Privacy Policy

Effective date: 23 March 2019

Privacy Commitment

Thank you for reviewing our Privacy Policy. We recognise the importance of protecting your privacy and the personal information in our care. We have created this Privacy Policy in order to demonstrate our firm commitment to your privacy. This Privacy Policy represents how BOSS Business Office Support Services (“BOSS”) manages your personal information in accordance with the Privacy Act 1988 (Cth). Our Privacy Policy seeks to safeguard the privacy of your personal information in accordance with the Australian Privacy Principles (“the APP’s”) and the Information Privacy Principles (“the IPP’s”) contained within the Acts. This Privacy Policy sets out the kind of information we hold and how we collect, hold, use and disclose that information (including personal information and sensitive information). This Privacy Policy also includes our Credit Reporting Policy which sets out how we collect, hold, use and disclose Credit Information to comply with our credit reporting obligations under the Acts, the Credit Reporting Code registered under section 26S(1) of the Privacy Act 1988 (Cth) (“the Code”). In addition to this Privacy Policy, we may also have specific and additional privacy provisions that apply to certain activities or promotions. In the event of any inconsistency between the provisions of this Privacy Policy and those other specific and additional provisions, the specific and additional provisions provided to you will apply. This Privacy Policy may be amended or revised at any time. The revised Policy will take effect when it is uploaded on our Website. This Privacy Policy represents the latest version of the BOSS Privacy Policy

Kinds of Information collected

2.1. BOSS may collect both personal and sensitive information from you.

2.2. Personal information is any information about you that identifies you or by which your identity may be reasonably determined. The kinds of personal information that may be collected from you includes, but is not limited to, your full name, address, phone number, email address and payment details. By collecting this personal information, we are able to contact you when necessary, identify and protect your information from unauthorised use and provide the best possible service.

2.3. Sensitive information includes information or an opinion about an individual’s race, religion, political or trade association, among others. The kinds of sensitive information we may collect from you can include, but is not limited to your tax file number, medical history or affiliations. We will only collect sensitive information in circumstances where you have consented to the collection and if the information is reasonably necessary for us to provide our services.

Collection of Personal Information

3.1. BOSS will collect your personal information directly from you, online and from third parties. 3.2. We may collect your information to provide selected services to you at your request and to ensure that you receive the best possible service.

3.3. We will only collect personal information about you: • from you (including via online enquiry forms you submit, our direct discussions with you, any emails, blogs, letters, faxes or other correspondence you send to us and when you subscribe to our online publications); • if you have created an online account including an account to facilitate file transfers or payment information with us, from your use of that online account; • from any person authorised by you to provide such personal information to us (such as your professional advisors or personal representatives); • from third party contractors and suppliers we engage to help us provide services; • from external sources where the information is publicly and readily available; and • from third parties (for example, your spouse) where it is otherwise unreasonable or impractical to collect such personal information from you directly. In such cases, we will inform you before, or as soon as reasonably practicable after, we collect such personal information. 3.4. As an example, and without limiting the types of personal information we collect, we may collect the following personal information (a) name, address, and contact details such as telephone number and email address, (b) details of your interests in or ownership of entities or control of trusts, and (c) accounting information such as your tax file number, bank account details, credit card details and details of your investments. 3.5. We will only collect information relating to your tax file number for purposes authorised by law. You are not obliged to provide your tax file number to us but if you fail to do so, we may be unable to provide you with the best possible service. 3.6. Through use of our Website, we may automatically record details including your internet address, domain name and the date and time of your visit to our Website (including the web pages viewed), your browser and operating system. If you link to our Website from another website then that information may also be recorded. We may also use cookies that are small pieces of information that allow an organisation to track websites browsed by you. If you do not want to allow cookies to be used to collect information, you may disable cookies on your computer by changing the security and privacy settings in your browser. However, if you do disable cookies, you may not be able to interact with our website or take advantage of the improved functionality that cookies enable. 3.7. Where you provide us with personal information of third parties (for example, your spouse) you warrant to us that the relevant individuals have consented to you disclosing their personal information to us. 3.8. We will not collect personal information by unlawful means or means that are unfair or intrude to an unreasonable extent upon your personal affairs

Use of Personal Information

4.1. How we use your personal information varies based on the services we are providing. We will only use your personal information for the purpose it was obtained unless you consent to its use for another purpose or where an exception applies under the Acts.

