This following document sets forth the Privacy Policy for Indigenous Road Safety Academy ABN 65 518 440 482. 

At the Indigenous Road Safety Academy (IRSA)we recognise the importance of your privacy and understand your concerns about the security of the personal information you provide to us. This personal information is that of IRSA clients. 

We supply a software as a service customer experience platform, an App. Via the App, IRSA and our clients are connecting and engaging with each other and others in their ecosystem, including product and service providers, in managed online communities.

In the course of supplying our services the collection of personal information may be necessary or unavoidable. We are committed to protecting the privacy of all personal information that we collect and ensuring that personal information is handled correctly. All personal information collected by us will be treated in accordance with the Australian Privacy Principles (‘APPs’) as contained in the Privacy Act 1988 (Cth) (‘Privacy Act’). The APPs detail how personal information may be collected, used, disclosed, stored, destroyed and how an individual may gain access to or make complaints about the personal information held about them.  

This policy (‘Privacy Policy’) details the type of personal information we may collect, how we manage personal information, with whom we may share it and the choices available to you regarding our use of the information.  We also describe the measures we take to safeguard personal information and tell you how to contact us regarding our privacy practices. 

The types of information we collect and hold 

“Personal information” is information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether true or not and whether recorded in a material form or not. Information where we have removed any reference to a person, so that the person cannot be reasonably identifiable from the information, is not personal information. The kinds of personal information that we collect, and hold may include:

• contact information, such as names, telephone numbers, postal addresses, and email addresses;
• App user account information such as username and password;
• images uploaded by you through the app, including any personal information that may be included in the metadata of those images; or
• any other personal information submitted to us by you.

How we collect and hold personal information 

We will collect information via the Pluss Communities software. We will collect information at various points throughout a person’s engagement to be able to adequately support that person’s customer or staff experience. 

Purposes for which we collect, hold, use and disclose personal information 

We collect, hold, use and disclose personal information from clients where it is reasonable or necessary: 

• for us to do so in order for us to support the relevant client;
• to carry out our business functions;
• for such other purposes as specified at the time of collection;
• for purposes which could be reasonably expected by the client; or
• to make disclosure to relevant government entities.

We respect the privacy of personal information and will take reasonable steps to keep it strictly confidential.  We will only disclose personal information to third parties if it is necessary for the primary purpose of collecting the information, or for a related secondary purpose that could be reasonably expected. Where such a disclosure is necessary, we will require that the third party undertake to treat the personal information in accordance with the APPs. 

Otherwise, we will only disclose a person’s personal information to third parties without the person’s consent if the disclosure is: 

• necessary to protect or enforce our legal rights or interests or to defend any claims;
• necessary to prevent orlessen a serious threat to a person’s health or safety;
• required or authorised bylaw; or
• permitted by another exception in the Privacy Act.

Where we wish to use or disclose a person’s personal information for other purposes, we will obtain the person’s consent. 

How we secure and protect your personal information 

We will take reasonable steps to keep any personal information which we hold and to keep this information accurate and up-to-date. 

Personal information is held and stored on paper, by electronic means or both. We have physical, electronic and procedural safeguards in place for personal information and take reasonable steps to ensure that personal information is protected from misuse, interference, loss, unauthorised access, modification and disclosure. We use industry accepted and  compliant technology and security so that we are satisfied that personal information is transmitted safely to us through the internet or other electronic means.

The steps we take to secure your personal information include the following: 

• data held and stored on paper is stored in lockable offices and in secure premises;
• data held and stored electronically is protected by internal and external firewalls, limited access via file passwords, and files designated read-only or no access;
• data held and stored “in the cloud” is protected by internal and external firewalls, limited access via file passwords and files designated read-only or no access. We also require our IT contractors and other third parties to implement privacy safeguards; and
• where we disclose personal information to third parties (including contractors and affiliated businesses), our contractual arrangements with them include specific privacy requirements.

Destruction and De-identification 

We will retain personal information whilst it is required for the purpose for which it was collected, for our business functions, or for any other lawful purpose.  

We use secure methods to destroy or to permanently de-identify personal information when it is no longer needed. For example, paper records are shredded or destroyed securely, and electronic records are deleted from all locations to the best of our ability, or encrypted and/or placed beyond use. 

