1. APP1 – Open and transparent management of personal information
1.1 This document forms part of open and transparent management systems Aspire Consulting Services Pty Ltd and its engaged affiliates use to manage customers’ personal information. Our privacy statement is available to all customers’ upon written request.
2. APP2 – Anonymity and pseudonymity
2.1 As our business is a direct marketing business, it is not possible for customers to purchase our products by remaining anonymous.
3. APP3 – Collection of solicited personal information
3.1 Aspire Non Profit Consulting Pty Ltd and its engaged affiliates collect Personal Information you give us when you place an order or register to receive additional information or products from us. You will be asked to confirm your name and postal address, and also to provide your credit card details (only if purchasing items by credit card).
3.2 You will also be asked to provide us with your birth date, telephone number, fax number and email address. You are requested to provide this information for prize notification, for customer service calls or for receiving other offers. We ask only for data that is adequate, relevant and not excessive.
3.3 We may supplement the information that you provide with some information that is received from third parties. For instance, if inaccurate postal or zip codes are received, we will use third party software to fix them.
3.4 We purchase rented lists, but only if the data has been collected lawfully and fairly. If a recipient’s name has been collected in this way, we only mail a promotion once to each customer. If the recipient responds, then they are added to our in-house customer database, if they do not respond, their name is permanently deleted from our system after 45 days.
3.5 Each promotion clearly states the name of the company it is being mailed on behalf of and their postal address. All of our promotions also contain a Customer Service telephone number to ensure recipients can contact us with any questions or concerns regarding any of our products or their personal information kept on file.
4. APP4 – Receiving unsolicited information
4.1 Aspire Non Profit Consulting Pty Ltd and its engaged affiliates does not use or collect unsolicited personal information. Customers providing their details are Direct Marketing responders and have been made aware that their details are provided to us via list rental from specifically selected companies via their Terms and Conditions.
5. APP5 – Notification of the collection of personal information
5.1 Once Aspire Non Profit Consulting Pty Ltd and its engaged affiliates receive customers’ details we collect and process Personal Information for specific use and limited purposes. Customers are made aware of this by way of an initial offer. They will only receive further correspondence from us should they respond to this offer.
6. APP6 – Use or disclosure of personal information
6.1 We process your Personal Information only for specific and limited purposes. When we ask you for Personal information, we tell you the purposes for which we will process that data. Some of these purposes include the following:
- We may use your Personal Information for marketing purposes and market research.
- We may contact you occasionally to inform you of new services we will be providing, or special offers, events or articles we think will be of interest to you.
- We may send you product information and promotional material.
- We may use your Personal Information internally to help us improve our products and services and to help resolve any problems.
6.2 Aspire Non Profit Consulting Pty Ltd and its engaged affiliates only share, sell or distribute your Personal Information with unrelated third parties, under these limited circumstances:
- We may disclose your Personal Information to carefully screened local or International companies whose products and services may be of interest to you as part of our list rental program.
- Personal information may occasionally be transferred to third parties who act for or on behalf of our group of companies, or in connection with our business for further processing in accordance with the purposes for which the data was originally collected or for purposes to which you have subsequently consented. For example, sometimes a third party may have access to your Personal Information in order to handle our mailings on your behalf.
- We may share or transfer the information in our databases to comply with a legal requirement, for the administration of justice, to protect your interests, to protect the security or integrity of our databases to take precautions against legal liability, or in the event of a corporate sale, merger, reorganisation, dissolution or similar event.
6.3 Where appropriate, before disclosing Personal Information to a third party, we contractually require the third party to make adequate precautions to protect that data.
7. APP7 – Direct Marketing
7.1 Direct Marketing is our core business and as such we have strict guidelines and systems in place to select only appropriate customers for our programs.
7.2 Customers may request the source of the information we have about them including where the source is another organisation simply by providing a written request to any of the address marked on any of our promotions or by writing to The Privacy Officer – The Privacy Officer, PO Box 5649, GCMC QLD 9726 AUSTRALIA.
7.3 You may “opt out” of any Direct Marketing promotion simply by providing a written request to any of the address marked on any of our promotions or by writing to The Privacy Officer – The Privacy Officer, PO Box 5649, GCMC QLD 9726 AUSTRALIA.
8. APP8 – Cross-border disclosure
8.1 Our business is part of a national enterprise which does not transfer Personal Information outside of Australia.
9. APP9 – Government related identifiers
9.1 Our business does not use any Government related identifiers.
9.2 All customers are recognised by a personalised account/customer number.
9.3 Acquisition recipients are assigned a temporary number when a promotion is first sent to them, if they respond; this number will then convert into a customer number.
