Privacy Policy

Download PDF Version

Background

Published 16/09/2019

au Domain Administration Ltd (ABN 38 079 009 34) (auDA) recognises the importance of protecting the privacy and the rights of individuals in relation to their personal information.  This document sets out auDA’s privacy policy and tells you how we collect and manage your personal information in the course of performing our functions and activities as the administrator and self-regulatory policy body for the Australian country code top-level domain (.au ccTLD).

We respect your rights to privacy under the Privacy Act 1988 (Cth) (Act) and other applicable laws that protect your privacy. We are committed to complying with these laws including in particular the Australian Privacy Principles (APPs) which are set out in the Act and regulate how we must handle your personal information.

What is personal information?

The Act provides for the protection of “personal information” which is information or an opinion, whether true or not and whether recorded in a material form or not, about an individual who is either identified or reasonably identifiable. When used in this privacy policy, the term “personal information” has the meaning given to it in the Act. In general terms, it is any information that can be used to personally identify you.  If the information we collect personally identifies you, or you are reasonably identifiable from it, the information will be considered personal information.

What personal information do we collect and hold?

The types of personal information we may collect about you include:

  • name;
  • mailing or street address;
  • email address;
  • telephone number;
  • payment details;
  • age or birth date;
  • profession, occupation or job title;
  • IP Address;
  • any additional information relating to you that you provide to us directly through our websites or indirectly through use of our websites or online presence, through our representatives or otherwise;
  • information you provide to us through our Compliance Department or membership surveys;
  • information collected through cookies or tracking technologies (including IP address);
  • any other information collected to become an accredited registrar or reseller
  • any other information collected for an auDA event
  • any other information collected as part of a submission for Policy change
  • any other information collected as part of a job application; and
  • any other information collected for a new employee.

We may also collect some information that is not personal information because it does not identify you or anyone else.  For example, we may collect anonymous answers to surveys or aggregated information about how users use our website.

Sensitive information

Sensitive information is a subset of personal information that is generally afforded a higher level of privacy protection, such as health, racial or criminal record information. auDA only collects sensitive information where it is reasonably necessary for our functions or activities and either:

  • the individual has consented; or
  • we are required or authorised by or under law (including applicable privacy legislation) to do so.

For example, we may collect information about whether the directors, officers or relevant staff of a registry operator appointment or registrar accreditation have been convicted of a criminal offence.

How auDA Collects Personal Information

We collect your personal information directly from you unless it is unreasonable or impracticable to do so.  When collecting personal information from you, we may collect it in various ways including:

  • when you complete your Associate Membership application;
  • when you complete an application to become an accredited registrar or reseller;
  • when you apply to attend an auDA event;
  • when you participate in an auDA submission for policy change;
  • through your access and use of our website;
  • written communications;
  • during conversations between you and our representatives;
  • recordings of auDA public forums;
  • auDA Foundation grant applications;
  • job applications; and
  • new employee onboarding.

We may also collect personal information from third parties including:

  • from third party companies such as credit reporting agencies, law enforcement agencies, other government entities, and contractors or subcontractors acting on our behalf; and
  • your employer, where you are nominated as a contact for the entity as part of an application, submission or other communication.

Cookies

In some cases, we may also collect your personal information through the use of cookies.  When you access our website, we may send a “cookie” (which is a small summary file containing a unique ID number) to your computer.  This enables us to recognise your computer and greet you each time you visit our website without bothering you with a request to register.  We also use cookies to measure traffic patterns, to determine which areas of our website have been visited.  We use this to research our users’ habits so that we can improve our online services.  If you do not wish to receive cookies, you can set your browser so that your computer does not accept them.

We may log IP addresses (that is, the electronic addresses of computers connected to the internet) to analyse trends, administer the website, track user movements, and gather broad demographic information.

What happens if we can’t collect your personal information?

If you do not provide us with the personal information described above, some or all of the following may happen:

  • we may not be able to provide you with an Associate Membership to auDA;
  • we may not be able to provide you with updated information about auDA and the .au namespace;
  • we may be unable to tailor the content of our websites to your preferences and your experience of our websites may not be as enjoyable or useful;
  • we may not provide you with accreditation as a registrar;
  • we may not be able to assist you in addressing your complaint or general enquiry; and
  • we may not be able to provide you with other services that you may request.

For what purposes do we collect, hold, use and disclose your personal information?

We collect personal information about you so that we can provide you with services that you request, perform our business activities and functions and provide the best possible quality of customer service.

We collect, hold and use your personal information for the following purposes:

  • to keep you informed of auDA Membership related news and events;
  • to accredit and license registrars;
  • to process applications for the auDA Foundation;
  • to conduct policy consultation processes;
  • to consider applications for employment;
  • to answer enquiries and provide information or advice about existing and new products or services;
  • to assess the performance of the website and improve the operation of the website;
  • to update our records and keep your contact details up to date;
  • to process and respond to any complaint or general enquiry made by you;
  • to collect feedback about our products, services, website, policies and processes, including about our complaints handling processes; and
  • to comply with any law, rule, regulation, lawful and binding determination, decision or direction of a regulator, or in co-operation with any governmental authority of any country.

