Last updated: 27 Oct 2023

At NCS Australia, our focus is on bringing together Australia’s best tech talent, working as one to harness technology and advance our communities.  We advance our communities by partnering with governments, enterprises, and people to harness technology, and in doing so, protecting privacy, and keeping information safe and secure is paramount to us.

We take privacy seriously and are committed to ensuring the protection of personal and sensitive information, no matter where you are located.  To do this, we have established several safeguards, protocols, and processes to help us establish and maintain that commitment.  Furthermore, we are bound by the Australian Privacy Principles (“APP”) contained in the Privacy Act 1988 (as amended) (“Australian Act”) in Australia; and by the Information Privacy Principles (“IPP”) contained in the Privacy Act 2020 in New Zealand (“New Zealand Act”) and other applicable privacy and data protection laws.

This policy aims to help you understand how we collect, handle, maintain, store, and use personal and sensitive information.

To find out more, click on any of the sections below:

•    The Type of Information We Collect About You 
•    How We Collect Personal and Sensitive Information
•    How We Use Personal Information 
•    When We Share Personal and Sensitive Information 
•    How We Secure & Protect Personal and Sensitive Information
•    Privacy Options
•    Managing Credit Information
•    How To Access and Correct Personal and Sensitive Information 
•    How To Contact Us

This policy applies to NCSI (Australia) Pty Limited (ACN 089 983 317) and our related bodies corporate in Australia, such as Dialog Pty Limited, ARQ Group Pty Limited, Eighty20 Solutions Pty Limited, Riley Solutions Pty Limited, Access Testing Pty Limited (“NCS Australia”, “we”, “our”, “us”).

We may update this policy from time-to-time and any updates to this policy become effective when published on our website.

By interacting with NCS Australia, you agree that we can use information about you in accordance with this policy and any other arrangements that apply between us.  If you have any questions or concerns, please contact us.

This varies depending on your interactions with us, whether you are an employee, contractor, new or existing customer and the types of products, services, or offerings you require.  If you do not provide certain information that we may need from you, we may not be able to provide you with the services, products or offerings that are tailored to your needs.

The information we collect, and hold includes:

Information About You

•    Identifiers such as name, date of birth, username, password or contact details, or documents that verify an identity such a driver’s license.
•    Company names and relevant individual details of that company including email, ABN, address, and phone number.
•    Information about the services, products, and offerings you have with us or our business partners. 
•    Financial and credit information.
•    Employment information and information about educational background. 
•    Information about interests, preferences, opinions or comments you have made to us.
•    Other information about an identity, such as when an image is recorded on a surveillance camera or when a device is connected to our corporate Wi-Fi at one of our offices. 

In limited circumstances under the Australian Act, we may need to collect certain sensitive information about you, such as information about health, race, ethnicity, political views, criminal history or biometric information (e.g. voiceprint or fingerprint).  We’ll always get express consent as outlined under the Australian Act before we collect this information (except if the collection is required by law).

We may also need to collect personal information about other individuals from you.  We rely on you to get their consent before you provide us with this personal information.  Alternatively, when you apply for a job or position with us, we may collect certain information from you (including name, contact details, working history and relevant record checks) or from any recruitment consultant, previous employers and others who may be able to provide information to us to assist in our decision on whether or not to make you an offer of employment or engage you under a contract. 

Information About How You Use Our Services, Products, And Offerings  

Information relating to browsing or viewing history, habits, and preferences (including via our website apps, or online presence). This includes browser or device information such as location information, IP addresses, cookie IDs, advertising IDs and other unique identifiers, as well as content and service metrics.  For more information, please see our Cookie Policy.
 

Directly From You

When you:

•    Interact with us over the phone, in writing, in person or online (including via our apps, websites or social media).
•    Attend our events, participate in our surveys, or go to our offices.

Automatically Through the Use of Our Products, Services, or Offerings

•    When you interact with our websites, mobile sites, apps, electronic communications, we, or our service providers may use cookies and other similar technologies to collect information about you.  For more information, including what options you have to manage cookies, please read our Cookie Policy.
•    When you invest in our business or enquire as to a potential purchase in our business (and vice versa).

From Other Sources

•    People with permission from you to give us your personal information. 
•    Recruitment agencies, professional associations, registration body, previous employers, or referees.
•    Third party websites and social media platforms that collect and disclose information about you (including via the use of cookies and similar technologies) such as Google or Facebook.
•    Business directories, open data sources, public social media posts, or government agencies such as the Australian Bureau of Statistics.
•    Credit reporting bodies such as Equifax and Illion.
•    Service providers that work with NCS Australia, like companies that help us provide services, products and offerings to you, or identity and fraud checking services, or analytics and advertising- related services (including ad-serving/targeting platforms).
•    Our business partners and companies related to NCS Australia, including companies in the Singtel Group such as Singtel Optus Pty Limited.

