Our obligations & commitment

FCS OnLine is subject to the Privacy Act 1988, and for some of its products is also subject to the Telecommunications Act 1997 and the Integrated Public Number Database (IPND) Scheme under that Act.

FCS OnLine is committed to protecting the privacy of individuals whose information is contained in our databases, and to assisting in resolving any issues that may arise in relation to this personal information.

Set out below is information regarding FCS OnLine’s policies regarding privacy, including security.

FCS OnLine will only collect, use or disclose an individual’s personal information as permitted by the National Privacy Principles in the Privacy Act 1988, and by other laws.

Personal information is collected from a variety of data sources, but only where FCS Online has assurances about the source’s compliance with privacy principles.

FCS OnLine maintains strict security over personal information. There is restricted access to personal information with password protection and data encryption.

The databases maintained by FCS OnLine contain information about both individuals (personal information) and legal entities such as companies. While the latter information is not subject to the Privacy Act, it is subject to the IPND scheme. FCS OnLine’s general approach is to treat all the information it holds with the same respect for privacy and confidentiality. However, some products make non-personal information more freely available, and those entities do not enjoy the same legal privacy rights as individuals.  If you have a question about a particular database or product, Contact Us

Collection

NPP 1

FCS OnLine collects personal information necessary for its business (NPP 1.1) from third party data sources that are accessible in accordance with privacy and other laws (NPP 1.2). The nature of our business does not lend itself to direct collection from individuals themselves (NPP 1.4).

FCS OnLine seeks assurances from all its data sources that the information has been collected and is held in accordance with applicable privacy laws, and specifically that individuals concerned have been notified about the likely uses of the information (including disclosure to organisations such as FCS OnLine (NPP 1.5).

NPP 7

FCS OnLine does not collect or hold any personal ‘identifiers’ assigned to individuals by Commonwealth agencies, such as Tax File Numbers or Medicare numbers.

Some of our databases contain Australian Business Numbers (ABNs) which are expressly exempted from NPP7 or Australian Company Numbers (ACNs) which are not personal.

NPP8

It is not practicable for FCS OnLine to offer individuals ‘anonymity’. We will however seek to ensure that any preferences for suppression which individuals may have expressed to our data sources are respected. For example, if we become aware that any of the individuals in our databases are silent electors or have silent telephone lines (unlisted numbers) we will immediately suspend access to those details pending resolution with the data source.

NPP 10

FCS OnLine does not collect any sensitive information as defined in the Privacy Act (NPP10)

Use & Disclosure

NPP 2

The information held in the various FCS OnLine databases is used internally and made available in different ways to our customers, depending on the product in question. Some of these are straight ‘look up’ or ‘search’ services while others involving matching or comparing information in the databases with information supplied by our customers.

Our use and disclosure of personal information is mostly for the primary purpose of collection (the provision of our various business products and services).

The only other circumstances in which FCS OnLine will use or disclose personal information are those allowed by NPP 2 – namely with the consent of the individual, in emergencies, or where required by law.

Telephone number information obtained from the Integrated Public Number Database (IPND) and held in our Public Number Directory is subject to specific restrictions on use and disclosure under the Telecommunications Act and IPND Scheme.

NPP 9 Transborder data flows

FCS OnLine does not and will not contract any processing of personal information to organisations outside Australia.

Our business customers may access FCS OnLine products from outside Australia. Customers are required to accept terms and conditions that include assurances that any personal information will not be held, used or disclosed inconsistently with the NPPs (NPP 9(f)).

Data Quality

NPP 3

FCS OnLine takes a number of steps to ensure that the personal information we use or disclose is accurate, complete and up-to-date, although in some cases we are constrained by an obligation not to alter data without consulting the data source. Where it is lawful, we carry out automated matching of the data received from different sources to identify discrepancies and then make a judgement about how to resolve the discrepancy – this will usually involve contacting the data source. We may also make changes as a result of contact from individuals (see below under Access & Correction).

FCS OnLine takes elaborate steps to ensure that the information it holds, including personal information, is protected from misuse and loss and from unauthorised access, modification or disclosure (NPP 4.1). Further details of our security measures are given in a separate section of this policy, below.

We also take reasonable steps to destroy or permanently de-identify personal information when it is no longer needed for any purpose for which it may be used or disclosed under NPP 2 and other legislation. Further details of our retention policies are given in a separate section of this policy, below.

Openness

NPP 5

This Privacy and Security Policy is available on our website and in paper form on request, and clearly explains our policies on our management of personal information. On request, we will provide reasonable further information to try to satisfy any enquiries about what sort of personal information is held, for what purposes, and how we collect, hold, use and disclose that information.

Access & Correction

NPP 6

Individuals may request access to any personal information about themselves held in our databases (NPP 6.1). We will generally provide access subject to any of the exceptions that may be relevant (NPP 6.1(a)-(k). We reserve the right to make a reasonable charge for providing the information, but there is no charge for making a request. Requests must be made in writing with sufficient identification provided, to ensure that we do not give out your details to someone else. Contact details are given below.

If an individual requests correction of their personal information and we can establish that it is not accurate, complete or up-to-date, we will correct it (NPPs 3 & 6.5). In some cases, requests for correction will need to be referred back to the source of the information, to ensure that any inaccuracies do no simply re-appear when we next receive updates. Referral will also help to ensure that any inaccuracies are also drawn to the attention of other organisations which receive the same data. While requests for correction are being sorted out with sources, or where we disagree with an individual’s assertion, we may ‘flag’ the information concerned to ensure that any users are aware that the quality of the information has been challenged (NPP 6.6). Where we withhold access or decline to make corrections, we will provide the individual with an explanation (NPP 6.7).

