VETtrak Pty Ltd ABN 92 083 795 500 (VETtrak, we or us) is committed to protecting the privacy of your personal information. This Privacy Policy explains how we manage the personal information that we collect, use and disclose and how to contact us if you have any further queries about our management of your personal information.

What is personal information?

Personal information is information or an opinion, in any form and whether true or not, about an identified individual or an individual who is reasonably identifiable.  Examples include an individual’s name, address, contact number and email address.

How do we collect personal information?

We collect personal information in a number of ways, including:

  • directly from you (such as when you interact with us in writing, electronically or via telephone)
  • when you access and use our website (for example, if you submit a contact form)
  • through our customers’ use of our products and services, such as our education and training management solutions
  • through your use of products or services we provide to our customers, such as a student portal supported by our systems

What kinds of personal information do we collect and hold?

The kinds of personal information that we collect and hold about you will depend on the circumstances of collection, including whether we collect the information from you as a user of our products or services, as a customer, supplier, job applicant, or in some other capacity.

For example, if you participate in education or training with one of our customers, we may collect information relating to your enrolment, units of study, demographic information (including gender, location and employment) and other information through our customer’s use of our education and training management solutions.

If you deal with us in some other capacity (for example, as a customer, supplier, contractor or job applicant), we may collect your name and contact details and any other information you choose to provide to us.  We may also collect details of the interactions that you have with us.

In some circumstances, we may need to collect sensitive information about you.  We will not do this unless you have consented to the collection (including by providing your information to a customer who processes or stores your information using our products or services), or if we are otherwise required or authorised to do so by or under law.  Sensitive information includes (for example) health information and information about a person’s racial or ethnic origin, political opinions, religious beliefs, professional or trade association membership, sexual preferences and criminal record.

If you are or become our employee, the handling of your personal information may be exempt from the Australian Privacy Principles if it is directly related to your current or former employment relationship with us.

If we are unable to collect personal information from or about you, you may not be able to use our products or services or we may not be able to do business with you or the organisation with which you are connected.

Why do we collect personal information?

We collect personal information for a range of purposes, including to:

  • respond to inquiries about the products and services that we offer
  • supply products and services to our customers including education and training management solutions
  • manage our relationships with our customers, contractors and suppliers
  • perform research and analysis, including to improve or develop our products and services
  • consider job applicants for current and future employment
  • attend to day to day administrative matters and facilitate VETtrak’s internal business operations

We may use your information for other purposes required or authorised by or under law (including purposes for which you have provided your consent).

Direct marketing

If you are a customer of ours, or an institution or person providing education, training or associated services, we may use your personal information to contact you from time to time, by way of promotional messages about new products, special offers or other information we think you may find interesting or for market research purposes.

You agree that this contact may occur by way of email, phone, fax or mail, using the information we have collected. You can let us know at any time if you no longer wish to receive any of these communications, by contacting us (using the contact details at the end of this policy, or in accordance with such other instructions as we publish from time to time). Your consent will be deemed to have been given if you do not opt out when we offer you the opportunity to do so, and will remain current until you advise us otherwise.

When do we disclose personal information to third parties?

In conducting our business, we may sometimes need to disclose personal information to third parties.  These include, where appropriate:

  • our customers, if you participate in education or training with them
  • our contracted service providers, including:
  • information technology service providers
  • marketing providers
  • external business advisors (such as auditors and lawyers)
  • if you are a job applicant, referees whose details you have provided to us

We may also disclose your personal information to other third parties and for other purposes where we are required or authorised by or under law to do so (including where you have provided your consent).

Disclosure of personal information to overseas recipients

Depending on the type of personal information we hold about you, we may disclose this information to our third party service providers located in one or more overseas countries.

Quality and security of personal information

We take reasonable steps to ensure that the personal information we collect, use and disclose is accurate, complete, up to date and relevant.  You can help us by letting us know (using the contact details at the end of this policy) about any changes to your personal information, such as your address and phone number.

We may store your information in hard copy and/or in electronic form.  We take reasonable steps to protect the personal information we hold from misuse, interference and loss, and from unauthorised access, modification or disclosure.  This includes taking appropriate security measures to protect electronic materials and materials stored and generated in hard copy.

