Privacy Policy – HowNow Online
GENERAL
This policy relates to HowNow Online. Business Fitness Pty Ltd has the right to licence HowNow Online and provide services to customers relating to HowNow Online
At Business Fitness we understand that the privacy of your personal details is of the utmost importance to you and this policy communicates the rules we will abide by when dealing with personal information we collect from individuals in the course of our business. This policy is consistent with the Australian Privacy Principles (APP) of the Privacy Act 1988 updated on 12 March 2014.
PERSONAL INFORMATION
In this policy personal information means information from which an individual is either identified or reasonably identifiable and may include an individual’s name, address, date and place of birth, telephone numbers, email address, bank account details, taxation details and other financial information.
HowNow Online provides a service where your documents are stored, and potentially your client’s documents are stored as part of this service. These documents may contain personal information.
WHAT INFORMATION IS COLLECTED AND HELD
The personal information we collect may include your name, address, telephone numbers, email address and other information specific to the services provided. We may collect personal information directly from you when you:
You may choose not to provide personal information to us, but is may mean that we are unable to provide you with the service.
When using HowNow Online or our website you may provide us with personal information. We will use all reasonable measures to protect any such information from being used for any other purpose, other than the purpose for which it was intended.
As well as the information you specifically provide above, we may gather statistics on our website to collect information about the number of visitors coming to the site and their location. No identifying information is collected during this process. We use this information for statistical purposes only.
We may also use 'cookies'. Cookies are small files which are stored on a user's computer. They are designed to hold a modest amount of data about a user’s preferences. This allows the website to deliver a page tailored for a particular user, or the page itself can contain some script which is aware of the data in the cookie and so is able to carry information from one visit to the website (or related site) to the next. It is possible to have your internet browser refuse cookies, but that may reduce the functionality.
When you pay for your subscription using credit card, your card details are not stored by Business Fitness and cannot be accessed by our staff. Your credit card details are encrypted and securely stored by our third party payment gateway. Where you have selected a recurring monthly payment, this allows us to draw payments from your credit card monthly.
HOW INFORMATION IS COLLECTED
If it is reasonable and practical to do so, we will collect personal information directly from the individual(s) concerned with their consent. This may be through emails, over the telephone, over the internet or in person.
When you upload documents through the use of HowNow Online, we may collect information from you about someone else. When you provide personal information to us about other individuals, we rely on you to have made them aware that you will or may provide the information to us and the relevant purposes for which we will use this information. You also need to inform them how they can access this information.
HOW WE WILL KEEP PERSONAL INFORMATION ACCURATE AND UP-TO-DATE
We seek to maintain the quality of the information we hold by taking reasonable administrative and technical steps to make sure that the information collected, used and disclosed is accurate, complete and up-to-date. If the information we hold about you is incorrect, you may inform us and we will correct it for you.
HOW WE USE THE PERSONAL INFORMATION COLLECTED
We collect your personal information so that we can provide the services for HowNow Online and any other services you may request. We use this information to:
We may also use non-personally identifiable statistical data for the purposes of improving or marketing HowNow Online.
HOW THE WE WILL KEEP INFORMATION AND DATA SECURE
All data, including personal information, uploaded or entered in to HowNow Online is transferred over the internet to servers currently located within Australia, primarily on the Microsoft Azure platform. For further information, please access Microsoft’s Azure’s Privacy Policy.
Geo-redundant storage of your files is a basic feature of your account. This means that there are multiple copies of your files within the Microsoft Azure infrastructure. These copies are replicated within the main data centre and again within secondary data centres hundreds of miles away.
Whenever your data is in transit between you and us, everything is encrypted, and sent using HTTPS 256bit AES encryption in transit and Microsoft SSE encryption at rest. This is the same for our server-to-server communications, helping to ensure that your data is kept as your data.
As data is transferred over the internet, which is not in itself a secure environment, we cannot give absolute assurance that your information will always be secured. While we utilise up-to-date techniques and processes, which meet current government requirements to protect personal information from misuse, loss and unauthorised access, modification or disclosure, transmission of personal information over the interest, is at your own risk and Business Fitness does not take responsibility for any loss or misuse of data.
We believe that your password should remain your password and not be known to others, unless you choose to disclose it. For that reason we don’t store your passwords in a readable format. They are hashed at the point of setting and we only store the resulting hash. This is a one-way process, unlike encryption, which means they can never be converted to a readable format.
The only people who are permitted to access personal information are those employees or contractors who need personal information to do their jobs. All employees and contractors are contractually bound by the confidentially agreements in place on how personal information must be treated.
We take all reasonable steps to ensure that all personal information we hold is secure from any unauthorised access, misuse or disclosure, however we cannot guarantee that unauthorised access will not occur.
DESTROYING PERSONAL INFORMATION
Any personal information we hold will be maintained in order to comply with legislative and professional requirements, after which time the information will be securely destroyed. If you cancel your use of HowNow Online, it is your responsibility to ensure you have transferred all documents to another location, prior to the cancellation. We can assist with this process. Once your subscription to the service has been cancelled, documents will be stored for a period time, after which time they will be deleted.
TRANSFER OF DATA WITH THIRD PARTY APPLICATIONS
We allow connection with third party applications. We have no control over the privacy practices of other organisations and take no responsibility for the data coming to and from these applications. It is your responsibility to review and understand how these organisations handle personal information.
ACCESS TO PERSONAL INFORMATION WE HOLD AND TO CORRECTION OF THAT INFORMATION
Our policy is to provide you with access to your own personal information, subject to some exceptions permitted by law. We will also generally provide access in the manner that you have requested (i.e. by providing copies or permitting a file to be viewed), provided it is reasonable and practical for us to do so.
DISCLOSURE OF YOUR INFORMATION TO THIRD PARTIES
We do not disclose your personal information to third parties without your consent.
USE OR DISCLOSURE OF GOVERNMENT RELATED IDENTIFIERS
While we will not use a government identifier as your unique identifier within our systems you may upload documents that contain government identifiers. We will not disclose any of your Government related identifiers unless we are required under the Law.
COMPLAINTS
Should you have a complaint about any of our privacy procedures, please contact us by email at [email protected] or by telephone on 1300 333 424. Alternatively you may write to us at Privacy Officer, Business Fitness Pty Ltd, Suite 205, Level 1, 58-60 Manila Street, Beenleigh, Qld, 4207.
We will deal promptly with your complaint. If we cannot resolve the complaint to your satisfaction within a reasonable time, you or we may refer the complaint to the Office of the Australian Information Commissioner.
For more information about privacy issues in Australia, visit the Australian Information Commissioner’s website.
Security isn’t just about the technology used to store your data it’s about trust. Since 2001 we've worked hard to earn the trust of companies in Australia and worldwide. We continue to work hard every day to maintain that trust and believe that longevity and stability is core to that.