ADMC Privacy Policy

 

We at ADMC PRINT, we recognise the importance of your privacy and understand your concerns about the security of the personal information you provide to us. Some of this information is collected automatically and some of it is collected only when you provide it voluntarily.

 

Personal information, as distinct from business information, is information that identifies an individual, or from which a person’s identity could be ascertained. We will deal with personal information in accordance with the requirements of the National Privacy Principles.

 

What types of information does ADMC PRINT collect?

Personally Identifiable Information. Personally identifiable information is information that identifies you as an individual, such as your name, mailing address, phone number, email address, login ID, username and password (“Personally Identifiable Information”). ADMC PRINT may collect Personally Identifiable Information from you when you: (a) make a purchase or sign up for or use a Service, (b) voluntarily provide it when you use the Site or Services, (c) disclose it in a public area of the Site (such as a message board or chat room) or (d) provide it when you communicate with ADMC PRINT.

 

Non-Personally Identifiable Information.Non-personally identifiable information is information that does not identify you as an individual. ADMC PRINT may automatically collect certain types of this information from you when you use the Site or Services. This type of information includes information such as your browser type, the URL of the previous web site you visited, the web pages and advertisements you view or select, the type of services you use and the searches you conduct. ADMC PRINT may also collect non-personally identifiable information from you that you voluntarily provide (such as information included in response to a questionnaire or survey) or post to a public area of the site (such as a message board or chat room). ADMC PRINT does not store credit card data.

 

How does ADMC PRINT automatically collect information?

Cookies. A cookie is a message that is sent to your computer from a Web server and stored on your computer’s hard drive. ADMC PRINT’s cookies contain Personally Identifiable Information, such as your Login ID and your email address. ADMC PRINT uses cookies to allow you to log in automatically and to ensure that you have agreed to the terms, conditions and policies that govern your use of the Site and Services. In addition, ADMC PRINT uses cookies to determine which areas of the Site and which Services are the most popular, and to track your use of the Site and Services and provide you with a more personalized user experience (for example, by allowing ADMC PRINT to carry targeted advertising).

 

IP Address. An IP address is a number that is assigned to your computer automatically when you use the Internet. ADMC PRINT logs your IP address when you use the Site or a Service. ADMC PRINT uses your IP address to track your use of the Site and Services.

 

How does ADMC PRINT use the information?

Personally Identifiable Information. We may also use your personal information for related purposes that you would reasonably expect, such as communicating to you about changes to the site or providing you with details about other goods or services offered by us. We may also ask for your possible participation in surveys or other promotions. Of course you can opt out of receiving this information at any time by notifying us.

 

ADMC PRINT also uses your Personally Identifiable Information to process and fulfil your purchases, provide you with information that you request, and deliver content to you that is relevant to your interests. In some cases we may disclose your personal information to third parties, but only if it is required to complete the transaction you have entered into.

 

Aggregate Information. ADMC PRINT combines your usage information relating to the Site and Service with that of other users to determine which areas of the Site and which Services are most popular. By collecting and analysing this data, ADMC PRINT can improve the Site and Services. This “Aggregate Information” does not contain any of your Personally Identifiable Information.

 

Who does ADMC PRINT share information with?

Aggregate Information. ADMC PRINT shares Aggregate Information with its investors and with its potential and current partners, advertisers and other third parties in connection with the marketing of ADMC PRINT’s products and services.

 

Selling and Renting Information. ADMC PRINT does not currently sell or rent your Personally Identifiable Information to third parties. However, you may remove your Personally Identifiable Information now from any list that may be later sold or rented by sending an email to unsubscribe@admcprint.com.au.

 

Other Sharing. ADMC PRINT may transfer the Personally Identifiable Information it collects to any successor in interest to ADMC PRINT. ADMC PRINT may also disclose Personally Identifiable Information if it determines that an applicable law or legal process requires it, or if ADMC PRINT determines that it needs to share it to protect or enforce ADMC PRINT’s rights or the rights of another user of the Site or Services.

 

Transfer of Information Outside of Australia.

We will not send your personal information outside of Australia unless:

It is necessary to complete your transaction; or
You have provided your consent; or
We believed on reasonable grounds that the organisation involved would only deal with your personal information in a similar manner to the requirements under the National Privacy Principles; or
Where otherwise allowed by the Privacy Act.
Storage and Security.

Personal information is stored electronically and occasionally on paper. ADMC PRINT has physical, electronic and procedural safeguards for personal information and takes reasonable steps to ensure that your information is protected. Data stored electronically is protected by both passwords and firewalls. Only staff with a password can access information on the system.

Please be aware that personal information provided by e-mail may not be secure. If you have any concerns regarding the security of your personal information, when sending e-mails, please provide information in an alternate form, such as facsimile. We may record your e-mail address if you send us e-mail.

 

ADMC PRINT will destroy or permanently de-identify your personal information when it is no longer needed. ADMC PRINT will retain personal information while it is required for any of its functions, or for any other lawful purpose.

 

ADMC PRINT does not store credit card data. ADMC PRINT Uses a third party gateway to manage all financial transactions in accordance with the PCI DSS (Payment Card Industry Data Security Standard) – a set of standards created by card issuers such as Visa and MasterCard to ensure the security of credit card details online.

 

What options do I have to control the use of my personally identifiable information?

Receiving Communications and Opting Out. During the ADMC PRINT registration process, you can “opt out” of receiving certain communications from ADMC PRINT and our partners. If you are already registered, you can still “opt out” from receiving these communications by emailing us at info@admcprint.com.au.

 

Correction and Deletion of Information. You can obtain a copy of your Personally Identifiable Information by contacting ADMC PRINT. For your protection, you will be required to provide proof of your identity to obtain a copy of your Personally Identifiable Information. You may correct any errors in your Personally Identifiable Information simply by providing ADMC PRINT with the correct information. If you desire, ADMC PRINT will delete all of your Personally Identifiable Information (except for your transaction history) from our records upon your request. However, if you choose to delete your Personally Identifiable Information, you may not be able to access some areas of the Site or Services.

 

What else should I know about Privacy?