Please see the ‘VETtrak Pty Ltd Data Security Statement’ for further security information relating to the VETtrak application and VETrak add-on databases.

Access to and correction of your personal information

Please contact us (using the contact details at the end of this policy) if you would like to access or correct the personal information that we hold about you.  We will generally provide you with access to your personal information (subject to some exceptions permitted by law), but may charge an access fee to cover the cost of retrieving the information and supplying it to you.

Complaints

Please contact us (using the contact details at the end of this policy) if you have any concerns or complaints about the manner in which we have collected or handled your personal information.  We will inquire into your complaint and respond to you in writing within 30 days.

If you are not satisfied with our response, you can contact us to discuss your concerns or lodge a complaint with the Australian Information Commissioner (www.oaic.gov.au ).

Contact details and additional information

If you would like more information about our approach to privacy, or if you wish to contact us regarding the information set out in this policy, please contact us by any of the following means during business hours Monday to Friday:

  • by phone on (03) 6333 0166
  • by email at info@vettrak.com.au
  • by post at PO Box 105, Launceston, Tasmania, 7250 AUSTRALIA

Changes to this policy

We may amend this policy from time to time at our discretion. Amended versions will be posted on our website at www.vettrak.com.au.

1 – Application

This data security statement relates to data contained within VETtrak and VETtrak add-on databases in use by customers of VETtrak Pty Ltd (the Company). For the Company’s security and privacy statement in relation to the Company’s website, please see the document titled ‘VETtrak Pty Ltd Website Security and Privacy Statement’.  For details of the Company’s Privacy Policy, please see the document titled ‘VETtrak Privacy Policy’.

2 – Customer Data Security

The data security protocols used by The Company are described below. Protocols are updated from time to time as required and any changes will be reflected in an updated version of this policy (note the version date in the footer of this document).

2.1 – Local Installations

A local installation is where the VETtrak database is located on the customer’s premises or is under their direct control.  For these installations each of the following applies.

  • The security of this data is under the customer’s control and is the customer’s responsibility.
  • Backing-up of the data is under the customer’s control and is the customer’s responsibility.
  • Transmission of data to the Company in relation to technical questions or issues or for any other reason should be undertaken using the utility provided within the Company’s support centre; this will ensure that the transmission occurs across a secure connection.
  • Data sent to the Company will be accessed and used by the Company staff members on a needs basis.
  • Subject to the terms of any applicable end-user licence agreement, data sent to the Company will be deleted within one month of the resolution of the issue / completion of the work or as requested by the client
  • Subject to the terms of any applicable end-user licence agreement, data accessed by the Company’s staff will not be shared, transmitted, made available to non-Company staff or used in any way or for any reason other than being sent back to the client in relation to the resolution of a work request or issue.
  • To enhance security of data, sufficiently complicated passwords should be created by system users and stored safely. The Company is not responsible for any data breach due to customers using easy to guess passwords or default passwords.
  • The Company recommends the maintenance of secure and controlled environment to minimise damage and/or physical interference with hardware.
  • The Company may use customer data in anonymous, aggregated form to produce reports, conduct research and development, run other statistical analysis and for other purposes as may be reasonably required by the Company from time to time.

2.2 – Hosted Installations (data resides on the Company servers)

Under a hosted installation, the VETtrak database is located physically on the Company’s servers within the Company’s premises or other secure premises as utilised by the Company from time to time. The security of this data is under the Company’s control and is the responsibility of the Company.  For these installations each of the following applies (unless otherwise specified in this statement).

  • Subject to the terms of any applicable end-user licence agreement, the Company will seek authorisation from the client organisation before access is made to their database.
  • The Company’s staff will then have access data on a needs basis.
  • Access to data will be only be allowed for the time needed to complete the required task.
  • Subject to the terms of any applicable end-user licence agreement, data accessed by the Company’s staff will not be shared, transmitted, made available to non Company staff or used in any way or for any reason other than being sent back to the client in relation to the resolution of a work request or issue.
  • To enhance security of data, sufficiently complicated passwords should be created by system users and stored safely. The Company is not responsible for any data breach due to customers using easy to guess passwords or default passwords.
  • The Company will perform regular maintenance work using automated scripts to ensure the performance/reliability/security of the data; authorisation for this will be provided by the customer as part of the service agreement and will not be sought each time data is accessed.

