STA Accountants Pty Ltd – Privacy Policy

General

We understand that the privacy of your personal details is of the utmost importance to you and this policy sets out the rules we will abide by when dealing with personal information we collect from individuals in the course of our business. This policy is consistent with the Australian Privacy Principles (APP) of the Privacy Act 1988 updated on 12 March 2014.

Personal Information

In this policy personal information means information from which an individual is either identified or reasonably identifiable.

What Information is Collected and Held

Clients or Potential Clients

The personal information we collect includes your name, address details, date and place of birth, telephone numbers, email address and other information specific to the services provided. This can include, but is not limited to, tax file number, Australian business number, bank account and credit card details, business and financial information. This information is used in the provision of accounting, taxation and other professional financial services.

Website and Client Portal Users

When using our website or client portal you may provide us with personal information. We will use all reasonable measures to protect any such information from being used for any other purpose, other than the purpose for which it was intended.

As well as the information you specifically provide above, we may gather statistics on its web site to collect information about the number of visitors coming to the site and their location. No identifying information is collected during this process. We use this information for statistical purposes only.

We may also use ‘cookies’. Cookies are small files which are stored on a user’s computer. They are designed to hold a modest amount of data about a user’s preferences. This allows the website to deliver a page tailored for a particular user, or the page itself can contain some script which is aware of the data in the cookie and so is able to carry information from one visit to the website (or related site) to the next. It is possible to have your internet browser refuse cookies, but that may reduce the functionality.

Employees and Potential Employees

When recruiting and employing staff, we collect personal information such as your name, address details, telephone numbers, email address and other information specific to the recruiting/ employment activities. This can include, but is not limited to previous work experience, education, references, tax file number and superannuation details.

How Information is Collected

If it is reasonable and practical to do so, we will collect personal information directly from the individual(s) concerned with their consent. This may be through emails, over the telephone, over the internet, in person or from files downloaded via Cloud Data Storage facilities, such as Dropbox.

We may need to collect personal information from another person or entity such as the Australian Taxation Office, ASIC, your bank, your financial adviser, your employer, your lawyer or other sources as required. We do not collect personal information without your consent.

When you provide personal information to us about other individuals, we rely on you to have made them aware that you will or may provide the information to us and the relevant purposes for which we will use this information. You also need to inform them how they can access this information.

How the organisation will keep personal information accurate and up-to-date

We seek to maintain the quality of the information we hold by taking reasonable administrative and technical steps to make sure that the information collected, used and disclosed is accurate, complete and up-to-date. If the information we hold about you is incorrect, you may inform us and we will correct it for you.

How the organisation will keep information and data secure

The organisation utilises up-to-date techniques and processes, which meet current government requirements to protect personal information from misuse, loss and unauthorised access, modification or disclosure.

Paper documents are protected from unauthorised access or use through the various security systems that we have over our physical premises .

We also maintain up-to-date computer and network security systems with appropriate firewalls, access controls and passwords to protect electronic copies of personal information.

The only people who are permitted to access personal information are those employees or contractors who need personal information to do their jobs. All employees and contractors are contractually bound to keep your personal information confidential and on how personal information must be treated.

We take all reasonable steps to ensure that all personal information we hold is secure from any unauthorised access, misuse or disclosure, however we cannot guarantee that unauthorised access will not occur.

Destroying personal information

Any personal information we hold will be maintained in order to comply with legislative and professional requirements, after which time the information will be securely destroyed. Where the information is paper based, it will be shredded and if held electronically will be deleted from our on-site and off-site storage systems.

Access to personal information we hold and to correction of that information

Our policy is to provide you with access to your own personal information, subject to some exceptions permitted by law. We will also generally provide access in the manner that you have requested (i.e. by providing copies or permitting a file to be viewed), provided it is reasonable and practical for us to do so.

Complaints

Should you have a complaint about any of our privacy procedures, please contact us by email at Julie@staaccountants.com.au or by telephone on (08) 9754 4144. We will deal promptly with your complaint. If we cannot resolve the complaint to your satisfaction within a reasonable time, you or we may refer the complaint to the Office of the Australian Information Commissioner.

Disclosure of Your Information to Third Parties

There are occasions when we may be requested to provide your personal information to third parties such as the Australian Taxation Office, Australian Securities Commission, your bank or other parties in order to provide our services to you. This is done with your consent to using your personal information in this way, unless we are required by legislation to disclose information.

Outsourced Services

From time to time, we may outsource Bookkeeping, Cloud Advisory and Other Services to various service providers including Australian companies that have staff located overseas. These Service Providers are required to comply with Australian Privacy Principles in disclosing your personal information to any overseas recipients, including taking all reasonable steps to ensure that:

(a)               The overseas recipient does not breach the Australian Privacy Principles; or

(b)               The overseas recipient is subject to a law, or binding scheme, that has the effect of protecting the information in a way that, overall, is at least substantially similar to the way the Australian Privacy Principles protect the information.

Acceptance of our services in conjunction with this engagement document indicates your acceptance of the use of outsourced services as described.

Cloud Hosted Software

We use cloud based practice management, tax and accounting software that contains your personal and financial information. We predominantly use Xero software and all data entered into Xero is stored on servers hosted by third parties. The servers are located in the United States but may be replicated to other locations. The parties that host these servers do not control and are not permitted to access your Personal information except for the limited purpose of storing the information. The suppliers of this software have privacy policies that are consistent with the Australian Privacy Principles.

Data Storage

From time to time, we may also use Cloud Data Storage, such as Dropbox, to facilitate the transfer of data files and other information from clients.

The providers of this storage have privacy policies that are consistent with the Australian Privacy Principles.

Use or disclosure of Government related identifiers

We will not use a government identifier as your unique identifier within our systems. We will not disclose any of your Government related identifiers without your express consent, or if we are required under the Law.