PRIVACY POLICY
Policy Standard
Purpose
This policy explains how Pleme Pty Ltd is committed to providing quality service to you and this policy outlines our ongoing obligations to you in respect of how we manage all personal information in accordance with the Australia Privacy Principles (APPs) contained in the Privacy Act 1988 (Cth) (the Act).
The APPs govern the way in which we collect, use, disclosed, store, secure and dispose of your Personal Information.
A copy of the Australian Privacy Principles may be obtained from the website of The Office of the Australian Information Commissioner at www.aoic.gov.au.
Pleme Pty Ltd is committed to ensuring the privacy of personal information is protected and we strive to uphold the best practice privacy standards in the collection, storage and use of personal information.
Definitions
Personal information means any ‘information or an opinion about an identical individual, or an individual who is reasonably identifiable:
whether the information or opinion is true or not; and
whether the information or opinion is recorded in a material form or not’.
Common examples are an individual’s name, signature, address, telephone number, date of birth, medical records, bank account details, employment details and commentary or opinion about a person.
Sensitive Information is a subset of personal information and is defined as:
information or an opinion (that is also personal information) about an individual’s:
racial or ethnic origin;
political opinions;
membership of a political association;
religious beliefs or affiliations;
philosophical beliefs;
membership of a professional or trade association;
membership of a trade union;
sexual orientations or practices; or
criminal records,
health information about an individual;
genetic information (that is not otherwise health information);
biometric information that is to be used for the purpose of automated biometric verification or biometric identification; or
biometric templates.
Sensitive information is generally afforded a higher level of privacy protections than other personal information.
Scope
The Privacy Policy applies to personal information held about individuals. The privacy Act and this Privacy Policy do not apply to information we hold about companies and other organisation as there are not identifiable individuals covered by the Act. However, Kraljevic Technology does keep completely confidential all information that we hold about companies and other organisations regarding their strategies, business affairs, accounts, finance or contractual arrangements.
This Privacy Policy covers Australian:
Kraljevic Technology customers, users, suppliers and third parties;
Directors and Officers of Kraljevic Technology Pty Ltd;
Employees (full time and part time);
Temporary and Casual employees;
Independent contractors; and
Third party contractors e.g. consultants.
Collection
Personal Information collected by Kraljevic Technology is collected for the purpose of managing user transactions for products, services, pages, suppliers, and other third-party relationships.
The Personal information we collet differs depending on which of our products and services you are involved in, and may include:
name, address and contact details;
date of birth;
gender;
account and newsletter preferences;
for employees, all employment related information;
for customers, information about a product, services or subscription you purchased from us, the place of purchase and information about your ownership of the product;
for users, information about groups you join, comments you make and your published information;
information about any email to us, including recording the email, specific details or comments raised in the email, the reason why you contacted us and the advice we gave you;
information relating to your selection of groups and the comments you make;
information about third party provider products you obtain through us;
your contact details and other business information, place of employment and position;
your reviews, product review, platform reviews, comments, photos and forum posts that you have submitted;
identification checks, including validity of identity and licence and or passport information where appropriate or necessary;
information about your Kraljevic Technology network profile, such as your user id, profile picture, gender, location, interests and suggestions;
the fact that you have clicked on a ‘like’ or ‘comment’ or similar button on our network or services one of our pages on a social network site or group, which we may associate with the details that we store about you;
information about your visit to our website, such as your browser software, which pages you view and which items you ‘clicked’ on;
service, product or server logs, which hold technical information about your use of Kraljevic Technology, product or websites, such as your IP address, domain, device and application settings, errors and hardware activity;
information about where you device is physically located (for example, when you are using location services, or an application and you have provided your consent to your location being shared with Kraljevic Technology); and
interests and preference that you specify during setup of our services.
When we collect Personal Information we will, where appropriate and where possible, explain to you why we are collecting the information and how we plan to use it.
If we request Personal Information from you and you do not supply it, we may not be able to provide you with access to Kraljevic Technology or any Kraljevic Technology related service.
Kraljevic Technology only collects Sensitive Information (for example, racial or ethnic origin) where it is reasonably necessary for our functions or activities and either you have consented. Sensitive information will be used by us only:
for the primary purpose for which it was obtained;
for a secondary purpose that is directly related to the primary purpose; and
with your consent; or where required or authorised by law.
How we collect information
Whenever possible, we collect Personal Information directly from you. Collection occurs when you first apply or request to join Kraljevic Technology or a related service from us to work with us, also during the course of your continues use of Kraljevic Technology we may continue to collection Personal Information.
Information may be collected in various ways, such as mail, internet, telephone, email, email conversations, live chats and in various formats such as forms, letters, electronic file notes and recorded conversations. Users will be identified by a Kraljevic Technology user name and password.
We may also collect Personal Information from other people, organisations and sources, such as when collection from you is impractical or where you have consented to us collecting it from someone else. These may be parties related to Kraljevic Technology, or third parties such as your agent, where you have appointed an agent to act on your behalf in dealings with us (For example, a lawyer or executor).