2.2.1 – Back-ups – Hosted Clients Only

Under a hosted installation, the Company performs the following:

  • off-site back-ups are performed daily and stored off-site for three weeks;
  • databases are backed-up early in the morning, when there are no users logged on;
  • back-ups are retained onsite for four week; and
  • data back-ups can be provided to customers on request.

2.2.2 – Ownership and Retention of Hosted Client Data

Under a hosted installation:

  • the database hosted by the Company remains the property of the paid-up licensed subscriber (the customer) at all times and a copy of the database is available on request;
  • on termination of the hosting contract, a paid-up subscriber will receive a copy of their database within 24 hours (or longer by arrangement); and
  • The Company may use customer data in anonymous, aggregated form to produce reports, conduct research and development, run other statistical analysis and for other purposes as may be reasonably required by the Company from time to time.

3 – The Company Environment

3.1 – Physical infrastructure

For a hosted installation:

  • servers are physically locked in enclosed server racks which are located in a secure server room within secured premises;
  • servers are environmentally monitored in real time with alerts and messaging facilities
  • server rooms have environmental controls to maintain suitable temperature, humidity and smoke/fire detection; and
  • redundant UPS power systems provide essential power back-up sufficient to ensure critical backup power.

3.2 – Network Security

For a hosted installation:

  • The Company deploys hardware and software firewalls to manage intrusion protection and restrict access consistent with industry standards;
  • long passwords for users are encouraged to be used by Customers to assist in the prevention of brute force and dictionary type attacks;
  • Customers are encouraged to utilise strict user rights management to prevent malicious activity from logged-in users;
  • server and communications hardware connection logs are periodically checked and analysed by the Company for attempted attacks on the system, and additional security measures may be put in place to react to any possible threats;
  • SSL is the preferred method of secure transmission of sensitive information and will be used where technically possible. This is dependent on the same standard being used by both parties to the transmission;
  • Customers are encouraged to maintain subscriptions with major vendors to ensure that all hardware and software is patched at recommended levels.

3.3 – Handling of Security Breaches

Despite best efforts, no method of transmission over the Internet, or method of electronic storage, is perfectly secure. Therefore absolute security cannot be guaranteed. If the Company learns of a material security breach or potential material security breach (in either case being a breach where customer data has been accessed or compromised), an attempt will be made to notify affected users electronically so that appropriate protective steps can be taken. The Company may also post a notice on the Company’s website if a material security breach occurs.

4 – Contact us

The Company welcomes your comments regarding this statement. If you have any questions about this statement and would like further information, please contact us.

Phone: (03) 6333 0166 (Monday to Friday, business hours.)

Post:
PO Box 105
Launceston
Tasmania 7250
Australia

E-mail: info@vettrak.com.au

1 – Application

This document explains how VETtrak Pty Ltd (the Company) collects and secures personal information collected through its website at www.VETtrak.com.au.

By using this website, you agree to be bound by the terms of this statement.  If you do not agree with anything in this statement, please do not use this website.

2 – Our Privacy Policy

The Company is committed to providing the best possible customer service experience. The Company is bound by the Privacy Act 1988, which sets out a number of principles concerning the privacy of individuals.  You agree that information collected through our website is also subject to VETtrak Pty Ltd’s Privacy Policy. For details of the Company’s security policy in relation to customer data collected through our VETtrak software and associated products, please see the document titled ‘VETtrak Pty Ltd Data Security Statement’.

3 – Financial Transactions

When purchasing through the website, your financial details are passed through a secure server using the latest 128-bit SSL (secure sockets layer) encryption technology.

4 – The information we collect through our Website

We collect the following identifying information provided by people who contact the Company via the Company’s website:

  • name and job title
  • contact information including email address, physical and postal address, and telephone numbers
  • information about the training that the person’s organisation delivers.

For each visitor that reaches the Company’s web site, we also collect non-personally identifiable information, including (but not limited to): browser type, version and language, operating system, pages viewed while browsing the site, page access times and referring website address.

