Privacy Policy

1. Purpose of the Policy

This Privacy Policy applies to By the Numbers Pty Ltd (ACN 136 627 695) T/A By the Numbers Accounting (“BTN”) and describes the personal information that may be collected by us, the choices you make about your personal information and how we protect your information.

BTN is bound by the Privacy Act 1988 (Cth) (“Privacy Act”), including any relevant privacy code registered under the Privacy Act. BTN is committed to complying with the Privacy Act in relation to all personal information we collect and committed to protecting the privacy of personal information obtained through its professional service operations.

The Privacy Act incorporates the Australian Privacy Principles (APPs) which set out the way in which personal information must be treated.  Disclosure of such information may be compelled by law (for example, under the Social Security Act 1991 (Cth)).

This Privacy Policy governs the BTN business and applies to any person for whom we currently hold, or may in the future collect, personal information (whether or not a client of BTN). This policy does not apply to matters which relate directly to the employee records of our current and former employees. In general terms, ‘personal information’ is information or opinions relating to a particular identifiable individual. Information or opinions are not personal information where they cannot be linked to a particular individual.

2. Acknowledgement of BTN’s Privacy Policy

By your use of the website and our professional services, you consent to the collection, storage, use and disclosure of your personal information in accordance with this Privacy Policy and as otherwise permitted under the Privacy Act and you understand that this Privacy Policy applies to information provided to us whether via the website or through any other means. By using the BTN website, you acknowledge to have read and understood this Privacy Policy. This Privacy Policy does not extend your rights or BTN’s obligations beyond those defined by the Privacy Act.

Should there be any inconsistencies between this policy and the Privacy Act, this Privacy Policy shall be interpreted to give effect and comply with the Privacy Act.

The BTN website contains links to non BTN websites. BTN is not responsible for the Privacy Policies of those other websites and BTN recommends that you should review the Privacy Policies of those other websites.

3. Collection of personal information

BTN collects personal information that is reasonably necessary for, or directly related to, its professional services. The types of personal information that BTN may collect and hold includes the following:

  • Name
  • Contact number
  • Personal or Business email address
  • Personal or Business mailing address
  • Title
  • Nature of business
  • Financial records
  • Financial information (including information about assets and investments, banking and credit card information)
  • Tax File Numbers
  • Qualifications, memberships and other accreditations and
  • Advice received from client or prospective client that may contain additional personal information, such as business-related connections and familial relationships.

BTN only collects personal information that has been directly provided to BTN by clients or prospective clients, associates of clients, suppliers or potential suppliers, BTN employees or potential employees or otherwise personal information available in the public domain where such information will assist BTN with the provision of services to BTN’s current or prospective clients. Personal information may have been provided in writing or verbally.

If clients or prospective clients do not provide personal information when requested, BTN may not be able to deliver the service that is required. BTN will endeavour to make this as clear as possible for each service. BTN will collect personal information from the user by lawful and fair means.

We manage the personal information we collect by implementing appropriate privacy management systems when dealing with your personal information, reviewing our privacy compliance from time to time and implementing security measures (such as unique usernames and passwords on our computer systems) to safeguard the personal information we collect. We will comply with our professional obligations (including confidentiality obligations) in dealing with your personal information at all times.

 ‘Sensitive information’ is a subset of personal information includes personal information that could have serious ramifications for you if used inappropriately. You consent and agree that the sensitive information that we collect and hold about you will include any information necessary so that we can provide our professional services to you. This may include professional or trade associations, racial or ethnic information, political opinions, any sensitive information required to be disclosed by law and any other sensitive information that we require to perform the professional services that you require. We will not collect sensitive information without your consent unless permitted under the Privacy Act or in accordance with law.

4. How we use personal information

The main purposes for which BTN collect, hold and use personal information are:

  • for BTN to provide services;
  • to maintain contact with clients;
  • to keep clients and contacts informed of the services that BTN offers and of any current developments and updates such as changes of business hours;
  • for administration and management purposes;
  • to provide users with information about other services that BTN offers and that may be relevant to the user; and
  • other purposes that are related to BTN’s business.