No Absolute Safeguards. Although ADMC PRINT will use reasonable efforts to safeguard the privacy of your information, transmissions on the Internet cannot be made absolutely secure. Accordingly, ADMC PRINT assumes no responsibility or liability for disclosure of your information (personally identifiable or otherwise) due to errors in transmission, unauthorized third-party access or other causes beyond ADMC PRINT’s reasonable control.

 

Third Parties. ADMC PRINT does not control the privacy policies of ADMC PRINT’s advertisers or other third parties that have Web sites linked to the Site or Services. If you click on an advertisement or link, the privacy policies of the Web site that you link to will govern the use of your information by that Web site’s operator. ADMC PRINT assumes no responsibility or liability for the actions of such third parties with respect to their use of your information or otherwise. Accordingly, make sure you are aware of and comfortable with the privacy policies of any third-party Web sites you link to.

 

Disclosure Of Information In Public Areas. If you voluntarily disclose Personally Identifiable Information in a public area of the Site or a Service, such as a chat room or message board, that information may be collected and used by a third party to send you unsolicited messages, advertisements or for other purposes. ADMC PRINT does not control the actions of these third parties in public areas of the Site or Services, so if you disclose Personally Identifiable Information in a public area, you do so at your own risk.

 

Acceptance of Privacy Policy

If you use the Site or a Service, you are accepting the terms and conditions of this Privacy Policy, and ADMC PRINT will have the right to use your information as described in this Privacy Policy. If you do not agree to have your information used in any of the ways described in this Privacy Policy, you must discontinue use of the Site and Service. ADMC PRINT reserves the right to modify this Privacy Policy at any time.

 

Privacy Concerns or Complaints.

If you have any queries or concerns about your personal information, or would like to make a complaint, please contact our Privacy Officer for assistance on 03 9038 9331.

 

How to Contact Us.

You can contact us at the following address:

4 Corr Street, Moorabbin VIC 3189

Privacy Act 1988

 

1 COLLECTION

1.1
An organisation must not collect personal information unless the information is necessary for one or more of its functions or activities.

 

1.2
An organisation must collect personal information only by lawful and fair means and not in an unreasonably intrusive way.

 

1.3
At or before the time (or, if that is not practicable, as soon as practicable after) an organisation collects personal information about an individual from the individual, the organisation must take reasonable steps to ensure that the individual is aware of:

 

the identity of the organisation and how to contact it; and
the fact that he or she is able to gain access to the information; and
the purposes for which the information is collected; and
the organisations (or the types of organisations) to which the organisation usually discloses information of that kind; and
any law that requires the particular information to be collected; and
the main consequences (if any) for the individual if all or part of the information is not provided.

 

1.4
If it is reasonable and practicable to do so, an organisation must collect personal information about an individual only from that individual.

 

1.5
If an organisation collects personal information about an individual from someone else, it must take reasonable steps to ensure that the individual is or has been made aware of the matters listed in subclause 1.3 except to the extent that making the individual aware of the matters would pose a serious threat to the life or health of any individual.

 

2 USE AND DISCLOSURE

2.1
An organisation must not use or disclose personal information about an individual for a purpose (the secondary purpose) other than the primary purpose of collection unless:

 

both of the following apply:

 

the secondary purpose is related to the primary purpose of collection and, if the personal information is sensitive information, directly related to the primary purpose of collection;
the individual would reasonably expect the organisation to use or disclose the information for the secondary purpose; or
the individual has consented to the use or disclosure; or
if the information is not sensitive information and the use of the information is for the secondary purpose of direct marketing:
(i) it is impracticable for the organisation to seek the individual’s consent before that particular use; and

 

(ii) the organisation will not charge the individual for giving effect to a request by the individual to the organisation not to receive direct marketing communications; and

 

(iii) the individual has not made a request to the organisation not to receive direct marketing communications; and

 

(iv) in each direct marketing communication with the individual, the organisation draws to the individual’s attention, or prominently displays a notice, that he or she may express a wish not to receive any further direct marketing communications; and

 

(v) each written direct marketing communication by the organisation with the individual (up to and including the communication that involves the use) sets out the organisation’s business address and telephone number and, if the communication with the individual is made by fax, telex or other electronic means, a number or address at which the organisation can be directly contacted electronically; or

 

(v) each written direct marketing communication by the organisation with the individual (up to and including the communication that involves the use) sets out the organisation’s business address and telephone number and, if the communication with the individual is made by fax, telex or other electronic means, a number or address at which the organisation can be directly contacted electronically; or

 

(d) if the information is health information and the use or disclosure is necessary for research, or the compilation or analysis of statistics, relevant to public health or public safety:

 

(i) it is impracticable for the organisation to seek the individual’s consent before the use or disclosure; and

 

(ii) the use or disclosure is conducted in accordance with guidelines approved by the Commissioner under section 95A for the purposes of this subparagraph; and

 

(iii) in the case of disclosure the organisation reasonably believes that the recipient of the health information will not disclose the health information, or personal information derived from the health information; or

 

(e) the organisation reasonably believes that the use or disclosure is necessary to lessen or prevent:

 

(i) a serious and imminent threat to an individual’s life, health or safety; or

 

(ii) a serious threat to public health or public safety; or

 

(ea) if the information is genetic information and the organisation has obtained the genetic information in the course of providing a health service to the individual:

 

(i) the organisation reasonably believes that the use or disclosure is necessary to lessen or prevent a serious threat to the life, health or safety (whether or not the threat is imminent) of an individual who is a genetic relative of the individual to whom the genetic information relates; and

 

(ii) the use or disclosure is conducted in accordance with guidelines approved by the Commissioner under section 95AA for the purposes of this subparagraph; and

 

(iii) in the case of disclosure the recipient of the genetic information is a genetic relative of the individual; or

 

(f) the organisation has reason to suspect that unlawful activity has been, is being or may be engaged in, and uses or discloses the personal information as a necessary part of its investigation of the matter or in reporting its concerns to relevant persons or authorities; or

 

(g) the use or disclosure is required or authorised by or under law; or

 

(h) the organisation reasonably believes that the use or disclosure is reasonably necessary for one or more of the following by or on behalf of an enforcement body:

 

(i) the prevention, detection, investigation, prosecution or punishment of criminal offences, breaches of a law imposing a penalty or sanction or breaches of a prescribed law;

 

(ii) the enforcement of laws relating to the confiscation of the proceeds of crime;

 

(iii) the protection of the public revenue;

 

(iv) the prevention, detection, investigation or remedying of seriously improper conduct or prescribed conduct;

 

(v) the preparation for, or conduct of, proceedings before any court or tribunal, or implementation of the orders of a court or tribunal.

