Data Collection & Use
All client information gathered by electronic means whether it be data from form submission or telephone calls are held in strict confidence by us and will not, under any circumstances, be distributed to a third party without your prior permission and in accordance with the Commonwealth Privacy Act of 1988. We utilise added security features such as SSL encryption, user authentication and verification and also have the following measures on our website to ensure your information is secure, such as use of a secure server, IP restrictions, secure passwords and user names.
When you are asked to submit personal information, we will explain how we will use it, why we are requesting it and inform you if we want to pass the information onto anyone else.
Data Disclosure to Other Parties
Under no circumstances will we ever disclose your information to other parties without your prior consent unless we are obligated to in accordance with Federal law.
We will take reasonable steps to protect the personal information we hold from misuse, loss and from unauthorised access, modification or disclosure. Within our websites, you will find user options regarding the use of your personal information by us and we will act accordingly with all of your preferred settings and these settings will not be altered by us in any way.
Our Privacy Statement is found on all our websites, can be downloaded and printed, and is available at request via other means such as fax.
Data Access & Updating Only
Commonwealth Government Agency or Organisation Protection of Identities
The Privacy Act does not over-ride specific legal obligations relating to use or disclosure of personal information. “Law” includes Commonwealth, State and Territory Legislation, as well as common law. If we are required by law to use or disclose personal information we have no choice and must do so. In accordance with the Act, if an organisation is authorised by law to use or disclose personal information it means the organisation can decide whether to do so or not. The authority is there but the organisation can ultimately use its discretion accordingly.
Non-Disclosure of Personal Details when Lawful & Practicable
According to the Act, Herb Factory is allowed to use or disclose personal information where we reasonably believe this is convincingly necessary for a range of functions or activities carried out by, or on behalf of, an enforcement body. Unless the law prohibits it, we must make a written note of such a use or disclosure.
Transborder Data flow meets Legislative requirements
National Privacy Principles prevent an organisation from disclosing personal information to someone in a foreign country that is not subject to a comparable information privacy scheme, except where it has an individuals consent or some other circumstances including where: Transfer is for the benefit of an individual and an organisation can show grounds for a belief that if it were practicable to obtain consent and the individual would be likely to give it The transfer is necessary for the conclusion or performance of a contract concluded in the interests of the individual between the organisation and a third party. NPP does not prevent transfers of data from within the organisation in Australia to another part of the same organisation offshore. An example of this would be if data was submitted via our Australian server and we transfer this information to our storage-server in Herb Factorys New York office for storage and manipulation.
Data Collection is Consensual and within Relevant Guidelines
We will not store any of your personal information without advising you and will strictly act in accordance with the Commonwealth Privacy Act guidelines.