If BTN collects, holds or uses personal information in ways other than as stated in this Privacy Policy, BTN will ensure to collect, hold or use personal information pursuant to the requirements of the Privacy Act.

Employee records are not generally subject to the Privacy Act and therefore this policy may not apply to the handling of information about employees of BTN.

5. Unsolicited Information

“Unsolicited” personal information is personal information about an individual that BTN has unintentionally received. This is not a common occurrence for BTN but when it does occur, BTN will seek to ensure to protect such personal information with same rigor to those personal information that BTN intended to collect.

6. Disclosure of Personal Information

Personal information is not disclosed to any third party unless the disclosure is:

  • required by law, rules and regulations and/or professional standards;
  • necessary to provide the client or prospective clients with the product or service requested;
  • to protect the rights, property and personal safety of a BTN client, prospective client, the public and the interests of BTN; and
  • given with consent.

Should it be necessary for BTN to forward personal information to third parties, BTN will make every effort to ensure that the confidentiality of the information is protected.

7. Overseas and Data Retention Disclosures

BTN’s Administration, Business improvement Accounting & Bookkeeping operations may occur overseas and BTN may use the following overseas contractors and their facilities: Frontline Accounting. As a result, BTN may at times require the exchanges of personal information of BTN’s clients and/or prospective clients between locations and firms. The personal information may be transferred to countries whose privacy laws do not provide the same level of protection as compared to Australia’s privacy laws. In the event that personal information is disclosed to overseas recipients, BTN will take all reasonable steps to ensure that any personal information is secure and is treated in accordance with the Australian Privacy Principles.

We hold, or may hold your personal information electronically, physically, on our premises, in off-site storage facilities in Australia (in any account held by us or held by or owned by any Company or Trust or legal entity from whom we lease commercial premises), by a third party data storage facilitator and/or provider in Australia and/or overseas (including but not limited to international cloud computing services in overseas countries including but not limited to Philippines and the United States Of America), through third party providers such as Xero, Mailchimp, Practice Ignition, Asana, Suitefiles, ChangeGPS, NowInfinity, YouCanBookMe, Outlook, WorkFlow Max, DocuSign and Dropbox, by an email filtering host in Australia and/or overseas, through internal servers, our website, private cloud, as well as on electronic storage devices. If you send an email to us, the information in your email (including any personal information) may be retained on our systems in accordance with our procedures. 

8. Accessing your personal information

Users have the right to request access to the personal information that BTN holds about such user. This right is subject to certain exceptions allowed by law.

Upon your request and subject to applicable privacy laws, BTN will provide you with access to your personal information that is held by BTN. You must thoroughly identify the types of information you are requesting. BTN will deal with your request within a reasonable time – usually within 30 days from the date of the request. BTN may also recover from you any reasonable costs incurred in supplying you with access to your personal information.

9. Exceptions under Law

You do not have absolute right to access personal information. The law permits BTN to refuse your request to provide you with access to your personal information, such as circumstances where:

  • access would be unlawful;
  • access would pose a serious threat to the life or health of any individual;
  • access would have an unreasonable impact on the privacy of others; and
  • access may prejudice enforcement activities, a security function or commercial negotiations.

10. Information Security

BTN will take all reasonable steps to protect against the loss, alteration and/or misuse of any personal information under BTN’s control. BTN is committed to keeping your trusts by protecting your personal information.

BTN employs the most appropriate technical, administrative and physical procedures to protect the security of your personal information. BTN only keeps personal information for as long as it is required for business purposes or by the law.

Whilst we take reasonable steps to ensure that all personal information that we hold is secure from any unauthorised access, misuse or disclosure, no data transfer over the internet is ever one hundred percent (100%) secure and we cannot guarantee that personal information cannot be accessed by an unauthorised person (for example, a hacker) or that unauthorised disclosures will not occur. Information you send to us, from your workplace, for example, may possibly be accessed by your employer or an intermediate service provider.

