Chapters
1. Purpose
2. Applicability
3. Policy
4. If you have a privacy complaint
5. How to contact us
6. Policy approval

Datacom Group Privacy Policy

Datacom is an IT service provider that supplies various services including data centres, private cloud, and managed services such as infrastructure support, call centre services, payroll, and business processing outsourced services.

Privacy is important to us, and we respect how important it is to you. We are committed to protecting your privacy and keeping your personal information safe.

1. Purpose

This Privacy Policy ('Policy') sets out our approach to personal information including:

  • how we collect, hold, use and disclose (collectively "manage") your personal information;
  • how we aim to maintain the quality and security of your personal information;
  • your rights to access and correct your personal information; and
  • your rights to make a privacy complaint.

2. Applicability

This Policy applies to

  • all Datacom's entities and affiliated entities (Datacom, we, us, or our) in all countries where we operate. Refer to www.datacom.com for our locations; and
  • personal information provided by customers, partners, suppliers, contractors, employment candidates and other third parties we interact with during our business functions and activities - whether in person, contacting us directly or through our website, or other interactions.

References to "you" and "your" refer to individuals whose personal information we manage.  This includes customers, suppliers, partners, employees, or any potential members of these groups, or other members of the community who share their information with us.

If you are an EU resident, please refer to the “GDPR Statement” on our website, which explains your rights and our obligations under the GDPR regime.

Employees and prospective employees should refer to their relevant employment agreements, hiring processes or other applicable documentation in addition to this Policy, which also applies to the extent it is not overridden by other more specific documentation.

3. Policy

We recognise each individual’s right to privacy and are committed to the confidentiality and protection of your personal information. 

We aim to manage personal information in an open and transparent way and to comply with all applicable privacy laws in the countries we operate in.

3.1 Personal and sensitive information

In this Policy you will see the terms 'personal information' and 'sensitive information' used. These terms have the following definitions:

  • 'personal information' means information that identifies you or can be used to identify you, or from which you are reasonably identifiable.
  • 'sensitive information' is a sub-set of personal information and includes information about your health, race or ethnic origin, political opinions, memberships of trade unions or political associations, religious or philosophical beliefs, sexual preferences, or criminal history. Sensitive information is more protected under Privacy Laws than are other forms of personal information. 

In this Policy, and unless otherwise stated, all references to 'personal information' include 'sensitive information'.

3.2 What personal information do we collect?

We collect and hold different categories of information depending on our relationship with you, the services being provided, and the jurisdiction in which those services are provided in.

The types of personal information we collect may include:

  • Identifying information such as full name, title, date of birth, passport number, driver's license number, tax identifiers, signature (particularly for employees or potential employees);
  • Contact information such as personal address, personal telephone number, personal email address;
  • Financial information such as bank account number, credit card details (particularly for customers or purchasers of items through any online portals);
  • Professional information such as position/job title, work address, work telephone number, work email address (particularly for our customers or suppliers);
  • Profile information such as username and password for online services we deliver and manage that you have access to, marketing communications you have responded to, survey responses (particularly for our customers or suppliers);
  • Marketing and communications information such as marketing and communications preferences, tracking data on whether you have read marketing communications from us, web analytics about your interactions with Datacom websites and digital platforms;
  • Electronic monitoring information to the extent the law allows, we may record and monitor your electronic communications with us; and
  • Services information such as invoice and payment details to and from you, details of services we provided to you, or you provided to us (particularly for our customers or suppliers).
  • In limited circumstances, and only for employees or potential employees and where the law allows, we may collect sensitive information about:
  • criminal convictions and offences when legally required or permitted; and
  • another contact person's details you have given us (in the case of emergency).  We assume you have obtained their consent to provide this information to us and are ok in disclosing the relationship (i.e. Close friend, family member, partner, spouse etc).

We only collect personal information (including sensitive information) needed for legitimate business purposes.

3.3 How we collect personal information?

We only collect personal information by lawful and fair means.

We collect personal information in a number of ways, including:

  • when you purchase goods or services from us;
  • when you correspond with us;
  • when you or your employer provide (or update) personal information in connection with products and services we offer to you or them (for example, this could simply be your contact details on an invoice to your company);
  • when you provide (or update) personal information in connection with products and services we offer to you, or that you offer to us;
  • when you enquire or apply for employment with us;
  • when you use our website or interact with us through various digital platforms including social media (including subscribing to newsletters, downloading reports, or responding to surveys); and
  • from publicly available information.

