EHS2U respects and values the privacy and protects the personal information of others who we engage with including members, customers, employees, contractors and other individuals including visitors to our website. This privacy statement outlines how we collect, use, disclose, store and otherwise manage your personal information and comply with our obligations under the Privacy Act 1988 (Act).
The main purposes for which we collect personal information are:
• to maintain contact with members;
• to grant members access to exclusive online information;
• to assess the eligibility of members and facilitate their access to EHS2U
• to provide a subscription service to members that have elected to utilise EHS2U services
• to notify and keep members and contacts informed of the events, services and service offers we provide and of current developments;
• where it is necessary for us to provide our service and to enable others to provide services which we have informed you about and which you have requested we facilitate for you;
• to register members to attend events;
• for connect potential professionals to recruitment and employment agencies who have registered on EHS2U;
• to advertise or promote your business;
• for administration and management purposes.
We may also collect personal information about you from your use of our website and information you provide to us such as, for example, if you use the website to contact us to register for one of our services.
EHS2U will not collect personal information unless the information is reasonably necessary to enable us to undertake one or more of our activities.
Unless it is unreasonable or impractical to do so, EHS2U will collect personal information directly from you. Sometimes it may be necessary for us to collect your personal information from a third party, or from a publicly available source. We will only collect personal information in that way where we are permitted to do so under the Act. Where personal information is collected from another party, EHS2U will take reasonable steps to inform you of the collection, at or before that time or, if that is not practicable, as soon as possible after collection.
The type of personal information which we will ordinarily collect includes your name, contact details, email, your IP address, payment details or account information (including your credit card details) if that is necessary and insurance details (and claims history). Where relevant, we may ask you for other information. In particular, in order to confirm your membership and to perform our services, it may be necessary for us to collect details of your occupation, your organisation and details of directorships, shareholding, and other professional memberships.
We will not usually seek to collect sensitive information (e.g data relating to race or ethnic origin, religious beliefs, political preference, criminal record, physical or mental health, or sexual orientation from you. However, you acknowledge that such information may be collected (including inadvertently such as via photographs or other records) by us. You acknowledge that information may be contained in documents or other records which you have provided to us.
If it is necessary for us to collect sensitive information, although you again acknowledge that we may collect such information inadvertently, we will obtain your explicit consent to collect and use such information.
You do not have to provide us with any personal information if you are a visitor to our website and you may choose to remain anonymous or to provide us with a pseudonym if you do not wish to reveal your identity. However, you should be aware that by remaining anonymous or in providing a pseudonym, we may be unable to properly provide services and advice to you, or the nature and extent of that advice may be limited. We may also be unable to properly respond to any request, particularly in the event that we may have a conflict of interest or concern in relation to the dissemination of information to an unknown party.
We use the personal information collected for various activities including:
• to perform services or provide products to you, including where we provide a service for you or on your behalf to a third party;
• to provide you an EHS professional the opportunity to be found and contacted by third parties who seek your specific EHS skill-set
• to perform services or provide products to you, including where we provide a service for you or on your behalf to a third party;
• to assess your eligibility and facilitate your access to our publically available services;
• to respond to your requests;
• to provide you with further information about EHS2U;
• to promote or market our products and services to you;
• to facilitate the provision of products or services to you by others at your request;
• to promote your services to other members and to the community;
• to comply with our legal obligations.
We may use your information to market our services, including by email, or to provide you with information from other providers which we think may be of interest to you. You will have the opportunity to elect not to receive further marketing information by lodging request directly to EHS2U. We will endeavour to process your request within 21 days of contacting us. Alternatively, if we have contacted you by email, you may use the unsubscribe function in that email to notify us that you do not want to receive further marketing information from us.
We will hold your personal information for only as long as is required to fulfil the purposes for which it was collected or as required by law.
We may share your personal information with third parties who we contract to assist us to provide the services requested by you. Those third parties may include service providers who assist us in performing our services, professionals who are registered on EHS2U. If we provide your personal information to those persons, we will require that they protect your information in accordance with the standards contained in the Australian Privacy Principles and other applicable privacy laws.
EHS2U may transfer your personal information to our related entities or it may be accessible to other entities to fulfil the purposes identified above or for some other related purpose which you have consented to or for which you would reasonably expect us to use the personal information.
We may provide your information to entities outside of Australia and we store, process and back-up your personal information on computer servers or networks which are located overseas or in “the cloud”, including where services are performed by service providers who are located overseas. In the event that your personal information is provided to overseas entities, we will take all necessary steps to notify you and to ensure that the security of the information is maintained and that it is used consistent with this policy and our obligations under the Privacy Act.
In the event that EHS2U, a related asset or an aspect of our business is acquired, transferred or merged with another company, we may disclose your personal information to the prospective or actual purchasers. If we do so, we will require that they hold your personal information in a manner which is at least as secure as we have previously.
Most of this information is aggregated and used for statistical purposes so that you are not personally identifiable from it. The aggregated information and cookies will usually include, for example Internet provider, date and time, search phrases, or referring websites.
