Climate Exchange (“Climate Exchange”) recognises the importance of the Australian Privacy Principles and the protection of the privacy of all personal information of individuals which it collects, holds and uses in the course of its activities. Personal information is information or an opinion about an identified individual or about an individual who is reasonably identifiable. The APP’s prescribed in the Privacy Act 1988 as amended (“the Act”) apply to Climate Exchange and all other organisations, and this policy is intended to implement the APP’s and Climate Exchange’s obligations under the APP’s.

 

PERSONAL INFORMATION COLLECTED

We only collect personal information necessary for the operation of our business. The personal information we collect includes the following:

 

In relation to customers:

 

name;

address;

telephone and fax numbers;

email addresses;

other contact information;

credit information and credit eligibility information in connection with the opening and operation of customer accounts;

payment information (which may include banking or credit card information).

 

In the normal course of the operation of our business we also collect from service providers such personal information as is necessary for the day to day operations of the business.

 

HOW PERSONAL INFORMATION IS COLLECTED AND HELD?

 

We collect personal information in written form, online or by telephone. The personal information we collect from you will include information you give us when you:

 

register or subscribe to our website;

place an order with us or make a purchase from us;

apply for a credit account; and

otherwise contact us.

With respect to customers, personal information is primarily collected from the orders customers place with us and from credit applications to open accounts. Personal information will not be collected from any sources other than the customer and any credit reporting agency from which we require credit eligibility information.

 

Personal information is held either in electronic or written form, but primarily in a secure data base, access as to which is limited to authorised and appropriately trained staff. Some account information is held by a third party provider, accessible online only to authorised members of our staff. We have internal policies and procedures in place to prevent unauthorised access, modification, disclosure or misuse of personal information.

 

PURPOSES OF COLLECTION OF PERSONAL INFORMATION

 

Our purposes for collecting and holding personal information are to enable us (and/or third party service providers we may engage for some purposes):

 

  • to receive orders from customers for goods and to fulfil those orders;
  • to process payments made by customers;
  • to extend credit facilities to appropriate customers by opening an account with us;
  • to deal with our suppliers.

 

We do not give personal information to third parties for the purpose of direct marketing by them. However we may use personal information for the purpose of offering products and services to customers and we may employ the use of third party technology through an online software portal to do so. We will generally only use your personal information for marketing if you have given consent to this or it is impracticable to seek prior consent. When registering with Climate Exchange, you consent to Climate Exchange using your personal information, such as your postal or email addresses for our direct marketing purposes.

 

You may opt out of receiving these direct marketing communications at any time by sending an email or letter to the Privacy Officer and we must action your request within a reasonable period.

 

From time to time, in the operation of our business and to receive and fulfill orders, we either disclose customers’ personal information to the following third parties, or we permit such third parties to have access to customers’ personal information:

 

  • credit reporting organisations for credit eligibility and assessment with respect to customer accounts;
  • providers of payment gateway technology services such as a credit card facilities service for online payments;
  • logistic companies providing courier or delivery services, so as to enable access to premises to effect delivery;
  • direct mail marketing print house to enable distribution of catalogues and other printed material;
  • IT service providers who require access to our systems to maintain our software (platforms) and hardware;
  • debt collection agencies in the case of delinquent customer accounts.

 

At present, it is not likely that we will disclose personal information to overseas recipients, but if such disclosure were to occur we recognise the obligation to take reasonable steps to ensure that the overseas recipient does not breach the APP’s in relation to the information.

 

CREDIT REPORTING POLICY

 

In connection with the opening and operation of customer accounts and for the purpose of determining the credit eligibility, we may provide personal information about customers to CreditorWatch (who can be contacted at 1300 50 13 12) or another credit reporting body advised to the customer when information is obtained by us from the customer. It is not likely that we will disclose credit information or credit eligibility information to any organisation or other entity which does not have an Australian link.

 

The personal information provided by us to a credit reporting body is likely to include particulars about the customer and other information provided by the customer in the credit application submitted by the customer to us, but is provided only for the purpose of opening and operating customer accounts.

 

You may:

 

  • access any credit eligibility information we may hold about you;
  • seek correction of any credit information or credit eligibility information we may hold about you; or
  • make a complaint about any failure by us to comply with our obligations with respect to the credit information or credit eligibility information we may hold about you;
  • provided in this Privacy Policy with respect to personal information generally, and any complaint will be dealt with in the same manner as in the case of personal information generally.

 

ANONYMITY AND PSEUDONYMITY

 

Under the APP’s individuals have the option of dealing with an organisation anonymously or by use of a pseudonym unless it is impractical for the organisation to deal with the individual on this basis. While an individual may deal with us anonymously or by use of a pseudonym for the purpose of telephone or general enquiries, it is impractical for us to receive orders and supply goods or otherwise deal as a business with individuals who do not identified themselves or who use a pseudonym.

 

GOVERNMENT IDENTIFICATION

 

We will not adopt, use or disclose a government related identifier of an individual, unless this is required or authorised under an Australian law or by an order of a court or tribunal.

 

ACCESS

 

As an individual for whom we hold personal information you may request access to the personal information. We will endeavour to respond to the request within a reasonable period from when the request is received. We will provide you with access to the personal information unless one of the several reasons for refusal set out in the APP’s applies. These reasons include such matters as that access would be unlawful or would unreasonably impact on the privacy of other individuals.

 

A request for access should be made by email or letter addressed to our Privacy Officer.

 

CORRECTION

 

We must take reasonable steps to correct personal information about you, which is inaccurate, out of date, incomplete, irrelevant or misleading, and you may request us to do this by contacting the Privacy Officer. We must respond to a request within a reasonable time and if we have disclosed the personal information to any other organisation we must notify that other organisation of the correction.

 

If we decline to make the correction we must give you written reasons and you may require us to hold with the relevant personal information a statement recording your request.

 

COMPLAINTS

 

You should contact the Privacy Officer if you, as an individual for whom we hold personal information, wish to make a complaint that we have breached the APP’s in some way, for example in relation to how personal information is collected, how it is stored, or how it is used or disclosed. All complaints will be logged on a database/complaints register and it is our aim to resolve any such complaint in a timely manner. Your initial complaint may be oral or in writing but you may be required to provide additional information (which may be written information) so that the complaint can be properly investigated. If the complaint cannot be resolved by discussion at the level of initial contact, it will be referred to our Chief Executive Officer for consideration. You will be informed of the decision of the Chief Executive Officer and the reasons for the decision. If you remain dissatisfied you may refer your complaint to the Office of the Australian Information Commissioner.