Privacy Policy

 

Privacy Policy

 

1.       Background

This document sets out the privacy policy of Ingram Micro Pty Ltd (ABN 45 112 487 966) and all its related companies (‘Ingram Micro’) in relation to its operations in Australia.

Ingram Micro is the world’s largest wholesale technology distributor and a global leader in IT supply-chain, mobile device lifecycle services and logistics solutions. The company supports global operations through an extensive sales and distribution network throughout North America, Europe, Middle East and Africa, Latin America and Asia-Pacific.

Ingram Micro is committed to protecting the privacy of the personal information it collects and receives. This Privacy Policy seeks to explain how Ingram Micro collects, uses, discloses and otherwise handles personal information. It also seeks to explain how you can ask to access and correct the personal information we hold about you or complain about any suspected privacy breach.

 

A copy of this Privacy Policy is available on the Ingram Micro website. A printed copy can be obtained free of charge by contacting our Privacy Officer (details under heading 16 below).

 

2.       What personal information do we collect and hold?

2.1.    General Information

The types of information that we collect and hold about you could include:

  • ID information such as your name, postal or email address, telephone numbers, and date of birth;
  • financial details such as your tax file number;
  • health information;
  • If you apply for a job at Ingram Micro, we will collect the information you include in your application for employment, including your cover letter, resume, contact details and referee reports; and
  • any other information as notified to you from time to time.

 

3.       What sensitive information do we collect and hold?

Sometimes we need to collect sensitive information about you, for instance in relation to some insurance applications or applications for employment.  This could include things like medical checks, medical consultation reports or other information about your health.  Unless required by law, we will only collect sensitive information with your consent or as set out in this privacy policy.

 

4.       How we collect personal information:

We collect information through the following means:

a)      our websites as set out in section 8 below;

b)      orders for our products or services;

c)       use of social media;

d)      employment applications;

e)      requests for brochures, to join a mailing list or to be contacted for further information about our products or services;

f)       responses to surveys or research conducted by us or on our behalf;

g)      entries into competitions/ trade promotions;

h)      third party service providers; and

i)        provision of customer service and support.

 

Where practicable, we will collect personal information directly from you.  If we receive information about you from someone else (for example from someone who supplies goods or services to us), we will take reasonable steps to ensure you are aware that we have collected personal information about you and the circumstances of the collection.

 

5.       The purposes for which we collect, hold, use and disclose personal information

5.1.    General

The main purposes for which we collect, hold, use and disclose personal information are:

a)      to provide products and services to our customers;

b)      to obtain products and services from our suppliers;

c)       to respond to enquiries from existing or prospective customers seeking information about our products or services; and

d)      to process and assess employment applications

We may also collect, hold, use and disclose personal information for other purposes explained at the time of collection or where:

  • required or authorised by or under law (including, without limitation, privacy legislation);
  • necessary to provide you with a product or service which you have requested;
  • is necessary to protect the rights, property or personal safety or any of our customers, any member of the public or our interests;
  • the assets and operations of our business are transferred to another party as a going concern; or
  • for which the individual has provided their consent.

Disclosure of personal information to third parties

Personal information may be disclosed to the following third parties where appropriate for the purposes set out under heading 5 above.

  • financial institutions for payment processing;
  • referees whose details are provided to us by job applicants; and
  • contracted service providers, including:
    • information technology service providers;
    • mailing houses, freight and courier services;
    • printers and distributors of direct marketing material; and
    • external business advisers (such as recruitment advisers, auditors and lawyers)

In the case of these contracted service providers, we may disclose personal information to the service provider and the service provider may in turn provide us with personal information collected from you in the course of providing the relevant products or services.

 

6.       Direct marketing

We may use personal information of our customers, specifically your name and relevant address details, to let you know about our services and those of third party partners/contractors/suppliers of Ingram Micro. We and/or our partners/contractors/suppliers may contact you for direct marketing purposes in a variety of ways, including by mail, email, SMS, telephone, online advertising or facsimile. By providing us with your personal information you consent to us and/or our partners/contractors/suppliers contacting you for such purposes unless you notify us otherwise in accordance with clause 6.1 below.