3.3.1 Unsolicited information

As a general rule, personal information you give us beyond the information we ask for, will be treated as unsolicited personal information.

If we can keep this unsolicited personal information under applicable law, we will handle it as lawfully collected personal information. If the unsolicited personal information has no legitimate business purpose, we will destroy or de-identify the information in due course.

3.3.2 Collecting through our website and digital platforms

Web analytics

We collect data about your interactions with Datacom's websites and other digital platforms including social media. The main purpose of this is to improve your experience when using our sites and to support marketing efforts.

The types of data we may collect include:

  • your device’s IP address and geographic location;
  • search terms and pages visited, downloads, time spent on a page;
  • date and time pages are accessed;
  • device type, operating system, and browser information;
  • other details relating to your visit which are available through the use of cookies and other tracking tools; and
  • if your web browser has Do Not Track / Incognito enabled, we will not track your visit.

Our websites and digital platforms may contain links to websites and digital platforms external to Datacom. We are not responsible for the content or privacy policies that govern these external sites.

Cookies

Cookies are small data files transferred on to computers or devices by websites for record-keeping purposes and to enhance functionality on the website. Most browsers allow you to choose whether to accept cookies or not. If you do not wish to have cookies placed on your computer, please set your browser preferences to reject all cookies before accessing our website.

Email lists, registrations, and feedback

We will collect information that you give us when signing up to mailing lists and registering for our events, or when submitting feedback on your experience with our website.

When subscribing to our mailing lists, you will be asked to give your express consent that we may use your data for analytics purposes. Analytics are performed when you open an email and click on links in the email.

Social networking services

We use social networking services such as LinkedIn to communicate with the public. When you interact with us using these services, we may collect your personal information and use it for our marketing. The social networking service will also handle your personal information for its own purpose, and you should refer to their privacy policy for details.

3.4 Can you refuse to provide your personal information?

You do not have to give us your personal information. However, if you do not provide us with, or remove your consent, to the personal information requested, the following may occur:

  • information you ask us to provide may not be received;
  • we may not be able to offer you our products and services;
  • delivery of the contracted products and services to you may be impacted; and
  • administration of the relationship you have with us may be impacted (e.g. Billing and payments, evaluation of suitability of employment, etc).

3.4.1 Anonymity and pseudonymity

Where appropriate and practical, you can deal with us without providing any personal information or by providing a pseudonym (e.g. You can call us to inquire generally about our services and products without providing any personal information, you can interact with us on digital and social platforms using a pseudonym, etc).

Naturally, using a pseudonym may result in our security filters or processes blocking or limiting your access or our responses to you.

3.5 How we use your personal information?

We use your personal information for the following purposes:

Your relationship to us
How we use your personal information
Customers and their employees
To deliver contracted services and products e.g., Customers’ employee financial data is required to deliver payroll services. Provide technical support, e.g., Account creation, password reset. Contact customers about our provision of services and products to them. Billing, order fulfilment, and payments. To undertake customer satisfaction surveys and collect feedback to improve services and products. Provide information on request about our products and services. To streamline and personalise the customer experience while dealing with us. Occasionally, we use aggregated personal information derived from use of our products and services to provide us with anonymous demographic and customer usage information. This information does not identify individuals. This anonymous, aggregated information is used to improve services and products we provide to customers, to develop new services or product offerings, to derive insights and identify business trends, and/or for our statistical and marketing purposes.
Partners and suppliers
Contact partners and suppliers about the provision of services and products to us. Request and provide technical support, e.g., Account creation, password reset etc. Billing, order fulfilment, and payments. To streamline and personalise partner and supplier experience while dealing with us. To conduct due diligence checks on partners and suppliers. To monitor the performance of the products and services being provided to us and to our customers on our behalf.
Contractors
Contact contractors about the services being delivered and work performed on our behalf. Necessary information under work, health, and safety laws so we can provide a safe working environment. Billing, order fulfilment, and payments.
Employment candidates
Contact prospective employment candidates about employment positions available at Datacom. Determine suitability for the role including reference checks, education verification, credit checks and police checks as applicable laws allow.
Other external third parties (including visitors to Datacom websites and digital platforms)
Contact third parties for valid business reasons, e.g., Reporting under legislative requirements. Direct and indirect marketing activities.

3.5.1 Use of identifiers

We do not use or disclose any government related identifiers unless it is reasonably necessary for us to verify your identity or where required or permitted by law.

