Greenlight Privacy Awareness Policy
Greenlight is committed to the privacy of its customer’s records and for your information we have documented Greenlight’s information handling practices below. Please contact Greenlight on 02 8412 0000 if you wish to discuss any aspect of Greenlight’s information handling practices.
The kinds of personal information held by Greenlight and how it is collected
Greenlight only collects personal information from you that is necessary for it to perform its functions. The personal information Greenlight holds about you will depend on the services you request from Greenlight and the use that you make of those services. However, the information may include:
- your name, address, position and contact details;
- your date of birth;
- account name and account number held by financial institutions from which payments for services provided by Greenlight are made and information obtained as a result of credit checks which you authorise us to carry out;
- records of communications between you and Greenlight relating to services provided by Greenlight to you;
- records of use made by you of services provided by Greenlight to you;
- billing statements.
Use of your personal information
Greenlight respects your privacy. As a result, Greenlight does not trade, rent or sell your personal information.
The primary purpose for which we use your personal information is to provide you with a telecommunications service.
In the course of providing a telecommunications service to you, we may also use your personal information for related purposes, which include the following:
- processing your application, carrying out credit checking and scoring and ongoing credit management of your account;
- provisioning or connecting your service;
- network routing;
- providing you with a customer service;
- credit checking;
- billing you for that service;
- investigating complaints in relation to your service;
- investigating and fixing faults in relation to your service;
- following up any payments that you may owe us;
- administering contractual agreements or arrangements necessary to provide services to conducting market and product analysis and sending you product or services information.
We may also use your information to tell you about our other products and services or bundled offerings, provided by Greenlight.
We may use your information to tell you about products and services or bundled offerings provided by Greenlight in conjunction with either:
- our related bodies corporate (including those outside Australia ); or
- our marketing partners with which we share our marketing and advertising activities; or
- other businesses that produce or deliver products or services in conjunction with, or on behalf of, Greenlight.
We will not provide your information to these entities for the purpose of them contacting you in respect of a product or service with which Greenlight is not involved.
How Greenlight collects personal information
For corporate customers, Greenlight collects some personal information from company employees, principals or directors of the company in order to provide services to the company.
For individual customers, Greenlight collects personal information directly from you when you supply it to us in connection with a request for services. Greenlight may also collect personal information from third parties such as:
- resellers of telecommunication services;
- credit providers or credit reporting agencies contacted by us (or by external service providers on our behalf) in the course of carrying out a credit check;
- other entities who provide services to us which are related to the provision of telecommunication services provided to you;
- government agencies which administer laws regulating telecommunication service providers, or complaint resolution processes established under those laws; and
- independent sales organizations.
Contracting out services and disclosures
Greenlight contracts out some services such as mailing, credit checking, provisioning, verification of sales and fault fixing to external providers. Greenlight may disclose your personal information to these organizations but only so that they can provide you with the services Greenlight has contracted out.
Greenlight may disclose your personal information to:
- other telecommunications service and equipment providers,
- Greenlight’s related bodies corporate,
- credit providers,
- credit reporting agencies,
- organizations to whom Greenlight outsources services (such as mail houses),
- legal, financial and accounting advisers;
- our marketing partners with which we share our marketing and advertising activities, and
- other businesses that produce or deliver products or services in conjunction with, or on behalf of, Greenlight.
At your request, Greenlight may disclose your information to directory providers so that your information can appear in telephone directories.
Personal information shared with related bodies corporate may include your name, address and service history.
Greenlight may disclose some of your personal information such as your name and address to organisations located outside Australia in countries which do not have the same or substantially similar privacy laws but only to the extent necessary to provide you with telecommunications services requested by you.
Greenlight may disclose your personal information if required to by law.
At all times, parties to which we contract services or disclose your personal information are either covered by contracts which protect your personal information or are subject to obligations which are substantially similar to the Australian Privacy Principles.
Access to Personal Information
Generally, you have the right to see or obtain a copy of personal information about you that we may hold.
Greenlight will handle requests for access to personal information in accordance with the Australian Privacy Principles.
To request access to your personal information, please contact our Call Centre on 02 8412 0000.
As long as we can verify your identity, the person you speak to may be able to provide you with the information you require over the telephone. If you wish to have a copy of any information, we will ask that you put your request in writing and either post or fax that request to us. Again, this is to ensure that we can verify your identity.