6.1.    Opting out

You can opt out at any time from receiving direct marketing from us, in the following ways:

Customers can update their communications preferences (including opting out of direct marketing communications) by contacting their account administrator, or by:

  • sending a letter to the Ingram Micro Privacy Officer, Ingram Micro Pty Ltd, 61 Dunning Ave, Rosebery NSW 2018 or send an email to privacy@ingrammicro.com.au
  • advise us if they receive a marketing call that they no longer wish to receive these calls; and
  • use the unsubscribe facility that we include in our commercial electronic messages (such as emails and SMSs) to opt out of receiving those messages

 

6.2.    Notification of source

If we have collected the personal information that we use to send you direct marketing material from a third party (for example a direct mail database provider), you can ask us to notify you of our source of information, and Ingram Micro’s policy is to do so unless this is unreasonable or impracticable

 

7.       Collection of information other than personal information through our website

7.1.    Cookies

A cookie is a small string of information that a website transfers to your browser for identification purposes. The cookies used by Ingram Micro may identify individual users who log into the website.

Most internet browsers are set to accept cookies. If you prefer not to receive them, you can adjust your internet browser to reject cookies, or to notify you when they are being used. There are also software products available that can manage cookies for you. Rejecting cookies can, however, limit the functionality of our website (such as preventing users from logging on and making purchases).

 

8.       What if you don't want to provide your personal information to us?

Ingram Micro’s policy is to provide individuals with the option of not identifying themselves, or of using a pseudonym, when dealing with us if it is lawful and practicable to do so. A pseudonym is a name or other descriptor that is different to an individual’s actual name.

In some cases however, if you don't provide us with your personal information when requested, we may not be able to respond to your request or provide you with the product or service that you are seeking. For example, you must identify yourself to be able to make purchases through the Ingram Micro website.

 

9.       Unsolicited information

Unsolicited personal information is personal information we receive that we have taken no active steps to collect (such as an employment application sent to us by an individual on their own initiative, rather than in response to a job advertisement).

We may keep records of unsolicited personal information if the Privacy Act permits it (for example, if the information is reasonably necessary for one or more of our functions or activities). If not, Ingram Micro’s policy is to destroy or de-identify the information as soon as practicable, provided it is lawful and reasonable to do so.

 

10.   Cross border disclosure of personal information

Ingram Micro operates in a number of international jurisdictions, including Singapore, the Philippines, and the United States of America. We may need to share some of your information with organisations outside Australia which are located in the following countries:

  • United States of America
  • Singapore
  • New Zealand
  • Philippines
  • India

We may store your information in cloud or other types of networked or electronic storage.  As electronic or networked storage can be accessed from various countries via an internet connection, it’s not always practicable to know in which country your information may be held.  If your information is stored in this way, disclosures may occur in countries other than those listed.

Overseas organisations may be required to disclose information we share with them under a foreign law.

 

11.   Use of government related identifiers

In certain circumstances we may be required to collect government-related identifiers such as your tax file number. We will not use or disclose this information unless we are required or authorised by law.

 

12.   Data quality and security

12.1.General

Ingram Micro holds personal information in a number of ways, including in electronic databases, email contact lists, and in paper files held in drawers and cabinets, locked where appropriate. Paper files may also be archived in boxes and stored offsite in secure facilities. Ingram Micro’s policy is to take reasonable steps to:

  • make sure that the personal information that we collect, use and disclose is accurate, up to date and complete and (in the case of use and disclosure) relevant; and
  • protect the personal information that we hold from misuse, interference and loss and from unauthorised access, modification or disclosure

You can also help us keep your information up to date; by letting us know about any changes to your personal information, such as your email address or phone number.

12.2.Security

The steps we take to secure the personal information we hold include ICT security (such as encryption, firewalls, anti-virus software and login and password protection), secure office access, personnel security and training and workplace policies.

12.3.Payment security

Ingram Micro processes payments using EFTPOS and online technologies. Our policy is to ensure that all transactions processed by Ingram Micro meet industry security standards to ensure payment details are protected.

12.4.Website security

While Ingram Micro strives to protect the personal information and privacy of website users, we cannot guarantee the security of any information that you disclose online and you disclose that information at your own risk.

Please notify us immediately if there is any unauthorised use of your account by any other Internet user or any other breach of security. For the purposes of viewing our Web site you will have a user name and password. You are responsible for the security and confidentiality of your password and log-in information.

12.5.Third party websites

Ingram Micro provides links to external Web sites for your convenience. These linked sites are not under the control of Ingram Micro, and Ingram Micro is not responsible for the privacy or security practices of those websites, which are not covered by this Privacy Policy. Third party websites should have their own privacy and security policies, which we encourage you to read before supplying any personal information to them.