Your personal information will not be shared, sold, rented or disclosed other than as described in this Privacy Policy.

To whom may we disclose your information?

We may disclose your personal information to:

  • our employees, contractors or service providers for the purposes of operation of our website or our business, to fulfil requests by you and to otherwise provide products and services to you including, without limitation, web hosting providers, IT systems administrators, couriers, payment processors, data entry service providers, electronic network administrators, debt collectors, and professional advisors such as accountants, solicitors, business advisors, law enforcement agency and consultants;
  • Information shared with contractors or serviced providers will be specific to performing tasks on behalf of auDA and will be bound by confidentiality arrangements in place with the respective parties; and
  • any organisation for any authorised purpose with your express consent.

Direct marketing materials

We may send you direct marketing communications and information about our services that we consider may be of interest to you.  These communications may be sent in various forms, including mail, SMS, fax and email, in accordance with applicable marketing laws, such as the Spam Act 2003 (Cth).  You consent to us sending you those direct marketing communications by any of those methods.  If you indicate a preference for a method of communication, we will endeavour to use that method whenever practical to do so.  In addition, at any time you may opt-out of receiving marketing communications from us by contacting us at privacy@auda.org.au

How can you access and correct your personal information?

You may request access to any personal information we hold about you at any time by contacting us at privacy@auda.org.au   Where we hold information that you are entitled to access, we will try to provide you with suitable means of accessing it (for example, by mailing or emailing it to you).  We may charge you a fee to cover our administrative and other reasonable costs in providing the information to you. We will not charge for simply making the request and will not charge for making any corrections to your personal information.

There may be instances where we cannot grant you access to the personal information we hold.  For example, we may need to refuse access if granting access would interfere with the privacy of others or if it would result in a breach of confidentiality.  If that happens, we will give you written reasons for any refusal.

If you believe that personal information, we hold about you is incorrect, incomplete or inaccurate, then you may request us to amend it.  Amendment requests should be forwarded to privacy@auda.org.au

What is the process for complaining about a breach of privacy?

If you believe that your privacy has been breached, please contact our Privacy Officer at privacy@auda.org.au and provide details of the concern or incident so that we can investigate it.

We request that complaints about breaches of privacy be made in writing, so we can be sure about the details of the complaint.  Our Privacy Officer deals with privacy complaints and any complaints should be directed to our Privacy Officer at privacy@auda.org.au.  We will attempt to confirm as appropriate and necessary with you your understanding of the conduct relevant to the complaint and what you expect as an outcome.  We will inform you whether we will conduct an investigation and the estimated completion date for the investigation process.

After we have completed our enquiries, we will contact you, in writing, to advise the outcome and invite a response to our conclusions about the complaint.  If we receive a response from you, we will assess it and advise if we have changed our view

Do we disclose your personal information to anyone outside australia?

We may disclose personal information to our related third-party service providers located overseas.

We take reasonable steps to ensure that the overseas recipients of your personal information do not breach the privacy obligations relating to your personal information.

We may disclose your personal information to entities located outside of Australia, including the following:

  • our DNS name server data hosting facilities and other IT service providers which may be located outside of Australia; and
  • to other third parties which may be located outside of Australia.

Security

We take reasonable steps to ensure your personal information is protected from misuse and loss and from unauthorised access, modification or disclosure.  We may hold your information in either electronic or hard copy form.  Personal information is destroyed or de-identified when no longer needed.

As our website is linked to the internet, and the internet is inherently insecure, we cannot provide any assurance regarding the security of transmission of information you communicate to us online.  We also cannot guarantee that the information you supply will not be intercepted while being transmitted over the internet. Accordingly, any personal information or other information which you transmit to us online is transmitted at your own risk.

We maintain a plan and procedures for responding to actual or suspected data security breaches involving personal information in accordance with applicable requirements under the Act.

Links

Our website may contain links to other websites operated by third parties.  We make no representations or warranties in relation to the privacy practices of any third-party website and we are not responsible for the privacy policies or the content of any third-party website.  Third party websites are responsible for informing you about their own privacy practices.

Contacting us

If you have any questions about this privacy policy, any concerns or a complaint regarding the treatment of your privacy or a possible breach of your privacy, please use the contact link on our website or contact our Privacy Officer using the details set out below.

We will treat your requests or complaints confidentially.  Our representative will contact you within a reasonable time after receipt of your complaint to discuss your concerns and outline options regarding how they may be resolved.  We will aim to ensure that your complaint is resolved in timely and appropriate manner.

Please contact our Privacy Officer at:

Privacy Officer, auDA
Post:          Level 17, 1 Collins Street, Melbourne 3000 Victoria
Tel:            03 8341 4111
Email:        privacy@auda.org.au

Changes to our privacy policy

We may change this privacy policy from time to time.  Any updated versions of this privacy policy will be posted on our website.  Please review it regularly.

This privacy policy was last updated on 16/09/2019.