Privacy & Policy

Last modified: July, 2020

AMICI Tech Pty Ltd ACN 630 920 400 (AMICI Tech, we, us, our) is committed to respecting the privacy of your personal and sensitive information. We are bound by the Australian Privacy Principles in the Privacy Act 1988 (Commonwealth) and other applicable laws.

Data protection and information security is of the utmost importance to AMICI Tech, so you can have trust and confidence in dealing with our organisation.

We want to be transparent in explaining how and why we gather, store, share and use your personal information. Accordingly, this document provides a clear set of guidelines so that you can understand how we manage your personal information, the steps we take to protect your privacy as well as how, when and where we may collect, hold, use and disclose your personal information. It covers all personal information provided by you, as well as other individuals who have given their written consent to us to conduct a police history check or to otherwise use or services.

This privacy policy is in addition to our Terms and Conditions.

AMICI Tech must, on request by the ACIC, promptly provide the ACIC with a copy of the AMICI Tech’s privacy policy.

AMICI Tech is accredited, under Contract, to access the National Police Checking Service (NPCS) through the Australian Criminal Intelligence Commission. Australian Criminal Intelligence Commission is a registered trade mark of the Commonwealth of Australia. Find out more at acic.gov.au.

‘Personal Information’ and ‘Sensitive Information’ Defined

Personal information means information or an opinion about an identified individual or an individual who is reasonably identifiable, whether the information or opinion is true or not and recorded in a material form or not.

Sensitive information means information or an opinion about, among other things, an individual’s criminal record that is also personal information or health information about an individual.

References to personal information in this policy include sensitive information except where indicated otherwise.

We will reasonably ensure that personal information we collect, use or disclose is accurate, complete and up to date.

As a user of our system, you will be able to confirm that the information that you have provided is true and correct prior to submitting the data.

What personal information do we collect and hold?

The personal information we collect and hold about you includes information that you choose to provide us in the national police checking service application/consent form, or which you otherwise provide to us, including by way of forms and other documents or information you submit to us (whether in paper or electronic form). This information may include you name, address, phone number, email address, credit card details, date of birth, contact details, drivers licence details, passport details, or any other information you provide to us or authorise us to obtain.

Sensitive information we may collect and hold about your criminal history information. We use this sensitive information to create a police check for you. Where we receive unsolicited sensitive information from the third party Australian Criminal Intelligence Commission, we will destroy the information in a prompt and timely manner in accordance with our legal requirements. Under no instance will we keep unsolicited sensitive information.

We may also collect data about how you use our website or other websites you have visited so we can tailor our service to meet our customers’ needs. We may aggregate and de-identify this information (‘Aggregate Information’) and use the Aggregate Information to help us understand customer trends and to make improvements to our website and our services. We may share the Aggregate Information with third parties, including to improve our services and understand what our customers want, and we may use this data for advertising and marketing purposes. Aggregate Information may also be disclosed to third parties for the third parties’ advertising and marketing purposes.

You may choose what personal information you provide to us

It is up to you what personal information you provide to us. However, if you choose not to provide certain information, it may affect the way we can interact with you or your employer in providing our services. For example, if you choose not to provide information required for a specific background search requested by your employer, we will report that lack of results to your employer, which may in turn adversely impact your arrangements or prospects with that employer.

Additionally, for purposes of background searches directed through ACIC or certain other data suppliers, we are required to obtain such evidence as is reasonable in the circumstances to satisfy ourselves as to your identity, as well as your consent to proceed. Accordingly, we may make enquiries to help satisfy ourselves that you are who you say you are. This may include validating certain document information you provide with the document issuer or official record holder for purposes of confirming your identity. If the information you send us does not meet our current security requirements, we may contact you or your employer and ask to be provided with additional documentation or an interview to prove your identity. If you do not provide sufficient information, or we are otherwise not satisfied as to your identity, we may refuse to supply you or your employer (as relevant) with one or more of the information services.

Why and how do we collect, hold, use and disclose your personal information?

We generally collect personal information about you by way of a consent form or other documents or information you submit to us (whether in paper or electronic form), correspondence you provide to us and telephone calls or meetings with you.

Where we collect personal information, we will only process it:

  • to perform a contract with you;
  • where we have legitimate interests to process the personal information and they’re not overridden by your rights;
  • in accordance with our legal obligations; or
  • where we have your consent.

