The Drawing Room Co (TRDC) is a full service creative styling company. We specialise in photography, digital media and styling managing commercial and residential projects.
In this policy:
“The Drawing Room Co” “TDRC” “we” “us” or “our” and similar terms means The Drawing Room Co Pty. Limited (ACN 627 781 837).
“Website” means www.thedrawingroomco.com and other website as we may operate from time to time.
Your privacy is important to us. We are committed to taking all reasonable steps to, protect your personal information and, be clear and open about what we do with your information.
This policy explains how we collect, handle and use your personal information, and your rights in relation to that information.
TDRC is subject to the Australian Privacy Principles set out in the Privacy Act 1988 (the Privacy Act).
- When you contact and correspond with us, including when you request information from us or provide information to us by any means
- When you use our Website or services, including when you complete online or hardcopy application forms and visit our mobile apps
- When you or the organisation you work for engages or proposes to engage our services
- When you apply for a position of employment with us
What is personal information?
Generally, personal information is information which may be used to reasonably identify you.
For example, your name, address, date of birth, gender, email address and telephone number is considered to be personal information. Personal information may also include information we collect about your individual preferences.
What information do we collect?
The kinds of personal information we collect from you will depend on the type of interaction you
have with us but may include:
- Information about your identity – including your name, address (postal and residential), occupation, email address, telephone number(s), date of birth, gender and marital status (this may include obtaining copies of your identity documents)
- Information about your organisation – including company name(s) and particulars, employer details, financial information, information relating to company assets and information on contracts entered into by the organisation
- Individual preferences in respect of the services we provide you, including preferences and interests
- Financial and transaction information, including credit information
- Paypal, credit card and direct debit details for your bank account
- When you visit our Websites or use our mobile apps – your IP address, location information, any third-party sites you access, including the date, time, duration and pages you have accessed
How we collect information
We will collect personal information about you:
- Directly from you
- From identity documents provided (for example Drivers Licences, Passports, Medicare Cards, Citizen Certificates etc)
- From our clients or authorised representatives
- From companies or bodies that you own shares in, have an interest in, are an employee of or are an officer of
- From third parties – including regulatory authorities, electronic databases, government agencies, service providers, agents, brokers, recruitment agencies, Google Analytics
We may also collection information about you or your business that is publicly available (for example, in public registers or on social media).
Why we collect personal information
The purposes for which we collect, use and hold your information may include:
- Providing you or a client with services or information
- Responding to enquiries
- Preparing tenders
- Contacting you (including via electronic messaging, by mail or by phone)
- Managing our relationship with you, evaluating our business performance and building our customer database
- Direct marketing (see below)
- To consider employment applications
- Managing our business
- Managing visits made to our Website, including analysing data collected from our Website concerning site visits and activities of users
We may also use your personal information for other purposes not listed above but this will be made clear to you at the time we collect your personal information. We may be able to provide you with limited information and services in the absence of you providing personal information but generally we will be unable to provide you with services unless you provide personal information.
How we may use and disclose personal information
TDRC may use or disclose your personal information for the purpose for which it was collected.
We will also use and disclose your personal information for a related second purpose, if the use
or disclosure could be reasonably expected and as otherwise authorised or required by law.
We may share your information and disclose information collected from you to our related
entities, advisors (lawyers, accountants and other professionals), consultants, insurers,
employees, agents, contractors and third parties. These third parties can include:
- Service providers we use in conducting our business – including outsourced administrative support service provider, banks, debt recovery firms, data storage services and IT support
- Government and law enforcement agencies or regulators, including courts
- Credit reporting bodies and credit providers
Sometimes, we (or the third parties) may send your information overseas, including to:
- Service providers or third parties who store data or operate outside Australia
- Complete a project
- Comply with law
The countries in which these third parties are located will depend on the circumstances. However, in the course of our ordinary business operations, we commonly disclose personal information to third parties located in the following countries:
- United Kingdom
- New Zealand
- United States of America
We will not sell, trade or rent your personal information to any third parties for marketing purposes without your consent.
Keeping your information safe
We store information in paper, physical and electronic form.
We will take reasonable steps to keep secure and protect any personal information which we hold about you, including:
- Using software which encrypts information you input
- Using firewalls, intrusion detection and virus scanning tools to stop viruses and unauthorised people accessing our systems
- Securing our physical premises and digital storage media
- Placing password protection and access control over our information technology systems and databases to limit access and protect electronic information from unauthorised interference, access, modification and disclosure
- Taking regular back-ups of our electronic systems
The providing of information via the internet is not completely secure. We cannot guarantee the security of your data provided online. You need to be vigilant about the protection of your own personal information when using the internet.
How we use personal information for direct marketing
We may contact you from time to time to inform you about existing / new services that we feel you may be interested in (via email or phone).
We will ensure that any e-mail that you are sent by us as direct marketing complies with the SPAM Act 2003 (Cth.) and contains an ‘unsubscribe’ option so that you can remove yourself from any further marketing communications.
You can also call or write to us to request that your details be removed from our direct marketing list. We will endeavour to remove your details from our direct marketing list within a reasonable time (ordinarily 5 business days).
Cookies and Analytics
We may use statistical analytics software tools such as Google Analytics and software known as cookies which transmit data to third party servers located overseas.
Not identifying yourself
Under the Privacy Act, individuals have the option of not identifying themselves, or of using a pseudonym. Because of the nature of our business, it is sometimes impracticable to deal with people on an anonymous basis or using a pseudonym.
We may be able to provide you with limited information and services in the absence of you identifying yourself but generally we will be unable to provide you with services unless you have identified yourself.
Updating your personal information
TDRC makes all efforts to ensure that your personal information is complete, current and accurate. You have a right to request a correction or update of your personal information held by us. If you wish to correct or update any personal information we may hold about you, please contact us as set out below.
Access to personal information
You are entitled to access any personal information we have collected which is about you. If you wish to access any personal information we may hold about you, please contact us as set out below.
We may charge for providing access to your personal information.
Complaint process / Contact us
Attention: Privacy Officer
The Drawing Room Co
Telephone: 0450 721 216
We take any privacy complaint seriously. We will aim to resolve any such complaint in a timely and efficient manner. We will:
- Keep a record of your complaint; and
- Aim to provide you with a response in 30 days.
If you are not satisfied with our handling of a complaint or the outcome of a complaint you may make an application to the Office of the Australian Information Commissioner or the Privacy Commissioner in your State or Territory.
Notifiable Data Breaches Scheme
In the event that you believe that there has been a breach of the Privacy Act, we invite you to contact us as soon as possible.
In the event of any loss, unauthorised access or disclosure of your personal information that is likely to result in serious harm to you, TDRC will investigate and notify you and the Australian Information Commissioner as soon as practicable, in accordance with the Privacy Act.
Last modified: June 2020