- Authorised User means an individual end user who holds a registered account with NORRLINK and is authorised by a Customer to access (including to view) or use the products or services that have been purchased by the Customer;
- Customer means a person who orders products or services with NORRLINK or uses the NORRLINK’s Store;
- NORRLINK Store or Store means the online store located at https://norrlink.com/shop.
- Websitemeans https://norrlink.com.
NORRLINK is bound by the Privacy Act 1988 (Cth) (Privacy Act) as amended, including the Australian Privacy Principles (APPs). The APPs are designed to protect the confidentiality of information and the privacy of individuals by regulating the way personal information is collected, used, disclosed and managed. Personal information is, generally speaking, information or an opinion relating to an identified, or reasonably identifiable, individual, whether the information is true or not and whether the information is recorded in a material form or not.
Why do we collect personal information?
We collect personal information for a number of purposes connected with our activities and operations, including to develop, provide and improve our products and services, for verification purposes, to understand and meet the needs and requests of individuals we engage with and to meet our legal obligations.
What personal information do we collect and how do we collect it?
The type of personal information we collect may include contact information (eg name, email address, postal address, company information, and other profile information), login details, comments, preferences, feedback and user data.
We collect personal information in a number of ways, including directly from you, when you provide it to us or our agents, contractors or distributors.
Personal information may be collected by way of emails, phone conversations (which may be recorded for quality control purposes in accordance with applicable laws), forms filled out by individuals (including via online forms), feedback, enquires, support requests, surveys, competitions, online user-generated content, market research, video conferencing, face-to-face meetings and interviews. If you are an Authorised User, we may also collect your personal information from your nominating Customer. We may supplement the information we receive from you with information from third party sources such as our distributors and licensees. You may in some circumstances have the option of not identifying yourself or using a pseudonym when you deal with us. However, if you choose not to provide the information we need to fulfill your request for a specific product or service or to participate in NORRLINKs development activities we may not be able to provide you with the requested product or service or we may not be able to allow you to participate in our activities.
Sometimes our activities require us to collect sensitive information.
NORRLINK does not collect billing information such as payment card details. Third-party Payment Gateway providers are used for online payment card transactions made via NORRLINK Store and for payment of invoices online or by phone.
When purchasing a product or service from the NORRLINK Store or paying a NORRLINK issued invoice online or by phone:
- Customers will be directed to a payment gateway provider.
- Payment card details are submitted to the payment gateway provider and cannot be viewed by NORRLINK.
- NORRLINK will receive certain information about Customers from the payment gateway provider (including payment card details in a hashed format and the Customer’s name and IP address) to enable NORRLINK to provide products and services ordered by Customers.
Analytics and Cookies
In addition, NORRLINK uses the Google AMP Client ID API to consolidate information on each unique visitor to their many interactions with our site. This consolidated information provides a more accurate picture of visitor journeys and use of our services and website. The Google AMP Client ID API assigns a unique randomly generated identifier to each visitor and uses this identifier to link all activity associated with that particular visitor. The unique identifier, web analytics data and Cookies do not contain personally identifiable information such as your name or email address and therefore cannot be used to identify you.
You can find out more information on how Google uses data when you use NORRLINK’s sites or apps at www.google.com/policies/privacy/partners/.
How might NORRLINK use and disclose your personal information?
Generally, NORRLINK may use and disclose your personal information for a range of purposes, including to:
- provide you and any of your Authorised User(s) with our products or services that you have requested (including watermarking the publications that you have purchased with your name and details for licensing purposes);
- respond to your queries or feedback or provide customer service support;
- analyse and improve all aspects of our business including, but not limited to, our products and services, our standards development processes, our Store, our business systems, processes, outcomes, communication, website, engagement and performance;
- authenticate users to enable access to NORRLINK’s systems;
- facilitate your participation in forums, social events and educational events
- facilitate participation in our governance forums and activities; and
- consider employment or other engagement applications.
Your personal information may also be used so we can:
- provide you with any communications or publications in which we think you might be interested; and
- let you know about developments in our procedures, products, services, activities and programs that might be useful to you,
by way of direct mail or telemarketing and (where you have opted in) by email, SMS or MMS (recipients who no longer wish to receive such communications can request to be removed from the distribution list by following the unsubscribe instructions in the relevant email, SMS or MMS).
Disclosure of personal information to other parties
NORRLINK may disclose your personal information to third parties such as our members, professional advisers, committee members, external service providers ( ie providers of services including website and data hosting, cloud storage, DRM (see below), shipping and distribution, IT support, distribution of promotional and transactional communications, standards and other publications, surveys and feedback, market research and promotional activities, training, operational, organisational and management services), and government, statutory or regulatory bodies.
We use a third-party service provider for Digital Rights Management (DRM). This technology allows NORRLINK to track user activity (such as the content that was opened, date, time and IP address) to improve and protect our products and services.
NORRLINK may apply a watermark to the products ordered by Customers that includes the name and company details of the Customer and its Authorised User(s). NORRLINK may disclose the name and company details of the Customer and its Authorised User(s) to the DRM provider for this purpose.
Certain promotions and advertising campaigns may be hosted on a landing page controlled by a third party service provider. If you visit these sites and pages, your browser communicates directly with the service provider and user data entered on these pages (such as your email address and name) is stored by our service provider. Your personal information is then disclosed to NORRLINK.
We do not sell or license your personal information to third parties.
Security and management of personal information
NORRLINK will take reasonable steps to protect the personal information we hold from misuse and loss and from unauthorised access, modification or disclosure. The ways we do this include:
- limiting physical access to our premises;
- limiting access to the information we collect about you (for instance, only those of our personnel who need your information to carry out our business activities are allowed access and committee members only have access to the contact details of members of their own committee and not other committees);
- using a payment gateway for secure handling of your billing information;
- requiring any third-party providers to have acceptable security measures to keep personal information secure; and
- putting in place physical, electronic, and procedural safeguards in line with industry standards.
If we no longer require your personal information and are not legally required to retain it, NORRLINK will take reasonable steps to destroy or permanently de-identify the personal information.
Links from our website to other websites
Our website may contain links to third party websites. We do not operate these websites and therefore are not responsible for the collection or handling of personal information by the operators of these websites.
Updating your personal information
We endeavour to ensure that the personal information we hold about you is accurate, complete and up-to-date. Please contact NORRLINK at the contact address set out below if you believe that the information we hold about you requires correction or is out-of-date.
Updates to this Policy
If you are concerned that we have not complied with your legal rights or applicable privacy laws, you may bring a complaint internally through our complaints process or you may decide to make a formal complaint with the Office of the Australian Information Commissioner (www.oaic.gov.au) (which is the regulator responsible for privacy in Australia).
We will deal with complaints as follows:
Step 1: let us know
- If you would like to make a complaint, you should let us know by contacting our Privacy Officer (see below for contact details).
Step 2: investigation of complaint
- Your complaint will be investigated by our Privacy Officer.
- A response to your complaint will be provided in writing within a reasonable period.
Step 3: contact OAIC
- We expect our procedures will deal fairly and promptly with your complaint. However, if you remain dissatisfied, you can also contact the Office of the Australian Information Commissioner as follows:
|Office of the Australian Information Commissioner (OAIC)|
|Complaints must be made in writing.|
|1300 363 992|
|Director of Compliance|
Office of the Australian
GPO Box 5218
Sydney NSW 2001
NORRLINK PTY LTD
PO BOX 1043, 22 Central Ave, Manly NSW 1655
Attention: The Privacy Officer
We will endeavour to respond to all complaints and correspondence promptly.