Login Systems P/L (Login) is committed to protecting the confidentiality of our Client and Employee information and is dedicated to ensuring that personal information provided to us is protected against misuse.
We fully comply with our obligations under the Privacy Act 1988 and Privacy Amendment (Private Sector) Act 2000 and have created procedures which protect customer privacy regarding the collection, storage and disclosure of personal information.
Collection and Use of Personal Information
Login collects personal information which tends to fall into the following categories:
- Employee personal information (ie. name, contact details, education, work history) which is obtained from the Employee and other sources in connection with employment applications;
- work performance information and
- information gained in order to assist in managing our client and other professional relationships
- identify our customers, potential customers and their representatives;
- inform you or others of any technology solutions we think may be of interest to you or them;
- inform you or others about our products and services and the benefits of using our products and services;
- provide you or others with information about offers or other benefits that may become available;
- seek your opinion or comments about our products and services;
- carry out billing and/or debt recovery activities;
- carry out our management, administrative, quality assurance and complaint handling activities in a professional and efficient manner;
- deliver customer service and resolve problems our customers may experience with their information technology systems and networks;
- consider the suitability of potential employees for employment opportunities; and
- develop and implement solutions to improve our products and services.
How we collect personal information
Generally, we collect an individual’s personal information from that individual. For example we collect personal information when you make an enquiry about our products and services via our website, or when you order hardware or software products through our Online Tech Store.
However, occasionally we may also collect personal information from someone other than the individual. For example, we may collect your information from an existing customer, when they tell us that you may be interested in our products or services, or from companies with whom you work, other organisations with whom you have dealings, information service providers or from publicly maintained records.
How we store personal information
Access to personal information is limited to those of our personnel who specifically need it to carry out their business responsibilities.
We take all reasonable steps to keep secure any personal information which we hold about you and to protect your personal information from loss, misuse or unauthorised alteration. Any personal information you provide to us, or collected from you, electronically is stored on secure servers and encrypted where required under the Data Retention Law. Our employees are contractually bound to respect the confidentiality of any personal information held by us. We also maintain physical security procedures to manage and protect the use and storage of records containing personal information.
To help us protect your privacy, you must maintain the secrecy of the access credentials (i.e. user name and password) you use to access and use our website.
Access and Correction
We use and disclose the personal information we collect for the purposes indicated above, and for other secondary purposes.
We usually disclose the personal information we collect to our related entities and to third party service providers and contractors, who help us supply our products and services. For example, we may disclose personal information to technology vendors, to help resolve technical problems, or to third party contractors to install equipment on site.
We may be required, as a result of contractual or statutory obligations, to disclose personal information we collect to auditors, who conduct audits of our business and services, or to government agencies, like the Australian Prudential Regulation Authority or to authorised agencies under the Data Retention Law.
Except where indicated above, we will not use or disclose personal information unless:
- the individual concerned has consented to the use and disclosure;
- the third party is a person involved in a dealing or proposed dealing (including a sale) of all or part of our assets and business;
- the third party is your creditor, banker or financier; or
- the disclosure is permitted, required or authorised by or under law.
Customers (client/business contacts) are able to elect not to receive promotional or marketing material from Login at any time. Please contact our Privacy Officer to arrange to be removed from our database.
Our website does not collect any personal information from users.
As with most websites, we are able to track usage patterns, however we are unable to obtain your identity from this information; it is used for statistical purposes only.
The information recorded includes:
- your internet provider;
- the pages accessed;
- the referring sites and
- the date and hour of your visit.
One of the primary purposes of cookies is to provide a convenience feature to save you time. The purpose of a cookie is to tell the web server that you have returned to a specific page. For example, if you register with Login Systems, a cookie helps Login IT website to recall your specific information on subsequent visits. This simplifies the process of recording your personal information, such as billing addresses, shipping addresses, and so on. When you return to the same Login IT website, the information you previously provided can be retrieved, so you can easily use Login systems IT website features that you customised.
You have the ability to accept or decline cookies. Most Web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. If you choose to decline cookies, you may not be able to fully experience the interactive features of the Brennan IT website services or web sites you visit.
We do not use this technology to access any personal information of a user in our records and a user cannot be personally identified from a cookie.
Login’s website may contain links to other sites that we feel may be of interest to others. We are not responsible for the privacy practices of these organisations. Please contact our Privacy Officer if you have had an adverse experience with a linked website.
Login will endeavour to ensure that all personal information is kept secure. We have technological and operational procedures in place to protect all personal information from loss or misuse. Our IT system is protected by a one way firewall which utilises network address translation to protect our internal network from external access.
While no set of mitigation strategies are guaranteed to protect against all cyber threats, organisations are recommended to implement eight essential mitigation strategies from the ACSC’s as a baseline. This baseline, known as the Essential Eight, makes it much harder for adversaries to compromise systems.
The Essential Eight includes these strategies. Following these steps will assist in prevention of malware running across your organisation and reduce the number of incidents and ensure you can recover your data. Login systems uses the Essential Eight model recommended by the ACSC to maintain a high level of security across all facets of our business.
- Application whitelisting – to control the execution of unauthorized software
- Patching applications – to remediate known security vulnerabilities
- Configuring Microsoft Office macro settings – to block untrusted macros
- Application hardening – to protect against vulnerable functionality
- Restricting administrative privileges – to limit powerful access to systems
- Patching operating systems – to remediate known security vulnerabilities
- Multi-factor authentication – to protect against risky activities
- Daily backups – to maintain the availability of critical data.
The Privacy Officer
101-103 Lincoln Road, Croydon Vic 3136
Phone: (03) 9723 3033
Fax: (03) 9723 3945
For further information on the National Privacy Principles go to www.privacy.gov.au