 

Note 1: It is not intended to deter organisations from lawfully co-operating with agencies performing law enforcement functions in the performance of their functions.

 

Note 2: Subclause 2.1 does not override any existing legal obligations not to disclose personal information. Nothing in subclause 2.1 requires an organisation to disclose personal information; an organisation is always entitled not to disclose personal information in the absence of a legal obligation to disclose it.

 

Note 3: An organisation is also subject to the requirements of National Privacy Principle 9 if it transfers personal information to a person in a foreign country.

 

2.2
If an organisation uses or discloses personal information under paragraph 2.1(h), it must make a written note of the use or disclosure.

 

2.3
Subclause 2.1 operates in relation to personal information that an organisation that is a body corporate has collected from a related body corporate as if the organisations primary purpose of collection of the information were the primary purpose for which the related body corporate collected the information.

 

2.4
Despite subclause 2.1, an organisation that provides a health service to an individual may disclose health information about the individual to a person who is responsible for the individual if:

 

(a) the individual:

(i) is physically or legally incapable of giving consent to the disclosure; or

 

(ii) physically cannot communicate consent to the disclosure; and

 

(b) a natural person (the carer) providing the health service for the organisation is satisfied that either:

 

(i) the disclosure is necessary to provide appropriate care or treatment of the individual; or

 

(ii) the disclosure is made for compassionate reasons; and

 

(c) the disclosure is not contrary to any wish:

 

(i) expressed by the individual before the individual became unable to give or communicate consent; and

 

(ii) of which the carer is aware, or of which the carer could reasonably be expected to be aware; and

 

(d) the disclosure is limited to the extent reasonable and necessary for a purpose mentioned in paragraph (b).

 

2.5
For the purposes of subclause 2.4, a person is responsible for an individual if the person is:

 

(a) a parent of the individual; or

 

(b) a child or sibling of the individual and at least 18 years old; or

 

(c) a spouse or de facto spouse of the individual; or

 

(d) a relative of the individual, at least 18 years old and a member of the individual’s household; or

 

(e) a guardian of the individual; or

 

(f) exercising an enduring power of attorney granted by the individual that is exercisable in relation to decisions about the individual’s health; or

 

(g) a person who has an intimate personal relationship with the individual; or

 

(h) a person nominated by the individual to be contacted in case of emergency.

 

2.6
In subclause 2.5:

child of an individual includes an adopted child, a step-child and a foster-child, of the individual.

parent of an individual includes a step-parent, adoptive parent and a foster-parent, of the individual.

relative of an individual means a grandparent, grandchild, uncle, aunt, nephew or niece, of the individual.

sibling of an individual includes a half-brother, half-sister, adoptive brother, adoptive sister, step-brother, step-sister, foster-brother and foster-sister, of the individual.

 

3 DATA QUALITY

An organisation must take reasonable steps to make sure that the personal information it collects, uses or discloses is accurate, complete and up-to-date.

 

 

4 DATA SECURITY

4.1
An organisation must take reasonable steps to protect the personal information it holds from misuse and loss and from unauthorised access, modification or disclosure.

 

4.2
An organisation must take reasonable steps to destroy or permanently de-identify personal information if it is no longer needed for any purpose for which the information may be used or disclosed under National Privacy Principle 2.

 

5 OPENNESS

5.1
An organisation must set out in a document clearly expressed policies on its management of personal information. The organisation must make the document available to anyone who asks for it.

 

5.2
On request by a person, an organisation must take reasonable steps to let the person know, generally, what sort of personal information it holds, for what purposes, and how it collects, holds, uses and discloses that information.

 

6 ACCESS AND CORRECTION

6.1
On request by a person, an organisation must take reasonable steps to let the person know, generally, what sort of personal information it holds, for what purposes, and how it collects, holds, uses and discloses that information.

 

(a) in the case of personal information other than health information”providing access would pose a serious and imminent threat to the life or health of any individual; or

 

(b) in the case of health information”providing access would pose a serious threat to the life or health of any individual; or

 

(c) providing access would have an unreasonable impact upon the privacy of other individuals; or

 

(d) the request for access is frivolous or vexatious; or

 

(e) the information relates to existing or anticipated legal proceedings between the organisation and the individual, and the information would not be accessible by the process of discovery in those proceedings; or

 

(f) providing access would reveal the intentions of the organisation in relation to negotiations with the individual in such a way as to prejudice those negotiations; or

 

(g) providing access would be unlawful; or

 

(h) denying access is required or authorised by or under law; or

 

(i) providing access would be likely to prejudice an investigation of possible unlawful activity; or

 

(j) providing access would be likely to prejudice:

 

(i) the prevention, detection, investigation, prosecution or punishment of criminal offences, breaches of a law imposing a penalty or sanction or breaches of a prescribed law; or

 

(ii) the enforcement of laws relating to the confiscation of the proceeds of crime; or

 

(iii) the protection of the public revenue; or

 

(iv) the prevention, detection, investigation or remedying of seriously improper conduct or prescribed conduct; or

 

(v) the preparation for, or conduct of, proceedings before any court or tribunal, or implementation of its orders;

by or on behalf of an enforcement body; or

 

(k) an enforcement body performing a lawful security function asks the organisation not to provide access to the information on the basis that providing access would be likely to cause damage to the security of Australia.

 

6.2
However, where providing access would reveal evaluative information generated within the organisation in connection with a commercially sensitive decision-making process, the organisation may give the individual an explanation for the commercially sensitive decision rather than direct access to the information.

 

Note: An organisation breaches subclause 6.1 if it relies on subclause 6.2 to give an individual an explanation for a commercially sensitive decision in circumstances where subclause 6.2 does not apply.

