At CTI our Privacy Commitment is to comply with all relevant legislation including the Australian Privacy Principles (“APPs”) as contained in the Australian Privacy Act 1988 (Cth) and the New Zealand Information Privacy Principles (“NZIPPs”) as contained in the New Zealand Privacy Act 2020. The APPs and NZIPPs detail how personal information may be collected, used, disclosed, stored and destroyed, and how an individual may gain access to or make complaints about the personal information held about them.
Among other things, this means that:
- We will only collect information that is necessary for what we do
- We will be fair in the way we collect information about you
- We will only use or disclose information about you in ways that are consistent with your expectations or are required in the public interest
- We will retain your personal information for the sole use of Choices Flooring and its related entities and not sell it or release it to any third party without your consent
- We will be open with you about what kinds of personal information we hold and what we do with it
- Wherever possible we will let you see the information we hold about you and correct it if it is wrong
- If we can (and you want to) we will deal with you anonymously
- Personal information is information or an opinion about an identified individual, or about an individual who is reasonably identifiable
- Sensitive information, a sub-set of personal information, is information or an opinion about an individual’s racial or ethnic origin, political opinions, political association membership, religious beliefs or affiliations, philosophical beliefs, professional or trade association membership, trade union membership, sexual orientation or practices or criminal record, and includes health information and genetic information
CTI Privacy Statement
CTI is concerned about your privacy and is committed to protecting any personal information visitors may provide while visiting our website or using our Operating and Learning Systems. We aim to collect personal information only directly from you unless it is unreasonable or impracticable for us to do so.
For example, personal information may be collected from you in the following ways:
- Our website’s registration form may invite you to provide contact information (such as your name and e-mail address) and demographic information (postcode and age). We may use customer contact information from the registration form to send you information about CTI products and services.
- Our website’s order form will require you to provide contact information (such as your name, postal address and e-mail address). We may use customer contact information from the order form to send you information about CTI products and services.
- Our website’s online newsletter subscription form will require you to provide contact information (such as your name and e-mail address). We will use this to send you information about CTI products and services.
- Our Business Operating System (BOS) m ay require you to enter contact information for the purpose of providing you with information about your enquiry for floor coverings.
You can be anonymous or use a pseudonym when dealing with us, unless:
- the use of your true identity is a legal requirement; or
- it is impracticable for us to deal with you on such basis.
Cookies and links other websites
Our website may also contain links to other websites of interest. However, once you have used these links to leave our site, you should note that we do not have any control over that other website. We cannot be responsible for the protection and privacy of any information which you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question.
How we hold your personal information
We may hold your personal information in either electronic or hard copy form.
If you provide information to us electronically, we retain this information in our computer systems and databases. This includes computer software programs, internet servers, and hosted internet solutions provided by third parties.
If you provide information to us in hard copy (paper) this information is normally retained in our files and a copy is made to our electronic files.
We use industry standard security measures to safeguard and protect your information. This includes taking reasonable steps to ensure your personal information is protected from misuse, loss, unauthorised access, modification or disclosure.
Purpose of collection of your personal information
We collect your personal information where it is reasonably necessary for us to carry out the following actions (“Purpose”):
- to provide you with products and services that you have requested from us;
- to communicate with you, including about products and services, competition results, special offers, and events which might interest you;
- to answer your questions and provide you with information or advice;
- to create orders, transaction records, agreements for the sale of products or services, accounts, tax invoices or receipts;
- provide your personal information to third parties that assist us in providing products and services you have requested, such as delivery service providers and fulfilment managers;
- carry out administration, marketing, planning, fraud and loss prevention activities, procurement, product and service development, quality control and research to improve the way CTI and its related bodies corporate and service providers provide products and services to you;
- to consider and respond to complaints made by you;
- to comply with laws or regulations or to comply with any directions given by regulators or authorities; or
- if you are a candidate for employment, to assess your suitability for a position at CTI.
We also collect, hold, use and disclose your personal information for related purposes that you would reasonably expect, such as our administrative and accounting functions, record keeping, fraud checks, administering our warranty, rewards and loyalty programs, providing you with information about other goods and services offered by us, providing you with information about new product launches, marketing and promotions, market research, newsletter communications, customer feedback, statistical collation, social media analysis and website traffic analysis.
Generally, we do not collect sensitive information. However, we may collect sensitive information from you or about you where there is a legal requirement to do so, or where we are otherwise permitted by law. We will specifically seek your consent where circumstances arise to collect your sensitive information.
