Befree Pty. Ltd. (ABN: 20 120 830 784) and its related bodies corporate (referred to in this document as we, us or our) recognise that your privacy is very important, and we are committed to protecting the personal information we collect about our clients and other individuals. To the extent that the Privacy Act 1988 (Cth) (Privacy Act), and the Australian Privacy Principles (APPs) govern the way in which we must manage your personal information, this policy sets out how we collect, use, disclose and otherwise manage personal information about our clients and individuals.
In this policy, we use the term ‘clients’ to refer to individuals who receive paid services from us; ‘client affiliates’ to refer to individuals whose personal information is contained within client files we access; ‘suppliers’ to refer to individuals whose goods and services we purchase and use (or individuals who are associated with our suppliers); ‘event participants’ to refer to individuals who attend events we hold; and ‘users’ to refer to individuals who subscribe to our newsletter, use our website, engage with us on social media platforms, or who enquire about us and our services. In some circumstances, you may belong to more than one of these groups, and multiple sections of this document will then apply to you.
We may collect and hold personal information about you (that is, information that can identify you) and is relevant to providing you with the information and services you are seeking. The type of information we collect about you depends on our relationship with you. Generally, however, we may collect your name, contact details, commentary or opinion about you, and other information relevant to providing you with the information and services you or someone on your behalf are seeking.
If you are a client: we will also generally collect your date of birth and place of birth, financial information, ABN, TFN, employment details, and health and other insurance information (for the purposes of tax reporting).
If you are a client affiliate: we will also generally collect additional information held about you in our client’s files, such as financial information, TFN, and employment details.
If you are a user: we may also collect information about you through the use of our website and digital platforms, including IP address, geographic location of your IP address, cookie information, and user preferences.
Except as otherwise permitted by law, we only collect sensitive information about you if you consent to the collection of the information and if it is reasonably necessary for the performance of our functions and activities. Consent may be implied by the circumstances existing at the time of collection. There may also be circumstances under which we collect sensitive information without your consent, as required or authorised by law.
We support your ability to make decisions about the personal information you provide to us, however if you choose not to provide us with the information requested, or it is incomplete or inaccurate, we may not be able to provide you with the information and services you are seeking. If you are a client, refusal to provide identifying information will mean we are unable to provide you with any services. If you are an applicant for a volunteer or employment position, refusal to provide personal information may mean we are unable to process your job application.
We are required to collect personal information about clients in order to meet our legal obligations under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth), including full name, residential address, and date of birth. This information must be retained by us for a period of 7 years after we have stopped providing services to the client.
We will generally collect personal information directly from you through a variety of ways including interviews (via any method), correspondence, by telephone, by email, in person, any of our standard forms, our employment and volunteer application process, our surveys (where applicable), registration and attendance at our events, from publicly available sources on the internet, and via our websites, and social media accounts.
We may also collect personal information about you from third parties with your consent or where otherwise required or authorised by law, and this is set out in the privacy collection statement or otherwise notified to you at the time of collection (or as soon as practicable thereafter). For example, someone else may book you into one of our events or seek our services on your behalf. If you are a “client affiliate”, we are likely to collect personal information about you from one or more of our clients in the course of providing services to those clients.
The purpose for collecting and dealing with your personal information depends on your interaction with us and our relationship with you. Generally, we will collect and deal with your personal information if it is reasonably necessary for or related to the facilitation of our services, and performance of our functions and activities, including for the purposes of:
We generally disclose your personal information for the purposes for which it was collected (set out above). We may disclose personal information about you to:
We may expand or reduce our business and this may involve the sale and/or transfer of control of all or part of our business. Personal information, where it is relevant to any part of the business for sale and/or transfer, may be disclosed to a proposed new owner or newly controlling entity for their due diligence purposes, and upon completion of a sale or transfer, will be transferred to the new owner or newly controlling party to be used for the purposes for which it was provided.
Sensitive information is only used and disclosed for the purposes for which it was collected, unless your further consent is obtained or otherwise as permitted or required by law.
We have workers overseas who assist us with operating our business and providing you or someone else on your behalf with the information, resources and services sought. Our workers are bound by the same security processes and procedures as our workers in Australia.
We are assisted by a variety of external service providers to operate our business and to provide you or someone else on your behalf with the information, resources, and services sought. Some of these service providers may be located overseas, including India, Singapore, UK and the United States of America. We take reasonable steps to ensure these service providers have appropriate security for your personal information.
You understand and acknowledge that countries outside Australia do not always have the same privacy protection obligations as Australia in relation to Personal Information, and that Australian Privacy Principle 8.1 in the Privacy Act does not apply to such disclosures.
The security of your personal information is important to us. We take reasonably necessary measures to ensure our data security and integrity is not compromised and to protect your personal information from interference, misuse, loss, unauthorised access, modification or disclosure, including electronic and physical security measures. For example, our offices are equipped with biometric scanners and are monitored by CCTV. Several of our group companies are ISO certified, and our systems and terminals are regularly audited. Internet activity and data transfer is heavily controlled and monitored.
Any Personal Information that you disclose to us may be disclosed to our secure delivery centres, subcontractors or third-party service providers, and/or stored, on infrastructure outside Australia.
Personal information can be stored physically, electronically, or in the cloud. However, no data transmission over the internet is 100% secure. Risks exist when transmitting information online, particularly with cloud computing.
Your personal information is stored only until it is no longer required for any purpose for which it was collected, or otherwise as required or authorised by law, and either destroyed or deidentified thereafter.
For further details about our data security measures, please see our Security Policy, available at https://befreeltd.com/au/security-policy/
You may access the personal information we hold about you, subject to certain exceptions. We will take the necessary steps to identify you before we provide the information to you. If you wish to access your personal information, please contact us using the details below. We will respond to your request within a reasonable period.
We may decline a request for access to personal information in circumstances prescribed by the Privacy Act, and if we do, we will give you a written notice that sets out the reasons for the refusal (unless it would be unreasonable to provide those reasons), including details of the mechanisms available to you to make a complaint.
We will not charge any fee for your access request but may charge an administrative fee for providing a copy of your personal information. We will notify you in advance of any applicable fees.
It is essential that your personal information is accurate, complete, and up to date (having regard to the purposes for which it was collected). If you believe the information we hold about you is incomplete, not up to date, or inaccurate, please contact us using the details below. We will take reasonable steps to correct the information if we agree that it is incomplete, out of date, or inaccurate.
If we refuse to correct your personal information, we will give you a written notice that sets out our reason for our refusal (unless it would be unreasonable to provide those reasons), including details of the mechanisms available to you to make a complaint.
If you have any queries or concerns about our Privacy Policy, or the way we handle your personal information, or you wish to make a complaint about a breach of the Privacy Act or this policy, please contact us using the details below and we will take reasonable steps to investigate the complaint and respond to you:.
If, after this process, you are not satisfied with our response, you can submit a complaint to the Office of the Information Commissioner, Australia. To lodge a complaint, visit the ‘Complaints’ section of the Information Commissioner’s website, located at http://www.oaic.gov.au/privacy/privacy-complaints, to obtain the relevant complaint forms, or contact the Information Commissioner’s office.
Post: Befree Privacy Officer, Suite 3, Level 6, 80 George Street, Parramatta NSW 2150
Email: info@befree.com.au
Phone: 1300 873 733
Note – Existing clients where Statement of Work (SOW) was signed before 15th June 2023, please contact us using the details above to request a copy of our existing privacy policy.