4.2. Generally, we may use your personal information: • as necessary to provide services to you; • in administering our Website; • in order to enable your access to our Website services; • to perform due diligence and conflict checks prior to agreeing to provide services to you; • to send you marketing communications; PRIVACY POLICY Filename: BOSS_Policy_Privacy_P20190323 Revision Completed by: Samantha Docking Published 23/03/2019 Page 3 of 8 • for customer relationship management purposes and to supply to you the services which you have requested; • to send you statements and invoices and collect payments from you; • for recruitment purposes; • to analyse client needs and improve the services we provide; • for audit, regulatory and compliance purposes; • for industry accreditation purposes; • for accounting and administrative purposes (including to process transactions, provide accounting services, facilitate our internal business operations and comply with our legal or regulatory obligations); and • for other purposes related to our provision of business advisory services to you.

4.3. We may use personally identifiable information in a summative form to improve our services and make them more responsive to the needs of our customers. This statistical compilation and analysis of information may also be used by us or provided to others as a summary report for marketing, advertising or research purposes.

4.4. Information other than personal information collected when you visit our Website may be used to monitor usage of and decide how to improve and promote our Website, products and services (including online advertising).

4.5. We may also use the information collected to provide to you information (via email, sms or post) that has been requested by you personally. If at any time you receive material that you did not request and do not want to receive any such material anymore, please see paragraphs 13 and 14 of this Privacy Policy.

Disclosure of Personal Information

5.1. We may disclose your personal information: • to any other member of the BOSS team to allow them to provide you with services or to provide information about the services they provide; • to our contractors, agents and service providers (for example, information technology contractors, debt collection agencies, event managers, accountants, bankers, insurance agents) but only (a) for the purpose of providing services to you, (b) as necessary to facilitate the operation of our business, and/or (c) for the purpose of storing your personal information; • to the Australian Taxation Office, the Australian Securities and Investments Commission and other government bodies as required by law or as necessary to provide services to you; • to third parties with whom we are affiliated for the purpose of those third parties providing you with information about their services and promotions; • as required or authorised by law or to meet our professional standards; • where disclosure is necessary to prevent or lessen a serious threat such as public health or safety; • to any person with your consent; • where your information is publicly available; • where your information has been de-identified in a form or for statistical or research purposes; • in connection with any sale regarding BOSS; and • to our professional advisers but only so they can advise us in respect of the same.

5.2. We will not sell, transfer, assign or rent your personal information. In order to operate the website and to deliver to you the service which you have requested, we may sometimes share your personal information with an affiliate or subsidiary, which is necessary to deliver your requested items or services to you.

5.3. BOSS may need to disclose your personal information where you have consented to us doing so in providing you with our service or where disclosure is necessary to achieve the purpose for which it was submitted.

5.4. We may need to disclose or transfer your personal information if BOSS is acquired or merged with another entity.

5.5. BOSS will, at all times, attempt to ensure that we do not disclose your personal information to a third party where consent for such disclosure has not been given. In all cases where we may be required to disclose information we will attempt to obtain your direct consent for such disclosure. Where your personal information is disclosed to a third party we will take all reasonable steps to prevent unauthorised use or disclosure of your information.

5.6. Please note that if at any time BOSS is required by law to release information about you, we must cooperate fully. We may also disclose your information in order to investigate, halt, or take action regarding illegal activities.

Collection, use and disclosure of Sensitive Information

6.1. We will only collect sensitive information from you directly as reasonably necessary to provide services to you and with your consent.

6.2. As an example, and without limiting the types of sensitive information we collect, we may collect the following sensitive information (a) tax file number and (b) medical history.

6.3. BOSS will not collect your tax file number unless provided on the appropriate Australian Taxation Office collection form to provide a specific service. BOSS will only retain your tax file number for any purpose required by law or under any contract with its licensee.

6.4. Subject to paragraph

6.5, sensitive information will only be disclosed in accordance with the Act as follows: (a) for the primary purpose for which it was collected, (b) for a secondary purpose that is directly related to the primary purpose, or (c) as required by law. We will not disclose sensitive information to other members of BOSS without your prior written consent.

6.5. Information regarding your tax file number will only be disclosed to you personally and according to relevant laws (including, where you are an individual, in compliance with the Privacy (Tax File Number) Rule 2015 made under section 17 of the Act).

