In this Privacy Policy, 'us' 'we' or 'our' means OCR Labs Pty Ltd (ABN 20 603 823 276) .We are committed
to respecting your privacy.
Our Privacy Policy sets out how we collect, use, store and disclose your personal information.By
providing personal information to us, you consent to our collection, use and disclosure of your
personal information in accordance with this Privacy Policy and any other arrangements that apply
between us.We may change our Privacy Policy from time to time by publishing changes to it on
our website.
We encourage you to check our website periodically to ensure that you are aware of our current Privacy
Policy.Personal information includes information or an opinion about an individual that is reasonably
identifiable.
For example, this may include your name, age, gender, postcode and contact details.
What personal information do we collect?
We may collect the following types of personal information and sensitive information:
- name;
- mailing or street address;
- email address;
- telephone number and other contact details;
- age or date of birth;
- government related identifiers, such as your licence number and class, Medicare number, state
or national ID card number, passport number, and birth or marriage certificate number;
- other information identifiable from scanned ID documents you provide, such as your organ donor
status or photographs of your face;
- biometric information, such as video footage or photographs of your face;
- information obtained from fraud-prevention services and document verification services;
- your device ID, device type, geo-location information, computer and connection information, IP
address and standard web log information;
- any additional information relating to you that you provide to us directly through our website
or app or indirectly through your use of our website or app or online presence or through
other websites or accounts from which you permit us to collect information;
- information you provide to us through customer surveys; or
- any other personal information that may be required in order to facilitate your dealings with
us.
We may collect these types of personal information either directly from you, or from third parties.
We may collect this information when you:
- utilise one of our verification services, either through our app or web-based portal;
- communicate with us through correspondence, chats, email or otherwise through our website; or
We may also receive personal or anonymised information about you from our customers where they make
use of our services. This information may include a customer ID that identifies you in the third
party’s database, as well as the categories of information set out above.
In addition, when you apply for a job or position with us we may collect certain information from
you (including your name, contact details, working history and relevant records checks) from
any recruitment consultant, your previous employers and others who may be able to provide information
to us to assist in our decision on whether or not to make you an offer of employment or engage
you under a contract.
This Privacy Policy does not apply to acts and practices in relation to employee records of our current
and former employees, which are exempt from the Privacy Act
Why do we collect, use and disclose personal information?
We may collect, hold, use and disclose your personal information for the following purposes:
- to enable you to access and use our website or app;
- to provide verification services to our customers, where you are seeking to access one of their
products or services;
- to operate, protect, improve and optimise our website or app, business and our customers' and
users’ experience, such as to perform analytics, conduct research and create new products,
and conduct training;
- to send you service, support and administrative messages, reminders, technical notices, updates,
security alerts in connection with our verification services, and information requested by
you;
- to comply with our legal obligations, resolve any disputes that we may have with any of our customers
or users, and enforce our agreements with third parties; and
- where relevant, to consider your employment application
We may also use de-identified, aggregate information to share insights about users of our verification
services, such as by publishing a report on trends in the usage of such services.
Do we use your personal information for direct marketing?
If we have collected your personal information because you are a representative of one of our current
or prospective customers, we may send you direct marketing communications and information about
our services and products.
This may take the form of emails, SMS, mail or other forms of communication, in accordance with the
Spam Act and the Privacy Act.
You may opt-out of receiving marketing materials from us by contacting us using the details set out
below or by using the opt-out facilities provided (eg an unsubscribe link).
To whom do we disclose your personal information?
We may disclose personal information for the purposes described in this Privacy Policy to:
- our customers, where you are seeking to access their products and/or services and are required
to verify your identity in order to do so;
- our employees and contractors, for the purposes of managing our products and systems and providing
our services;
- third party suppliers and service providers (including providers of document verification services
to help us verify the validity of identity documents you disclose to us, and other providers
for the operation of our websites and/or our business or in connection with providing our
products and services to you);
- professional advisers, dealers and agents;
- our existing or potential agents, business partners or partners;
- anyone to whom our assets or businesses (or any part of them) are transferred;
- specific third parties authorised by you to receive information held by us; and/or
- other persons, including government agencies, regulatory bodies and law enforcement agencies,
or as required, authorised or permitted by law.
Disclosure of personal information outside Australia
We may disclose personal information to countries outside of Australia, including (among others)
New Zealand, Singapore and Dubai, in order to conduct training for our contractors.
When you provide your personal information to us, you consent to the disclosure of your information
outside of Australia and acknowledge that we are not required to ensure that overseas recipients
handle that personal information in compliance with Australian Privacy Law.
We will, however, take reasonable steps to ensure that any overseas recipient will deal with such
personal information in a way that is consistent with the Australian Privacy Principles.
Using our website and cookies
When you use our verification services, we automatically receive and record certain information from
your computer (or other device) and/or your web browser.
This may include such information as the third-party website or application into which the services
are integrated, the date and time that you use the services, your IP address and domain name,
your software and hardware attributes (including operating system, device model, and hashed device
fingerprint information), and your general geographic location (e.g., your city, state, or metropolitan
region).
To obtain such information, we may use web logs or applications that recognize your computer and
gather information about its online activity.
What are cookies? Cookies are small files that are stored on your computer or other device
by your web browser.
A cookie allows OCR Labs to recognize whether you have used our services before and may store user
preferences and other information.
How are cookies used? For example, cookies can be used to collect information about your
use of our services during your current session and over time, your computer or other device’s
operating system and browser type, your Internet service provider, your domain name and IP address,
and your general geographic location.
How do you avoid cookies? If you are concerned about having cookies on your computer or device,
you can set your browser to refuse all cookies or to indicate when a cookie is being set, allowing
you to decide whether to accept it.
You can also delete cookies from your computer.
However, if you choose to block or delete cookies, certain features of our services may not operate
correctly.
Security
We take reasonable physical, electronic, and procedural safeguards to protect your personal information
against loss or unauthorized access, use, modification, or deletion.
Among other things, OCR Labs encrypts personal information both in transit and at rest.
OCR Labs is ISO 27001 compliant and regularly conducts security audits, vulnerability scans, and
penetration tests to ensure compliance with security best practices and standards.
However, we cannot guarantee the safety of your personal information.
Links
Our website or app may contain links to websites operated by third parties. Those links are provided
for convenience and may not remain current or be maintained.
Unless expressly stated otherwise, we are not responsible for the privacy practices of, or any content
on, those linked websites, and have no control over or rights in those linked websites.
The privacy policies that apply to those other websites may differ substantially from our Privacy
Policy, so we encourage individuals to read them before using those websites.
Accessing and correcting your information
You can access the personal information we hold about you by contacting us using the information
below.
Sometimes, we may not be able to provide you with access to all of your personal information and,
where this is the case, we will tell you why. We may also need to verify your identity when you
request your personal information.
We note that we may not store your personal information where it was collected by us to perform verification
services and such services have been completed.
If you think that any personal information we hold about you is inaccurate, please contact us and
we will take reasonable steps to ensure that it is corrected.
Making a complaint
If you think we have breached the Privacy Act, or you wish to make a complaint about the way we have
handled your personal information, you can contact us using the details set out below.
Please include your name, email address and/or telephone number and clearly describe your complaint.
We will acknowledge your complaint and respond to you regarding your complaint within a reasonable
period of time.
If you think that we have failed to resolve the complaint satisfactorily, we will provide you with
information about the further steps you can take.
Contact us
For further information about our Privacy Policy or practices, or to access or correct your personal
information, or make a complaint, please contact us using the details set out below:
Effective date:1st November, 2018