About SISS Data Services
Our Role in Managing your Data
SISS acts as a gateway to pass through Data you have authorised from a financial institution to send to a nominated 3rd party, such as your accountant, financial planner, software application or secure platform. Together with your financial institution, we act in accordance with the explicit consent (instructions) you provide us, to only share your Data to parties you have nominated in a safe and secure way.
Data Governance Policy
The way in which we store, process, transmit and remove your Data is defined in our Data Governance Policy(“DGP”).
SISS is domiciled in Australia and governed by relevant Federal, State and local laws regarding the receiving, storage and transmission of your Data.
What is your personal information?
When used in this policy, the term “Personally Identifiable Information” (PII) or personal information has the meaning given to it in applicable legislation. In general terms, it is any information that can be used to personally identify you. This may include your name, address, telephone number, email address and profession or occupation. If the information we collect about you personally identifies you, or you are reasonably identifiable from it, the information will be considered personal information.
What is Consent to share your Data?
Consent is the formal process of notifying your financial institution and SISS of the Data and personally identifiable information you are prepared to share with a nominated party, who you authorise us to share your Data and personal information with and on the terms you wish to share your Data and personal information.
The consent process will usually take the form of completing a form or other type of formal written notification which you will provide to your financial institution and SISS.
What personal information do we collect and hold?
We may collect the following types of personal information:
- mailing or street address;
- email address;
- telephone number;
- age or birth date;
- your employment-related information if you apply for a position with us;
- profession, occupation or job title;
- details of the products or services you have purchased from us, together with additional information necessary to deliver those products and services;
- details about you or your business which you may give us as a result of any of our compliance or due diligence procedures;
- any additional information relating to you that you provide to us directly through our websites, products or platforms, or indirectly through the use of our websites or online presence, through our representatives or otherwise;
- information you provide to us through questionnaires, surveys or discussions with our personnel from time to time.
We may also collect some information that is not personally identifiable information because it does not identify you or anyone else.
How do we collect your Personally Identifiable Information (PII)?
There are 2 ways we collect personal information about you.
- Personal information collected directly from you when it is provided voluntarily by you.
- Personal Information provided to us from your Financial Institution where consent has been provided by you.
What type of personal information we might collect?
We may collect your personal information in a number of ways including:
- through your access and use of our websites, products and platforms (including any online compliance platform);
- when you fill in a consent form
- when you buy a product or service from us;
- when you apply for a position with us;
- during conversations between you and our personnel.
- When a financial institution sends us information about you.
When you visit our websites, platforms and download information from them, our Internet Service Provider (ISP) makes a record of your visit and records the following information:
- your Internet address;
- your domain name, if applicable; and
- the date and time of your visit to the website.
Our ISP also collects information such as the pages our users access, the documents they download, links from other sites they follow to reach our site, and the type of browser they use. However, this information is anonymous and is only used for statistical and website development purposes.
Our web servers gather your IP address to assist with the diagnosis of problems or support issues with our services. Again, information is gathered in aggregate only and cannot be traced to an individual user.
Credit Card Details
Unless for the purpose of making payment on a service we provide to a customer or client, SISS does not receive, store or transmit credit card (PAN) numbers.
Where you have provided explicit consent for your financial institution to send your credit card data to SISS, we will not accept the credit card number (PAN) from your financial institution.
Cookies and Applets
If you do not wish to receive cookies, you can set your browser so that your computer or mobile device does not accept them.
What happens if we can’t collect your personal information?
If you do not provide us with the personal information described above, some or all of the following may happen:
- we may not be able to provide the requested products or services to you or your nominated 3rd party
- we may not be able to enter into an agreement for services with your 3rd party
- if you are applying for a position with us, we may be unable to consider your application for a position.
For what purposes do we collect, hold, use and share your personal information?
We collect personal information about you so that we can perform our business activities and functions, comply with our legal, regulatory and contractual obligations, and to provide our products and services to you.
We collect, hold, use and share your information for the following purposes:
- to provide products and services to you and to send communications requested by you;
- to answer enquiries and provide information or advice about existing or new products and services;
- to assess the performance of our website and services and to improve the operation of our website and provision of services;
- to conduct business processing functions including providing personal information to our related bodies corporate, contractors, service providers or other third parties;
- for our administrative, marketing
- to update our records and keep your contact details up to date;
- if you have applied for a position with us, to evaluate your application;
- to comply with our contractual obligations;
- to comply with any law, rule, regulation, lawful and binding determination, decision or direction of a regulator, or in cooperation with any governmental authority of any country.
To whom may we disclose your information?
We only disclosure your information, personal or otherwise where you have provided explicit consent to do so, and we limit the Data access only to what is needed.
We may disclose your personal information to:
- our employees, related bodies corporate, contractors or service providers for the purposes of operation of our website or business, fulfilling requests by you, and to otherwise provide services and products to you including, without limitation, web hosting providers, IT systems administrators, couriers, payment processors, data entry service providers, debt collectors and professional advisers such as accountants, solicitors, business advisers and consultants;
- suppliers, service providers and other third parties with whom we have commercial relationships, for business, marketing and related purposes;
- any organisation for any authorised purpose with your express consent; and
- any government authority or regulator as required to comply with any law or regulation.
SISS does not engage in direct marketing.
We strive to ensure the security, integrity and privacy of personal information submitted to our sites, and we review and update our security measures in light of current technologies. Unfortunately, no Data transmission over the Internet can be guaranteed to be totally secure.
However, we will endeavour to take all reasonable steps to protect the personal information you may transmit to us or from our online products and services. Once we do receive your transmission, we will also make our best efforts to ensure its security on our systems.
In addition, our employees and the contractors who provide services related to our information systems are obliged to respect the confidentiality of any personal information held by us. However, we will not be held responsible for events arising from unauthorised access to your personal information.
Withdrawal of Consent
At any time you can withdraw your consent to share your data or personal information. This can be done by notifying the financial institution that you have provided the consent to, or the 3rd party you authorised us to share your Data or personal information with.
Access to Information
We will endeavour to take all reasonable steps to keep secure any information which we hold about you, and to keep this information accurate and up to date. If, at any time, you discover that information held about you is incorrect, you may contact us to have the information corrected.
In addition, our employees and the contractors who provide services related to our information systems are obliged to respect the confidentiality of any personal information held by us.
Links to other sites
We may provide links to Web sites outside of our web sites, as well as to third party Web sites. These linked sites are not under our control, and we cannot accept responsibility for the conduct of companies linked to our website. Before disclosing your personal information on any other website, we advise you to examine the terms and conditions of using that Web site and its privacy statement.
Problems or questions
If you believe your privacy has been breached, please contact our Privacy Officer using the contact information below and provide details of the incident so that we can investigate it.
We request that complaints about breaches of privacy be made in writing, so we can be sure about the details of the complaint. We will attempt to confirm as appropriate and necessary with you your understanding of the conduct relevant to the complaint and what you expect as an outcome. We will inform you whether we will conduct an investigation, the name, title and contact details of the investigating officer and estimated completion date for the investigation.
For more information about privacy issues in Australia and protecting your privacy, visit the Australian Federal Privacy Commissioner’s web site; http://www.privacy.gov.au/
Further information regarding privacy
Email (preferred): email@example.com
Phone: (02) 9299 4547
Fax: (02) 9439 4663
Post: Privacy & Security Officer,
Locked Bag 3060, Crows Nest, Sydney NSW 1585
We may change this policy from time to time. Any updated versions of this policy will be posted to our website. Please review it regularly.