Administration And Business Operations

•    Providing our products, services, or offerings (and those of our business partners), communicating with you, managing accounts, and billing, and delivering customer or technical support.
•    Developing, operating, and improving our offerings, product, service, and business processes.
•    Security and verification purposes.
•    Conducting internal investigations, including in relation to fraud and crime. Debt recovery purposes, such as assigning a debt you owe us.
•    Employment-related purposes (e.g. verifying work experience, work rights status, undertaking criminal history checks, or any other background checks when you apply for a job with us).
•    Delivery, provision, installation or repair and maintenance of our products, services, and offerings.

Marketing

•    Communicating with you to market services, products, and offerings we think might interest you (including those from our selected partners).
•    Developing services, products and offerings that may be of interest to you.
•    Communicating with you when you have previously expressed an interest in our services, products, or offerings.
•    Conducting competitions or trade promotions, including with selected partners.

Analytics & Insights

•    Deriving insights about you and who you interact with to identify market segments, market services, products, and offerings, or carry out market research.
•    Assessing the effectiveness of our marketing campaigns to optimise our marketing spend and to personalise our products, services, and marketing messages.
•    Analysing audience ratings information and anonymous viewing and/or browsing data to understand how you and others engage with our services, products, and offerings (including our content services).
•    Supplementing, matching and analysing information about you with information from third party sources (e.g. from Facebook or Google) to learn more about preferences and interests and to create aggregated market segments.
•    We may de-identify information about you to use and share with our business partners. This information may be combined with other demographic information or anonymous identifiers, to develop aggregated insights to improve our products, services and offerings to our customers.

Relevant Advertising

Delivering targeted advertising or other content which might interest you via websites, apps, online services and content services, including through the use of third-party service providers such as ad-serving/targeting platforms.

Compliance

Using personal and sensitive information as otherwise required or permitted by law.

We share personal information with our business partners, clients, and selected third parties for the purposes outlined above, including:

•    Our third-party suppliers and service providers (including providers for the operation of our websites and/or our business or in connection with providing our products and services to you, or as part of an employment recruitment, administration, screening and selection process). 
•    Our analytics and advertising-related organisations.  This includes providers of ad- serving/targeting platforms and third-party proprietary measurement software, such as OzTAM and Nielsen. 
•    Our professional advisers, dealers, and agents.
•    Our clients or potential clients relevant to the particular business engagement that the individual, employee, potential employee, or contractor is conducting with NCS Australia. 
•    Our sponsors or promoters of any competition that we conduct via our services.
•    Our debt recovery numberagents and credit reporting bodies, such as Equifax and Illion.
•    Companies who collect information and data from cookies and other similar technologies.
•    Companies working with us to prevent or investigate unlawful activity (particularly fraud and identity theft).
•    Our employees, contractors, and companies related to NCS Australia including companies in the Singtel Group.
•    Advertisers of third-party services, products, and offerings for the purpose of selling or providing relevant advertising on our websites, and other online services.

When we share personal information, we put measures in place to ensure this information is kept confidential, used securely and only used for the purposes outlined above.  We will not otherwise sell or share information that directly identifies you with any third-party for commercial purposes unless you give us express consent.

However, for commercial purposes, we may de-identify personal information and share it so that our business partners may combine it with other information.  We share this so that our business partners can provide analytical services and anonymised and aggregated insights to their customers and to us.  These insights are about groups of individuals, and not about any one individual.  We have in place safeguards, protocols, and processes to ensure that our clients are not able to re-identify these insights, and they also undertake not to re-identify these insights.

For example, we may de-identify information about customer characteristics and movements to a business customer so they can develop anonymised and aggregated insights and offer services, products and offerings based on these insights for transport planning purposes. 

We also share personal information:

•    To comply with our legal obligations in response to warrants, subpoenas or similar lawful requests for this information (including from credit reporting bodies).
•    For the purpose of a transfer, sale or restructure of some or all of our assets or business.
•    With government and regulatory authorities and law enforcement agencies, as required or authorised by law.

In some cases, we may share personal information with organisations (including some Singtel Group companies, service providers and third parties) located overseas for the purposes listed above.  If we do send personal information overseas, we make sure that this transfer is in accordance with all applicable data protection and privacy laws, and we undertake to ensure that the overseas recipient undertakes to put arrangements in place to protect personal information.

To manage communication preferences, you may opt-out of receiving marketing materials from us by contacting us using the details set out below or by using the opt-out facilities provided (for example, an unsubscribe link).

If you would like to manage the way we use browser or device information for relevant advertising, please follow the steps outlined in our Cookie Policy.

When we assess credit worthiness, we share some personal information with, and collect credit information from credit reporting bodies (“CRBs”).  The information we share is recorded by these CRBs.