10. APP10 – Quality of personal information
10.1 New customers are sourced through list rental. All of our list rental data is merge purged and checked for invalid addresses, matches with our customer database and duplicates within the files being processed. We use a variety of in-house custom built routines that are maintained and enhanced by our active in-house IT development team.
10.2 The customer details are pulled from the acquisition list at the time of data entry by a setr (customer unique number). Every selection that we run regardless of the source has the setr so that we can find the source of the name. If by some chance there is a problem and no setr is on the package there are search functions to be able to find this number.
10.3 On a majority of our pieces, contained in the order section is a reminder for customers to ensure their address is correct before replying. If a customer returns a change of address notification only, a CSO (Customer Service Officer) or a Data Entry staff member amends the customer’s file within a 30 day time period. If a customer includes change of address details with a paid order, the address update is completed at the same time the order is entered.
10.4 All returns are flagged in the database. Any customer issues are handled by our CSO’s who have the opportunity to close and refund accounts, flag customers, contact and correspond with customers for further details. Any resultant changes to customer or order attributes are captured and actioned accordingly.
The system also looks for any inconsistencies and suspends the orders until a CSO addresses the issue. In addition, we have routines that look for possible duplicate customers either automatically merges the customers or presents this candidate duplicate names to data entry staff member for their decision.
11. APP11 – Security of personal information
11.1 Personal Information is stored in secure premises where unauthorised access is prevented through, automatic locking doors during business hours and electronic and private surveillance outside business hours.
11.2 We strive to maintain the reliability, accuracy, completeness and currency of customer information in our databases and to protect the privacy and security of our databases.
11.3 Our servers and our databases are protected by industry standard security technology, such as industry standard firewalls and password protection. We are currently in the process of building a hardened set of web servers.
11.4 Sometimes we process sensitive data that requires industry standard Secure Socket Layer (SSL) encrypted browsers. We use 128-bit encryption or better to protect transmissions over the Internet.
11.5 We are compliant with the Payment Card Industry (PCI) for all credit card handling. In addition the storage of the columns that store credit card numbers in ADMS are encrypted using ORACLE TDE technology.
11.6 The employees who have access to Personal Information have been trained to handle such data properly and in accordance with our security protocols (including privacy breaches), and strict standards of confidentiality. Although we cannot guarantee against any loss, misuse, unauthorised disclosure, alteration or destruction of data, we take reasonable precautions to prevent such unfortunate occurrences.
12. APP12 – Access to personal Information
12.1 Upon receipt of your written request and enough information to permit us to verify your identity and identify your Personal Information, we will disclose to you the Personal Information we hold about you.
12.3 If you do not wish to receive information from us and want to be removed from our standard mailing lists please notify us via telephone or write to: The Privacy Officer, PO Box 5649, GCMC QLD 9726 AUSTRALIA or email us at firstname.lastname@example.org and indicate your choice.
13. APP13 – Correction of personal Information
13.1 Upon receipt of your written request and enough information to permit us to verify your identity and identify your Personal Information, we will correct, amend or delete any Personal Information that is inaccurate or out of date. Incomplete details will be amended per your request. We do not collect or hold information about you that may be potentially misleading or irrelevant to our dealings with you.
13.2 Information integrity is maintained through various internal processes. Our Marketing department uses a merging program that automatically outputs customers who might be in the system twice or more so that we can correctly choose the right address and merge the duplicates together. CSO’s also look for duplicate customers when processing queries as part of general housekeeping. Personal information is also verified with customers in routine correspondence.
13.3 If you wish to access or correct your Personal Information, or you suspect a privacy breach, please write to our Privacy Officer at PO Box 5649, GCMC QLD 9726 AUSTRALIA. We do not charge for complying with a correction request, however, for all other requests, we may charge a small fee to cover our costs. Requests to delete Personal Information or investigate a potential breach are subject to any applicable legal and ethical reporting or document retention obligations imposed on us.
13.4 We constantly set high standards of customer service and will respond to requests for correction of personal details or privacy breach concerns within 30 days in writing. Should your request to change your personal information be denied, you will be notified of the grounds for the refusal and be given the opportunity to respond. Any privacy breach concerns will be investigated and responded to in writing.
13.5 We will also make provision to update other relevant parties of your corrected Personal Information where applicable.