Privacy Statement
BSS Privacy and Data Protection Policy
Business Smart Solutions Pty Ltd
(ABN 19 119 482 594) (“BSS”)
1.1 Introduction
Protecting your security and privacy is a priority to us. We take privacy and confidentiality very seriously and we take reasonable steps to maintain the security of your information and to protect it from unauthorised use and disclosure per the requirements of the Privacy Act 1988 (Cth), the Australian Privacy Principles and other laws that protect the privacy of individuals. This policy outlines how BSS manages, processes and protects your information concerning your access and use of the platform and services that BSS makes available to you. By using our platform and services, you voluntarily acknowledge and agree that we may, collect, hold, and share sensitive information about you.
1.2 Definitions
In this policy:
Business Smart Solutions Pty Ltd (“BSS”, “we”, “our” or “us”) means the duly incorporated company (ABN 19 119 482 594), with the registered office at Suite 1, Level 1, 410 Botany Road, Beaconsfield, NSW, 2015, Australia.
User (“you” or “your”) means any individual, organisation that is using and consuming the platform and services provided.
Client means any individual, organisation including but not limited to Government Agency, Private Organisation who voluntarily appoint BSS to provide the product and make the service available to you.
1.3 Information
The types of information we may collect will include:
- your name, contact details, email address and mobile number;
- username or passwords used to access our platform or services;
- location information;
- records of your communications and interactions with us; and
- usage information about your visit to our website and how you use our products and services.
BSS may collect your information in several ways, including:
- directly from you or someone caring for you (such as where you provide information to us when you access a BSS product or our websites, or you contact us with a query or issue you might be facing that requires our involvement to resolve);
- from our Client including Government agencies or private companies, who make the service available to you;
- from any data capture which occurs in relation to your interaction with our products or services; and
- via other automatic data collection, such as your device location information. Some of our applications collect real-time information about the location of your device, as permitted by you.
We may use your information for a range of different purposes, including:
- to enable you to access products and services, including SMS notification, online appointment booking and online check-in;
- to enable the geofencing feature to restrict Users to check-in out of the specified Client premise and location;
- to provide you with, and support the operation and functionality of, our products and services;
- to provide you with customer service, including to assist you with enquiries; and
- as otherwise authorised or required by law.
1.4 Security of Information
Information captured by the use of our cloud-based products is stored and secured in third party cloud server Amazon Web Server (AWS) infrastructure located in Australia.
AWS implements and maintains technical and organisational security measures applicable to AWS cloud infrastructure services under globally recognized security assurance frameworks and certifications, including IRAP, ISO 27001, ISO 27017, ISO 27018, PCI DSS Level 1, and SOC 1, 2, and 3. These technical and organisational security measures are validated by independent third-party assessors and are designed to prevent unauthorised access to or disclosure of customer content.
All the interactions between the App and our servers are handled via Secure Socket Layer (SSL) secure connections. All data accessed or stored by our product is encrypted at rest and in transit.
We do not sell, trade, or otherwise transfer information to other parties. BSS may release information when it is required for compliance with the law.
Access control
BSS Applications are secured with Account ID and Password so any User or Client account is only accessible by yourself or in certain circumstances, or your nominated authorised persons. We enforce a strong password policy and non-reversible hashing for the storage of passwords.
Audit log
BSS provides an audit log to record all IT activity with timestamps, including suspicious activity that may arise. Some of the data that is logged is listed below:
- User IDs.
- Access to systems, applications, and data – whether successful or not.
- System configuration changes, if applicable
Personnel
We have taken further steps to safeguard the protection of your information by ensuring the credibility of our personnel. All of our personnel that will have access to your information are required to undergo a thorough background check, including a Police check. All employees have signed a non-disclosure agreement not to share any confidential or sensitive information under any circumstances. In addition, to educate our staff we run an annual internal cyber risk training program for our personnel.
1.5 Disposal of Information
Information is only stored in the duration when Client applications are currently in service. When Information is no longer required for the purpose for which it was obtained: to access and use of the platform and services that BSS makes available to the Client and Users, BSS will take reasonable steps to permanently destroy and de-identify Information.
The Client, through an authorised officer, may request the disposal or purging of the Information should it become a requirement.
1.6 Resolving your concern
If you have any concerns regarding this Privacy Statement or BSS dealings with your personal information, please contact BSS:
- Phone
1300 881 819 - Mail
Business Smart Solutions Pty Ltd
410 Botany Rd, Beaconsfield NSW 2015 - Email
admin@bss.com.au
Any queries received by BSS will be referred to the BSS compliance team and a written response will be provided back as soon as possible.
This page was last updated 20/07/2022 at 1:00 PM AEST.