Effective Date: 1st March 2020
- Solar Monster
Personal Information means information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether the information or opinion is true or not and whether the information or opinion is recorded in a material form or not.
Sensitive Information is a special category of information. Sensitive information may include information about the following:
- racial or ethnic origin;
- political opinion;
- membership of a political association or religious beliefs, affiliations or philosophical beliefs;
- membership of a professional or trade association or membership of a trade union;
- sexual orientation or practices;
- criminal record;
- health, genetic or biometric information or biometric templates.
The Privacy Act protects your sensitive information. Where we need this information for your account or use of our services, we’ll ask for your permission — except where otherwise allowed by law.
Collection of Personal Information
The Solar Monster will only collect your personal information by lawful and fair means. The information we collect depends on what services you use and how you use them. As part of our business, we will require you to provide your personal information on a regular basis. It is standard practice for The Solar Monster to collect information in the following ways:
- information is provided by the customer via our website for quoting and comparison reasons;
- information is collected via phone for the processing of products customers have requested.
Certain Types of Information
We collect the following types of Personal Information:
Personal Information you provide to us directly:
- your username, password and e-mail address when you register for an account with the Solar Monster;
- profile information that you provide to us for your account profile and details (e.g. first and last name, phone number). This information allows us to identify you in our accounts and records;
- communications between you and the Solar Monster. For example, we may send you service-related emails (e.g. account verification, changes/updates to features of the service, technical and security notices). Note that you may not opt out of service-related emails.
We use third-party analytics tools to help us measure traffic and usage trends for the services we provide. These tools collect information sent by your device or computer on our service, including the web pages you visit, add-ons, and other information that assists us in improving the service. We collect and use this analytics information with analytics information from other users so that it cannot reasonably be used to identify any particular user.
Cookies & Similar Technologies
A cookie is a piece of data that a website can send to your browser, which may then be stored on your computer as an anonymous tag that identifies your computer but not you.
You can set your browser to notify you before you receive a cookie, giving you the chance to decide whether to accept it. You can also set your browser to turn off cookies. If you do so, some pages in the website may not work properly.
Cookies are either persistent or session based. Persistent cookies are stored on your computer, contain an expiry date, and may be used to track your browsing behavior upon return to the issuing website. Session cookies are short-lived, are used only during a browsing session, and expire when you quit your browser.
Our website may use both kinds of cookies to provide a rich and session based experience. The cookies are used to enable us to track users’ browsing patterns in order to provide statistical information to improve the usability of the website.
Log file information
- Log file information is automatically reported by your browser each time you make a request to access (i.e. visit) a web page. It can also be provided when the content of the webpage is downloaded to your browser or device.
- When you use our services, our servers automatically record certain log file information, including your web request, Internet Protocol (“IP”) address, browser type, referring/exit pages and URLs, number of clicks and how you interact with links on the service, domain names, landing pages, pages viewed, and other such information. We may also collect similar information from emails sent to our users, which then help us, track which emails are opened and which links are clicked by recipients. The information allows for more accurate reporting and improvement of our services.
Use of Personal Information
The Solar Monster may use your personal information for a variety of reasons including:
- to further enhance products and services to our customers;
- to provide services and products to our customers;
- to answer enquiries and deliver customer service;
- to tell our customers and prospective customers about other products, services or promotional offers that we think may be of interest to them;
- to ensure we comply with the requirements of our participating providers;
- to maintain and improve our customer service;
- to meet our regulatory and legal obligations;
- to manage and resolve any legal or commercial complaints and issues;
- to manage our relationships with our participating providers, suppliers and stakeholders;
- to carry out internal functions including training; and
- to conduct marketing research and analysis.
We may also (from time to time) use the personal information for purposes as required or authorised by law. In addition to this, you may provide consent (oral, written or implied through your conduct) to us using the personal information for purposes other than listed above.
Information Held Overseas
We may hold personal information about you in, or may disclose this information to, third party service providers located overseas. Your personal information will most likely be held in Australia however it may also be held in Japan, the United States of America, Canada, Singapore, Philippines, India, Netherlands, Malaysia, the United Kingdom and Hong Kong. If your personal information is held in other overseas countries in the future, we will update this Policy.
How To Access & Correct Your Personal Information
Ensuring your information is correct: We rely on the personal information that we receive to conduct our business. We take reasonable steps to make sure the personal information we collect, use and disclose about you is correct, complete and relevant for the purpose for which we collect it.
Providing you with access to your information: When you request information we hold about you, we will try to provide you with a way to access it. For example, we may make the information available at our offices, or we may post or email it to you. Subject to exceptions permitted by law, we will provide access within a reasonable time.
We may charge a fee to cover our costs of providing access, however we will not charge you a fee for making the request for access or for making any changes to your personal information. We may refuse to give you access to your personal information in line with the Privacy Act.
Correcting your information: If you believe that any personal information we hold about you is not correct, out-of-date, incomplete, or misleading, then you may ask us to correct it by sending an email to email@example.com.
We will consider whether the information requires correction and notify you of our review.
Telling a third party about a correction: If we correct any personal information, you may ask us to notify a third party of that correction. We will take reasonable steps to do so.
How We Hold & Keep Secure Your information
We store information in different ways, including in hardcopy and electronic form including cloud based services.
Our security safeguards include:
- technical solutions, security controls and internal processes to help us protect your information from misuse, interference, loss or unauthorised access, modification or disclosure;
- confidentiality requirements for employees and contractors;
- document storage security policies, systems and site access restrictions; and
- website security systems, including firewalls and data encryption on our websites.
We may hold overseas or disclose to third parties overseas your personal information. Where your personal information is held overseas, we or the overseas service providers may disclose your information when required by Australian or foreign law.
Google Cloud and Amazon Web Services Privacy and Data Practices in the Australian Context
We may use different cloud and other web based services in providing our services. Some of the web based services we use include Google Cloud and Amazon Web Services.
We take privacy and security seriously and take a shared responsibility approach when engaging with third party service providers. Meaning, we not only ensure our systems and practices are up to date and fit for purpose, but also those who we engage.
Google and Amazon undergo several independent third-party audits on a regular basis. These audits verify the security, privacy and compliance controls present in the Google and Amazon centers, its infrastructure and its operations.
In relation to privacy and data protection, Google and Amazon have an ISO27018 Certificate (which is audited annually) which certificate relates to cloud privacy and is an international standard of practice for protection of personally identifiable information and otherwise complies with, and addresses, the APPs.
How to make a complaint
Contact us: If you believe that your privacy has been breached or you have a complaint about our handling of your personal information, please contact us by sending an email to firstname.lastname@example.org. We will investigate your complaint and provide you with a response.
Contact a dispute resolution provider: If you are not satisfied with our response, then you may lodge a formal complaint with the Office of the Australian Information Commissioner (www.oaic.gov.au).