In some cases, we may need time to consider and respond to your request for access. If we need time to consider your request, we will acknowledge your request within 14 days and respond within a maximum of 30 days.
If for any reason we refuse to give you access to your information we will let you know why, in writing.
The circumstances in which we may refuse to give you access to personal information we hold about you include where giving you access:
- would have an unreasonable impact on other people’s privacy;
- would prejudice any negotiations we are having with you;
- would prejudice an investigation of unlawful activity;
- would prejudice activities carried out by, or for, a law enforcement body.
If you believe that we hold personal information about you that you consider to be inaccurate, incomplete or out of date you should tell us by calling 02 8412 0000. In most cases, we will amend any inaccurate, incomplete or out of date information. In some cases it is necessary for us to keep a record of what we know or understand to be correct at a particular time. However, in those circumstances, if you request, we will take reasonable steps to associate with the relevant record of your personal information a statement to the effect that you claim the information is inaccurate, incomplete or out of date. We would ask that you discuss your request with us by calling us.
Security of your personal information
Greenlight is committed to protecting your privacy and recognizes its obligations to take all reasonable steps to protect your personal information from misuse and loss and from unauthorized access, modifications or disclosure both under the Privacy Act 1988 and the Telecommunications Act 1997.
Security of your information while on line
Our web server is capable of up to 128bit SSL encryption. Note however, that our web server can only chose the highest common level with your browser. If you use older browsers, you may find that it only supports 40bit or 56bit encryption.
Cookies are small text files that our web server may ask your web browser to store on your machine.
The cookie cannot tell who you are, or determine your personal details, and is not used to actually track your access, apart from making sure you are the same person over a given “session” online. Although you could turn off cookies and not normally have any problems accessing many parts of our sites, there are other parts of our web server that rely on cookies. For instance we may use a cookie to store information temporarily between various pages in a lengthy multi-part order form, or to store screen preferences.
We do not make use of 3rd party cookies on our website.
Targeting cookies or advertising cookies
These cookies are used to deliver adverts relevant to you. In addition, they limit the number of times you see an advertisement as well as helping us measure the effectiveness of our advertising campaigns.
Security of Stored Information
We take physical and electronic measures to secure your information. We store your personal information in password-protected servers that are in a restricted and monitored area. Access to this information is limited.
You also have a role in security of your personal information in some cases. For example, if you have been given access to our “Your Account”, where you may pay your bill, look up call information and so on, it is your responsibility to protect your own personal access password.
Some of our websites contain links to other, external websites. Greenlight is not responsible for content or privacy policies websites that we do not operate.
Website Access Logs
All accesses to pages on our websites are “logged”. The sort of information contained in these logs cannot easily identify you personally, but instead contains such things as a list of the pages accessed, and the sort of browser used.
The information is used to check for attempts at “hacking”, or other fraudulent activity, to indicate missing pages or other web server problems. It is periodically summarized to provide general statistics such as the number of people viewing particular parts of the site.
The third parties who host our servers do not control, and are not permitted to access or use your personal information except for the limited purpose of storing the information. For the purposes of Australian privacy legislation and Australian users of the Service, information that we collect may from time to time be stored, processed in or transferred between parties located in countries outside of Australia. We may use SaaS, cloud computing, servers or other technologies from time to time in the future and your information may be stored outside Australia. We will not disclose personal information to a recipient in a foreign country unless we are satisfied that the local laws are equal to or more stringent than the Australian Privacy laws, or we have a contractual arrangement that ensures that the recipient shall comply with the Australian Privacy Laws.
Mandatory Data Breach
We are aware of and shall comply with the Mandatory Data Breach reporting obligations as set out in the Privacy Act.
We are a managed service provider providing IP support, project services, software solutions and sales and marketing support. Given the nature and location of our client base, it is unlikely that we are legally compelled to be compliant with the GDPR. But we are committed to ensuring the security and protection of the personal information that we process, and to provide a compliant and consistent approach to data protection. We have always had a robust and effective data protection program in place which complies with existing Australian law and abides by the data protection principles.
We are dedicated to developing a data protection regime that is effective, fit for purpose and demonstrates an understanding of, and appreciation for the new GDPR as well as the existing data protection laws that we must comply with – the Privacy Act and the Australian Privacy Principles.
Changes to this Privacy Awareness Policy
From time to time, it may be necessary for us to review our Privacy Awareness Policy. We reserve the right to amend our Privacy Awareness Policy at any time without notice to you.