1 Australian Privacy Policy

NTT Security deals with personal information in accordance with the Australian Privacy Principles (APPs) which are contained in the Privacy Act 1988 (Privacy Act) and this privacy policy.

This privacy policy sets out the way in which NTT Security handles personal information.

When used in this privacy policy, the term “personal information” has the meaning given to it in the Privacy Act. Personal information is any information that can be used to personally identify you. This includes such things as your name, address, telephone number, email address and profession or occupation.

1.1 Information we may collect from you

We collect personal information in order to provide our services and solutions, to conduct our business and to improve customer service.

The types of personal information we collect will depend on how you interact with us. Typically, we collect the following personal information:

  • name;
  • title or position;
  • business address;
  • e-mail address;
  • phone number;
  • fax number;
  • information you provide to us through customer surveys, and when you register for NTT Security events and seminars.

We do not normally collect sensitive information about you such as information relating to your health, religion, political beliefs or race. If we do collect sensitive information which is reasonably necessary for the operation of our business functions or activities, we will obtain your consent to do so.

If your organization is a NTT Security client and you do not agree to provide us with your personal information, this may limit our ability to provide our services and solutions to your organization.

1.2 Ways we collect personal information

We collect personal information directly from you unless it is unreasonable or impracticable to do so. We may collect your personal information in the following ways:

  • when you purchase our solutions and services;
  • when we respond to your inquiries and requests;
  • during conversations or email exchanges between you and our representatives;
  • when we obtain feedback from you about our solutions and services;
  • when we conduct our administrative and business functions;
  • when you register for our events, workshops and seminars or subscribe to our mailing lists and newsletters;
  • when we market our solutions and services to you; and
  • through your access and use of our website.

We may at times obtain personal information that relates to you through third parties. Where we do so, we will ask any third parties to confirm in writing that they have legally obtained your personal information and that we have the right to acquire it from them and to use it.

1.3 Uses made of the information

We collect, hold, use and disclose personal information for the following purposes:

  • to provide our services;
  • to send communications;
  • to manage and maintain our business relationships;
  • to respond to inquiries and requests;
  • to improve the services and solutions we provide;
  • to inform you about our services and solutions;
  • to obtain feedback from you on our services and solutions;
  • to provide you with a more personalized experience when they interact with us;
  • to conduct administrative and business functions;
  • to update our records and keep contact details up to date;
  • to enable you to subscribe to our website, newsletters and mailing lists and to register for NTT Security events, workshops and seminars;
  • to assess the performance of our website and to improve its operation;
  • to process and respond to privacy complaints; and
  • to comply with any law, rule, regulation, lawful and binding determination, decision or direction of a regulator, or in co-operation with any governmental authority of any country.

We will not share, sell, rent or disclose your personal information other than as described in this privacy policy.

1.4 Storage and security of personal information

We store personal information to ensure that we can manage and maintain communications with organizations with whom we do business. Contact may be verbal, electronic or written.

We will only store your personal information if it is relevant to your organization conducting business with us. We do not normally store information that is sensitive information.

We take all reasonable precautions to ensure that personal information is protected from misuse, interference, loss, unauthorized access, modification or disclosure using a combination of physical, administrative and technical safeguards. We hold personal information in either paper-based records in secure access controlled premises or in electronic form in databases and email files which require logins and passwords. NTT Security personnel are also contractually bound by confidentiality obligations.

NTT Security’s website is linked to the internet, and as the internet is inherently insecure, we cannot provide any assurance regarding the security of transmission of information you communicate to us online. We also cannot guarantee that the information you supply will not be intercepted while being transmitted over the internet. Accordingly, any personal information or other information which you transmit to us online is transmitted at your own risk.

If your personal information is no longer needed, we will take reasonable steps to either delete it from our systems or de-identify it, except where NTT Security is required by law or a court/tribunal order to retain the information.

1.5 Disclosure of your information

We may disclose your personal information to our employees and related bodies corporate for the purposes set out in section 1.3 above.

We may combine or share any information that we collect from you with information collected by any of our related bodies corporate.

We may also disclose your personal information to:

  • contractors, suppliers and other third parties with whom we have a commercial relationship for business, marketing, and related purposes; and
  • any organization for any authorized purpose with your express consent.

