Privacy is important especially when you consider the number of ways we communicate and interact these days. We are committed to our privacy obligations and will conduct our business to ensure the protection of your personal information, including sensitive information.

In this Privacy statement , we will give you specific information about how we will manage the personal information for the particular product or service and/or the particular company/brand. Depending on how you interact with us, a Privacy Statement will be delivered to you in a number of ways, including hard copy/paper or via electronic means. We also have Online Terms which detail your use of our websites and other online interactions. Please refer to those terms prior to using the services our websites offer, or when you are directed to do so such as during the acquisition of a product or service. The type of personal information we collect and hold Personal information is information or an opinion about an identified individual or an individual who is reasonably identifiable. It includes sensitive information. We will ask for a broad range of personal information which is necessary for our functions or activities. The type of personal information we ask for will depend on the type of product or service you choose. We will generally ask for the following types of personal information: — name, address and contact details; and/or — information about your use of our product or service.— any other personal information which is either required to acquire a product or service or needed during the lifecycle of that product or service. If we are not able to collect personal information about you we may not be able to provide you with the products, services or assistance you require. The collection, use or disclosure of your personal information is needed to provide these. Ways we collect your personal information We collect your personal information: — directly from you; – by using written forms; – through contact over the telephone, mobile or other messaging technology; – via the internet, including websites and social media; and/or – in person to person contact (e.g. meetings, offices or service centres). — from publicly available sources of information; and/or — from other persons or organisations (including related and third parties). We will collect your personal information during the information life cycle, on an adhoc or a recurrent basis using the above methods. For example, we will collect personal information when you acquire a product or service from us, when you make changes to that product, when you exercise a right under the product or service or when you need to complain. We will combine or link personal information we already know about you to other personal information we collect about you. Please refer to “Parties to whom we disclose and collect your personal information” section which details the types of organisations we disclose your personal information to and collect your personal information from. 
Use and disclosure of Personal Information Collection of personal information We collect your personal information so we can: — identify you and conduct appropriate checks; — understand your requirements and provide you with a product or service; — set up, administer and manage our products and services; —manage complaints and disputes, and report to dispute resolution bodies; and — get a better understanding of you, your needs, your behaviours and how you interact with us, so we can engage in product and service research, development and business strategy including managing the delivery of our services and products via the ways we communicate with you. Sometimes we are required to collect your personal information to satisfy specific legal obligations. The Privacy Statement you receive will give you further details as to which laws may apply to your personal information. Your Privacy Statement may also contain different primary purposes of collection depending on the product or service you acquire from us, the interaction you have with us. Use and disclosure We use and disclose your personal information for the purposes we collected it. Please refer to “Collection of personal information” section to understand what these purposes may be. We will use and disclose your personal information for a secondary purpose related to a purpose for which we collected it, where you would reasonably expect us to use or disclose your personal information for that secondary purpose. In the case of sensitive information, any secondary use or disclosure will be directly related to the purpose of collection. For example, we will disclose your personal information to third party service providers so that they can provide the contracted services to us such as information technology support or programming, hosting services, telephony services, mailing or sending of documentation to customers digitally or otherwise. We use a wide variety of marketing strategies including mail, SMS, telephone and other internet based marketing including targeted online advertising and online behavioural marketing. Third party marketing service providers may combine the personal information we disclose to them with information they already hold about you, in order to serve you with more relevant advertising about our products and services. Refer to your relevant Privacy Statement or privacy disclosure as to how our company will deal with your personal information for the purpose of marketing. —We will take all reasonable steps to protect your personal information from misuse, interference and loss, as well as unauthorised access, modification or disclosure. The ways we do this include: — limiting physical access to our premises; — restricting electronic and physical access to personal information we hold; — having in place stand-by systems and information backups to deal with major business interruptions; — maintaining technology security products; — requiring any third party providers to have acceptable security measures to keep your personal information secure; and — destroying or de-identifying personal information pursuant to the law and our record retention policies. We maintain industry standard technology and procedures in respect of our information management and provision of online services. Nebula data has an ongoing program of review and enhancement of its security measures. The reviews and updates address such matters as security and information management policies, processes and procedures, and technology reviews such as software, virus protection and fire wall settings. Nebula Data’s systems and information technology infrastructure are regularly audited both by internal and external experts and regulatory bodies as required. E-mail transmissions to us are not necessarily secure. If you have any concern about the security of the contents of your e-mail or any other transaction over the internet, then you should consider contacting us by other means. If you make a transaction involving the submission of personal information over the internet to us using one of our online forms, then we employ that encryption technology. Nebula Data trains its employees and representatives in their privacy obligations, applies confidentiality obligations and provides authorised persons with user identifiers, passwords or other access codes to control access to your personal information. 

Anonymity and pseudonymity

The Australian privacy regime provides the option of not identifying yourself, or of using a pseudonym unless we are required or authorised by law or a court/tribunal to identify you, or it is impracticable to deal with you anonymously or by a pseudonym. Access and correction of personal information You have the right to request access to personal information we hold about you. We are able to deny access to some or all of your personal information in specified circumstances. We will provide reasons for any refusal in writing. If you would like to request access to the personal information we hold about you please contact us by using the relevant Access or Correction contact in Nebula Data’s Privacy Contact Information table which will be provided by email after you contacted our staff member, we may be able to provide you this information within our normal business processes. If not, the staff member will be able to commence the privacy access request process for you which may require you to complete a privacy access request form. These requests may incur a fee and you will be advised of an estimated fee and the payment options at the time of written acknowledgement. This is usually provided to you within 5 business days. Our response to your request will usually be completed within 30 days of receipt of the request. If we require further time we will contact you in writing to advise of this and provide our reasons for the further time that is required.

Personal information correction or update

We rely on the accuracy of the personal information we hold about you to provide our products and services to you. You have the right to request us to correct any inaccurate, out-of-date, incomplete, irrelevant or misleading personal information. We will take such steps that are reasonable in the circumstances with regard to the purpose for which your personal information is held to make a correction. We may refuse to correct your personal information and will provide reasons for refusal in writing. If we refuse to correct your personal information you have the right to associate with the information a statement that the information is inaccurate, out-of-date, incomplete, irrelevant or misleading. We will take such steps that are reasonable in the circumstances to associate that statement with all records containing the relevant information. You can contact us to request the correction to the personal information we hold about you by customer service email or phone.