Privacy Policy

Purpose

This Privacy Policy conforms to the requirements of the Privacy Act 1988 (Cwlth), the Australian Privacy Principles and other applicable regulations (the Privacy legislation), as well as meeting the requirements of ISO 27001:2022 and ISO 9001:2016. This policy provides information concerning the collection, storage, use and disclosure of personal information by Ravinn Pty Ltd (hereafter referred to as Ravinn). The policy includes a process and provides contact details for anyone wishing to correct personal information held by Ravinn.

Ravinn has certain statutory requirements under Australian legislation which have informed the drafting of this Privacy Policy. Ravinn also aligns with the requirements from ISO 27001:2022 and ISO 9001:2016. The definition of personal information covered by this policy can be found in the section below.

Ravinn manages all personal information supplied from third parties including clients, suppliers, business partners and contractors securely in compliance with the Privacy legislation and this policy, where applicable. By accessing our website, or signing any agreements with Ravinn, you accept the terms of this Privacy policy.

Definitions

“Personal information” is defined in Australian law as: “information or an opinion about an identified individual or an individual who is reasonably identifiable:

  1. Whether the information or opinion is true or not; and
  2. Whether the information or opinion is recorded in material form or not.”1

Collection of Personal Information

Ravinn collects personal information under certain restricted circumstances and for defined and authorised purposes.

When

Ravinn collects only the personal information required to undertake its business. Ravinn will not collect personal information unless it is necessary or related to our business activities and the products and services supplied. Ravinn collects personal information from:

  1. Staff and contractors during the onboarding process and at other times, if required.
  2. Clients and suppliers when arranging to provide or obtain products or services.
  3. Clients and suppliers in the course of business activities, via email, forms, in person or by telephone.
  4. People making enquiries or giving feedback about Ravinn’s business activities, products or services.
  5. Clients when asking for feedback after an engagement.

What

Ravinn collects contact details such as name, title, role, email address and telephone number, as well as details required for the provision of products and services to meet clients’ needs. Ravinn may request payment information, if Ravinn will be paying the person or company concerned. Ravinn may also request additional information, including feedback and testimonials. Ravinn will request additional information from staff and contractors, including sensitive information, including criminal record, home address, next-of-kin and other information required for business purposes or as a result of legislative or regulatory requirements.

How

Ravinn will request information, either by email, telephone, online form or in person. Ravinn does not collect personal or sensitive information without consent and such consent may be withdrawn at any time. Persons whose information is stored or used by Ravinn may ask for such information to be amended or removed and deleted. Please note that withdrawal of consent or removal or deletion of personal information may limit Ravinn’s ability to provide services. Incorrect information may also hinder Ravinn’s ability to provide appropriate services.

Storage

Ravinn stores personal information securely within secured cloud environments using appropriate applications. For example, payment information may be stored within the Xero application, with access restricted to personnel whose roles require access and through use of encryption and multi-factor authentication; client information may be stored within securely configured M365 environments (when necessary and with client’s consent).

Use

Personal information is used by Ravinn to contact and communicate with staff and clients; to facilitate business activities such as understanding requirements, providing products or services or making or receiving payments, where payments are due; and to assist with keeping staff and others safe and secure should emergency situations arise. Personal information may also be used to manage complaints and disputes and comply with legislation or regulations. Only certain roles are authorised and able to access personal information for approved use. Use of personal information is logged.

In the event of any security incident involving unauthorised access, use or disclosure or personal information, the owner of such information will be informed as soon as possible and Ravinn will cooperate with all authorised third parties to protect the personal information, including where Ravinn is only one of the parties with whom such information was shared.

Owners of personal information may request access to their personal information by making a written request. We will respond to your request as soon as practicable. We will respond to such requests in accordance with legislative and regulatory requirements.

Sharing

Ravinn shares personal information only as required in order to provide the services to which clients have agreed; in order to undertake business tasks, such as payments, when required through third party services and where required by legislation. Ravinn will never share personal information with any entity outside of Australia, except during authorised business activities, with your consent, or unless so ordered by an authorised Commonwealth official.

After obtaining consent from the owner of such information, Ravinn and their business partners may also exchange information with each other. Such information will only be exchanged after consent has been obtained from the information’s owner and only in relation to additional products and services, previously discussed with the information owner.

Privacy Complaints and Enquiries

If you have any questions or concerns about your personal information or Ravinn’s use thereof, please contact our Privacy Officer. Complaints and requests to access and/or amend personal information must be lodged in writing. Email: [email protected]

Address:

Ravinn Privacy Officer

Unit 3A, 76 Doggett Street

Newstead, QLD 4006

 

 

1 Privacy Act 1988 (Cwlth) Part II section 6.1