Except as set out above, NTT Security will only disclose personal information if this is required by law or a court/tribunal order or otherwise permitted under the Privacy Act.

We may also disclose personal information to our related bodies corporate based overseas for the purposes listed in section 1.3 above. For more information about NTT Security, please visit this web site: https://www.nttsecurity.com/about/about-NTT-Security

Our services are delivered on a multi-country basis which may require us to disclose your personal information to related bodies corporate, suppliers and service providers located outside Australia including Japan, India and the USA for some of the purposes set out in section 1.3 above.

We will take steps to contractually ensure that overseas recipients of your personal information provide a level of protection for your personal information which is equivalent to the APPs.   However we advise that personal information may be disclosed to entities in countries which have a lower standard of protection of personal information than enjoyed in Australia.  By using our services you accept this.

1.6 Marketing

We may send you direct marketing communications and information about our services and solutions that we consider may be of interest to you.

We may send communications in various forms, including mail, SMS and email, in accordance with applicable laws, such as the Spam Act 2003 (Cwth). You consent to us sending you those communications by any of those methods. If you indicate a preference for a method of communication, we will use reasonable endeavours to use that method whenever practical to do so.

If you do not wish to receive electronic communications from us, you may opt-out of receiving them by contacting us using the contact details set out at the end of this privacy policy or by using the opt-out mechanisms provided in those communications. We will then remove your name from our mailing list.

We do not provide your personal information to other organizations for the purposes of direct marketing.

1.7 Access and correction of personal information

We will take all reasonable steps to ensure that the personal information we hold about you is accurate, up to date and complete.

You may request access at any time to personal information that we hold about you and we will give you access in the manner that you request where it is reasonable and practicable to do so, except where we deny access as permitted by the Privacy Act.

For example, we may need to refuse access if granting access would interfere with the privacy of others, is unlawful or would result in a breach of confidentiality.

You may also request that we correct your personal information when it is inaccurate, incomplete or out of date.

If you wish to access or correct your personal information, please send a written request to our Privacy Officer at [email protected]. Our Privacy Officer will respond to your request within 30 days after you make the request.

If we deny your request for access to or correction of your personal information, we will provide you with written reasons for refusing your request and the mechanisms available to you to complain about our refusal.

1.8 Complaints related to breaches of privacy

If you have concerns about how your personal information is being handled by NTT Security or you wish to make a complaint about a breach of the APPs by NTT Security, please send your complaint in writing to the Privacy Officer at [email protected].

The Privacy Officer will respond to you in writing within 30 days of receiving your complaint, setting out what action NTT Security will take as a result of your complaint or alternatively providing an explanation to you if there has been no breach of the law.

1.9 Using our website

When you access our website, we may send a “cookie” (which is a small summary file containing a unique ID number) to your computer. This enables us to recognize your computer and greet you each time you visit our website without bothering you with a request to register. We use cookies to measure traffic patterns and to determine which areas of our website have been visited. If you do not wish to receive cookies, you can set your browser so that your computer does not accept them.

Any activity you participate in on our website may be monitored. We may log IP addresses (that is, the electronic addresses of computers connected to the internet) to analyse trends, administer the website, track users movements, and gather broad demographic information. We do not use cookies to track your internet activity before or after you leave the NTT Security environment.

1.10 Changes to our privacy policy

We may change this privacy policy from time to time. Any updated versions of this privacy policy will be posted on our Australian webpage. Please review it regularly.

This privacy policy was last updated on 4th June, 2018.

1.11 Contact

Questions, comments, complaints and requests regarding this Privacy Policy are welcomed and should be addressed to:
telephone: +61 (0)2 8437 9900
email: [email protected]
mail:
Atten: Office of CISO.  
NTT Security (Australia) Pty Ltd, 141 Walker Street, Level 7, North Sydney, NSW 2060

You also have a right to lodge a complaint with the Office of the Australian Information Commissioner (OAIC) however we recommend you contact us before doing so as we may be able to resolve any issues with you directly in a more efficient manner.  Information about the OAIC can be found on OAIC’s website www.oaic.gov.au, and their  contact details are:
telephone: 1300 363 992 
email: [email protected]
mail: GPO Box 5218, Sydney NSW 2001