The credit information that we collect from CRBs and hold in an electronic format includes:

• Personal identification information.
• Details of enquiries made about you from other creditors.
• Information about credit arrangements you have, such as whether you have opened or closed any accounts.
• Information about any overdue payments, default listings or serious credit infringements, and whether those issues were resolved.
• Other publicly available information about credit worthiness, such as court proceedings you may be involved in.

Personal information we share with CRBs in exchange for receiving credit information may be included in future credit reports provided to other creditors to assist them in assessing credit worthiness.  If you fail to meet payment obligations or we believe you have committed a serious credit infringement, we may also disclose this to the CRBs.

We may use or disclose credit information to:

• Assess credit worthiness for our services, products and offerings and perform general credit management activities, including to verify identity with the issuer or official record holder of identity documents via third party systems.
• Manage an account and perform debt recovery and debt management activities. Manage complaints relating to credit information.
• Protect against and detect fraud and for risk management purposes.
• Protect, enforce, or defend the legal rights of NCS Australia and its related bodies corporate (including enforcement of our agreements and terms of use).
• Comply with law or any legal process.
• Engage third parties to assist us with any of the above.

We’ll tell you before we conduct a credit assessment.  Additionally, we don’t use credit information we have collected about you to generate direct marketing lists.  However, we might ask a CRB to undertake pre-screening to assist us to identify whether you should be excluded from a direct marketing campaign based on certain eligibility criteria.  This helps us assess if a particular offer relating to our services, products and offerings is relevant to you.

You can ask each of the CRBs that we work with not to:

• use credit information to pre-screen for a direct marketing campaign; or
• use or disclose credit information if you think you have been or are likely to become a victim of fraud.

The CRBs that NCS Australia works with are Equifax (www.equifax.com.au) and Illion (www.illion.com.au).  You can find their contact details, more about what they do and how they manage credit information on their websites.

We work with customer service partners that are located within and outside Australia on credit-related matters.  Where necessary, we give our partners secured access to the credit information they need to help manage credit and the services.

We take the protection and security of personal and sensitive information seriously.  We’ll continue to review and improve our security measures to ensure personal information remains protected.

Some of the measures we currently take include:

•    Storage on secure premises.
•    Destroying or de-identifying any personal information when we no longer need it.
•    Using firewalls, virus scanning and access logging tools and encrypting data to protect against unauthorised access to data and our network.
•    Using secure work (and sometimes closed) environments and workflow systems to prevent unauthorised access and copying of personal and Sensitive information.
•    Managing access privileges to ensure that only those who really need it can see personal and sensitive information.
•    Ongoing training and security reviews.

Links

Our website may contain links to websites operated by third parties.  Those links are provided for convenience and may not remain current or be maintained.  Unless expressly stated otherwise, we are not responsible for the privacy practices of, or any content on, those linked websites, and have no control over or rights in those linked websites.  The privacy policy that applies to those websites may differ substantially from our Privacy Policy, so we encourage you to read them before using those websites.

You can contact NCS Australia via the ‘Contact Us’ page on our website (https://www.ncs.co/en-au/forms/contact-us/)  if you wish to request access to, or update your personal or sensitive information (including any credit information) we hold about you.

If you ask us to provide access to other personal information, we’ll usually give you access once we have verified your identity.  We’ll acknowledge your request within 7 days, and provided that you tell us specifically what you wish to access, we’ll usually be able to provide it to you within 30 days of receipt of your request.

If you request access to records which are not current or your request is otherwise complex, it may take longer to locate those records and we may charge you a reasonable administrative fee for the cost of providing access.  If there is a charge, we’ll let you know beforehand so you can decide whether to proceed.

If we can’t give you access to your personal information or if it is not appropriate to make the changes you request, we’ll contact you to explain why.

If we agree that your personal information needs to be corrected, we will do so within a reasonable period of time.  If we agree that our records of your credit information need to be corrected, and we've previously disclosed that information to a CRB or other third party, we'll tell them what must be corrected.  However, if we cannot correct your personal information or it is not appropriate for us to make the changes you request, we’ll contact you to let you know why.

In some cases, you may be able to request a deletion of your personal information held by NCS Australia or one of its related bodies corporate.  However, it is worth noting that your personal information cannot always be deleted, particularly if we are legally obliged to hold it.  If we cannot delete your information, we’ll contact you to explain why.

If you have a question regarding this policy, a complaint about how we handle personal and sensitive information, or wish to make an access request, you can contact us by:

• Website: NCS Australia via the ‘Contact Us’ page on our website (https://www.ncs.co/en-au/forms/contact-us/)
• Letter addressed to: NCSI (Australia) Pty Limited, 1 Lyonpark Road, Macquarie Park NSW 2113

If you make a complaint, we’ll acknowledge receipt and aim to investigate and respond to you within 30 days or earlier (and as required by law).  If we can’t resolve the complaint, you may contact the Office of the Australian Information Commissioner (https:/www.oaic.gov.au/about- us/contact-us/)