Datacom is an IT service provider that provides a range of IT services. These services include data centres, private cloud and managed services such as infrastructure support, call centre services, payroll and business processing outsourced services. Datacom is fully committed to ensuring the proper, open and transparent management and use of all personal information and/or data it collects and handles complies with applicable privacy laws. This Privacy Policy applies only to external personal information and/or data provided by clients, suppliers and other external third parties that Datacom interacts with.
This Privacy Policy (Policy) applies to all of Datacom’s entities and its affiliated entities in countries in which Datacom operates, and is subject to the applicable privacy laws in the jurisdiction where the entity operates. It sets out Datacom’s policy on the management of personal information and/or data that it may receive or collect.
Personal information and personal data for the purpose of this Policy is defined as ‘any sort of information or an opinion about an individual, whether true or not’, and includes all personal data about an individual, or which can be used to identify an individual either directly or indirectly (referred to collectively as “Personal Information”).
A sub-category of Personal Information is sensitive information and data. For the purposes of this Policy, sensitive information and data includes information of a particularly sensitive nature, such as information relating to an individual’s health, racial or ethnic origins, political opinions, membership of a trade union or political association, religious beliefs or affiliations, philosophical beliefs, sexual preferences, or criminal record.
If you are an EU resident, then please refer to our GDPR Statement which explains your rights and our obligations under GDPR law.
1. What Personal Information does Datacom collect, from whom, and for what purpose?
Datacom will only collect Personal Information that is necessary for its functions and activities. We will only collect Personal Information by fair and lawful means. Datacom may collect and process Personal Information through a variety of means, including, as examples, access to Datacom sites or services, employment processes, or correspondence with Datacom representatives through purchase of goods or services or in the course of online services. Datacom collects and holds different categories of information depending on the services being provided and the jurisdiction in which those services are being provided. The following types of Personal Information may be collected:
(a) Information about Datacom’s contractors and suppliers
Datacom collects Personal Information directly from and about our contractors and suppliers. This Personal Information includes their name and contact details which allows them to be contacted. For workplace health and safety reasons, we may also collect certain Sensitive Information from contractors with consent; for example, medical information a contractor has provided us about any injuries he or she may currently suffer from.
From third parties, we may also collect feedback and information relating to our contractors and suppliers’ performance of services for Datacom. This information is collected for the purposes of monitoring our contractors and suppliers’ performance of services, and to ensure that we are able to provide the highest quality Products and Services to our customers.
(b) Information about job applicants
Applicants for a position at Datacom will be asked to supply details relevant to the job application such as name and contact details, information contained in CVs, and driver’s licence or passport information. We may also collect Personal Information from third parties related to the applicant, such as identified referees. This information is used for the purposes of determining suitability for the vacant role.
(c) Information about customers, their employees and customers
Personal Information may be collected from customers such as name and contact details, bank account, and credit card details.
All customer Personal Information collected by Datacom is used for our business functions and activities. These include:
- For billing purposes and order fulfilment
- To contact customers about our provision of services
- To maintain account details
- To provide technical support, e.g. account creation, password reset etc.
- To provide information on request about our Products and Services
- To streamline and personalise customer experience while dealing with Datacom
- To undertake customer satisfaction surveys and to tailor Datacom information, services or products in order to improve and enhance those services and products provided to our customers.
Datacom may also collect from its customers Personal Information relating to employees and customers; for example, payroll information. This Personal Information is used so that we can facilitate provision of the services our customers have requested.
Occasionally, Datacom uses aggregated Personal Information derived from use of our Products and Services to provide us with anonymous demographic and customer usage information. This information does not identify individuals. This anonymous, aggregated information is used to improve Datacom services and products.
2. Quality of Personal Information
Datacom will ensure, to the extent reasonably possible, that Personal Information collected, used or disclosed is accurate, up-to-date, complete and relevant. If Datacom becomes aware that any of the Personal Information it holds is inaccurate, it will take prompt steps to update and correct its records.
3. Data security
Datacom takes active measures to ensure the Personal Information that it holds is secure and protected from misuse, interference, loss and unauthorised access, modification or disclosure.
All Datacom ICT devices, storage and channels are subject to continuous monitoring, logging analysis, and audit. Datacom may choose to contract a third party to perform these functions.
All Personal Information is stored at secure premises using good quality security protocols.
Datacom’s security systems are regularly reviewed and updated to maintain the integrity of the Datacom security posture.
4. Access and correction of Personal Information
Subject to verification of identity, any Personal Information held about an individual may be accessed, updated or corrected by application to a Datacom privacy officer (for contact details, see section 9 below).
There is generally no fee for an individual to make a request or to be provided access to his or her Personal Information. However, depending on the complexity of the request, a reasonable processing fee may be charged in some cases.
Datacom will endeavour to respond to access and correction of Personal Information within 15 business days after a written request is received by a Datacom privacy officer.
5. Direct marketing
Datacom will only engage in direct marketing practices in accordance with the laws of the relevant country or jurisdiction. At any time, an individual or organisation may contact Datacom to request that they no longer wish to receive any marketing material or information from Datacom.
For email communications, Datacom also provides a simple opt-out (unsubscribe) mechanism that individuals can easily submit at any time.
If you feel at any stage we have incorrectly used your Personal Information for direct marketing, please contact us immediately (for contact details, see section 9 below).
6. Disclosure and retention of Personal Information
As part of providing services to a customer, Datacom may disclose Personal Information to third party suppliers and contractors of services or retain and disclose Personal Information as authorised by law for example metadata.
Datacom may disclose some Personal Information to its affiliated entities in countries in which Datacom operates for the purposes of providing services to our customers, including technical support. Such disclosure is subject to the privacy laws applicable in the jurisdiction where that affiliated entity is located. A formal intragroup agreement is in place to ensure all Personal Information is properly protected at all times for transfers within the Datacom global group.
Datacom only retains Personal Information for as long as required by applicable law or as needed for our business functions and activities. If Personal Information is no longer needed, it is then destroyed or disposed of in a secure manner.
7. International data transfers
As a provider and user of IT services, including cloud services, Datacom retains Personal Information on servers that may be located in a number of overseas countries.
Datacom recognises and respects the varying national laws and obligations, and their impact on cross-border data transfers when transferring or processing Personal Information outside of the country of collection for the purposes identified above. Datacom will take all reasonable steps to ensure that no person or entity breaches any relevant privacy and data protection laws using a variety of lawful data transfer mechanisms and contractual agreements for privacy and data protection.
8. Website browsing
Accessing Datacom’s websites will result in some information being logged including the time of access, IP address and the pages that have been viewed or accessed. Please refer to our Terms of Use for our cookie use.
Datacom’s websites may contain links to external websites. Datacom is not responsible for the content or privacy policies that govern such external websites.
9. Privacy issues
Datacom has legal obligations under privacy legislation to hold information securely and to use it appropriately in accordance with our privacy policy. If you feel we have breached these obligations, have any questions about this Policy, or wish to raise any issues about privacy or data protection within Datacom, please contact a Datacom privacy officer based in Australia or a Datacom privacy officer based in New Zealand.
Due to the nature of the services that Datacom provides, in most situations it will be impracticable for an individual to deal with us on an anonymous basis. However, Datacom will consider anonymous requests on a case-by-case basis.
If you are not satisfied with Datacom’s response, and the issue relates to a privacy concern or alleged breach by Datacom, you may lodge a complaint with the relevant government authority responsible for privacy and data protection in your jurisdiction.
Last review: 23 June 2020