 

6.3
If the organisation is not required to provide the individual with access to the information because of one or more of paragraphs 6.1(a) to (k) (inclusive), the organisation must, if reasonable, consider whether the use of mutually agreed intermediaries would allow sufficient access to meet the needs of both parties.

 

6.4
If an organisation charges for providing access to personal information, those charges:

 

(a) must not be excessive; and

 

(b) must not apply to lodging a request for access.

 

6.5
If an organisation holds personal information about an individual and the individual is able to establish that the information is not accurate, complete and up-to-date, the organisation must take reasonable steps to correct the information so that it is accurate, complete and up-to-date.

 

6.6
If the individual and the organisation disagree about whether the information is accurate, complete and up-to-date, and the individual asks the organisation to associate with the information a statement claiming that the information is not accurate, complete or up-to-date, the organisation must take reasonable steps to do so.

 

6.7
An organisation must provide reasons for denial of access or a refusal to correct personal information.

 

7 IDENTIFIRES

7.1
An organisation must not adopt as its own identifier of an individual an identifier of the individual that has been assigned by:

 

(a) an agency; or

 

(b) an agent of an agency acting in its capacity as agent; or

 

(c) a contracted service provider for a Commonwealth contract acting in its capacity as contracted service provider for that contract.

 

7.1A

However, subclause 7.1 does not apply to the adoption by a prescribed organisation of a prescribed identifier in prescribed circumstances.

Note: There are prerequisites that must be satisfied before those matters are prescribed: see subsection 100(2).

 

7.2
An organisation must not use or disclose an identifier assigned to an individual by an agency, or by an agent or contracted service provider mentioned in subclause 7.1, unless:

 

(a) the use or disclosure is necessary for the organisation to fulfil its obligations to the agency; or

 

(b) one or more of paragraphs 2.1(e) to 2.1(h) (inclusive) apply to the use or disclosure; or

 

(c) the use or disclosure is by a prescribed organisation of a prescribed identifier in prescribed circumstances.

 

Note: There are prerequisites that must be satisfied before the matters mentioned in paragraph (c) are prescribed: see subsection 100(2).

 

7.3
In this clause:

identifier includes a number assigned by an organisation to an individual to identify uniquely the individual for the purposes of the organisation’s operations. However, an individual’s name or ABN (as defined in the A New Tax System (Australian Business Number) Act 1999) is not an identifier.

 

8 ANONYMITY

Wherever it is lawful and practicable, individuals must have the option of not identifying themselves when entering transactions with an organisation.

 

9 TRANSBORDER DATA FLOWS

An organisation in Australia or an external Territory may transfer personal information about an individual to someone (other than the organisation or the individual) who is in a foreign country only if:

 

(a) the organisation reasonably believes that the recipient of the information is subject to a law, binding scheme or contract which effectively upholds principles for fair handling of the information that are substantially similar to the National Privacy Principles; or

 

(b) the individual consents to the transfer; or

 

(c) the transfer is necessary for the performance of a contract between the individual and the organisation, or for the implementation of pre-contractual measures taken in response to the individual’s request; or

 

(d) the transfer is necessary for the conclusion or performance of a contract concluded in the interest of the individual between the organisation and a third party; or

 

(e) all of the following apply:

 

(i) the transfer is for the benefit of the individual;

 

(ii) it is impracticable to obtain the consent of the individual to that transfer;

 

(iii) if it were practicable to obtain such consent, the individual would be likely to give it; or

 

(f) the organisation has taken reasonable steps to ensure that the information which it has transferred will not be held, used or disclosed by the recipient of the information inconsistently with the National Privacy Principles.

 

10 SENSITIVE INFORMATION

10.1
An organisation must not collect sensitive information about an individual unless:

 

(a) the individual has consented; or

 

(b) the collection is required by law; or

 

(c) the collection is necessary to prevent or lessen a serious and imminent threat to the life or health of any individual, where the individual whom the information concerns:

 

(i) is physically or legally incapable of giving consent to the collection; or

 

(ii) physically cannot communicate consent to the collection; or

 

(d) if the information is collected in the course of the activities of a non-profit organisation the following conditions are satisfied:

 

(i) the information relates solely to the members of the organisation or to individuals who have regular contact with it in connection with its activities;

 

(ii) at or before the time of collecting the information, the organisation undertakes to the individual whom the information concerns that the organisation will not disclose the information without the individual’s consent; or

 

(e) the collection is necessary for the establishment, exercise or defence of a legal or equitable claim.

 

10.2
Despite subclause 10.1, an organisation may collect health information about an individual if:

(a) the information is necessary to provide a health service to the individual; and

 

(b) the information is collected:

 

(i) as required or authorised by or under law (other than this Act); or

 

(ii) in accordance with rules established by competent health or medical bodies that deal with obligations of professional confidentiality which bind the organisation.

 

10.3
Despite subclause 10.1, an organisation may collect health information about an individual if:

 

(a) the collection is necessary for any of the following purposes:

 

(i) research relevant to public health or public safety;

 

(ii) the compilation or analysis of statistics relevant to public health or public safety;

 

(iii) the management, funding or monitoring of a health service; and

 

(b) that purpose cannot be served by the collection of information that does not identify the individual or from which the individual’s identity cannot reasonably be ascertained; and

 

(c) it is impracticable for the organisation to seek the individual’s consent to the collection; and

 

(d) the information is collected:

 

(i) as required by law (other than this Act); or

 

(ii) in accordance with rules established by competent health or medical bodies that deal with obligations of professional confidentiality which bind the organisation; or

 

(iii) in accordance with guidelines approved by the Commissioner under section 95A for the purposes of this subparagraph.

 

10.4
If an organisation collects health information about an individual in accordance with subclause 10.3, the organisation must take reasonable steps to permanently de-identify the information before the organisation discloses it.

 

10.5
In this clause:

non-profit organisation means a non-profit organisation that has only racial, ethnic, political, religious, philosophical, professional, trade, or trade union aims.

