Odin Pass Pty Ltd ACN 645 882 604 and its related bodies corporate (referred to in this document as MDI, we, us or our) may collect, use and disclose your personal information via the Odin Pass App (App) and/or Odin Pass (Website) available at https://www.odinpass.com.au/ and/or Odin Pass Customer Support Portal (Support Portal) available at https://support.odinpass.com.au/ (together the Platform) and other means.
In this document, we use the term ‘Users’ to refer to individuals who use the Platform to access transportation services and we use the term ‘Suppliers’ to refer to key representatives from businesses who provide us with goods and services. In some circumstances, you may belong to more than one of these groups, and multiple sections of this document will then apply to you.
In this document, we also use the term ‘Approved Customer Cohorts to refer to
the entities detailed in the Annexure of our End User Licence Agreement
(available at https://odinpass.com.au/op-eula-odin-pass-july-2022/),
which may be updated from time to time.
To the extent the Privacy Act 1988 (Cth) (Privacy Act), and the Australian Privacy Principles (APPs) govern the way in which we must manage personal information, this policy sets out how we collect, use, disclose and otherwise manage personal information about customers, suppliers, and users.
Types of information collected
We may collect and hold personal information about you (that is, information that can identify you) that is relevant to our functions and activities. The kinds of information we collect from you depends on our relationship with you. For all individuals we deal with, we may collect your name and other information relevant to providing you with the information, goods and services you are, or someone else on your behalf is seeking.
If you are a User: we will generally also collect information such as your email address (if signing up to our newsletter), IP address, geographical location, browser type, usage data, user preferences, date and time of visit (if using our Website), and information available to us on your social media account (if interacting with us via social media).
If you are a Supplier: we will also collect your business email, business address, business phone number, and role. If you are a sole trader, we will also collect your ABN, and payment details to enable us to pay you (if applicable).
We are not likely to collect any sensitive information about you unless you consent to the collection and it is reasonably necessary for the performance of our functions and activities, or otherwise required or authorised by law. Consent may be implied by the circumstances existing at the time of collection (such as if you voluntarily disclose sensitive information to us).
Method of collection
We will generally collect personal information directly from you through a variety of avenues, including via the App, our Website, our Support Portal, emails, phone, in person, and social media accounts.
If we receive unsolicited information about you that we did not request and which is not directly related to our functions or activities, we may be required to destroy or de-identify that information, providing it is lawful and reasonable to do so.
Purpose of collection
The personal information we collect and hold about you depends on your interaction with us. Generally, we collect, use, and hold your personal information if it is reasonably necessary for or directly related to the performance of our functions and activities and for the purposes of:
(a) providing information, goods and services to you or someone else on your behalf;
(b) facilitating our internal business operations, including:
(i) establishing our relationship with you;
(ii) maintaining and managing our relationship with you and communicating with you in the ordinary course of that relationship;
(iii) the fulfilment of any legal requirements;
(iv) analysing our business operations, goods and services with a view to developing new or improved goods and services or business operations;
(v) de-identifying personal information for research and data analytics (de-identified information may or may not be aggregated);
(vi) contacting you to provide a review or testimonial for us; and
(vii) providing you with information about other goods and services that we or our related entities and other affiliated organisations
offer that may be of interest to you.
Our Website may contain links to other websites. We are not responsible for the privacy practices of linked websites and linked websites are not subject to our privacy policies and procedures.
Use and disclosure
Generally, we only use or disclose personal information about you for the purposes for which it was collected (as set out above). We may disclose personal information about you to:
(a) our employees, contractors and consultants (workers), agents, and other parties who require the information to assist us with facilitating our internal business processes, providing you with information, goods and services, and with establishing, maintaining, managing, or ending our relationship with you;
(b) the relevant Approved Customer Cohort to verify that you fall with that Approved Customer Cohort;
(c) to transport service providers who may provide services to you or whose services may be referred to through use of our service (and this information may include location information to allow identification of appropriate transport services and performance of the relevant transport services);
(d) The University of Queensland (UQ) for UQ’s further research and analysis purposes;
(e) the Queensland Department of Main Roads (TMR) for TMR’s further research and analysis purposes;
(f) to other Approved Customer Cohorts or other third parties for further research and analysis purposes but only on an aggregated, de-identified basis;
(g) third party service providers who assist us in operating our business and providing you with information, goods and services (including IT and technology service providers, insurers, and professional advisers such as lawyers, accountants, and auditors);
(h) third parties to whom you have agreed we may disclose your information or where the information was collected from you for the purposes of passing it on to the third party; and
(i) any other entity as otherwise permitted or required by law.
We may expand or reduce our business and this may involve the sale and/or transfer of control of all or part of our business. Personal information, where it is relevant to any part of the business for sale and/or transfer, may be disclosed to a proposed new owner or newly controlling entity for their due diligence
purposes, and upon completion of a sale or transfer, will be transferred to the new owner or newly controlling party to be used for the purposes for which it was provided.
Sensitive information is only used and disclosed for the purposes for which it was collected, unless your further consent is obtained or otherwise as permitted or required by law.
We store your personal information in different ways, including in paper and electronic form. The security of your personal information is important to us. We take all reasonable measures to ensure that your personal information is stored safely to protect it from interference, misuse, loss, unauthorised access, modification or disclosure, including electronic and physical security measures.
Personal information collected is hosted on third party data servers, which may be located outside Australia. We take reasonable steps to ensure any third party data storage suppliers we partner with have appropriate cyber and physical security controls in place.
Where personal information held by us is no longer necessary for our operations, we endeavour to delete it or have it permanently de-identified, subject to specific laws in respect of data retention.
Access and correction
You may access the personal information we hold about you by making a written request. We will respond to your request within a reasonable period. We may charge you a reasonable fee for processing your request (but not for making the request for access). For security reasons, you will be required to put your request in writing and provide proof of your identity.
It is essential that the information contained in our records is accurate, complete, and up to date. If, upon receiving access to your personal information or at any other time, you believe the personal information we hold about you is inaccurate, incomplete or out of date, please notify us immediately. We will take reasonable steps to correct the information so that it is accurate, complete and up to date.
If we refuse to correct your personal information, we will give you a written notice that sets out our reasons for our refusal (unless it would be unreasonable to provide those reasons), including details of the mechanisms available to you to make a complaint.
Complaints and feedback
Address: C/o HLB Mann Judd, Level 15, 66 Eagle Street, Brisbane City 4000
For more information about privacy in general, you can visit the Office of the Information Commissioner’s website at www.oaic.gov.au.
If after this process you are not satisfied with our response, you can submit a complaint to the Office of the Information Commissioner, Australia. To lodge a
complaint, visit the ‘Complaints’ section of the Information Commissioner’s website, located at http://www.oaic.gov.au/privacy/privacy-complaints, to obtain the relevant complaint forms, or contact the Information Commissioner’s office.
Changes and updates