3.6 Quality of personal information

We take reasonable steps to ensure personal information we manage is accurate, up-to-date, complete, and relevant.

If we become aware that any personal information we hold is inaccurate, we will take prompt steps to correct it.

Where necessary, we will confirm the accuracy of information we collect from a third party or public source.

3.7 Can you access and correct your personal information?

You can access your own personal information that we manage.

You can correct the personal information we hold about you if it is inaccurate, out of date, incomplete, irrelevant, or misleading.

Only you, or another authorised person, can make the request. We will verify your identity prior to providing you access or correcting your personal information.

There is generally no fee to make a request or be given access to your personal information. However, depending on the complexity of the request, a reasonable processing fee may be charged in some cases. There is no fee for correcting your personal information.

Requests should be made in writing to the Datacom Privacy Officer (refer to the section "How to contact us" below).

We try to respond to requests for access and/or correction of personal information within 15 business days after the Datacom Privacy Officer receives your written request.

3.8 How we protect your personal information?

We take information security seriously and therefore take reasonable steps to protect your information from misuse, interference, loss, unauthorised access, modification, destruction, or disclosure.

We have implemented various appropriate safeguards to help keep your personal information reasonably safe including ICT security, access security, internal training programs and data breach response protocols. All Datacom ICT devices, storage and channels are subject to monitoring, logging analysis and audit. We may choose to contract a third party to perform these functions

Our security systems are regularly reviewed and updated to help reasonably maintain the confidentiality, integrity and availability of data and systems.

All personal information is stored on our cloud storage or at secure premises using industry standard security protocols. As a provider and user of IT services including cloud services, personal information may be stored on servers located in several countries outside of where you reside or where services are provided to you. We take reasonable steps to help ensure your privacy is protected, in accordance with the relevant privacy and data protection laws, by using a variety of lawful data transfer mechanisms and contractual agreements for privacy and data protection.

3.9 Who do we share your personal information with?

We may disclose your personal information as applicable law or regulation requires or allows (e.g., Court, enforcement body, regulatory body, government agency).

We may disclose your personal information to third party partners and suppliers, confidentially, as a necessary part of delivering our services and products to customers, suppliers or as part of an employment process (for example, where you are going to work on a particular customer account).

3.9.1 Overseas recipients

We may disclose your personal information to our affiliated entities or third party suppliers or partners (in confidence) in other countries as a necessary part of delivering our services and products to customers e.g., Providing technical support from service desks.  The disclosure of this personal information is subject to the privacy laws applicable, either in the country where the affiliated entity, third party supplier or partner is located, or the disclosing location, dependent on the principles of international law and privacy or data protection.

We will not disclose your personal information to overseas recipients unless we have taken reasonable steps to ensure the recipient protects your privacy in accordance with this Policy. A formal agreement exists between all Datacom affiliated entities to help ensure all personal information is protected during transfer and managed in accordance with this Policy at all times.  All third party suppliers or partners have contractual arrangements to help properly protect your personal information.

3.10 How long do we keep your personal information?

We aim to keep your personal information for only as long as we need it or required by law, then we will take reasonable steps to destroy it or dispose of it in a secure manner.

3.11 Marketing

We will only engage in direct marketing practices in accordance with the laws of the relevant country or jurisdiction.

We may use your personal information to communicate with you to promote our services and products that we think may be of interest to you.

Personal information collected from our websites and digital platforms may be used to support our marketing activities unless you opt-out of this in our cookie settings.

You may, at any time, chose to not receive marketing communications by using the opt-out facilities we provide in the communications, cookie settings on our website and digital platforms, or by contacting us directly using the contact details below (in the section 'How to contact us').

We commit to ensuring that you stop receiving any unwanted communications as soon as possible.

4. If you have a privacy complaint

If you would like to make a complaint about how we manage or protect your personal information, you can provide your written complaint by mail or email using the contact details outlined below in the section 'How to contact us'.

We make reasonable efforts to investigate your complaint and advise you of the outcome as soon as possible.

You can also complain to a competent authority with jurisdiction over privacy and data protection laws relating to your personal information that may apply. Please contact us for further details.

5. How to contact us

You can contact us about this Policy or about your personal information as follows:

By email:

6. Policy approval

 

Quentin Lowcay

Greg Davidson

Head of Legal and Commercial

Chief Executive Officer

Policy Owner

 

 

Review Date

October 2024