 

For further information please contact:

Privacy Commissioner
GPO Box 5218 Sydney NSW 2001

Privacy Hotline: 1300 363 992
Telephone: (02) 9284 9800
Fax: (02) 9284 9666

 

Privacy

 

We at ADMC PRINT, we recognise the importance of your privacy and understand your concerns about the security of the personal information you provide to us. Some of this information is collected automatically and some of it is collected only when you provide it voluntarily.

 

Personal information, as distinct from business information, is information that identifies an individual, or from which a person’s identity could be ascertained. We will deal with personal information in accordance with the requirements of the National Privacy Principles.

 

What types of information does ADMC PRINT collect?

Personally Identifiable Information. Personally identifiable information is information that identifies you as an individual, such as your name, mailing address, phone number, email address, login ID, username and password (“Personally Identifiable Information”). ADMC PRINT may collect Personally Identifiable Information from you when you: (a) make a purchase or sign up for or use a Service, (b) voluntarily provide it when you use the Site or Services, (c) disclose it in a public area of the Site (such as a message board or chat room) or (d) provide it when you communicate with ADMC PRINT.

 

Non-Personally Identifiable Information.Non-personally identifiable information is information that does not identify you as an individual. ADMC PRINT may automatically collect certain types of this information from you when you use the Site or Services. This type of information includes information such as your browser type, the URL of the previous web site you visited, the web pages and advertisements you view or select, the type of services you use and the searches you conduct. ADMC PRINT may also collect non-personally identifiable information from you that you voluntarily provide (such as information included in response to a questionnaire or survey) or post to a public area of the site (such as a message board or chat room). ADMC PRINT does not store credit card data.

 

How does ADMC PRINT automatically collect information?

Cookies. A cookie is a message that is sent to your computer from a Web server and stored on your computer’s hard drive. ADMC PRINT’s cookies contain Personally Identifiable Information, such as your Login ID and your email address. ADMC PRINT uses cookies to allow you to log in automatically and to ensure that you have agreed to the terms, conditions and policies that govern your use of the Site and Services. In addition, ADMC PRINT uses cookies to determine which areas of the Site and which Services are the most popular, and to track your use of the Site and Services and provide you with a more personalized user experience (for example, by allowing ADMC PRINT to carry targeted advertising).

 

IP Address. An IP address is a number that is assigned to your computer automatically when you use the Internet. ADMC PRINT logs your IP address when you use the Site or a Service. ADMC PRINT uses your IP address to track your use of the Site and Services.

 

How does ADMC PRINT use the information?

Personally Identifiable Information. We may also use your personal information for related purposes that you would reasonably expect, such as communicating to you about changes to the site or providing you with details about other goods or services offered by us. We may also ask for your possible participation in surveys or other promotions. Of course you can opt out of receiving this information at any time by notifying us.

 

ADMC PRINT also uses your Personally Identifiable Information to process and fulfil your purchases, provide you with information that you request, and deliver content to you that is relevant to your interests. In some cases we may disclose your personal information to third parties, but only if it is required to complete the transaction you have entered into.

 

Aggregate Information. ADMC PRINT combines your usage information relating to the Site and Service with that of other users to determine which areas of the Site and which Services are most popular. By collecting and analysing this data, ADMC PRINT can improve the Site and Services. This “Aggregate Information” does not contain any of your Personally Identifiable Information.

 

Who does ADMC PRINT share information with?

Aggregate Information. ADMC PRINT shares Aggregate Information with its investors and with its potential and current partners, advertisers and other third parties in connection with the marketing of ADMC PRINT’s products and services.

 

Selling and Renting Information. ADMC PRINT does not currently sell or rent your Personally Identifiable Information to third parties. However, you may remove your Personally Identifiable Information now from any list that may be later sold or rented by sending an email to unsubscribe@admcprint.com.au.

 

Other Sharing. ADMC PRINT may transfer the Personally Identifiable Information it collects to any successor in interest to ADMC PRINT. ADMC PRINT may also disclose Personally Identifiable Information if it determines that an applicable law or legal process requires it, or if ADMC PRINT determines that it needs to share it to protect or enforce ADMC PRINT’s rights or the rights of another user of the Site or Services.

 

Transfer of Information Outside of Australia.

We will not send your personal information outside of Australia unless:

It is necessary to complete your transaction; or
You have provided your consent; or
We believed on reasonable grounds that the organisation involved would only deal with your personal information in a similar manner to the requirements under the National Privacy Principles; or
Where otherwise allowed by the Privacy Act.
Storage and Security.

Personal information is stored electronically and occasionally on paper. ADMC PRINT has physical, electronic and procedural safeguards for personal information and takes reasonable steps to ensure that your information is protected. Data stored electronically is protected by both passwords and firewalls. Only staff with a password can access information on the system.

Please be aware that personal information provided by e-mail may not be secure. If you have any concerns regarding the security of your personal information, when sending e-mails, please provide information in an alternate form, such as facsimile. We may record your e-mail address if you send us e-mail.

 

ADMC PRINT will destroy or permanently de-identify your personal information when it is no longer needed. ADMC PRINT will retain personal information while it is required for any of its functions, or for any other lawful purpose.

 

ADMC PRINT does not store credit card data. ADMC PRINT Uses a third party gateway to manage all financial transactions in accordance with the PCI DSS (Payment Card Industry Data Security Standard) – a set of standards created by card issuers such as Visa and MasterCard to ensure the security of credit card details online.

 

What options do I have to control the use of my personally identifiable information?

Receiving Communications and Opting Out. During the ADMC PRINT registration process, you can “opt out” of receiving certain communications from ADMC PRINT and our partners. If you are already registered, you can still “opt out” from receiving these communications by emailing us at info@admcprint.com.au.

 

Correction and Deletion of Information. You can obtain a copy of your Personally Identifiable Information by contacting ADMC PRINT. For your protection, you will be required to provide proof of your identity to obtain a copy of your Personally Identifiable Information. You may correct any errors in your Personally Identifiable Information simply by providing ADMC PRINT with the correct information. If you desire, ADMC PRINT will delete all of your Personally Identifiable Information (except for your transaction history) from our records upon your request. However, if you choose to delete your Personally Identifiable Information, you may not be able to access some areas of the Site or Services.

 

What else should I know about Privacy?

