Our commitment to protect your privacy
RotaCota, a division of DuluxGroup, recognises the importance of your privacy and how important it is for us to protect your personal information. We are committed to protecting personal information which we hold and to complying with all relevant privacy laws in the jurisdictions in which we operate. This document describes how we manage your personal information and safeguard your privacy.
References to ‘DuluxGroup’, ‘we’ and ‘us’ include DuluxGroup Limited and its related bodies corporate. Please see our website at www.duluxgroup.com.au for more information about our companies and brands.
How do we collect and hold personal information about you?
The kinds of personal information we collect and hold will depend upon the type of products and services we provide to you or obtain from you. It may be contained in:
- Information you give us when you request a product or service from us or enter a competition of ours;
- Records of communications and other interactions you have with us (including telephone, email and online); and
- If you have or had one of our products, information about the use of that product or your opinions about that product recorded when you respond to a survey.
This information may include your name, address, telephone numbers, email address, bank account and credit card details, date of birth, identification information and organisation.
The personal information we request is generally optional, but if you choose not to provide personal information to us, we may not be able to fulfil your request or provide you with the product or service you require. Sometimes, however, there are situations where we are required by law to collect certain personal information from you and, if this is the case, we will take reasonable steps to inform you of the law that imposes this requirement.
We generally collect personal information directly from you whenever it is reasonable practicable to do so. We may also collect personal information from other parties such as our related bodies corporate your agents or representatives (such as your legal or financial adviser) and from publicly available sources of information.
What do we do with the personal information we collect?
We collect, use and disclose personal information to carry on our business; to provide, administer, improve and personalise our products and services; to identify and interact with our customers; to let our customers know about other products and services which might interest them; to assess and improve the quality of our products and services; to protect our lawful interests; to deal with our customers’ concerns and enquiries; and to assist us generally in managing transactions with our customers, suppliers, consumers and other contacts.
One or more DuluxGroup entities may contact you on an ongoing basis by telephone, mail, electronically or otherwise to provide you with marketing, advertising or other material about our products and services or to follow up on your interest in particular products and services, unless or until you tell us not to or we are restricted by law. We may also disclose your personal information to market research agencies, who may contact you in a similar manner to conduct market research in relation to products and services you have acquired from or are offered by DuluxGroup and related matters (unless or until you tell us not to).
We may also exchange information with other DuluxGroup entities and with our service providers including our print service providers, call centres and mail houses, advertising agencies, accountants, auditors and lawyers, credit reporting and collection agencies, and providers of archival, banking, payment, data processing, data analysis, information broking, research, investigation, website and technology services.
We may also disclose your personal information in corporate transactions involving the transfer of all or part of our assets (including debts) or business or in a corporate restructure.
We may also be required or authorised by law to disclose your personal information. For example, we may disclose your personal information to a court in response to a subpoena or to a relevant taxation agency. We may also disclose information to other persons where you have provided your consent for us to do so.
Some of the third parties to which we disclose personal information may be located in New Zealand, Papua New Guinea, Fiji, Singapore, Hong Kong, Peoples Republic of China, the United State of America, throughout the European Union and other countries and you acknowledge that, while they will often be subject to confidentiality or privacy obligations, they may not always follow the requirements of Australian privacy laws.
How do we protect your personal information?
We hold personal information electronically and in hard copy form. We take reasonable steps to protect your personal information from loss, misuse, modification, or unauthorised access, use and disclosure. These steps include access control for our buildings, confidentiality obligations imposed on our employees and service providers and the use of security measures for computer system access.
Once we no longer require your personal information for any of the purposes for which it was collected we will, subject to any legal obligations and responsibilities, take reasonable steps to destroy or de-identify your personal information.
Your privacy on our websites and the Business +PLus
We operate websites which may utilise ‘cookies’ to collect personal information. A cookie is a small file that is stored on your hard disk by a website. Cookies contain information which is readable by the website that issued the cookie to you. Cookies cannot execute programs or access other information on your computer. Your web browser can be configured to reject cookies issued by our websites, but if you do so, some functionality that we provide on our websites may become unavailable as a result.
If you transact electronically with another member of DuluxGroup, you should refer to the website of that member for more information on its website privacy and security procedures.
When you visit a website of ours, we may collect the following information from you: your IP address, domain name, the date, time and duration of your visit, the pages and documents you accessed, the previous site you had accessed (ie the referring URL), the type of browser you are using and information you volunteer such as survey information, name and email address.
