Privacy Policy

 

General

Odin Pass Pty Ltd ACN 645 882 604 and its related bodies corporate (referred to in this document as MDI, we, us or our) may collect, use and disclose your personal information via the Odin Pass App (App) and/or Odin Pass (Website) available at https://www.odinpass.com.au/ and/or Odin Pass Customer Support Portal (Support Portal) available at https://support.odinpass.com.au/ (together the Platform) and other means.

In this document, we use the term ‘Users’ to refer to individuals who use the Platform to access transportation services and we use the term ‘Suppliers’ to refer to key representatives from businesses who provide us with goods and services.  In some circumstances, you may belong to more than one of these groups, and multiple sections of this document will then apply to you.

Privacy Collection Statement

Generally, we collect personal information directly from you via your interactions with us. There may be occasions where we collect personal information about you from third parties, such as from The University of Queensland during onboarding you to the App, where another key representative from the same business provides us with your personal information.

We collect, use, and disclose your personal information for the purposes of providing information, goods and services to you or someone else on your behalf, facilitating our internal business operations, and providing you with information about other goods and services that may be of interest to you.

If you choose not to provide the personal information requested, or it’s incomplete or inaccurate, we may not be able to provide you with the information, goods and services you are seeking.

We disclose your personal information to our workers and consultants who assist us in operating our business, third parties to whom you have agreed we may disclose your information, or as otherwise required or authorised by law.  Your personal information will also be disclosed to third party service providers who assist us in operating our business and providing you with information, goods, and services, some of whom are located overseas, such as Freshdesk and Xero who are located in the United States and New Zealand respectively, and Skedgo who are based in Australia but use backup servers in Singapore.  We have taken reasonable steps to ensure these third parties have appropriate security for your personal information.

More detailed information is set out below about:

–           the types of personal information we collect from you (‘Types of information collected’ )

–           the way we use and disclose your personal information (‘Use and disclosure’ )

–           how we secure your personal information (‘Security’)

–           how you can access and correct that information (‘Access and correction’); and

–           how you can make a complaint about a breach of privacy (‘Complaints and feedback’).

If you would like to contact us about anything in this privacy collection statement, our contact details are set out below (‘Complaints and feedback’).

 

General

To the extent the Privacy Act 1988 (Cth) (Privacy Act), and the Australian Privacy Principles (APPs) govern the way in which we must manage personal information, this policy sets out how we collect, use, disclose and otherwise manage personal information about customers, suppliers, and users.

Collection

Types of information collected

We may collect and hold personal information about you (that is, information that can identify you) that is relevant to our functions and activities.  The kinds of information we collect from you depends on our relationship with you.  For all individuals we deal with, we may collect your name and other information relevant to providing you with the information, goods and services you are, or someone else on your behalf is, seeking.

If you are a User: we will generally also collect information such as your email address (if signing up to our newsletter), IP address, geographical location, browser type, usage data, user preferences, date and time of visit (if using our Website), and information available to us on your social media account (if interacting with us via social media).

If you are a Supplier: we will also collect your business email, business address, business phone number, and role.  If you are a sole trader, we will also collect your ABN, and payment details to enable us to pay you (if applicable).

We are not likely to collect any sensitive information about you unless you consent to the collection and it is reasonably necessary for the performance of our functions and activities, or otherwise required or authorised by law.  Consent may be implied by the circumstances existing at the time of collection (such as if you voluntarily disclose sensitive information to us).

Method of collection

We will generally collect personal information directly from you through a variety of avenues, including via the App, our Website, our Support Portal, emails, phone, in person, and social media accounts.

If we receive unsolicited information about you that we did not request and which is not directly related to our functions or activities, we may be required to destroy or de-identify that information, providing it is lawful and reasonable to do so.

Purpose of collection

The personal information we collect and hold about you depends on your interaction with us.  Generally, we collect, use, and hold your personal information if it is reasonably necessary for or directly related to the performance of our functions and activities and for the purposes of:

(a)         providing information, goods and services to you or someone else on your behalf;

(b)         facilitating our internal business operations, including:

(i)           establishing our relationship with you;

(ii)          maintaining and managing our relationship with you and communicating with you in the ordinary course of that relationship;

(iii)         the fulfilment of any legal requirements;

(iv)        analysing our business operations, goods and services with a view to developing new or improved goods and services or business operations;

(v)          de-identifying personal information for research and data analytics (de-identified information may or may not be aggregated);

(vi)         contacting you to provide a review or testimonial for us; and

(vii)        providing you with information about other goods and services that we or our related entities and other affiliated organisations
offer that may be of interest to you.