Direct marketing

7.1. We may use or disclose your personal information for direct marketing purposes, being: • to promote our services and provide you with information and marketing materials about other services that may be of interest to you including services provided by other members of BOSS; • to provide information relevant to your type of business or other area of expertise or interest; and • to provide you with the opportunity to attend seminars, conferences or other events that may be of interest to you.

7.2. If you subscribe to receive information from our Website, then your e-mail address and other information that you provide will be recorded. BOSS may, from time to time, use your personal information, such as your address and contact details, to provide you with marketing updates or information about the services that we offer.

7.3. If you do not wish to receive Direct Marketing communications from us, you can ‘opt out’ by clicking the ‘Unsubscribe’ link in our emails or other electronic communications, or sending an email to us at the contact details in paragraph 14 below with your contact details requesting that you no longer receive Direct Marketing materials from us. We will remove you from our Direct Marketing database as soon as reasonably practicable after receiving a request but in any event, within 30 days of receiving such a request.

Use of pseudonyms and unique identifiers

8.1. In general, you are not required to provide personal information to us. Where reasonably practicable, you may have the option of not identifying yourself, or of using a pseudonym, when dealing with us in relation to a particular matter. However if you wish to receive information about our services, events, industry updates or to apply for employment, it may not be practical for you to use a pseudonym or otherwise not identify yourself and we may require you to provide certain personal information or credit information. If you do not provide some or all of the personal information or credit information requested, we may not be able to provide you with some or all of the services you request.

8.2. In certain circumstances, we may deem it necessary to assign you a unique identifier to allow us to carry out our functions efficiently. A unique identifier will only be assigned to individuals whose identity has been clearly established.

Cross-border disclosure

9.1. BOSS uses a number of softwares and tools for storing, automated processing and sharing your information to third party service providers. This can include, but is not limited to, the use of internal search engines, electronic file transfer systems and online payment facilities.

Collection of Credit Information We may provide credit to you from time to time (for example, by giving you time to pay our account for services) and this may involve the collection of credit information. We may collect credit information about you (a) directly from you or from persons acting on your behalf (including via application forms submitted by you or on your behalf), and (b) from third parties, including credit reporting bodies and other credit providers, to assist us in determining whether we will provide credit to you.

Use and disclosure of Credit Information

11.1. With your express consent, as required by law or court order and otherwise in accordance with Part IIIA of the Privacy Act 1988 (Cth), we may use or disclose the credit information we have collected to: • credit reporting bodies; • any other member of BOSS; • third parties that perform credit assessment and debt collection services on our behalf; • our contractors, agents and service providers; and • current or prospective guarantors in relation to credit we may provide to you.

11.2. We may use or disclose credit information we have collected about you for the following purposes: • to decide whether or not to provide credit to you; • to assess your suitability to act as a guarantor for another credit facility; • to collect outstanding debts and enforce guarantees; and • to comply with our legal or regulatory obligations.

11.3. We may also use credit information we hold about you for internal management purposes and to respond to queries or complaints about our treatment of your credit information. We may disclose your credit information to credit reporting bodies if you fail to make payments to us or if you commit a serious credit infringement.

11.4. The credit reporting policies for such credit reporting bodies will be available on their websites. You have the right to contact any credit reporting bodies to whom we disclosure your credit information and request that they do not (a) use your credit information for pre-screening purposes to determine your eligibility to receive direct marketing from credit providers, and (b) use or disclose your credit information if you have been or are likely to be a victim of fraud.

11.5. We will not collect credit information by unlawful means or means that are unfair or intrude to an unreasonable extent upon your personal affairs.

Holding and security of your Personal Information and Credit Information

12.1. BOSS endeavours to take all reasonable steps to keep secure any personal or sensitive information which we hold about you, and to keep this information accurate and up to date. 12.2. However, as the internet is not a secure environment, any information that you send to us via that method is sent at your own risk.

12.3. The security and privacy of your personal information is our priority. We may store your personal information and credit information in hard copy or electronic format. We take reasonable steps to: • ensure that any personal information or credit information we hold or disclose about you is up to date, complete and correct; and • protect your personal information and credit information from misuse, interference, loss, and unauthorised access, modification and disclosure using electronic and physical security measures such as: 1. securing our premises with limited personnel access; 2. placing passwords and varying access levels on databases to limit access and protect electronic information; 3. the use of firewalls, encryption, passwords and digital certificates; 4. providing locked cabinets for the storage of physical records; and 5. requiring our staff to undertake privacy and data protection training.