Most browsers are set up to accept cookies. However, if you do not wish to receive any cookies, you may be able to change the settings of your browser to give you greater control over this.
Our site may host various blogs, forums, and other social media applications or services that allow you to share personal information and content with other users (“Social Media Applications”). Any personal information or content that you contribute to our website or to any Social Media Applications can be read, collected, downloaded and used by other users over whom we may have no control. We are not responsible for any use, misuse or misappropriation by other users of any personal information or content that you contribute to our website or to any Social Media Applications.
You may update personal information via logging into the site system and you will have ability to access inspect, take notes or receive copies or printouts of the personal information that EHS2U holds about you. To obtain access you will have to provide your identity. This is necessary to ensure that personal information is provided only to correct individuals and that the privacy of others is not undermined.
If you believe that any personal information which EHS2U has collected about you is inaccurate, incomplete or not up-to-date, please contact us and we will take reasonable steps to correct it in accordance with the requirements of the Privacy Act. In the event that we correct personal information that we have previously disclosed to a third party, you may request that we notify that third party of the correction. We will take steps as are reasonable in the circumstances to notify that third party of the correction where it is not impractical or unlawful to do so.
In some circumstances (which are outlined below) we may refuse to give you access to personal information and in these circumstances we will explain why. You may complain about our refusal to grant you access to your personal information directly with the Office of the Australian Information Commissioner.
Where we provide services to you on credit (that is, where you will pay for those services after we start providing them to you), we may be a credit provider for the purposes of the Privacy Act.
We may collect, hold and use certain credit related information about you. We will generally only obtain this information from you. We do not collect or exchange information with credit reporting bodies and other credit providers. We use credit related information to assist us in determining whether we will provide or continue to provide services to you on credit and to manage our relationship with you. Credit related information includes your name and contact details, your credit history, (including any repayments or late repayments you have made), any credit rating or credit assessment score that we calculate and details of any credit related court proceedings or insolvency applications that relate to you.
We will securely store all credit related information that we collect or hold about you in accordance with the procedures described below.
Unless otherwise required by law, we only disclose your credit related information to third parties in limited circumstances as permitted by the Privacy Act. We may disclose your credit related information to parties that provide credit related services to us such as debt collectors, credit management agencies, advisers and our agents. We may also disclose your credit related information to a third party that you or we request act as a guarantor in relation to any credit provided to you. Other circumstances where we may disclose your credit related information include using and disclosing credit related information that we hold about you in relation to any access or correction requests that you make to us, any complaint that you make, as required by law or the order of a court or tribunal and where you otherwise expressly consent to the use or disclosure.
If you request that we correct any credit related information that we hold about you, we will endeavour to respond to that request within 21 days (or such longer period as you may agree) and correct any credit related information that we hold about you that we are satisfied is inaccurate, out-of-date, incomplete, irrelevant or misleading.
If we correct credit related information that we hold about you without you first making a correction request, we will take reasonable steps to notify that correction to you.
Access will be denied if:
• EHS2U reasonably believes that giving the information would pose a serious threat to the life, health or safety of an individual or to public health and safety;
• providing access would create an unreasonable impact on the privacy of others;
• the request is frivolous or vexatious;
• the request relates to existing or anticipated legal proceedings and is not available by the process of discovery;
• providing access would prejudice negotiations with the individual making the request by revealing the intention of EHS2U;
• access would be unlawful;
• denial of access is authorised or required by law;
• access would prejudice enforcement related activities of an enforcement body;
• access would reveal evaluative information of “a commercially sensitive”, decision making process, or information; or
• any other reason that is provided for in the Australian Privacy Principles (APPs) set out under the Privacy Act.
Where possible, EHS2U will favour providing you with access to your personal information.
EHS2U may impost the following charges for providing access to your personal information:
• photocopying - $2 per page;
• delivery cost of information stored off-site – where information is stored off-site, the cost of obtaining access to the information $50 per hour;
• access to electronic databases - $50 per hour.
We will take reasonable commercial measurers to ensure the security of your personal information, whether kept in electronic form or hard copy.
EHS2U has implemented technology and operational security in order to protect personal information from loss, misuse, alteration or destruction. We limit the persons (including employees) or entities that have access to your personal information, and ensure that those persons are required to treat the information in accordance with the Australian Privacy Principles and other applicable privacy laws.
We have also adopted other security measures including, for example, the use of a Security Socket Layer (SSL) protocol, which provides a secure environment for individuals to transmit personal information to a EHS2U hosted website or server. This information is encrypted during transmission and, in doing so, prevents unauthorised persons access to it. All information obtained and collected via EHS2U’s website is stored on a secure server/s, to prevent personal information from being accessed by unauthorised persons.
EHS2U is also dedicated to providing secure online environments including for the protection of the financial and credit card details of its customers and members. The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards which EHS2U and EHS2U payment providers adhere to in order to maintain the highest level of security and protection for client information.
You may request further information by emailing info@EHS2U.com or by post by sending your question/s to EHS2U PO Box 5010 Bedford W.A. 6052