GENERAL DATA PROTECTION REGULATION (GDPR)

& PRIVACY POLICY

  1. Introduction

This privacy notice tells you what to expect when The Dynamic Engineering Solution Pty Ltd Trading as Supashock collects personal information.

 

  1. About us

We are Supashock, a company registered in Australia (ABN: 77 113 168 424) with its office at 2-6 Ardtornish St, Holden Hill, South Australia, 5088, Australia.

 

  1. Website Visitors

When someone visits www.supashockdefence.com / www.supashock.com / www.store.supashock.com we use a third-party service, Google Analytics, to collect standard internet log information and details of visitor behaviour patterns. We do this to find out things such as the number of visitors to the various parts of the site. This information is only processed in a way which does not identify anyone. We do not make, and do not allow Google to make, any attempt to find out the identities of those visiting our website. If we do want to collect personally identifiable information through our website, we will be up front about this. We will make it clear when we collect personal information and will explain what we intend to do with it.

 

  1. Website

We host our website on Australian based managed servers. The servers are updated regularly by the data centre provides with any operating system patches. We use a standard install of WordPress (for www.supashock.com and www.supashockdefence.com), and Shopify (for www.store.supashock.com) with features to collect anonymous information about user’s activity on the site, for example the number of users viewing pages on the site, to monitor and report on the effectiveness of the site and help us improve it.

The WordPress platform and any of its plugins will be regularly reviewed and updated when necessary.

 

  1. Telephone

When you telephone Supashock, we display your Calling Line Identification (CLI) information (if provided).

 

  1. Email

We use Transport Layer Security (TLS) to encrypt and protect email traffic If your email service does not support TLS, you should be aware that any emails we send or receive may not be protected in transit.

All inbound and outbound E-Mails are sent and received by Supashock servers through cloud-based Email Anti-Spam, and Email Anti-Virus services, to protect against treats. These servers are based in Sydney, Australia.

Supashock will also monitor any emails sent to us, including file attachments, for viruses or malicious software. Please be aware that you have a responsibility to ensure that any email you send is within the bounds of the law.

 

  1. Complaints

When we receive a complaint from a person, we make up a file containing the details of the complaint. This normally contains the identity of the complainant and any other individuals involved in the complaint.

We will only use the personal information we collect to process the complaint and to check on the level of service we provide. We may compile statistics internally showing information like the number of complaints we receive, but not in a form which identifies anyone.

We usually must disclose the complainant’s identity to whoever the complaint is about. This is inevitable where, for example, the accuracy of a person’s record is in dispute. If a complainant does not want information identifying them to be disclosed, we will try to respect that. However, it may not be possible to handle a complaint on an anonymous basis.

We will keep personal information contained in complaint files in line with our retention policy. This means that information relating to a complaint will be retained for two years from closure. It will be retained in a secure environment and access to it will be restricted according to the ‘need to know’ principle.

Similarly, where enquiries are submitted to us, we will only use the information supplied to us to deal with the enquiry and any subsequent issues and to check on the level of service we provide.

 

  1. Customers

Supashock offers various services to companies wishing to buy our products and services. During the progression of the opportunity with the company buying the goods, your details will be held on our internal Customer Relationship Management (CRM) system, which would hold details of your name, job title, phone number, company name, address, and the nature of the product being sold.

Should the opportunity not progress to an order then we will hold your details for a period of 5 years. This is due to the type and nature of the products and contracts we operate in.

If we are successful in securing the order, then we must hold the details of the people who have requested the service to provide it and continue to hold your details for the duration of the contract plus 5 years. If we believe there are features or enhancements to your product that would be relevant, then we may send you specific information by e-mail, but you would not be added to the mailing list unless you have provided your consent.

After delivery of goods or services, we may also ask you to complete a satisfaction survey. This helps Supashock understand and improve its quality of goods and services as part of its ISO9001 certification.

 

  1. Suppliers

Supashock will need to procure various goods and services from other companies. During the engagement, and request for quotes, the supplier’s details will be held on our internal Manufacturing and Resource Planning (MRP) system, and Financial Planning system, which would hold details of your name, job title, phone number, company name, address, and details of the product being purchased, and your invoices.

We will hold this information until there is no further need to purchase these items plus 5 years for accounting purposes.

 

  1. Compliance Audits

In certain circumstances we may be required to conduct a compliance audit to verify the suitability of a supplier, due to the nature, the ongoing value or the importance of the work being undertaken. If this becomes a requirement, then our compliance manager may request personal identification, general company, and registration information.

 

  1. Personal Information

Supashock is the data controller for the information you provide during the job application process unless otherwise stated. If you have any queries about the process or how we handle your information, please contact us at [email protected].

All the information you provide during the process will only be used for the purpose of progressing your application, or to fulfil legal or regulatory requirements if necessary.

We will not share any of the information you provide during the recruitment process with any third parties for marketing purposes or store any of your information outside of the Australian Economic Area. The information you provide will be held securely by us whether the information is in electronic or physical format.

We will use the contact details you provide to us to contact you to progress your application. We will use the other information you provide to assess your suitability for the role you have applied for. If you have applied through a recruitment agency, then we may additionally advise the recruitment agency of how the application is progressing.

 

  1. Individual Rights

Under GDPR, you have rights as an individual which you can exercise in relation to the information, we hold about you. Please see the contact information.

You can read more about these rights here:

https://ico.org.uk/for-the-public/is-my-information-being-handled-correctly/

https://www.oaic.gov.au/privacy/guidance-and-advice/australian-entities-and-the-eu-general-data-protection-regulation/

 

  1. Customer Service

Supashock tries to meet the highest standards when collecting and using personal information. For this reason, we take any complaints we receive very seriously. We encourage people to bring it to our attention if they think that our collection or use of information is unfair, misleading, or inappropriate. We would also welcome any suggestions for improving our procedures.

This privacy notice was drafted with brevity and clarity in mind. It does not provide exhaustive detail of all aspects of Supashock’s collection and use of personal information. However, we are happy to provide any additional information or explanation needed. Any requests or complaint about our General Data Protection Regulation should be sent to our contact details below.

 

  1. Information Disclosure

Supashock tries to be as open as it can be in terms of giving people access to their personal information. Individuals can find out if we hold any personal information by making a ‘Subject Access Request’.  If we do hold information about you, we will:

  • Give you a description of it;
  • Let you know why we are holding it;
  • Let you know who it could be disclosed to; and
  • Let you have a copy of the information in an intelligible form.

To make a request to Supashock for any personal information we may hold you need to put the request in writing addressing it to our HR Department.

If you agree and depending on the nature of the information being requested, we will try to deal with your request informally, for example by providing you with the specific information you need over the telephone.

If we do hold information about you, you can ask us to correct any mistakes by, once again, contacting us using the address below.

In many circumstances we will not disclose personal data without consent. However, when we investigate a complaint, for example, we may need to share personal information with the organisation concerned and with other relevant bodies.

 

  1. Policy Changes

We keep our privacy notice under regular review.

 

  1. Contact

If you want to request information about our privacy policy, you can email us at [email protected] or write to:

 

Supashock

2-6 Ardtornish St

Holden Hill

South Australia

5088

Australia

CONTACT US

WANT TO WORK WITH SUPASHOCK DEFENCE?

CONTACT