Data (Privacy) & Protection Policy
Whybirds will gather and use personal data about customers, suppliers, business contacts, employees and other people that Whybirds has a relationship with or may need to contact.
Why this policy exists:
This data (privacy) & protection policy ensures Whybirds:
- Complies with the data protection law Privacy Act 1988 and follows good practice
- Protects the rights of customers, suppliers, business contacts, employees and partners
- Is open about how it stores and processes individuals’ data
- Protects itself from the risks of a data breach
This policy applies to:
It applies to all data that the company holds relating to identifiable individuals and companies. This can include but not limited to:
- Names of individuals
- Postal addresses
- Email addresses
- Telephone numbers
- Date of Birth
- Passport details
- Plus any other information relevant information required to transport and clear goods through the relevant authorities
- In providing information to Whybirds, specifically gives your consent that Whybirds and its employees can use the information in the normal process of performing our responsibilities in the operation of running the company lawfully.
- The information will not be sold, traded or disclosed to any third party that is not directly related to the normal function of supplying the service that we provide in the transportation, storing or insuring goods.
Access and Accuracy:
- The information that has been collected on customers, suppliers, business contacts, employees or partners can be reviewed by that respective customers, suppliers, business contacts, employees or partners at Whybirds’ office where the data has been collected.
- Information will be updated when we are notified of any changes.
Data protection risks:
This policy helps to protect Whybirds from data security risks, including but not limited to:
- Breaches of confidentiality – for instance, information being given out inappropriately.
- Damage to Whybirds reputation, brand, or business relationships
Everyone who works for or with Whybirds has some responsibility for ensuring data is collected, stored and handled appropriately.
The IT department is responsible for:
- Ensuring all systems, services and equipment used for storing data meet acceptable security standards.
- Performing regular checks and scans to ensure security hardware and software is functioning properly.
- Evaluating any third-party services the company is considering using to store or process data.
Whybirds Staff Guidelines:
The only people able to access data covered by this policy should be those members of staff who need it to process individual clients’ needs for their removals. Whybirds provides training to all employees so they understand their responsibilities when handling data. Employees will keep all data secure by taking sensible precautions and following the guidelines below:
- In particular, strong passwords are used and are never shared.
- Personal data is not disclosed to unauthorised people, either within the company or externally.
- Data is regularly reviewed and updated if it is found to be out of date.
- Employees will request help from their manager or the data protection officer if they are unsure about any aspect of data protection.
These rules describe how and where data should be safely stored. Questions about storing data safely can be directed to the IT Manager. When data is stored on paper, it should be kept in a secure place where unauthorised people cannot see it. These guidelines also apply to data that is usually stored electronically but has been printed out for some reason: Data Privacy & Protection Policy Whybirds October 2016
- When not required, the paper or files are kept in a locked drawer or filing cabinet.
- Employees will make sure paper and printouts are not left where unauthorised people could see them.
- Certain Data and Files are kept for a minimum of 7 years in accordance with Australian law.
- Data printouts are disposed of securely when no longer required.
When data is stored electronically, it must be protected from unauthorised access, accidental deletion and malicious hacking attempts:
- Data is protected by strong passwords and never shared between employees.
- Data is only stored on designated drives and servers, and only uploaded to an approved computing service.
- Servers containing personal data are sited in a secure location, away from general office space.
- Data is backed up frequently. Those backups are tested regularly, in line with the company’s standard backup procedures.
- Data is never saved directly to laptops or other mobile devices like tablets or smart phones.
- All servers and computers containing data is protected by approved security software and firewalls.
If you have any privacy issues or complaints, these need to be submitted in writing and addressed to the General Managing, Whybirds Removals P.O Box 259, Ipswich, 4305