Where we store collected information
Kraljevic Technology stores user personal information in a number of locations, including:
user documentation scanned or entered into Kraljevic Technology’s computer systems, various equipment, programmes, databases, applications and digital archives;
physical paperwork filed in a secure location; and
electronic files stored securely with third party cloud-hosting providers.
These storage mechanisms may be managed internally by Kraljevic Technology and held locally in Australia and/or Croatia, or they could be managed by a third party storage provider with whom Kraljevic Technology has a contractual relationship with and be held on a server locally or overseas.
What we can use it for
Personal Information will be used by Kraljevic Technology in association with any past or future sales, transactions, interactions or proposals between Kraljevic Technology and a potential customers or investor including to:
identify you when you make an enquiry. for example, we may ask for your date of birth or email address so we can avoid disclosing information to a person who is not you or has not been authorised by you to receive it;
contact you about any problems, products, services provided by us previously, now or in the future;
help prevent or detect fraud or loss;
contact you by any means (including mail, email or telephone) where necessary or appropriate;
contact you for research/feedback purposes;
make changes to your Kraljevic Technology account details;
provide you with a product or service you have requested, including checking that a payment is not mad fraudulently, delivering your purchase to you or ensuring that you benefit from any relevant special offer or promotion;
train staff and for quality assurance purposes;
obtain opinions or comments about Kraljevic Technology products and/or services, including conducting product/user surveys;
respond to your requests for information when you contact us about Kraljevic Technology and its products and services;
conduct prize draws, contests and other promotional offers;
consider employing you if you contact us via one of Kraljevic Technology’s job application websites;
record statistical data for marketing analysis; and
manage employee information, including using it for safety measures and data matching.
This may include disclosure to our overseas related companies within the Kraljevic Technology family in Australia and other countries.
Who can we disclose information to
Kraljevic Technology will not provide information to a third party unless authorised under the Act.
In general, Kraljevic Technology does not sell, rent or otherwise disclose information about you to third parties without your consent. However, there are exceptions. Kraljevic Technology may disclose your personal information to third party service providers so that they can provide certain contracted services to Kraljevic Technology, such as IT support or programming, hosting services, telephony services, mailing or sending of documents to you electronically or otherwise, processing payments and providing fraud checking services.
We prepare anonymous, aggregate or generic data (including “generic” statistics) for a number of purposes, including for product and service development, business promotion and research purposes. As we consider that this is not personal information, we may share it with any third party, such as our suppliers, advertisers, industry bodies, the media and/or the general public where appropriate.
Data Security and Quality
Kraljevic Technology will not use any personal information about our customers or employees without taking reasonable steps to ensure that the information is up o date, complete, relevant and not misleading.
Please take care when submitting personal information to us, in particular when completing free text fields or uploading documents or other materials. Some of our services are automated and we may not recognise that you have provided us with incorrect or sensitive information.
If you believe that any of the Personal Information that we hold about you is not accurate, complete or up to date, please let us know.
Kraljevic Technology will take all reasonable steps to store your personal information safeguarding against loss, misuse and disclosure, such as:
following certain procedures, for example checking your identity against available date when you telephone us and using secure passwords for our computer systems;
limiting physical access to Kraljevic Technology’s premises;
limiting access to personal information to those who specifically need it to conduct their business responsibilities;
requiring our third-party providers to have acceptable security measures to keep personal information secure; and
putting in place physical, electronic, and procedural safeguards in line with industry standards; and destroying personal information pursuant to the law and our record retention policies.
Kraljevic Technology cannot guarantee that your personal information cannot be accessed by an unauthorised person (for example, a hacker) or that unauthorised disclosures will not occur. If we provide you with any passwords or other security devices it is important that you keep these secret and confidential and do not allow them to be used by any other person. Please notify us immediately if the security of these devices is breached.
Access and Correction
We will generally provide you with access to your personal information within 30 days, subject to some exceptions permitted by law. We will also generally provide access in the manner that you have requested (for example, by providing a copy or allowing a file to be viewed), provided it is reasonable and practicable for us to do so. We may however charge a fee to cover our reasonable costs of locating the information and providing it to you.
If you ask us to correct personal information that we hold about you, or it we are satisfied that the personal information we hold is inaccurate, out of date, incomplete, irrelevant or misleading, we will take reasonable steps to correct that information to ensure that, having regard to the purpose for which it is held, the information is accurate, up to date, complete, relevant and not misleading.
If we correct personal information about you, and we have previously disclosed that information to another agency or organisation that is subject to the Act, you may ask us to notify that other entity. If so, we will take reasonable steps to do so, unless this would be impracticable or unlawful.
Communication
Kraljevic Technology may use your information to provide you with communications, publications and updates from time to time, by email, social media and through Kraljevic Technology apps, if you have provided your prior consent or we are otherwise permitted to do so under applicable law.
If you provide us with an email address or phone number, you consent to electronic communication such as notices or reminders being sent to you via that address or number.
Kraljevic Technology may monitor and record communications we receive, including recording and storing threads and comments. This may be done for quality and training purposes to improve the service that we provide, to ensure compliance with our practices and procedure and/or to provide evidence of a transaction such as where a contract is entered into, or a claim is made.