 

13.   Access and correction of your personal information

13.1.Accessing your personal information

If at any time you want to know exactly what personal information Ingram Micro holds about you, you can access your record by contacting us at privacy@ingrammicro.com.au. We‘ll always give you access to your personal information unless there are certain legal reasons why we can’t. We will give you access to your information in the form you want it where it is reasonable and practical. We may charge you a small fee to cover our costs when giving you access, but we’ll always check with you first.

We’re not always required to give you access to your personal information. Some of the situations where we don’t have to give you access include when:

  • there is an unreasonable impact on other individuals;
  • the information wouldn’t be ordinarily accessible because of legal proceedings;
  • it would prejudice negotiations with you;
  • it would be unlawful; or
  • it would harm the confidentiality of our commercial information.

If we can’t provide your information in the way you’ve requested, we will tell you why in writing. If you have concerns, you can contact our Privacy Officer.

13.2.Correction

If your personal information is inaccurate or out of date, you can e-mail us at privacy@ingrammicro.com.au and ask us to correct it. If you ask us to correct personal information that we hold about you, or if we are satisfied that the personal information we hold is inaccurate, out of date, incomplete, irrelevant or misleading, Ingram Micro’s policy is to take reasonable steps to correct that information to ensure that, having regard to the purpose for which it is held, the information is accurate, up-to-date, complete, relevant and not misleading.

If we correct personal information about you, and we have previously disclosed that information to another agency or organisation that is subject to the Privacy Act, you may ask us to notify that other entity.

13.3.Timeframe for access and correction requests

Except in the case of more complicated requests, we will endeavour to respond to access and correction requests within 30 days.

13.4.What if we refuse your request for access or correction?

If we refuse your access or correction request, or if we refuse to give you access in the manner you requested, Ingram Micro’s policy is to provide you with a written notice setting out:

  • the reasons for our refusal (except to the extent that it would be unreasonable to do so); and
  • available complaint mechanisms

In addition, if we refuse to correct personal information in the manner you have requested, you may ask us to associate with the information a statement that the information is inaccurate, out-of-date, incomplete, irrelevant or misleading, and we will take reasonable steps to associate the statement in such a way that will make it apparent to users of the information.

 

14.   Complaints

If you have a complaint about how Ingram Micro has collected or handled your personal information, please contact our Privacy Officer (details under heading 16 below).

Our Privacy Officer will endeavour in the first instance to deal with your complaint and take any steps necessary to resolve the matter within a week.

If your complaint can't be resolved at the first instance, we will ask you to complete a Privacy Complaint Form, which details (for example) the date, time and circumstances of the matter that you are complaining about, how you believe your privacy has been interfered with and how would you like your complaint resolved.

 

15.   Complaints process

We will endeavour to acknowledge receipt of the Privacy Complaint Form within five business days of receiving it and to complete our investigation into your complaint in a timely manner. This may include, for example, gathering the facts, locating and reviewing relevant documents and speaking to relevant individuals.

In most cases, we expect that complaints will be investigated and a response provided within 30 days of receipt of the Privacy Complaint Form. If the matter is more complex and our investigation may take longer, we will write and let you know, including letting you know when we expect to provide our response.

Our response will set out:

  • whether in the Privacy Officer's view there has been a breach of this Privacy Policy or any applicable privacy legislation; and
  • what action, if any, Ingram Micro will take to rectify the situation

If you are unhappy with our response or if we fail to respond to your complaint in a timely manner, you can refer your complaint to the Office of the Australian Information Commissioner or, in some instances, other regulatory bodies.

 

16.   Further information

Please contact Ingram Micro if you have any queries about the personal information that Ingram Micro Australia holds about you or the way we handle that personal information. Our contact details for privacy queries are set out below.

Privacy Officer

Ingram Micro Pty Ltd

61 Dunning Ave

Rosebery NSW 2018

Australia

 

E: privacy@ingrammicro.com.au

P: + 61 2 9381 6000

F: +61 2 9381 6001

 

17.   Changes to this policy

Over time aspects of our business may change. This may require our policies to be reviewed and revised. Accordingly, we may amend this Privacy Policy at any time and notify you by posting an updated version on our website and will where necessary, obtain your consent. The current version is available on our website and a copy may be obtained free of charge from our Privacy Officer.