No Absolute Safeguards. Although ADMC PRINT will use reasonable efforts to safeguard the privacy of your information, transmissions on the Internet cannot be made absolutely secure. Accordingly, ADMC PRINT assumes no responsibility or liability for disclosure of your information (personally identifiable or otherwise) due to errors in transmission, unauthorized third-party access or other causes beyond ADMC PRINT’s reasonable control.

 

Third Parties. ADMC PRINT does not control the privacy policies of ADMC PRINT’s advertisers or other third parties that have Web sites linked to the Site or Services. If you click on an advertisement or link, the privacy policies of the Web site that you link to will govern the use of your information by that Web site’s operator. ADMC PRINT assumes no responsibility or liability for the actions of such third parties with respect to their use of your information or otherwise. Accordingly, make sure you are aware of and comfortable with the privacy policies of any third-party Web sites you link to.

 

Disclosure Of Information In Public Areas. If you voluntarily disclose Personally Identifiable Information in a public area of the Site or a Service, such as a chat room or message board, that information may be collected and used by a third party to send you unsolicited messages, advertisements or for other purposes. ADMC PRINT does not control the actions of these third parties in public areas of the Site or Services, so if you disclose Personally Identifiable Information in a public area, you do so at your own risk.

 

Acceptance of Privacy Policy

If you use the Site or a Service, you are accepting the terms and conditions of this Privacy Policy, and ADMC PRINT will have the right to use your information as described in this Privacy Policy. If you do not agree to have your information used in any of the ways described in this Privacy Policy, you must discontinue use of the Site and Service. ADMC PRINT reserves the right to modify this Privacy Policy at any time.

 

Privacy Concerns or Complaints.

If you have any queries or concerns about your personal information, or would like to make a complaint, please contact our Privacy Officer for assistance on 03 9038 9331.

 

How to Contact Us.

You can contact us at the following address:

4 Corr Street, Moorabbin VIC 3189

Privacy Act 1988

 

1 COLLECTION

1.1
An organisation must not collect personal information unless the information is necessary for one or more of its functions or activities.

 

1.2
An organisation must collect personal information only by lawful and fair means and not in an unreasonably intrusive way.

 

1.3
At or before the time (or, if that is not practicable, as soon as practicable after) an organisation collects personal information about an individual from the individual, the organisation must take reasonable steps to ensure that the individual is aware of:

 

the identity of the organisation and how to contact it; and
the fact that he or she is able to gain access to the information; and
the purposes for which the information is collected; and
the organisations (or the types of organisations) to which the organisation usually discloses information of that kind; and
any law that requires the particular information to be collected; and
the main consequences (if any) for the individual if all or part of the information is not provided.

 

1.4
If it is reasonable and practicable to do so, an organisation must collect personal information about an individual only from that individual.

 

1.5
If an organisation collects personal information about an individual from someone else, it must take reasonable steps to ensure that the individual is or has been made aware of the matters listed in subclause 1.3 except to the extent that making the individual aware of the matters would pose a serious threat to the life or health of any individual.

 

2 USE AND DISCLOSURE

2.1
An organisation must not use or disclose personal information about an individual for a purpose (the secondary purpose) other than the primary purpose of collection unless:

 

both of the following apply:

 

the secondary purpose is related to the primary purpose of collection and, if the personal information is sensitive information, directly related to the primary purpose of collection;
the individual would reasonably expect the organisation to use or disclose the information for the secondary purpose; or
the individual has consented to the use or disclosure; or
if the information is not sensitive information and the use of the information is for the secondary purpose of direct marketing:
(i) it is impracticable for the organisation to seek the individual’s consent before that particular use; and

 

(ii) the organisation will not charge the individual for giving effect to a request by the individual to the organisation not to receive direct marketing communications; and

 

(iii) the individual has not made a request to the organisation not to receive direct marketing communications; and

 

(iv) in each direct marketing communication with the individual, the organisation draws to the individual’s attention, or prominently displays a notice, that he or she may express a wish not to receive any further direct marketing communications; and

 

(v) each written direct marketing communication by the organisation with the individual (up to and including the communication that involves the use) sets out the organisation’s business address and telephone number and, if the communication with the individual is made by fax, telex or other electronic means, a number or address at which the organisation can be directly contacted electronically; or

 

(v) each written direct marketing communication by the organisation with the individual (up to and including the communication that involves the use) sets out the organisation’s business address and telephone number and, if the communication with the individual is made by fax, telex or other electronic means, a number or address at which the organisation can be directly contacted electronically; or

 

(d) if the information is health information and the use or disclosure is necessary for research, or the compilation or analysis of statistics, relevant to public health or public safety:

 

(i) it is impracticable for the organisation to seek the individual’s consent before the use or disclosure; and

 

(ii) the use or disclosure is conducted in accordance with guidelines approved by the Commissioner under section 95A for the purposes of this subparagraph; and

 

(iii) in the case of disclosure the organisation reasonably believes that the recipient of the health information will not disclose the health information, or personal information derived from the health information; or

 

(e) the organisation reasonably believes that the use or disclosure is necessary to lessen or prevent:

 

(i) a serious and imminent threat to an individual’s life, health or safety; or

 

(ii) a serious threat to public health or public safety; or

 

(ea) if the information is genetic information and the organisation has obtained the genetic information in the course of providing a health service to the individual:

 

(i) the organisation reasonably believes that the use or disclosure is necessary to lessen or prevent a serious threat to the life, health or safety (whether or not the threat is imminent) of an individual who is a genetic relative of the individual to whom the genetic information relates; and

 

(ii) the use or disclosure is conducted in accordance with guidelines approved by the Commissioner under section 95AA for the purposes of this subparagraph; and

 

(iii) in the case of disclosure the recipient of the genetic information is a genetic relative of the individual; or

 

(f) the organisation has reason to suspect that unlawful activity has been, is being or may be engaged in, and uses or discloses the personal information as a necessary part of its investigation of the matter or in reporting its concerns to relevant persons or authorities; or

 

(g) the use or disclosure is required or authorised by or under law; or

 

(h) the organisation reasonably believes that the use or disclosure is reasonably necessary for one or more of the following by or on behalf of an enforcement body:

 

(i) the prevention, detection, investigation, prosecution or punishment of criminal offences, breaches of a law imposing a penalty or sanction or breaches of a prescribed law;

 

(ii) the enforcement of laws relating to the confiscation of the proceeds of crime;

 

(iii) the protection of the public revenue;

 

(iv) the prevention, detection, investigation or remedying of seriously improper conduct or prescribed conduct;

 

(v) the preparation for, or conduct of, proceedings before any court or tribunal, or implementation of the orders of a court or tribunal.