Our Website
From time to time, Kraljevic Technology may enable third parties to advertise on its website or inside its applications. If the link is followed to the third-party website from the Kraljevic Technology website, the website privacy policy of that third party applied, and Kraljevic Technology accepts no liability for breaches of privacy once such a link has been followed.
Kraljevic Technology’s website collects the domain names, not the email addressed of visitors. Our web servers may require you to place a “cookie” (small data file) on your computer’s and/or phones hard drive, in order to tack statistical information about navigation to an throughout certain areas of the site. If you If you are just surfing and reading information on our website, then we collect and store the following information about your visit:
the IP address of your machine when connected to the Internet and the domain name from which you are accessing the Internet;
the operating system and the browser your computer uses, and any search engine you are using;
the date and time you are visiting;
the URLs of the pages you visit; and
if you provide it, your email address.
We use that information to measure the number of visitors to different parts of the site and, for example, to measure the effectiveness of advertising. Although we may publish aggregated information about usage patterns, we do not disclose information about individual machines except for the reasons set out below in this section. We do not sell information which identifies you personally. We may gather more extensive information if we are concerned, for example, about security issues. If necessary, we can disclose information to relevant law enforcement authorities.
Some of our online services may allow you to upload and share messages, photos, video and other content and links with others and/or create a publicly accessible profile for your account. For example:
the communities and forums area of our websites, allows you to post comments (with your account name), which are visible to other users of that service; and
other services allow you to share a link which if clicked on may allow the recipient to access your uploaded content.
You should not expect any information that you make available to others via Kraljevic Technology’s online services to be kept private or confidential. Content and links that you share might, for instance, be forwarded by your recipients to others. You should always exercise discretion when using such services.
2. Clarification and Breaches
Clarification
Further clarification of this policy can be obtained from Kraljevic Technology Pty Ltd’s website. We may amend this Privacy Policy from time to time. The current version will be posted on our website and a copy may be obtained by contacting us at info@Kraljevic Technology.app
Breaches of Policy
If you want to report a suspected breach of your privacy or you do not agree with a decision regarding access to your personal information, please contact us. We have an internal complaints process to address such issues and will promptly acknowledge and investigate complaints.
Any enquires or complaints can be made direct to Kraljevic Technology Pty Ltd’s information department outlined in section 2.1.
We expect our procedures will deal fairly and promptly with your complaint.
Data Breaches
Kraljevic Technology must notify data breaches as set out below.
A data breach occurs when personal information held by Kraljevic Technology is lost or subjected to unauthorised access or disclosure.
Examples of a data breach include when:
a device containing customers’ personal information is lost or stolen, or
a database containing personal information is hacked, or
personal information is mistakenly provided to the wrong person.
Not all data breaches are notifiable.
A notifiable data breach or eligible data breach is a data breach that is likely to result in serious harm to any of the individuals to whom the information relates.
If Kraljevic Technology has reasonable grounds to believe an eligible data breach may have occurred:
legal advice must be obtained; and
Kraljevic Technology must promptly notify the Office of the Australian Information Commissioner (OAIC) and any potentially affected individuals – follow the Eligible Data Breach Statement Requirement Section below.
Kraljevic Technology will also immediately:
Alert all Directors.
Immediately contact our firewall provider to attempt to block a repeat breach and identify the extent of data accessed.
Alert internal users of those Kraljevic Technology systems affected and require passwords be reset.
Action any other remedial action that will reduce or stop the risk of serious harm, for example, freezing accounts, remote wiping of devices and having accidental recipients delete or return data.
If Kraljevic Technology has reasonable grounds to suspect an eligible data breach may have occurred, the notification obligation does not immediately arise and:
Legal advice must be obtained.
Kraljevic Technology will undertake a reasonable and expeditious assessment into the relevant circumstances within a maximum of 30 days. Where compliance with the 30 day limit is not possible, must document the reasons for the delay in a manner which demonstrates that we have taken all reasonable steps to complete the assessment within 30 days.
Kraljevic Technology will lead the assessment and determine the investigative steps to be taken.
The assessment process and its outcome will be documented so as to assist in any future review of the steps taken. This will be particularly important if the outcome of the assessment is that no "eligible data breach" has occurred.
If the assessment finds that an eligible data breach may have occurred we must promptly notify the Office of the Australian Information Commissioner (OAIC) and any potentially affected individuals – follow the Eligible Data Breach Statement Requirements Section below.
Eligible Data Breach Statement Requirements
Kraljevic Technology’s notification Statement must include:
Kraljevic Technology’s contact details;
a description of the data breach;
the kinds of information concerned; and
recommendations about the steps individuals should take in response to the data breach.
Identifying Breaches
Kraljevic Technology does not employ software to interrogate whether a breach has occurred, but instead relies on the Kraljevic Technology “firewall” and also that the systems where this information is held require individual login to mitigate risk. A breach is likely to be identified by our firewall provider, or when it enters the public arena. Kraljevic Technology will continue to monitor whether a more systematic way to identify breaches is possible.
Kraljevic Technology has an internal Privacy awareness on-line training course available to all staff. In addition training on identifying and notifying data breaches will take place.