Contact Us

Phone
(03) 9372 7488

Email
info@ttsassociates.com.au

Address
300 Mount Alexander Rd, Travancore VIC 3032

Online Enquiry

* Required fields

Privacy Policy

The Privacy Policies and Procedures implemented by TTS extend to and cover all operations and functions of the organisation. All directors, management, employees, contractors, sub-contractors, vendors, service providers, customers, agents or any other third parties that have access to and/or utilise personal information collected and/or held by TTS must abide by these Privacy Policies and Procedures.

The objectives of these Privacy Policies and Procedures are to ensure that a sound privacy foundation and framework is established and maintained by TTS. {Privacy Policies are defined as the broad statements describing required privacy objectives and incorporate the 'National Privacy Principles'. Privacy Procedures are defined as the measures intended to ensure that the Privacy Policies or objectives are properly met.


Ownership

All personal information collected, held or shared by TTS must be done so in accordance with its Privacy Policies and Procedures. TTS retains the right to take reasonable steps to ensure that its Privacy Policies and Procedures are properly adhered to.

For every operation or function of TTS where personal information is collected, an appropriate person or owner must be appointed and be responsible for ensuring compliance with these Privacy Policies and Procedures.


Responsibilities

It is the responsibility of management to inform employees and other relevant parties that Privacy Policies and Procedures are established, maintained and enforced. Management must ensure that they periodically advise TTS employees and other relevant parties of any changes or any new Privacy Policies and Procedures in a timely manner.

It is the responsibility of all employees and other relevant parties to ensure that they understand and adhere to all Privacy Policies and Procedures implemented by TTS and that they maintain up-to-date knowledge of changes or any new Privacy Policies and Procedures.

Ignorance of the existence of any Privacy Policies or Procedures will not be an acceptable excuse for non-compliance.


Privacy Training

All new employees must be provided with timely and appropriate access to TTS Privacy Policies and Procedures. All employees must be provided with opportunities to attend appropriate and periodic Privacy awareness training and must ensure that they understand the Privacy related issues that could adversely affect TTS position if not properly adhered to.


Non-compliance & Disciplinary Actions

Any TTS employee or relevant third party that identifies, knows about or suspects a Privacy breach must immediately report the matter to management.

Employees or other relevant parties that contravene or do not comply with TTS Privacy Policies and Procedures may be subject to disciplinary action.


Incidents / Complaints Handling

TTS must have an effective incidents/complaints handling process in place to manage privacy risks and issues. The incidents/complaints handling process must:

  • Identify (and address) any systemic/ongoing compliance problems;
    • Increase consumer confidence in TTS privacy procedures; and
    • Help build and preserve TTS reputation and business.

Contractual Arrangements

TTS must ensure that all contractual arrangements with third parties adequately address privacy issues


Information Classifications

All TTS data and personal information must be classified and secured according to its level of sensitivity.

Note: Employee records are exempt from the Privacy Legislation if TTS is or has been an employer of the individual in question and the act or practice is directly related to:

  • A current or former relationship between the employer and the individual; and
  • An employee record held by the organisation and relating to the individual

However, this exemption does not apply to:

  • Contractors;
  • Sub-contractors; or
  • Prospective employees

Privacy Audits

TTS must conduct periodic privacy audits in order to ascertain:

  • What sort of personal / sensitive information is collected and held;
  • How the information is collected;
  • What the reasons are for collection of that information;
  • Where and how that information is stored;
  • How the information is secured;
  • Who has access to that information;
  • Whether that information is shared with anyone;
  • Whether the intended use of collection is communicated; and
  • Whether that information is current and necessary

Offshoring

Some of the information collected by us may be disclosed to employees or contractors of TTS & Associates outside of Australia. You consent to your information being disclosed to a destination outside Australia for this purpose, including and not limited to Cebu, Philippines and you understand and acknowledge that Australian Privacy Principle 8.1 will not apply to such disclosures of your personal information.


Privacy Statements

The statements and/or comments that are either required to be or are made about privacy or privacy related issues must be done so with regard to TTS Privacy Policies and Procedures.

Collection (NNP 1)
Collection of personal information by TTS must be fair, lawful and not intrusive. A person must be told our organisation’s name, the purpose of collection, that the person can get access to their personal information and what happens if the person does not give the information.

Use and Disclosure (NPP 2)
TTS should only use or disclose information for the purpose for which it was collected unless, the person has consented, or the secondary purpose is related to the primary purpose and a person would reasonably expect such use or disclosure, or the use is for direct marketing in specified circumstances, or in circumstances related to the public interest such as law enforcement and public or individual health and safety.

Data Quality (NPP 3)
TTS must take reasonable steps to make sure that the personal information it collects, uses or discloses is accurate, complete and up-to-date.

Data Security (NPP 4)
TTS must take reasonable steps to protect the personal information it holds from misuse and loss from unauthorised access modification or disclosure.

Openness (NPP 5)
TTS must have a policy document outlining its information handling practices and makes this available to anyone who asks.

Access and Correction (NPP 6)
Generally speaking, TTS & must give an individual access to personal information it holds about that individual on request.

Identifiers (NNP 7)
Generally speaking, TTS & must not adopt, use or disclose an identifier that has been assigned by a Commonwealth government “agency”.

Anonymity (NNP 8)
TTS must give people the option to interact anonymously whenever it is lawful and practicable to do so.

Transborder Data Flows (NNP 9)
TTS can only transfer personal information to a recipient in a foreign country in circumstances where the information will have appropriate protection.

Sensitive Information (NNP 10)
TTS must not collect sensitive information unless the individual has consented, it is required by law – or in other specified circumstances, for example, relating to health services provision and individual or public health or safety.