We collect, hold, use and disclose your personal information for the following purposes unless otherwise required or permitted by law:

  • to be able to lodge an application for and receive the results of a police check through the National Police Checking Service;
  • to conduct a Visa Entitlement Verification Online check through the Australian Government Department of Immigration and Border Protection;
  • to conduct a Bankruptcy Register Search through the Australian Financial Security Authority;
  • for proof of identity purposes;
  • to process payments for our services;
  • to provide the results of a police check to any person you authorise us to;
  • to allow third parties who you have agreed to allow access to the results of these searches for the purposes of verifying the contents of a police check;
  • to provide you with the best possible service in supplying you with our goods and services;
  • to comply with our obligations under any agreement we have with the Australian Criminal Intelligence Commission regarding the National Police Checking Service;
  • for any other purpose we explain when the personal information was collected, including the uses and disclosures outlined in this privacy policy; and
  • for any purpose that is related to these purposes (or, with respect to sensitive personal information, directly related to these purposes) that would reasonably be expected by the individual concerned.

We may disclose personal information to the following kinds of entities for the relevant purposes mentioned above:

  • our contractors, consultants, advisers, associates and related entities;
  • any industry body, tribunal, court or otherwise in connection with any complaint made by you about us;
  • other entities or third parties with your consent (such as third parties who you have agreed may access the results of the police check searches for verification purposes) or as permitted or required by law. For example recruitment companies, immigration agents, prospective employers, your current employer, service providers (including suppliers and providers who assist us to operate our business or in connection with providing our products and services to you or your employer), payment systems operators (e.g. merchants receiving card payments)
  • to overseas recipients where your background or the specific search requested relates to a foreign activity or presence (in which case, the recipients are likely to be in those relevant jurisdictions, or in a jurisdiction, such as the USA, that has agents in those relevant jurisdictions);

We only collect personal information about an individual where the information is reasonably necessary for one or more of the above functions.

You consent to us using and disclosing personal information for these purposes or any other purpose we obtain consent for (Secondary Purpose). Without limitation, such a Secondary Purpose which you consent to us taking reasonable steps to de-identify your personal information, such as by removing your personal identifiers, (De-identified Data) and disclose such De-identified Data to third parties or otherwise use the De-identified Data.

All personal information will be collected lawfully, fairly and not in an intrusive way. If we are unable to collect your personal information, we may be unable to provide you with all our services, and some functions and features on our website may not be available to you.

Direct marketing

We may use your personal information, including your contact details, to provide you with information about products and services (including those of third parties) which we consider may be of interest to you.

We may also provide your details to other organisations for specific marketing purposes.

At any time you may advise us that you do not wish to receive marketing communications. You may opt out at any time if you no longer wish to receive marketing information or do not wish to receive marketing information through a particular channel (such as by email, telephone, sms, or mail).

If you do not want us to send you marketing communications via email you can opt out at any time by using the unsubscribe option available. To opt out of all other means of communication, please contact our Data Protection Officer using the contact details provided below.

How we hold and protect your personal information

We are committed to protecting your personal information. We implement appropriate technical and organisational measures to help protect the security of your personal information; however, please note that no system is ever completely secure. We have implemented various policies including information security, password policies to guard against unauthorised access and unnecessary retention of personal information in our systems.

We store personal information we collect in relation to you in various ways, including in electronic form using third party data storage providers. All information that is stored electronically is password protected on secure servers.

As at the date of this privacy policy, any personal information we possess about you will only be stored in Australia.

Our aim is to ensure that all personal information is securely protected from misuse, loss, and unauthorised access, modification or disclosure by way of maintaining:

  • physical security by preventing unauthorised access to our premises;
  • computer network security, including password security to prevent unauthorised access;
  • communication security; and
  • limiting access to authorised staff and contractors of AMICI Tech.

When personal information is no longer needed we will take reasonable steps to destroy and/or de-identify that information (see also the ‘Retention’ section below).

We have current security measures in place to prevent unauthorised use of our police check service including:

  • capturing IP addresses;
  • capturing payment information; and
  • verification of ID and signatures.

Why will we disclose information to another organisation?

We will disclose your information only in accordance with the professional services we provide as set out in this privacy policy.

We want to provide our customers with the very best products and services. At times we may partner with other organisations to support the products and services we offer. Some of our service providers that provide services to us are provided entirely or partly from overseas locations (see also the ‘International Data Transfers’ section below). We may transfer personal information overseas to effectively deliver services to you.

