and hold about individuals who are obtaining that credit for their own business purposes as sole traders or partners in a partnership.
When you apply for or obtain or guarantee credit from us, the credit-related personal information that we collect from you includes information that identifies you, such as your name, postal address, email address and date of birth and your driver’s licence number.
We may exchange credit-related personal information about you with credit reporting bodies (CRBs) for the purposes of assessing commercial credit applications from you or companies of which you are a director, and also to assess whether to accept a guarantee from you.
We use the information we collect from and about you for account management and administrative purposes directly related to the provision or management of the commercial credit we provide to you or to companies of which you are a director.
We may also report defaults in payment terms or guarantee commitments in relation to commercial credit to CRBs. We may also disclose your credit-related personal information to any guarantor of your obligations to us.
We may also use the information we collect from and about you to:
- collect overdue payments;
- assign debts; and
- create assessments and ratings of your credit worthiness.
- Access and Correction - see section 9;
- Complaints - see section 10;
- Disclosure outside Australia - see section 11; and
- Security - see section 12.
14. Reporting Privacy Data Breaches to OAIC
For privacy data breaches that result in a likely risk of serious harm to any individual whose personal information is affected, the affected individuals and the Office of the Australian Information Commissioner (OAIC) must be notified. Such data breaches must be reported to the FX DMS Privacy Officer in order to co-ordinate the arrangement and approval for reporting to the OAIC.
Our websites may contain links to other websites operated by third parties. We make no representations or warranties in relation to the privacy practices of any third party website and we are not responsible for the privacy policies or the content of any third party website. Third party websites are responsible for informing you about their own privacy practices.
16. Contact us
We will treat your requests or complaints confidentially. Our representative will contact you within a reasonable time after receipt of your complaint to discuss your concerns and outline options regarding how they may be resolved. We will aim to ensure that your complaint is resolved in a timely and appropriate manner.
Please contact our Privacy Officer at:
Fuji Xerox Document Management Solutions Pty Ltd
213-215 Robinsons Road
Ravenhall VIC 3023
Telephone: 03 8358 1700