Comply Flow is committed to providing a confidential service to its users, we are bound by the National Privacy Principles of the Privacy Act 1988 and individual state legislation.
For the purpose of this policy, confidentiality relates to the transmission of personal, sensitive or identifiable information about individuals or organisations (confidential information), which comes into the possession of the organisation through its work.
Comply Flow holds personal data about its users on behalf of your client or employer which will only be used for the purposes for which it was gathered and will not be disclosed to anyone outside of the parties mentioned above where a warrant or subpoena has not been provided.
All personal data will be dealt with sensitively and in the strictest confidence internally and externally.
- All personal paper-based and electronic data must be stored in accordance with The Privacy Act 1988 (Privacy Act) and must be secured against unauthorised access, accidental disclosure, loss or destruction.
- All personal paper-based and electronic data are only accessible to those individuals authorised to have access.
We consider protecting personal information a high priority, and have strict measures when it comes to securing data on our Australian based servers. The types of information we collect and hold are: personal information such as names, postal address, phone numbers, email addresses, personal information for general administration purposes. We also collect and hold personal information in regards to a person’s business or professional capacity such as ABN/ACN, position and organisation.
The data is not viewed or accessed by personnel unless management ,your client or employer require us to do so. Our personnel do not access accounts or export records unless it is intentionally granted by the General Manager or disclosed by your clients or your employer.
Personal records are not revealed, sold, distributed, rented, licensed, shared or passed on to any third party unless Comply Flow is legally required to do so.
Comply Flow is committed to the use of personal information in accordance with the Australian Privacy Principles.
Accessing the information we hold about you.
You can access and correct the personal information we hold about you.
Contact us via:
Physical mail: PO Box 79 FRESHWATER NSW 2096
Phone: +612 8005 5975
Confidential or sensitive information relating to an individual may be divulged where it is against the law to withhold it. In these circumstances, information may be divulged to external agencies e.g. police or social services on a need to know basis, provided that they present a subpoena or a warrant.
If the breach is caused by any other than the above listed reasons, the disciplinary measure is immediate termination.
In the event of a data breach, Comply Flow will inform all involved as per the The Notifiable Data Breaches (NDB) scheme under Part IIIC of the Privacy Act 1988 (Privacy Act)
Comply Flow will monitor this policy to ensure it meets statutory and legal requirements including the;
- Privacy Act 1988
- Information Privacy Act 2014(ACT)
- Privacy and Personal Information Protection Act 1998 (NSW)
- Information Act (NT)
- Information Privacy Act 2009 (Qld)
- Information and Protection Act 2004 (Tas)
- Privacy and Data Protection Act 2014 (Vic)
- General Data Protection Regulation (GDPR) (EU) 2016/679
Ensuring the effectiveness of the policy
25th of May 2018