For example we may partner with a third party provider who is able to determine the authenticity of your identity documents to ensure that your proof of identity requirements are met as efficiently as possible. In addition, we may partner with a third party provider who is able to monitor that emails sent to you has not bounced back, thus increasing our communication efficiency.

We may disclose personal information to overseas recipients for the purposes of using or liaising with verification sources as well as monitoring our emails sent and received. This information may include your name, address, date of birth, contact details, drivers licence details, passport details, or such other information we notify to you. As at the date of this policy the recipients will be located in Australia although the countries in which these recipients are located may change over time.

We may disclose personal information to a third party who has been provided with the police check to allow that third party to verify your police check through a verification functionality or feature. Where you have consented to us forwarding personal information on a police check to a third party you also consent to us making that information available to that third party via a verification functionality or feature.

Where you disclose personal information to a third party by giving them a copy of your police check (either in electronic or hard copy) you also consent to us also disclosing your personal information to that third party through a verification functionality or feature.

You acknowledge and agree that such disclosure through a verification functionality or feature is appropriate and necessary to maintain security and integrity of the personal information contained in police checks.

We may disclose Aggregate Information to a third party to better our services for our customers and improve our services.

AMICI Tech uses Google Analytics User-ID tracking to track Aggregate Information. This tracking does not contain any sensitive information. If you do not want to be tracked in this way, contact the Data Protection Officer or contact us through our contact details set out below to be unsubscribed.

International Data Transfers

When we share personal information, it may be transferred to, and processed in, countries other than the country you live in (such as the United States), which may have laws that are different to what you are familiar with. You can be comfortable that where we disclose personal information to a third party in another country, we put safeguards in place to ensure your personal information remains protected.

For individuals in the European Economic Area (‘EEA’), this means that your data may be transferred outside of the EEA. Where your personal data is transferred outside the EEA, we will ensure that the transfer of your personal data is carried out in accordance with applicable privacy laws and, in particular, that appropriate contractual, technical, and organisational measures are in place (such as the Standard Contractual Clauses approved by the EU Commission).

We will only disclose your personal information to those third-party suppliers that require the information to enable us to provide our services to you or your employer. In addition, when providing this information, we will only provide the minimum information that these third parties require. An example of this is where your background or a specific search requested relates to a foreign activity, accreditation or presence. In these situations, we may need to disclose your personal information to our overseas affiliates or to our or their third-party data suppliers. Where we need to disclose your personal information to third parties we put appropriate steps in place to ensure that these third parties are aware of and bound by their obligations in relation to your privacy. When your personal information is used for data analytics, it will always be de-identified.

Other than where personal information is shared with an off-shore third party as is reasonably necessary for one or more of our functions or activities, we store and process your personal information where you, or your employer, are in Australia.

AMICI Tech won't disclose or transfer any ACIC related information outside Australia.

If you are outside Australia you are still able to access to the portal, to all the information related the screening services and to download the ACIC results.

The applicant will be able to send its results to a company outside Australia. AMICI tech can't send any report directly to an overseas company. Applicants cannot share the portal access with any third party, nor with anybody else authorised for this purpose.

For further information, please contact us using the details set out below.

How can you access to your personal information and correct it if it is wrong?

If necessary, you may request access to the personal information that we hold about you, under Australian Privacy Principles 12 and 13. We will provide this information upon request or otherwise as required by law. You may obtain this information by contacting us using the details set out below.

Under freedom of information (FOI) you have a right, with limited exceptions, to access documents held by AMICI Tech. A FOI request can take up to 30 days to process.

The Freedom of Information Act 1982 (FOI Act) may give any person the right to:

  • access copies of documents (except exempt documents) we hold;
  • ask for information we hold about you to be changed or annotated if it is incomplete, out of date, incorrect or misleading; and
  • seek a review of our decision not to allow you access to a document or not to amend your personal record.

You can request access to check results under the Agreement, and you do not have to apply under FOI or Privacy Act rights.

We may require you to identify and specify what information and documents you require access to. You can ask to see any document that we hold. We may refuse access to some documents, or parts of documents that are exempt. Exempt documents may include those relating to national security, documents containing material obtained in confidence, or other matters set out in the FOI Act. Other occasions when we may deny access to personal information include where release of the information would have an unreasonable impact on the privacy of others.