Information regarding the National Privacy Principles can be accessed from:

The Office of the Privacy Commissioner – www.privacy.gov.au

Further information, enquiries & complaints

For access to personal information about yourself, for further information about our privacy and security policy, and for any complaint regarding FCS On Line’s handling of personal information, contact us at:

FCS OnLine
Attn: Privacy Manager
Level 1
90 Mount St
North Sydney NSW 2060
Phone: 02 8912 1030
Fax: 02 8912 1001
Email: privacy@fcsonline.com.au

Individuals have the right to complain at any time to the Australian Privacy Commissioner about any alleged breach of the National Privacy Principles by FCS OnLine, but the Commissioner will normally require the complainant to have first attempted to resolve the issue with us. For more detail on our complaints policy, see Complaints handling process

Security safeguards

This section of the policy gives more detail about the measures taken by FCS OnLine to comply with its security obligations in relation to the information, including personal information, held in its databases.

FCS OnLine’s business relies on the trust both of its business customers and of individuals whose information we hold that we keep data and our information systems secure. Our Corporate Security Program is comprehensive, proactive and designed to ensure that all information is secure both in our own databases and when it is being accessed by our customers, either through our web site applications, or XML Web Services, or through our Bureau.

Secure storage

FCS OnLine utilizes industry accepted security practices. Our systems use firewalls and encryption to protect all data and our applications and databases have built-in security features that prevent unauthorised access.

FCS OnLine’s production data is securely stored in a Data Centre and is protected at the physical level by a Fire-retarding system, temperature/humidity conditioned environment and an Uninterruptible Power Supply (UPS).

Access to the Computer rooms is controlled and the rooms are monitored by video surveillance 24/7, 365 days per year.

Full backups to tape cartridge are made on a rotational basis and these backups are securely stored in separate geographic locations.

Data in transit

Audit trail

Access to our systems is monitored electronically, providing an auditable record of who accessed what data when.

Data from third party sources, once it has been used to create or update FCS OnLine databases, is either deleted or returned to the source as agreed with the source.

Data in the various databases is continually updated, but is otherwise held for as long as required in relation to the particular products that draw on those databases.

Customer data files are held for limited periods agreed with the customer for the explicit purpose of providing the service, after which the original customer data file and related output files will be deleted. The customer has the ability to delete or advise us to delete data at any time.

When data is deleted it is permanently and irrevocably destroyed. This applies to any backup copies of databases.

As required by the IPND Scheme, protected information under that Scheme in FCS OnLine’s Public Number Directory products is securely destroyed within 10 days of it no longer being required for an authorised purpose.

Data sources

FCS OnLine utilises a number of data sources in order to provide its search and identity Verification services. These data sources are segmented into two types:

1. Licensed Data Sources
2. Other Government Data Sources

Licensed Data Sources

Current Australian Electoral Rolls

Received from the Australian Electoral Commission for use in FTRA and AML/CTF verification under Statute.

IPND

FCS OnLine is an authorised user of the Integrated Public Number Database (IPND), a central National database of listed phone numbers. This data source provides residential and business names, addresses and phone numbers. FCS provides controlled access to this information through its Yell Directory^TM and CallerAssist^TM products, and through printed Directories, and fully complies with the Telecommunications Act and the IPND Code

SENSIS

FCS OnLine accesses telephone information from SENSIS on a commercial relationship. It has the ability to pass this information within the FCS OnLine products or services to other parties.

NCOA

The Australia Post National Change of Address (NCOA) file is provided under license to FCS OnLine in order to update customer data files with changes to postal address information. Australia Post only provides this information when an individual or business consents to their information being made available to other parties.

In addition to the above data sources which contain personal information, FCS OnLine also receives non-personal data from three other licenced sources:

PAF®

Australia Post, Postal Address File (PAF) is used by FCS to maintain the accuracy of address data, and provide Delivery Point Identifiers (DPID) to ensure addresses held in its databases conform to Australia Post standards.

G-NAF®

FCS is a licensee of the Geo-coded National Address File (G-NAF®). G-NAF is the only authoritative national index of locality, street and number, validated with geographic coordinates. FCS uses G-NAF as a further qualifier to the accuracy of address data it stores in its databases.

Social Profile FCS is a licensee of Social Profile data which provides neighbourhood segments that are produced by clustering a highly customised array of measures mainly derived from Census demographic variables. The clustering creates a single segment code that is represented by a descriptive statement or thumbnail sketch and is based on the principle that people with similar demographic profiles and lifestyles tend to live near each other.

Other Government Data Sources

Pre July 2004 Electoral Roll Data

FCS OnLine utilises Pre-July 2004 Electoral Roll data in order to maintain a Name & Address database. This information was sourced from the Federal and/or State electoral registration officers in accordance with electoral legislation at the time.

ABRPublic

FCS OnLine accesses the Australian Business Register public database maintained by the Australian Securities and Investments Commission (ASIC) and in order to provide a business name and registration lookup facility.

DFAT/OFAC

FCS OnLine obtains information from Department of Foreign Affairs and Trade (DFAT) and The Office of Foreign Assets Control ("OFAC"). These are government based watch lists

Proprietary Data

FCS has a large permission based privacy compliant database obtained from telemarketing, private companies and other directory producers.

The actual source of data is protected by confidentiality agreements. Individual records may be accessed in accordance with our Privacy Policy.