 

Note 1: It is not intended to deter organisations from lawfully co-operating with agencies performing law enforcement functions in the performance of their functions.

 

Note 2: Subclause 2.1 does not override any existing legal obligations not to disclose personal information. Nothing in subclause 2.1 requires an organisation to disclose personal information; an organisation is always entitled not to disclose personal information in the absence of a legal obligation to disclose it.

 

Note 3: An organisation is also subject to the requirements of National Privacy Principle 9 if it transfers personal information to a person in a foreign country.

 

2.2
If an organisation uses or discloses personal information under paragraph 2.1(h), it must make a written note of the use or disclosure.

 

2.3
Subclause 2.1 operates in relation to personal information that an organisation that is a body corporate has collected from a related body corporate as if the organisations primary purpose of collection of the information were the primary purpose for which the related body corporate collected the information.

 

2.4
Despite subclause 2.1, an organisation that provides a health service to an individual may disclose health information about the individual to a person who is responsible for the individual if:

 

(a) the individual:

(i) is physically or legally incapable of giving consent to the disclosure; or

 

(ii) physically cannot communicate consent to the disclosure; and

 

(b) a natural person (the carer) providing the health service for the organisation is satisfied that either:

 

(i) the disclosure is necessary to provide appropriate care or treatment of the individual; or

 

(ii) the disclosure is made for compassionate reasons; and

 

(c) the disclosure is not contrary to any wish:

 

(i) expressed by the individual before the individual became unable to give or communicate consent; and

 

(ii) of which the carer is aware, or of which the carer could reasonably be expected to be aware; and

 

(d) the disclosure is limited to the extent reasonable and necessary for a purpose mentioned in paragraph (b).

 

2.5
For the purposes of subclause 2.4, a person is responsible for an individual if the person is:

 

(a) a parent of the individual; or

 

(b) a child or sibling of the individual and at least 18 years old; or

 

(c) a spouse or de facto spouse of the individual; or

 

(d) a relative of the individual, at least 18 years old and a member of the individual’s household; or

 

(e) a guardian of the individual; or

 

(f) exercising an enduring power of attorney granted by the individual that is exercisable in relation to decisions about the individual’s health; or

 

(g) a person who has an intimate personal relationship with the individual; or

 

(h) a person nominated by the individual to be contacted in case of emergency.

 

2.6
In subclause 2.5:

child of an individual includes an adopted child, a step-child and a foster-child, of the individual.

parent of an individual includes a step-parent, adoptive parent and a foster-parent, of the individual.

relative of an individual means a grandparent, grandchild, uncle, aunt, nephew or niece, of the individual.

sibling of an individual includes a half-brother, half-sister, adoptive brother, adoptive sister, step-brother, step-sister, foster-brother and foster-sister, of the individual.

 

3 DATA QUALITY

An organisation must take reasonable steps to make sure that the personal information it collects, uses or discloses is accurate, complete and up-to-date.

 

 

4 DATA SECURITY

4.1
An organisation must take reasonable steps to protect the personal information it holds from misuse and loss and from unauthorised access, modification or disclosure.

 

4.2
An organisation must take reasonable steps to destroy or permanently de-identify personal information if it is no longer needed for any purpose for which the information may be used or disclosed under National Privacy Principle 2.

 

5 OPENNESS

5.1
An organisation must set out in a document clearly expressed policies on its management of personal information. The organisation must make the document available to anyone who asks for it.

 

5.2
On request by a person, an organisation must take reasonable steps to let the person know, generally, what sort of personal information it holds, for what purposes, and how it collects, holds, uses and discloses that information.

 

6 ACCESS AND CORRECTION

6.1
On request by a person, an organisation must take reasonable steps to let the person know, generally, what sort of personal information it holds, for what purposes, and how it collects, holds, uses and discloses that information.

 

(a) in the case of personal information other than health information”providing access would pose a serious and imminent threat to the life or health of any individual; or

 

(b) in the case of health information”providing access would pose a serious threat to the life or health of any individual; or

 

(c) providing access would have an unreasonable impact upon the privacy of other individuals; or

 

(d) the request for access is frivolous or vexatious; or

 

(e) the information relates to existing or anticipated legal proceedings between the organisation and the individual, and the information would not be accessible by the process of discovery in those proceedings; or

 

(f) providing access would reveal the intentions of the organisation in relation to negotiations with the individual in such a way as to prejudice those negotiations; or

 

(g) providing access would be unlawful; or

 

(h) denying access is required or authorised by or under law; or

 

(i) providing access would be likely to prejudice an investigation of possible unlawful activity; or

 

(j) providing access would be likely to prejudice:

 

(i) the prevention, detection, investigation, prosecution or punishment of criminal offences, breaches of a law imposing a penalty or sanction or breaches of a prescribed law; or

 

(ii) the enforcement of laws relating to the confiscation of the proceeds of crime; or

 

(iii) the protection of the public revenue; or

 

(iv) the prevention, detection, investigation or remedying of seriously improper conduct or prescribed conduct; or

 

(v) the preparation for, or conduct of, proceedings before any court or tribunal, or implementation of its orders;

by or on behalf of an enforcement body; or

 

(k) an enforcement body performing a lawful security function asks the organisation not to provide access to the information on the basis that providing access would be likely to cause damage to the security of Australia.

 

6.2
However, where providing access would reveal evaluative information generated within the organisation in connection with a commercially sensitive decision-making process, the organisation may give the individual an explanation for the commercially sensitive decision rather than direct access to the information.

 

Note: An organisation breaches subclause 6.1 if it relies on subclause 6.2 to give an individual an explanation for a commercially sensitive decision in circumstances where subclause 6.2 does not apply.