While we will endeavour to ensure that the personal information collected from you is up to date accurate and complete, we will assume that any personal information provided by you is free from errors and omissions. If the applicant is able to establish that the information we hold about them is not accurate, complete or up to date, and the applicant requests us in writing to correct this information, we will then take reasonable steps to correct the information. You may request that we update or vary personal information that we hold about you using the contact details listed below.

If you wish to access information we hold about you please put your request in writing and send it to:

Data Protection Officer
AMICI Tech Pty Ltd
12/11-13 Penkivil Street
Bondi - 2026

Our Data Protection Officer can also be contacted on:

Email: support@backycheck.com.au

Retention

We retain your personal data only as long as necessary to provide you with our services and for legitimate and essential business purposes (such as maintaining the performance of our services), making data-driven business decisions about new features and offerings, complying with our legal obligations, and resolving disputes. Following this period, we will make sure the relevant personal data is deleted or anonymised. Our disposal and retention policy is included in the Terms and Conditions, which applies to the service provided by AMICI Tech.

Unsubscribe

Should you not wish to receive communications from us, you will have the option to unsubscribe on any email you receive from us or to indicate your communication preferences to us. Alternatively, you can contact our Data Protection Officer, set out above, to unsubscribe from our communications.

What are ‘cookies’ and how do they work?

Our website uses cookies. Cookies are small data files that are downloaded from our web servers and stored on your hard drive.

A cookie is a string of letters and numbers that uniquely identify the computer you are using and the Username and password you may have used to register at the site. This enables the website to track the pages you have visited.

Most browsers can be configured to refuse to accept cookies. You can also delete cookies from your hard drive. However, doing so may hinder your access to valuable areas of information within our site.

We will not be responsible for any damage to your computer or hard drive from cookies. You can set your browser to refuse cookies, however, this may mean you are unable to take full advantage of our website.

Your rights

Under European Union law, the General Data Protection Regulation or "GDPR" gives certain rights to applicable individuals in relation to their personal data. Accordingly, we have implemented additional transparency and access measures to help you take advantage of those rights (to the extent they are applicable).

Depending on the country in which you live in, the rights you have may include:

  • Accessing, correcting, updating, or requesting deletion of your information.
  • Objecting to processing of your information, asking us to restrict processing of your information, or requesting the portability of your information.
  • Opting out from receiving marketing communications that we send you at any time.
  • Withdrawing your consent at any time if we have collected and processed your information with your consent. Withdrawing your consent will not affect the lawfulness of any processing that we conducted prior to your withdrawal, nor will it affect processing of your information conducted in reliance on lawful processing grounds other than consent.
  • Complaining to a data protection authority about our collection and use of your information. For more information, please contact your local data protection authority. Contact details for data protection authorities in the European Union are available at: http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm.

We respond to all requests that we receive from individuals who wish to exercise their data protection rights in accordance with applicable data protection laws. You can contact us by sending an email to support@backycheck.com.au.

How do you request to delete your information prior the legal disposal and retention policy period?

You can request to delete your information prior to the expiry of the ACIC retention period by writing to us at support@backycheck.com.au, AMICI Tech will then request this to the ACIC, which will make the decision. In case your request of deletion is approved we will delete your information. We will keep you informed about the process through the portal.

What if I have a complaint?

If you have a complaint about our dealings with personal information, this policy or an alleged breach of the Australian Privacy Principles you have the right to expect that we will handle it in a friendly and professional way.

When we receive a complaint we look on it as valuable feedback that may help us to improve the services we offer and to ensure your needs are met in a satisfactory and appropriate manner.

If you wish to complain at any time about the handling, use or disclosure of your personal information just write to us at the following address:

Data Protection Officer
AMICI Tech Pty Ltd
12/11-13 Penkivil Street
Bondi - 2026

Our Data Protection Officer can also be contacted on:

Email: support@backycheck.com.au

We will make all efforts possible to investigate your complaint within 20 days and advise you of the outcome as soon as possible within 30 days of you making the complaint.

If the matter is not resolved to your satisfaction you can then refer your complaint to the Director of Compliance (Investigations) at the Office of the Australian Information Commissioner who can be contacted at:

Office of the Australian Information Commissioner
GPO Box 5218
Sydney NSW 2001.

Changes to this Privacy Policy

We reserve the right to change, modify or update this privacy policy from time to time to take into account of any new laws and technology, changes to our functions and activities, and to make sure it remains appropriate. Where we make changes to this privacy policy we will update the policy by posting the revised version on our website. The revised version shall take effect immediately upon posting. You should therefore refer to this privacy policy on our website regularly.