Internet users

Our Website may contain links to other websites.  We are not responsible for the privacy practices of linked websites and linked websites are not subject to our privacy policies and procedures.

Our Website uses cookies.  The main purpose of cookies is to identify users and to prepare customised web pages for them.  Cookies do not identify you personally, but they may link back to a database record about you.  We use cookies to monitor usage of our Website and to create a personal record of when you visit our Website and what pages you view so that we may serve you more effectively.

Use and disclosure

Generally, we only use or disclose personal information about you for the purposes for which it was collected (as set out above).  We may disclose personal information about you to:

(a)         our employees, contractors and consultants (workers), agents, and other parties who require the information to assist us with facilitating our internal business processes, providing you with information, goods and services, and with establishing, maintaining, managing, or ending our relationship with you;

(b)         The University of Queensland (UQ), to verify you are a UQ staff member or student, and for UQ’s further research purposes;

(c)          third party service providers who assist us in operating our business and providing you with information, goods and services (including transport service providers, IT and technology service providers, insurers, and professional advisers such as lawyers, accountants, and auditors);

(d)         third parties to whom you have agreed we may disclose your information or where the information was collected from you for the purposes of passing it on to the third party; and

(e)         any other entity as otherwise permitted or required by law.

In addition, personal information about you may be disclosed to Google Analytics for Firebase, in which case it will be used in accordance with their privacy policy, available at https://firebase.google.com/policies/analytics.  In particular, we use the Firebase console to send notification messages.  Users can opt-out of the Google Analytics for Firebase features we use, through the advertising settings available on their device.

We may expand or reduce our business and this may involve the sale and/or transfer of control of all or part of our business.  Personal information, where it is relevant to any part of the business for sale and/or transfer, may be disclosed to a proposed new owner or newly controlling entity for their due diligence purposes, and upon completion of a sale or transfer, will be transferred to the new owner or newly controlling party to be used for the purposes for which it was provided.

Sensitive information is only used and disclosed for the purposes for which it was collected, unless your further consent is obtained or otherwise as permitted or required by law.

Security

We store your personal information in different ways, including in paper and electronic form.  The security of your personal information is important to us.  We take all reasonable measures to ensure that your personal information is stored safely to protect it from interference, misuse, loss, unauthorised access, modification or disclosure, including electronic and physical security measures.

Personal information collected is hosted on third party data servers, which may be located outside Australia.  We take reasonable steps to ensure any third party data storage suppliers we partner with have appropriate cyber and physical security controls in place.

Where personal information held by us is no longer necessary for our operations, we endeavour to delete it or have it permanently de-identified, subject to specific laws in respect of data retention.

Access and correction

You may access the personal information we hold about you by making a written request.  We will respond to your request within a reasonable period.  We may charge you a reasonable fee for processing your request (but not for making the request for access).  For security reasons, you will be required to put your request in writing and provide proof of your identity.

It is essential that the information contained in our records is accurate, complete, and up to date.  If, upon receiving access to your personal information or at any other time, you believe the personal information we hold about you is inaccurate, incomplete or out of date, please notify us immediately.  We will take reasonable steps to correct the information so that it is accurate, complete and up to date.

If we refuse to correct your personal information, we will give you a written notice that sets out our reasons for our refusal (unless it would be unreasonable to provide those reasons), including details of the mechanisms available to you to make a complaint.

Complaints and feedback

If you have any queries or concerns about our privacy policy or the way we handle your personal information, or you wish to make a complaint about a breach of the Privacy Act, the APPs, or a privacy code that applies to us please contact us using the details below and we will take reasonable steps to investigate the complaint and respond to you.

Address:           C/o HLB Mann Judd, Level 15, 66 Eagle Street, Brisbane City 4000

Email:               support@odinpass.com.au

Website:           https://www.odinpass.com.au/

For more information about privacy in general, you can visit the Office of the Information Commissioner’s website at www.oaic.gov.au.

If after this process you are not satisfied with our response, you can submit a complaint to the Office of the Information Commissioner, Australia.  To lodge a
complaint, visit the ‘Complaints’ section of the Information Commissioner’s website, located at http://www.oaic.gov.au/privacy/privacy-complaints, to obtain the relevant complaint forms, or contact the Information Commissioner’s office.

Changes and updates

We reserve the right to review, amend and/or update this policy from time to time.  If further privacy legislation and/or self-regulatory codes are introduced or our privacy policy is updated, we will summarise any substantial modifications or enhancements in this section.