Perceptive Communication Pty Ltd (ABN 54 098 185 427), trading as FCS OnLine, is a related body corporate of illion (Australia) Pty Ltd (ABN 95 006 399 677). References below relating to 'FCS OnLine', 'we' or 'our' refer to the legal entity Perceptive Communication Pty Ltd for ease of understanding in relation to our branded products and website.

We are an information aggregation business, providing directory and search services and verification of identity, addresses and contact details for our business customers.

Our obligations & commitment

We are subject to the Privacy Act 1988 and the National Privacy Principles, and for some of our products, we are also subject to the Telecommunications Act 1997, the Integrated Public Number Database (IPND) Scheme under that Act and any other contractual obligations with our providers. We comply with the Australian privacy law when collecting, holding, using and disclosing personal information and are committed to protecting the privacy of individuals whose information is contained in our databases. Set out below is information regarding our policies regarding privacy. This policy is available at any time via our website www.fcsonline.com.au/Privacy-Policy-13.html. If a printed copy is required this can be requested via our client services team. Please find contact details below.

Privacy Protection in accordance with the Australian privacy law

Below is a detailed overview of how we comply with the privacy law. The databases maintained by us contain information about both individuals (personal information) and legal entities such as companies. Our general approach is to treat all the information it holds with the same respect for privacy and confidentiality. However, some products make non-personal information more freely available, and those entities do not enjoy the same legal privacy rights as individuals. If you have a question about a particular database or product, contact us

Collection

We collect personal information necessary for its business from government and non-government third party data sources that are accessible in accordance with privacy and other laws. The nature of our business does not lend itself to direct collection from individuals themselves. We seek assurances from all its data sources that the information has been collected and is held in accordance with applicable privacy laws, and specifically that individuals concerned have been notified about the likely uses of the information (including disclosure to us). The types of information we collect include name, address and contact details. For identity verification purposes, we also collect date of birth and government identifier (optional) information. We confirm a match against name, address and date of birth, separate to CRB for identity verification where permitted by law.

We collect and hold any personal 'identifiers' assigned to individuals by State government and Commonwealth agencies, for identity verification purposes, including location verification. This includes Australian passport, visa numbers, and Medicare numbers. We do not, at any time, adopt government identifiers as our own identifier. Non-collection of an individual's personal information (including personal 'identifiers' information) may result in an inability to successfully verify an individual's identity.

We do not collect any sensitive information as defined in the Privacy Act.

Holding information

It is not practicable for us to offer individuals 'anonymity'. We need to know who you are in order to determine whether you have a right to access information. Where a data source that we use is not public, we will respect the rules of access set by the provider.

illion's Client Services Team logs and answers any queries in relation to privacy. All enquiries are promptly handled and formal responses made in writing (upon request) and filed for future reference. Our business customers are requested to refer all enquiries on privacy matters relating to our products and services directly to our client services team.

Some of our databases also contain information which is not personal information and not regulated by privacy laws. This includes Australian Business Numbers (ABNs) and Australian Company Numbers (ACNs).

Use & Disclosure

Our customers include providers who use our services to verify the identity of their customers to help them fulfil legal obligations under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (AML/CTF) legislation and/or to meet organisational requirement. Providers, or 'reporting entities', include entities who provide one or more designated services as defined in s 6 of the AML/CTF.

The information held in our databases is used internally and made available in different ways to our customers. Some of these are straight 'look up' or 'search' services while others involving matching or comparing information in the databases with information supplied by our customers. Our use and disclosure of personal information is mostly for the primary purpose of collection (the provision of our various business products and services). The only other circumstances in which we will use or disclose personal information are those allowed under law – these circumstances include: with the consent of the individual, in emergencies, or where required or authorised by law.

Telephone number information obtained from the Integrated Public Number Database (IPND) is subject to specific restrictions on use and disclosure under the applicable legislations and contractual requirements.

Transborder data flows - We do not contract any processing of personal information to organisations outside Australia. Our business customers may access FCS OnLine products from outside Australia. Customers are required to accept terms and conditions that include assurances that they will comply with Australian law in dealing with personal information.

Data Quality

We take a number of steps to ensure that the personal information we use or disclose is accurate, complete and up-to-date, although in some cases we are constrained by an obligation not to alter data without consulting the data source. Where it is lawful, we carry out automated matching of the data received from different sources to identify discrepancies and then make a judgement about how to resolve the discrepancy – this will usually involve contacting the data source. We may also make changes as a result of contact from individuals (see below under Access & Correction).

Data Security

We have security systems and programs in place to seek to ensure that the information it holds, including personal information, is protected from misuse and loss and from unauthorised access, modification or disclosure. We maintain strict security over personal information. The security measures we take include restricting access to personal information with password protection; firewalls; and data encryption. We also take reasonable steps to destroy or permanently de-identify personal information when it is no longer needed for any purpose for which it may be used or disclosed as and when required by law. Further details of our retention policies are given in a separate section of this policy, below. Our Corporate Information Security Program Policy is designed to ensure that all information is secure both in our own databases and when it is being accessed by our customers. Access to our systems is monitored electronically, providing an auditable record of who, what and when data was accessed.

Openness

This Privacy and Security Policy is available on our website and in paper form on request, and clearly explains our policies on our management of personal information. On request, we will provide reasonable further information to try to satisfy any enquiries about what sort of personal information is held, for what purposes, and how we collect, hold, use and disclose that information.

Access & Correction

Individuals may request access to any personal information about themselves held in our databases. We will generally provide access subject to any of the exceptions that may be relevant. We reserve the right to make a reasonable charge for providing the information, but there is no charge for making a request. Requests must be made in writing with sufficient identification provided, to ensure that we do not give out your details to someone else. If an individual requests correction of their personal information and we can establish that it is not accurate, complete or up-to-date, we will correct it. Requests can be made by contacting our client services team.

In some cases, requests for correction will need to be referred back to the source of the information, to ensure that any inaccuracies do no simply re-appear when we next receive updates. Referral will also help to ensure that any inaccuracies are also drawn to the attention of other organisations which receive the same data. While requests for correction are being sorted out with sources, or where we disagree with an individual's assertion, we may choose to 'flag' the information concerned as disputed to ensure that any users are aware that the quality of the information has been challenged. Where we withhold access or decline to make corrections, we will provide the individual with an explanation.

Information regarding the privacy can be accessed from: The Office of the Australian Information Commissioner - www.oaic.gov.au

Further information, enquiries & complaints

For access to personal information about yourself, for further information about our privacy and security policy, and for any complaint regarding FCS OnLine's handling of personal information, contact us at:

FCS OnLine
Attn: Client Services Team
PO Box 7405
St Kilda Rd
Melbourne VIC 3004
Phone: 13 23 33
Email: clientservices@illion.com.au

Individuals have the right to complain at any time to the Australian Information Commissioner about any alleged breach of the National Privacy Principles by us, but the Commissioner will normally require the complainant to have first attempted to resolve the issue with us. For more detail on our complaints policy, see Complaints handling process

Data Retention & Disposal

Data from third party sources, once it has been used to create or updated in our databases, it is either deleted or returned to the source as agreed with the source. Data in the various databases is continually updated, but is otherwise held for as long as required in relation to the particular products that draw on those databases. Customer data files are held for limited periods agreed with the customer for the explicit purpose of providing the service, after which the original customer data file and related output files will be deleted.

The customer has the ability to delete or advise us to delete data at any time. When data is deleted it is permanently and irrevocably destroyed. This applies to any backup copies of databases.