About this policy
This policy sets out the information handling practices for Aerial Capital Group Ltd and/or any of its subsidiaries including our websites and mobile apps. It does not cover personal information about our employees.
We strive to manage personal information in a best practice way which is open and transparent while enabling us to better serve our customers and the community.
Personal information means information or an opinion, true or false and whether recorded in a material form or not, about an identified or reasonable individual.
Our primary goal is to promote and maintain a high level of customer service and satisfaction.
We collect personally identifiable information that is specifically and voluntarily provided by visitors to our services including our websites. Such identifiable information includes name, title, phone number, commercial or private address, email addresses and any other information necessary for the provision of our services. Typically, identifying information is collected to:
• Register for and use certain services
• Administer and manage the services we provide
• Adhere to our policies and procedures
• Deliver information to you, such as information on products and services, newsletters, promotions and events
• Improve our marketing and promotional efforts, by enabling statistical analysis of site and product usage in ag- gregated form
• Answer your requests and queries
Notice where you give us information about third parties
Sound and Image Recording
We use sound recordings from customers as part of our quality assurance and assessment of staff for training and educational purposes. We have special protections around this information including separate storage and technical and policy restrictions on who can access this information.
We use in-vehicle image recordings for the purpose of passenger and driver safety where special protections are also around this information including separate storage and technical and policy restrictions of who can access this information.
We undertake Privacy Impact Assessments under the OAIC (Office of Australian Information Commission) guidelines where possible surrounding personal information to manage, minimise or eliminate privacy impacts.
Uses of personal information
We use information we collect to;
• Administer services we provide
• Target marketing communications
• Statistical analysis in aggregated form
• provide your details to taxi service providers in order to procure a taxi for you;
• maintain your profile, favourites and booking details on our server for the purposes of your account;
• present advertisements, special offers and promotions to you about our services, from time to time;
• respond to your enquiries;
• forecast future needs of our services and for general quality assurance and training purposes; and
• any other purposes identified at the time of collecting your information.
We will only use your sensitive information for the purposes for which it was collected, the purposes listed above, as required or permitted by law or purposes to which you otherwise consent.
We send marketing material to customers to provide information on products and services that the company pro- vides that will be of personal and/or professional benefit including any special offers from third parties. If you are not interested in receiving such material, ‘Unsubscribe’ to opt out of electronic marketing material is made available. Alternatively you can contact us to have your details removed.
Disclosure (sharing) of Personal Information
Aerial Capital Group and any of its subsidiaries may disclose your information:
• To drivers so that they can perform the services required
• Where the law requires or permits us to do so such as law enforcement agencies
• To other entities, including an agent of yours who will pass the information to you, or with your consent
• To government agencies as part of our regulatory or statutory obligations in aggregated form
• For registration of events
• Where you would reasonably expect
Some of our contracted service providers are located in New Zealand. Where we use a service provider that hosts personal information in other countries, we take steps that are reasonable in the circumstance to ensure that the host does not breach the Australian Privacy Principles. The steps we take include:
• adding provisions in our contract with the service provider that require them to protect the personal information they hold,
• Where a privacy breach occurs in relation to an overseas service provider, we support and work in handling the breach.
We participate in social media such as Facebook, LinkedIn and Twitter for internal purposes. These sites have their own privacy policies.
When individuals access our mobile application, we collect user details such as names, email addresses and contact numbers in order to authenticate user access to our services. We use personal data gathered for internal purposes such as marketing.
This section applies to all Aerial Capital Group websites including any Aerial Capital Group Subsidiary;
We use Google Analytics to collect a range of information about your interactions with our websites for statistical purposes. Our websites use ‘cookies’ to record details of your server address or other usage of our websites such as the pages you view for statistical analysis.
If you send us an email, that address will be recorded automatically by our email messaging system for the purpose of replying to your email.
Security of personal information
We take reasonable steps to protect the personal information it holds from misuse, interference and loss and from unauthorised access, modification or disclosure.
We do this by limiting personal information accessibility to authorised employees. Our data base is protected through the use of firewalls, regular updates of anti-virus software, voice encryption – phone hacking prevention, passwords and other user log-on procedures. We use secure gateways for the processing of credit card details and we are fully compliant with the PCI-DSS (Payment Card Industry Data Security Standards). For security please refrain from writing your credit card information in the body of an email. Physical security over paper and electronic data is maintained by the use of locks and security alarms.
Despite the measures we have put in place, we cannot guarantee the security of your personal information. You must take care to protect your personal information (for example, by protecting any usernames and passwords). You should also notify us as soon as possible if you become aware of any security breaches.
Although we are required to keep information for a period of 7 years, we take reasonable steps to de-identify information once it is no longer required.
Data Breach Notification
The Company has a Notifiable Data Breach Response Plan established under the OAIC Office of Australian Information Commission (OAIC) guidelines.
Any data breach will be assessed on a case by case basis to determine if a breach notification is required.
If a data breach is determined to create a real risk of serious harm to the individual, the affected individual and third parties, such as the OAIC (Office of Australian Information Commission), and the relevant authorities will be notified.
Accuracy, access and correction
We take reasonable steps to ensure that the personal information that we collect and hold is accurate, complete and up-to-date. However, we rely on you to advise us of any changes to your personal information to help us maintain accurate, complete and up-to-date information.
We will, on request, provide you with access to the personal information we hold about you unless otherwise re- quired or permitted by law. We will notify you of the basis for any denial of access to your personal information.
To request access to your personal information or to update or correct your personal information, please contact us via the contact details provided below.
If you ask us about personal information we have collected about you, or are seeking to transact or update informa- tion for the provision of our services, we will confirm your identity.
How to make a complaint
The Privacy Officer Aerial Capital Group Ltd
PO Box 1233 Fyshwick ACT 2609
Ph: 02 6126 1500
We will refer your complaint to our Privacy Officer who will investigate the issue and determine the steps (if any) that we will undertake to resolve your complaint. We will contact you if we require any additional information from you and will notify you in writing of the outcome of the investigation. If you are not satisfied with our determination, you can contact us to discuss your concerns or contact to the Australian Privacy Commissioner via www.oaic.gov.au.