Website

While our website may contain links to other websites owned by third parties, those websites are not subject to our privacy standards, policies, and procedures. We recommend that you make your own enquires as to the privacy policies of these third parties and we are in no way responsible for the privacy practices of these third parties.

Cookies and IP addresses 

In some cases, we may also collect your personal information using cookies. When you access our website, we may send a‘cookie’ (which is a small summary text file containing a unique ID number) to your computer.  

This enables us or our third-party host or service provider to recognise your computer and greet you each time without bothering you with a request to register. It may also enable us to keep track of products, services, or information that you view so that, if you consent, we can send you news about those products, services or information.

We may also use cookies to measure trafficpatterns, to determine which areas of our website or social media platformshave been visited and to measure transaction patterns in aggregate. We use thisto research our users’ habits so that we can improve our products, services,and information. If you do not wish to receive cookies, you can set yourbrowser so that your computer does not accept them.  

We may gather your IP addresses (that is, the electronic addresses of computers connected to the internet) to analyse trends, administer the website, track user’s movement, and gather broad demographic information. This information does not identify you personally. In some cases, we may use Google Analytics to measure traffic patterns to determine which areas of our website have been visited and to measure transaction patterns in the aggregate. We use this to research our user’s habits so that we can improve our online presence, information, and services. Our cookies do not collect personal information. If you do not wish to receive cookies, you can set your browser so that your computer does not accept them. Our use of Google Analytics will not involve the collection of personal information.  

Social media platforms

You may wish to participate in the various blogs, forums, wikis and other social media platforms hosted by us.  One of the aims of these social media platforms is to facilitate and allow you to share content. However, we cannot be held responsible if you share personal information on these platforms that is subsequently used, misused or otherwise appropriated by another user.  

Requests for access and correction 

You have a right to request access to, and correction of, personal information held about you. We have procedures in place for dealing with and responding to requests for access to, and correction of, the personal information held.  To request access to or correction of personal information; please send a written request to us. Our contact detail scan be found below.  Your written request should include: 

• if it is a request foraccess to personal information, details regarding which information isrequested to be produced; or
• if it is a request to correct personal information, details of the misrepresented information and the corrections to be made.

In most cases, we expect that we will be able to comply with your request. However, if we do not agree to provide you accessor to correct the information as requested, we will give you written reasons why. For example, a request to access personal information may be rejected if:

• the request is frivolous orvexatious;
• providing access would have an unreasonable impact on the privacy of another person;
• providing access would pose a serious and imminent threat to the life or health of any person;
• providing access would prejudice our legal rights; or
• There are other legal grounds to deny the request.

To assist us to keep our records up-to-date, please notify us of any changes to personal information. 

Complaints and concerns 

If you believe we have not respected or protected your privacy in line with this policy, please contact us. We will treat your complaint confidentially. We will contact you after receiving your complaint to discuss your concerns and outline options as to how they may be resolved. We aim to make sure your complaint is resolved in a timely and appropriate manner.

Any complaints should be directed to us at our contact details below. If you are not satisfied with our response, you can refer your complaint to the Office of the Australian Information Commissioner.

The Commissioner’s contact details are:
Street Level 3, 175 Pitt Street 
Sydney NSW 2000 
Post GPO Box 5218 
Sydney NSW 2001 
Telephone 1300 363 992 
Facsimile (02) 9284 9666 
Email enquiries@oaic.gov.au (mailto:enquiries@oaic.gov.au) 
Web www.oaic.gov.au  (http://www.oaic.gov.au) 

Contacting us

Our contact details are: 
Indigenous Road Safety Academy
Level 7 577 Ann Street, Fortitude Valley QLD
Email: martina@irsacademy.com.au 
Website: https://www.irsacademy.com.au/
You can contact our Founder about your privacy concerns by writing to them at the above address.

Changes to this Privacy Policy

If we change the way we use personal information at any time, we will update this privacy policy. By continuing to deal with us or use our website, you accept this Privacy Policy as it applies from time to time. The current version is always available on www.driveabout.co/irsa-privacy-policy.