Whenever you use our website, or any other website, the computer on which the web pages are stored (the Web server) needs to know the network address of your computer so that it can send the requested web pages to your Internet browser. The unique network address of your computer is called its “IP address,” and is sent automatically each time you access any Internet site. From a computer’s IP address, it is possible to determine the general geographic location of that computer, but otherwise it is anonymous.

We do not keep a record of the IP addresses from which users access our site except where you have specifically provided us with information about yourself, in which case we also record your IP address for security purposes. An example of this would be when proceeding to a checkout to finalise an order you may wish to make. After completing the form provided, your IP address will be stored along with a transaction number that allows us to track your order.

If you do not provide us with the personal information requested of you, we may be unable to respond to your request (except in cases where the provision of that information is optional).

5 – How we use the information collected

We use the information collected through the website to help us understand your needs and provide you with a better service, and in particular for the following reasons:

  • to provide access to customer support features
  • to identify and fill your orders
  • for internal record keeping
  • to improve our products and services
  • to send promotional email messages about new products, special offers or other information which we think you may find interesting using the email address which you have provided
  • to contact you for market research purposes
  • to customise areas of the Company’s website according to your organisation’s needs
  • to produce reports, conduct research and development, run statistical analysis and for other purposes as may be reasonably required by the Company from time to time.

Non-personally identifiable information is used solely internally for the purpose of gauging visitor traffic and trends, helping us to improve our website in order to tailor it to customer needs.

From time to time, we may use customer information for new, unanticipated uses not previously disclosed in our privacy statement. If our information practices change at some time in the future, we will only use data collected from the time of the statement change for these new purposes. Our statement will be duly updated and made available.

6 – Direct Marketing and Contacting You

As indicated above, we may use information about you collected through the website to contact you from time to time, by way of promotional messages about new products, special offers or other information we think you may find interesting or for market research purposes.

You agree that this contact may occur by way of email, phone, fax or mail, using the information we have collected.  You can let us know at any time if you no longer wish to receive any of these communications, by contacting us (using the contact details at the end of this statement, or in accordance with such other instructions as we publish from time to time).  Your consent will be deemed to have been given if you do not opt out when we offer you the opportunity to do so, and will remain current until you advise us otherwise.

7 – Sharing information

The Company is dedicated to keeping your details private.

We do not pass on/sell/swap any of your personal details with anyone unless this is strictly necessary in order to provide the services you have purchased from us.

We may occasionally hire other companies to provide services on our behalf, including but not limited to processing financial transactions, hosting the Company website or VETtrak hosted software solutions. Those companies will be permitted to obtain only the personal information they need to deliver the service. The Company takes reasonable steps to ensure that these organisations are bound by confidentiality and privacy obligations in relation to the protection of your personal information.

8 – Disclosure of personal information to overseas recipients

Depending on the type of personal information we hold about you, we may disclose this information to our third party service providers located in one or more overseas countries.

9 – How information is stored and kept secure

We are committed to ensuring that your information is secure. In order to prevent unauthorized access or disclosure we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the information we collect online. Please see the VETtrak Pty Ltd Data Security Statement for further information.

10 – Use of Cookies

The Company uses cookies to allow you to login to your account. Cookies sent to your computer from the Company only last while you’re browsing our website. We do not store persistent cookies on your computer.

11 – Links to other websites

Our website may contain links to other websites of interest. Once you have used these links to leave our site, you should note that we do not have any control over those other websites. Therefore, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.

12 – Changes to this Statement

The Company reserves the right to make amendments to this this policy relating to web site security and privacy at any time. This statement will be updated to reflect such changes. Subsequent or continuing use of this website will constitute acceptance of any changes.  If you have objections to the changes, you should not access or use the website.

13 – Accessing and Correcting Your Personal Information

You have a right to access your personal information, subject to exceptions allowed by law. The VETtrak Pty Ltd Privacy Policy contains information about how you can gain access to or seek correction of personal information that we hold about you.

14 – Contacting us

The Company welcomes you to contact us regarding this statement or if you have any concerns or questions about the way your personal information is handled. Our Privacy Policy contains information about how you may make a privacy complaint and how we will deal with it. Please contact us by any of the following means during business hours Monday to Friday.

Phone: (03) 6333 0166

Post:      PO Box 105
Launceston
Tasmania 7250
Australia

E-mail: info@VETtrak.com.au