If you send any information (including personal information) to us through the internet or through any other electronic means, you do so at your own risk. Some of the methods we use to store and secure personal information include using security cards to access areas that contain personal information, using designated areas (that do not contain personal information) to meet with clients and non-employees of BTN, using customised usernames, passwords and other protections on computer and other systems that can access personal information, as well as using lockable storage devices for storing some more sensitive information, other important documents or financial records.

11. Data retention

When you visit our website, our internet service provider may make a record of your visit and may record, amongst other things, matters such as your personal domain name (if relevant); and/or the time and date of your visit to our website; and/or your internet address. Usually, but not always, this information is applied for statistical purposes. When you visit the website, the server may attach a “cookie” to your computer’s memory. Your browser stores cookie messages in a text file and sends these back to our website each time the browser requests a page from the website. From time to time, we may use cookies to measure usage periods accurately, as well as to obtain an idea of which areas of our website attract traffic. If you do not wish to receive cookies, you may be able to alter your browser settings accordingly. The website may link directly to websites operated by third parties (“third party sites”), which third party sites you acknowledge are not operated by us. We encourage you to review the Privacy Policy (if any) of any third party sites, especially because you agree that we are not responsible for the content or practices of those third party sites or their Privacy Policies regarding the collection, storage, use and disclosure of your personal information.

12. Cloud Computing Services & Storage

 We use or may use international cloud computing services such as Microsoft Outlook for e-mail, calendar and contacts data storage. Such e-mail, calendar and contact data storage data is encrypted (effectively, access can only be obtained through a secure username and password system), so that the personal information contained in e-mail, calendar and contact data is protected from unauthorised access.

Countries in which such e-mail, calendar and contact data may be stored include (but are not limited to) Australia, United States of America and the Philippines. We conduct due diligence on proposed cloud computing service providers, prior to engaging them and as part of this due diligence, we satisfy ourselves and accordingly reasonably believe that the overseas recipient is subject to a law, or binding scheme, that has the effect of protecting the personal information in a way that, overall, is at least substantially similar to the way in which the Australian Privacy Principles protect the information and also that there are mechanisms that you can access to take action to enforce that protection of the law or binding scheme. We also satisfy ourselves that we will possess effective control over the data.

13. Loss of personal information

Despite BTN’s effort to protect your personal information, there remains the possibility for a breach of security to occur. In the event of loss of personal information, BTN will:

  • seek to immediately identify and secure the breach to prevent further breaches;
  • engage the appropriate authorities where criminal activity is suspected;
  • assess the nature and severity of the breach including the type of personal information involved and the risk of harm to affected individuals;
  • notify the affected individuals directly where possible; and
  • notify the Privacy Commissioner if the breach is significant.

14. Website Security and Privacy

BTN will take all reasonable steps to have systems in place to ensure the security of your dealings with BTN at all times.

16. Updating your information

It is important that the personal information or credit information that we hold about you is up-to-date. BTN will take all reasonable steps to ensure that all personal information held by BTN remains accurate. If you advised BTN of any change of details, BTN will amend your records accordingly.

Where a third party disclosed your personal information, BTN will take all reasonable steps to notify the third party of any correction.

Where BTN is unable to update your information, BTN will provide an explanation as to why the information cannot be corrected.

17. Privacy Enquiries

If you wish to make an enquiry about your personal information that BTN collected, used or held, or make a compliant because you believe that BTN may have breached the Australian Privacy Principles, you can:

·      write to BTN at info@btna.com.au; or

·      call BTN on 03 8669 1751

20. Changes to this Privacy Policy

We may update, modify or remove this policy at any time without prior notice, with any updated version of our privacy policy being posted on our website. You should review this Privacy Policy regularly to ensure that you are at all times aware of any variations made to this Privacy Policy. You agree that you will be deemed to have consented to such variations of this Privacy Policy by your continued use of the website or our services following any such change or changes to our Privacy Policy being made. If you have any comments on the policy, please contact us through the contact details mentioned above.

Last Updated: 01/07/2019