SFA is an Australian domiciled service supplier and is compliant in accordance with the Australian Privacy Principles in the Privacy Act 1988 (Cth) (Privacy Act). SHL, SFNZ, SFA, SFI, SOS, SSL, NDC are New Zealand domiciled service providers compliant with the NZ Privacy Act 2020. This PPS also sets out how NZ domiciled entities handle personal information received from our Australian clients, both their own personal information and that of any trade debtor clients.
smartAR may modify this PPS from time to time to reflect its current privacy practices.
Personal information we may collect
The types of personal information we may potentially collect includes:
- names, job titles, contact and address details
- information in identification documents (for example, passport, driver’s licence)
- date of birth and gender
- details of superannuation and insurance arrangements
- personal information about your spouse and dependants
- Payment history and debtor management notes
- bank account details.
How we collect and manage personal information
In some circumstances smartAR may have access to sensitive information about you to provide specific services. It is generally not practical to remain anonymous or to use a pseudonym when dealing with smartAR as usually we need to use your personal information to provide specific services to you and your clients, or which relate to or involve you.
Most of the personal information we receive is obtained via an electronic aged receivable file you send us on a regular basis. Additionally, we may collect personal information from you directly (for example, when we deal with you in person or over the phone, when you send us correspondence (including via email) or survey, or when you subscribe to our publications.
Sometimes it may be necessary for us to collect your personal information from a third party. For example, we may collect your personal information from your employer where they are our client, from your personal representative, or a publicly available record.
We may also collect personal information about you from your use of our websites and information you provide to us through contact mailboxes or through the registration process on our websites.
Where you provide us with personal information about someone else
Holding personal information
smartAR holds personal information in hard copy and electronic formats. We take security measures to protect the personal information we hold including physical (for example, security passes to enter our offices and storage of files in lockable cabinets) and technology (for example, restriction of access, firewalls, the use of encryption, passwords and digital certificates) security measures. We also have document retention policies and processes.
Purpose for collecting, holding, using and disclosing personal information
smartAR collects, holds and uses personal information for several purposes including:
- to provide professional services
- to provide technology services and solutions
- to respond to requests or queries
- to maintain contact with our clients and other contacts
- to keep our clients and other contacts informed of our services and industry developments
- to notify of seminars and other events
- for administrative purposes
- when engaging other service providers, other firms within the smartAR group of companies, contractors or suppliers relating to the operation of our business
- to manage any conflict of interest or independence (including auditor independence) obligations or situations
- to conduct surveys
- for seeking your feedback
- to meet any regulatory obligations
- as part of an actual due diligence process for an (or proposed) acquisition, disposition, merger or de-merger of a business (including smartAR’s business) or entering into an alliance, joint venture or referral arrangement, or
- for any other business-related purposes.
If you do not provide us with the personal information we have requested, we may not be able to complete or fulfil the purpose for which such information was collected, including providing you or our clients with the services we were engaged to perform.
The types of third parties to whom we may disclose your personal information include:
- experts or other third parties contracted as part of an engagement
- our service providers
- our professional advisers
- as part of an engagement, if you are a customer, an employee, a contractor or supplier of services to one of our clients, then we may disclose your personal information as part of providing services to that client
- as part of an actual (or proposed) acquisition, disposition, merger or de-merger of a business (including other smartAR businesses) or to enter into an alliance, joint venture or referral arrangement, or
- government or regulatory bodies or agencies, as part of an engagement or otherwise,
- other companies within the smartAR Group.
We do not disclose personal information to third parties for allowing them to send marketing material to you. However, we may share non-personal, de-identified or aggregated information to them for research or promotional purposes.
Disclosure of personal information overseas and sharing personal information amongst and within the smartAR Group
Depending on the nature of the engagement or circumstances of collection, we may disclose your personal information to other companies within the smartAR Group or entities overseas to fulfil the purpose for which the personal information was collected, or a related or ancillary purpose or otherwise in accordance with the Privacy Act. The countries to which such disclosures are made, and types of personal information disclosed, depend on the specific circumstances of the engagement.
We may also store, process or back-up your personal information on servers that are located overseas (including through third party service providers). These servers are commonly located in the United States of America, Singapore, The Netherlands and Ireland.
In some circumstances, smartAR also uses third party service providers to carry out its functions and provide services. These service providers are typically located in New Zealand and warrant they will perform the service in accordance with our PPS.
smartAR may use our client’s personal information for marketing its services but does NOT use personal information collected then shared by our clients (for example: aged receivable data or contact information) for direct marketing. If you do not want to receive marketing material from us, you can contact us as detailed below:
- For electronic communications, you can click on the unsubscribe function in the communication.
- For hard copy communications, you can email [email protected]
- Through our contact details set out on our website: smartAR.com
Privacy on our websites
‘Cookies’ (i.e. small text files placed on your computer when you first visit the site) are used on some smartAR websites. Most browsers now recognize when a cookie is offered and permit you to refuse or accept it. If you are not sure whether your browser has this capability, you should check with the software manufacturer, your company’s technology help desk or your internet service provider.
Cookies are primarily used to enhance your online experience. If you visit our websites to read or download information, such as news stories or articles, much of the information we collect is statistical only (e.g., the domain from which you accessed the internet, the date and time you accessed our site, and the internet address of the website from which you linked directly to our site) and not personally identifiable. We use such information to make our sites more useful and attractive to you.
Links to third party websites
smartAR also does not endorse, approve or recommend the services or products provided on third party websites.
We understand the importance of protecting children’s privacy, especially in an online environment. Our websites are not intentionally designed for or directed at children under the age of 13. It is our policy to never knowingly collect or maintain information about anyone under the age of 13, except as part of a specific engagement to provide professional services which necessitates such personal information be collected or for the purposes of ensuring compliance with our auditor independence policies.
Gaining access to personal information we hold
You can request access to your personal information, subject to some limited exceptions permitted or required by law. Such request must be made in writing to our Privacy Officer. smartAR may charge reasonable costs for providing you access to your personal information.
Keeping personal information current
If you believe that any personal information smartAR has collected about you is inaccurate, not up-to-date, incomplete, irrelevant or misleading, you may request correction. To do so, please contact our Privacy Officer and we will take reasonable steps to correct it in accordance with the requirements of the Privacy Act.
If you wish to make a complaint to smartAR about our handling of your personal information, you can contact our Privacy Officer at [email protected] You may be asked to set out the details of your complaint in writing in a form provided.
We will endeavour to reply to you within 30 days of receipt of the completed complaint form and, where appropriate, will advise you of the general reasons for the outcome of the complaint.