Privacy Policy

Privacy Policy

SupplyWise recognises the importance of protecting Personal Information and is committed to respecting your privacy rights. This Privacy Policy tells you how we collect information from you and what we do with it.

We are compliant with the Australian Privacy Principles in the Privacy Act 1988 (Cth) (Act) in relation to the handling of Personal Information. Further information, including a full version of the Australian Privacy Principles, contained in Schedule 1 of the Act, can be found at the Office of the Australian Information Commissioner website:

https://www.oaic.gov.au

Definitions

For the purposes of this Privacy Policy, all references to "SupplyWise", "we", "us" or "our" in this statement are references to SupplyWise AU Pty Ltd (ACN 680 858 824).

The terms "customer" or "you" in this statement includes all visitors to and users of our website, and any customer of our services and products.

"Personal Information" is information or an opinion about an individual, or an individual who is reasonably identifiable, whether the information or opinion is true or not.

The term "our website" refers to our website at: www.supplywise.com.au.

Collection and Use of Information

We only collect Personal Information that is necessary or directly related to our business functions or activities with you. Personal Information will always be obtained lawfully and fairly and will be collected directly from you whenever it is reasonable and practicable to do so in the provision of our products and services to you.

We collect information from you when our products and services are engaged or you have any other dealings with us.

The kinds of Personal Information we gather may include your:

• name;
• gender;
• contact details (including email, email and telephone details);
• date of birth;
• business ABN or ACN;
• details of any related trust entities;
• if applicable, the ABN of the trust entity;
• employment details which are relevant to us;
• payment information, such as credit card or bank details;
• credit references;
• identity document details, including passport and driver's licence;
• property ownership;
• credit and financial information, including information regarding insolvency or court proceedings relating to you, credit scores, credit evaluations and other information related to your credit-worthiness;
• consumer and commercial credit reports, including reports obtained from credit reporting bodies and reports relating to credit payment and default information, including credit accounts held and your repayment history;
• location from which you access our website or app;
• details relating to your use of our website or app, including (but not limited to) your passwords and login details;
• trade reference details, including name, address and contact; and
• any other information pertaining to the products and services we provide to you.

If we receive Personal Information from you that we did not ask for, and that Personal Information is sensitive information or is not reasonably necessary for our functions or activities, we will destroy or de-identify the information.

It is unlikely that we will use the services of an overseas data centre, however if we do store your information in an overseas data centre it will be done in compliance with the Privacy Act 1988 (Cth) and we will inform you prior to any storage of data overseas.

We may disclose your information to third parties outside of our organisation if you give us express permission to do so, or if we are required to do so by law. We will store Personal Information that we collect in computer systems and databases operated by us or our external service providers, such as third party cloud storage providers.

We may disclose your Personal Information to third parties who directly work with us in our business to provide, promote or improve the products or services you have requested or engaged us for. Our employees have access to personally identifiable information. All employees are bound to uphold this policy and observe your right to privacy and confidentiality. We may also disclose Personal Information to any related entity of SupplyWise for the purpose of cross marketing products or services that we consider maybe relevant to you.

You do not have to disclose your Personal Information to us, however if it is not disclosed, further engagement of our services may not be possible under usual terms of business. We will endeavour to accommodate any requests not to disclose Personal Information to us, however alternative terms of trade may be required for the provision of our goods and services. You may request that we do not transfer any of your information outside of Australia, or revoke our permission to do so, but in such case we may not be able to provide the services or products you have requested from us.

We will only use your Personal Information for the purposes of:

• providing services to you, in accordance with our terms and conditions and the contract entered into between us;
• as outlined in this Privacy Policy;
• invoicing and collections of monies. This will include sending you emails, invoices, and notices of delinquency;
• providing customer service and to obtain feedback;
• improving the services we offer;
• meeting legal requirements such as complying with court orders and valid subpoenas;
• prosecuting and defending a court, arbitration or similar proceeding.