12.4. We will destroy or delete any of your personal information or credit information which we no longer need to retain noting that we are required by law to retain certain information for a number of years after we have ceased providing the services. If you email us any information (including personal information or credit information), it is sent at your own risk as it may not necessarily be secure against interception.

Accessing and correcting Personal Information and Credit Information

13.1. We rely on the accuracy of the personal information and credit information you provide to us.

13.2. We may take steps to correct information held if we are satisfied that the information is inaccurate, out of-date, incomplete, irrelevant or misleading.

13.3. On your request, except to the extent that we are lawfully able to refuse such a request, we will provide you with access to personal information and credit information that we hold about you. All requests about the personal information or credit information that we hold should be made by email or in writing to us (see paragraph 14 of this Privacy Policy for our contact details). We will try to respond to your request within a reasonable period.

13.4. If you satisfy us that personal information or credit information that we hold about you is misleading, inaccurate, out of date or incomplete, except to the extent that we are lawfully able to refuse such a request, we will correct the personal information and credit information that we hold about you. If it is reasonable and practicable to do so, we will give you access to your personal information and credit information in the manner that you request. We do not generally charge for providing such access but may do so in certain circumstances.

13.5. In the event that we deny access to or refuse to correct your personal information or credit information that we hold, we will provide you with written reasons and the mechanisms available to complain about such refusal.

How to access and correct your Personal Information

14.1. You may access and / or request that your personal information be edited or corrected by contacting BOSS by writing to one of the following: • Email: [email protected] • In writing: BOSS Business Office Support Services, PO Box 3131, Port Lincoln SA 5606.

14.2. By informing us of any changes to your personal information, you allow us to ensure that your information is accurate, up-to-date and complete. 

Third party websites

15.1. When you leave our Website, you will be going to websites that are beyond our control. Our Policy does not apply to third party websites.

15.2. We confirm that this Privacy Policy only governs the handling of your personal information by BOSS. We encourage you to read the privacy policies of any third party websites before disclosing any personal information to those entities.

Changes to policy and complaints

16.1. If you believe that we have breached our privacy or credit reporting obligations under the Act, or you are unsatisfied with the manner in which we have dealt with your personal information, you may make a complaint by emailing or writing to us at: • Email: [email protected] • In writing: BOSS Business Office Support Services, PO Box 3131, Port Lincoln SA 5606 16.2. BOSS will, within fourteen days, respond to you and attempt to resolve with you your issues as they pertain to your personal information. 16.3. If you are still unsatisfied, you may wish to direct your complaint to the Office of the Australian Information Commission at or alternatively: • Phone: 1300 363 992 • In writing: The Office of the Australian Information Commissioner, GPO Box 5218, Sydney NSW 2001

17. Updating this Policy BOSS may update this Privacy Policy from time to time by posting a new version on this website. Please check this page to ensure that you are familiar with any changes that may have arisen.

Meanings In this Privacy Policy:

18.1. a reference to us, our or we is BOSS;

18.2. Acts mean the Privacy Act 1988 (Cth);

18.3. Credit Information includes identification information (for example, name, date of birth, driver’s licence number, current and recent addresses and employment details), historical details of credit (including type and amount of credit sought or obtained) and repayment history, information about applications for credit, information about defaults and payment arrangements, details of insolvency proceedings, bankruptcy agreements, judgements and arrangements with creditors, information relating to activities and credit worthiness in Australia, information recorded on the National Personal Insolvency Index and opinions of credit providers regarding serious credit infringements;

18.4. Personal Information means information (including an opinion) about an individual whose identity is apparent or can reasonably be ascertained from the information whether true or not and whether or not recorded in a material form;

18.5. Sensitive Information has the meaning given by the Act and includes Personal Information which relates to an individual’s racial or ethnic origins, religious beliefs or affiliations, trade association, trade union membership, sexual orientation, criminal record and information as to an individual’s health or biometric information.

18.6. Website means all of the pages located on the website you are currently viewing, being which relate to BOSS.

Contact Us

If you have any questions, concerns or complaints about this policy, please contact us:

  • By email: [email protected]
  • By phone number:  0432 648 742
  • By mail: PO Box 3131, Port Lincoln SA 5606