While we take care that the personal information you give us on our websites is protected, the Internet is not a secure environment. If you are considering sending us any personal information through one of our websites, the Business +PLus or by other means, please be aware that the information may be insecure in transit, particularly where no encryption is used (eg. email, standard HTTP). We are subject to laws requiring us to protect information once it comes into our possession.
You may be able to access external websites, operated by companies unrelated to us, by clicking on links we have provided. Those other websites are not subject to our privacy standards and we are not responsible for their privacy practices or the content of such other websites. You should contact those websites directly to ascertain their privacy standards, policies and procedures.
This section applies in relation to our handling personal information from credit reporting bodies (CRBs) and certain other consumer credit-related personal information described below (credit information). We generally handle credit information in the context of commercial credit rather than consumer credit arrangements. For example, information about an individual’s consumer credit worthiness may be handled where we provide trade credit to sole traders, or individuals such as directors provide personal guarantees in relation to trade credit we extend to companies.
We may collect and hold any types of credit information about an individual permitted under the Privacy Act, including:
- name, sex, date of birth, driver’s licence number, employer and three most recent addresses;
- confirmation of previous information requests about the individual to CRBs made by other credit providers and credit insurers;
- details of previous credit applications, including the amount and type of credit and credit limit;
- details of current and previous credit arrangements, including credit providers, start/end dates and certain terms and conditions;
- permitted payment default information, including information about related payment arrangements and subsequent repayment;
- information about serious credit infringements (e.g. fraud);
- information about adverse court judgments and insolvency;
- publicly available information about the individual’s credit worthiness; and
- any credit score or credit risk assessment indicating a CRB’s or credit provider's analysis of the individual’s eligibility for consumer credit.
This credit information may include information about your arrangements with other credit providers as well as with us.
Where we collect credit information about you from a CRB, we may use that information to produce our own assessments and ratings in respect of your credit worthiness.
We may disclose credit information to CRBs to assist the CRBs to maintain information about you to provide to other credit providers for credit assessments. We may collect credit information from CRBs for purposes including, to the extent permitted by law, to assess your credit or guarantee application, manage your credit/guarantee, assign debts and collect overdue payments. We may also exchange credit information with debt buyers and other credit providers.
The CRBs we use may include:
- Veda, PO Box 964 North Sydney 2059, www.mycreditfile.com.au, 1300 762 207;
- Dun & Bradstreet, Level 7, 479 St. Kilda Road Melbourne 3004, www.dnb.com.au, email@example.com, 1300 734 806;
- Experian, GPO Box 1969, North Sydney NSW 2060, www.experian.com.au, 1300 784 134;
- Tasmanian Collection Service, 29 Argyle Street, Hobart, www.tascol.com.au, firstname.lastname@example.org, (03) 6213 5555.
You have the right to request CRBs not to:
- use your credit information to determine your eligibility to receive direct marketing from credit providers; and
- use or disclose your credit information, if you have been or are likely to be a victim of fraud.
What rights do you have in relation to your personal information which we hold?
We take reasonable steps to ensure that the personal information we collect, use and disclose is accurate, complete and up-to-date. If you become aware of any errors in your personal information or you change your personal details such as your name, address or bank account details, please contact us at your earliest convenience.
You can gain access to personal information that we hold about you, subject to certain exceptions allowed by law. Please contact us (as set out below) if you would like details about the personal information we may hold about you or if you would like us to update or correct it. We will handle any request in accordance with the relevant privacy regulations. We may require you to complete a request form and we also reserve the right to charge a reasonable fee for gaining access. We endeavour to deal with such requests promptly, but requests for a large amount of information, or information which is not currently in use, may require significant time to extract.
Generally, if you request us to do so we will amend any personal information about you held by us which is inaccurate, incomplete or out of date. If we are not able or unwilling to provide you with access to any personal information or to correct any personal information held by us, we will provide you with our reasons. If we do not agree to amend your personal information and you disagree, you may request that we make a note of your requested correction with the information.
You may also contact us to request us to stop using your personal information to contact you about our products and services. You can contact us if you wish to obtain more information about the way we manage personal information about you which we hold or if you are concerned that we may have breached our privacy obligations and wish to make a complaint. If you make a complaint, we will endeavour to respond and resolve your complaint promptly. For more information about privacy generally, or if your compliant is not resolved to your satisfaction, you may contact the Office of the Australian Information Commissioner at www.oaic.gov.au and on 1300 363 992.
How to contact us
Changes to this privacy statement
We may change our privacy policies from time to time to comply with new laws or industry codes of practice which are developed or to align with changes to our business. It is your responsibility to refer to our privacy policies from time to time to familiarise yourself with any changes. We encourage you to visit our websites regularly for any updates to our privacy policies.