We store all emails, invoices, statements and correspondence, and endeavour to keep records of all verbal and written communications so we have a history of our interactions with you to provide our services to you in an accurate and efficient manner.

Should you wish to alter your Personal Information held by us, please contact our office and advise of the requested amendment. We will response within a reasonable timeframe. If you establish that the Personal Information we hold about you is not accurate, complete and up to date, we will take reasonable steps to correct the information. If we do not agree that the information requires correction or there are no reasonable steps we can take to correct the information, we will provide reasons for denial of correction.

Tracking Usage

The use of cookies and tracking technology may record information such as Internet domain and host names, Internet protocol (IP) addresses, browser software and operating system types, click-stream patterns, and dates and times that our website is accessed. The use of cookies and other tracking technologies allows us to improve our website and your browsing experience. We may also evaluate information that does not contain Personal Information for trend analysis.

Cookies are supported by most web browsers, but you can set your browser to block cookies and you can delete them whenever you like.

If you decide to delete or block certain cookies, special offers contained on our website may not be available to you. You also may find that some parts of our website won't work, especially where cookies are used for security and fraud detection functions.

Other Websites

You may be able to access other sites by clicking on links that we have provided on any part of our website. We are not responsible for the privacy practices or the content of these linked websites.

Change Notifications

Any changes to this Privacy Policy will be posted to our website. Changes to our Privacy Policy will become effective as of the date we post on our website and will generally be notified by means of an update on our website. Our Privacy Policy is also available by contacting our Privacy Officer by email at the address detailed below.

Data Accuracy and Security

Every effort will be made to ensure the security of your Personal Information to protect it from misuse, interference, loss or unauthorised access, and to ensure that your Personal Information is complete and accurate. If your data changes, then you are responsible for notifying us of those changes so that we can keep your details up-to-date and accurate. When no longer needed, reasonable steps will be taken to ensure that your information is destroyed and/or de-identified. Unless an exemption under the Privacy Act applies, we will, at your written request, provide you with a copy of any Personal Information which we hold about you. We will inform you of any applicable fee and obtain your agreement to it before providing any information.

Privacy Queries, Corrections and Complaints

To access, correct or update your Personal Information, or to raise a question or concern or complaint regarding our collection and use of Personal Information please email us at [Contact Email].

or notify us by mail at:

[Mailing Address]

Any complaint regarding our collection or use of your Personal Information (Privacy Complaint) must be made in writing either by email or post to our office. Your complaint should set out the type of Personal Information that is the subject of the complaint, and details of the alleged improper collection or use.

After receiving a Privacy Complaint, we will respond to you acknowledging receipt of the complaint. This acknowledgement will also include the contact details of the person responsible for reviewing your Privacy Complaint, and an estimated substantive response time. We will then conduct a review of your Privacy Complaint and provide you with a substantive response within a reasonable time, having regard to the nature of your Privacy Complaint. The substantive response will also include information regarding how you may make a complaint to the Information Commissioner should you not be satisfied by our response.

For more information on your rights regarding complaints, please refer to the website for the Office of Australian Information Commissioner at: https://www.oaic.gov.au/

Destruction of Records

When we no longer require your Personal Information and have no legal obligation to maintain records of it, we will either destroy or de-identify your Personal Information.

Notifiable Data Breach

If we identify reasonable grounds to believe that unauthorised access or disclosure of your Personal Information has occurred, or that your Personal Information has been lost and is at risk of being subject to unauthorised access or disclosure, then we will notify you in writing and provide you with a copy of the written statement which we provides to the Information Commissioner. The following information will be included in the written statement:

• a description of the possible data breach that may have occurred;
• what kind of Personal Information has potentially been affected;
• recommended steps you should take in order to protect yourself; and
• if applicable, the details of the source of the data breach if we has reasonable grounds to believe the data breach was constituted by a third party.

Should we be unable to contact you, then we will publish the above information on our website.