 

6.3
If the organisation is not required to provide the individual with access to the information because of one or more of paragraphs 6.1(a) to (k) (inclusive), the organisation must, if reasonable, consider whether the use of mutually agreed intermediaries would allow sufficient access to meet the needs of both parties.

 

6.4
If an organisation charges for providing access to personal information, those charges:

 

(a) must not be excessive; and

 

(b) must not apply to lodging a request for access.

 

6.5
If an organisation holds personal information about an individual and the individual is able to establish that the information is not accurate, complete and up-to-date, the organisation must take reasonable steps to correct the information so that it is accurate, complete and up-to-date.

 

6.6
If the individual and the organisation disagree about whether the information is accurate, complete and up-to-date, and the individual asks the organisation to associate with the information a statement claiming that the information is not accurate, complete or up-to-date, the organisation must take reasonable steps to do so.

 

6.7
An organisation must provide reasons for denial of access or a refusal to correct personal information.

 

7 IDENTIFIRES

7.1
An organisation must not adopt as its own identifier of an individual an identifier of the individual that has been assigned by:

 

(a) an agency; or

 

(b) an agent of an agency acting in its capacity as agent; or

 

(c) a contracted service provider for a Commonwealth contract acting in its capacity as contracted service provider for that contract.

 

7.1A

However, subclause 7.1 does not apply to the adoption by a prescribed organisation of a prescribed identifier in prescribed circumstances.

Note: There are prerequisites that must be satisfied before those matters are prescribed: see subsection 100(2).

 

7.2
An organisation must not use or disclose an identifier assigned to an individual by an agency, or by an agent or contracted service provider mentioned in subclause 7.1, unless:

 

(a) the use or disclosure is necessary for the organisation to fulfil its obligations to the agency; or

 

(b) one or more of paragraphs 2.1(e) to 2.1(h) (inclusive) apply to the use or disclosure; or

 

(c) the use or disclosure is by a prescribed organisation of a prescribed identifier in prescribed circumstances.

 

Note: There are prerequisites that must be satisfied before the matters mentioned in paragraph (c) are prescribed: see subsection 100(2).

 

7.3
In this clause:

identifier includes a number assigned by an organisation to an individual to identify uniquely the individual for the purposes of the organisation’s operations. However, an individual’s name or ABN (as defined in the A New Tax System (Australian Business Number) Act 1999) is not an identifier.

 

8 ANONYMITY

Wherever it is lawful and practicable, individuals must have the option of not identifying themselves when entering transactions with an organisation.

 

9 TRANSBORDER DATA FLOWS

An organisation in Australia or an external Territory may transfer personal information about an individual to someone (other than the organisation or the individual) who is in a foreign country only if:

 

(a) the organisation reasonably believes that the recipient of the information is subject to a law, binding scheme or contract which effectively upholds principles for fair handling of the information that are substantially similar to the National Privacy Principles; or

 

(b) the individual consents to the transfer; or

 

(c) the transfer is necessary for the performance of a contract between the individual and the organisation, or for the implementation of pre-contractual measures taken in response to the individual’s request; or

 

(d) the transfer is necessary for the conclusion or performance of a contract concluded in the interest of the individual between the organisation and a third party; or

 

(e) all of the following apply:

 

(i) the transfer is for the benefit of the individual;

 

(ii) it is impracticable to obtain the consent of the individual to that transfer;

 

(iii) if it were practicable to obtain such consent, the individual would be likely to give it; or

 

(f) the organisation has taken reasonable steps to ensure that the information which it has transferred will not be held, used or disclosed by the recipient of the information inconsistently with the National Privacy Principles.

 

10 SENSITIVE INFORMATION

10.1
An organisation must not collect sensitive information about an individual unless:

 

(a) the individual has consented; or

 

(b) the collection is required by law; or

 

(c) the collection is necessary to prevent or lessen a serious and imminent threat to the life or health of any individual, where the individual whom the information concerns:

 

(i) is physically or legally incapable of giving consent to the collection; or

 

(ii) physically cannot communicate consent to the collection; or

 

(d) if the information is collected in the course of the activities of a non-profit organisation the following conditions are satisfied:

 

(i) the information relates solely to the members of the organisation or to individuals who have regular contact with it in connection with its activities;

 

(ii) at or before the time of collecting the information, the organisation undertakes to the individual whom the information concerns that the organisation will not disclose the information without the individual’s consent; or

 

(e) the collection is necessary for the establishment, exercise or defence of a legal or equitable claim.

 

10.2
Despite subclause 10.1, an organisation may collect health information about an individual if:

(a) the information is necessary to provide a health service to the individual; and

 

(b) the information is collected:

 

(i) as required or authorised by or under law (other than this Act); or

 

(ii) in accordance with rules established by competent health or medical bodies that deal with obligations of professional confidentiality which bind the organisation.

 

10.3
Despite subclause 10.1, an organisation may collect health information about an individual if:

 

(a) the collection is necessary for any of the following purposes:

 

(i) research relevant to public health or public safety;

 

(ii) the compilation or analysis of statistics relevant to public health or public safety;

 

(iii) the management, funding or monitoring of a health service; and

 

(b) that purpose cannot be served by the collection of information that does not identify the individual or from which the individual’s identity cannot reasonably be ascertained; and

 

(c) it is impracticable for the organisation to seek the individual’s consent to the collection; and

 

(d) the information is collected:

 

(i) as required by law (other than this Act); or

 

(ii) in accordance with rules established by competent health or medical bodies that deal with obligations of professional confidentiality which bind the organisation; or

 

(iii) in accordance with guidelines approved by the Commissioner under section 95A for the purposes of this subparagraph.

 

10.4
If an organisation collects health information about an individual in accordance with subclause 10.3, the organisation must take reasonable steps to permanently de-identify the information before the organisation discloses it.

 

10.5
In this clause:

non-profit organisation means a non-profit organisation that has only racial, ethnic, political, religious, philosophical, professional, trade, or trade union aims.

 

For further information please contact:

Privacy Commissioner
GPO Box 5218 Sydney NSW 2001

Privacy Hotline: 1300 363 992
Telephone: (02) 9284 9800
Fax: (02) 9284 9666