If we do not collect, hold, use or disclose your personal information, or if you do not consent, then we may not be able to answer your enquiry, complete the transaction you have entered into, or provide the goods and services that you or your organisation have contracted us to provide.
Disclosure of your personal information
Your personal information may be disclosed in connection with any Purpose to any of the following:
- our employees, contractors or service providers, to the extent reasonably necessary to fulfil our obligations to you. This may include internet service providers, IT systems administrators, mailing houses, couriers, payment processors, and data entry service providers;
- our business advisors, including lawyers, accountants or other professional service providers, to the extent reasonably required;
- suppliers, installers and other third parties with whom we have commercial relationships, for business, marketing and related purposes;
- if required by law, to any person authorised by such law. This may include the police service, ambulance service, or government departments or regulators within Australia in connection with law enforcement activities.
We may send you direct marketing communications and information about products and services offered by us or our retail brands, partners or suppliers via email, SMS, or regular mail.
If you have indicated a preference for a method of communication, we will endeavour to use that method wherever practical to do so.
You may opt out of receiving marketing communications at any time by responding via the channel in which you received the marketing communication, or by contacting us (see contact information below). You can unsubscribe from emails by clicking the unsubscribe link on the footer of the email communication you have received. You may also update your personal information by editing your online profile.
You may also receive marketing communications by post from our retail brands, partners and suppliers who provide goods and services within our stores, but this will only occur where you have requested that type of information from us or from a third party within our stores.
We do not provide your personal information to any other organisations for the purposes of direct marketing.
Destruction and De-identification
We will retain your personal information whilst it is required for any of our business functions, or for any other lawful purpose.
We will take reasonable steps and we will use secure methods to destroy or to permanently de-identify your personal information when it is no longer required for any purpose for which the personal information may be used under this Policy and otherwise in accordance with the relevant Privacy Act of your jurisdiction.
As an example, our destruction and de-identification methods may include:
- Paper records being placed in security bins and/or shredded.
- Electronic records being deleted from all locations to the best of our ability, or encrypted and/or placed beyond use.
How you may access your information
You may access your personal information held by CTI by making a request to us.
Phone: (03) 9850 9311
Mail: The Privacy Officer
PO Box 2891, Rowville VIC 3178
Normally we will provide a record of your personal information to you via your preferred contact method (phone, email or mail), and we will not charge a fee.
However, if we do not agree to provide you access to the information as requested, we will give you written reasons why.
Correction of your personal information
We will take reasonable steps to ensure that the personal information we use or disclose is accurate, complete and up to date, having regard to the purpose of the use or disclosure. We rely on the personal information we hold about you to efficiently provide our goods and services. If you would like us to update or amend your personal information, please contact us and we will make the requested amendments. If we do not agree to correct the information as requested, we will give you written reasons why.
We may also ask you to verify your identity to ensure that personal information we hold is not improperly accessed.
If you feel your privacy has been breached, please contact us using the contact information above setting out the circumstances and reasons for your complaint.
Our team members will acknowledge receipt of your complaint within 24 hours and will normally respond to your request within 5 business days. If your complaint is complicated or requires further investigation our response may take additional time to finalise.
We will respond to you by your preferred contact method if you have indicated one.
Overseas disclosure of personal information
We may disclose your personal information to third parties and service providers located overseas in connection with a Purpose.
We take reasonable steps to ensure that the overseas recipients of your personal information do not breach the privacy obligations relating to your personal information and will only disclose your personal information overseas where:
- it is necessary to complete the transaction you have entered into; and
- you have provided consent; or
- we believe on reasonable grounds that the overseas recipient is required to deal with your personal information by enforceable laws which are similar to the requirements under the APPs or NZIPPs; or
- it is otherwise permitted by law.
We may disclose your personal information to the following locations:
- the United States of America – for database management services in connection with our Business Operating System (BOS), email marketing and data management programs.
If we suspect that a data breach has occurred, we will undertake an assessment into the circumstances of the suspected breach. Where it is ascertained that a breach has actually occurred and where required by law, we will notify the Australian Privacy Commissioner and/or the New Zealand Privacy Commissioner (as appropriate), and affected individuals as soon as practicable after becoming aware that a data breach has occurred.
Mail: The Privacy Officer
PO Box 2891, Rowville VIC 3178