Privacy Policy

1.1    This Privacy Policy (Policy) sets out, in accordance with the:

1.1.1.    Privacy Act 1988 (Cth) (Privacy Act), the Australian Privacy Principles (APPs) (if applicable);

1.1.2.    For UK, EU & EMEA, Residents: The European General Data Protection Regulation (GDPR);

1.1.3.    For California Residents: California Consumer Privacy Act of 2018 (CCPA); and

1.1.4.    For Malaysia Residents, under Personal Data Protection Act 2010 (PDPA). 

the way in which RIPLTEC PTY LTD (ABN 54 670 424 496) (collectively, our, us, or we) may collect, store, use, disclose, manage and protect your Personal Information.

1.2    At the effective date of this policy we’re not an APP entity, as defined in the Privacy Act, neither are we a Business which the CCPA applies to, however we are committed to managing personal information in accordance with best practise and endeavour to meet and/or exceed those regulatory requirements, however we are only bound to the terms of this policy except and until we become specifically regulated by any applicable law.

1.3    Platforms: when we refer to our Platforms it includes the website at https://www.ripltec.com, including all associated websites and sub-domains, the QAI Skilled Migration application where accessible and with a link to this privacy policy, and all associated applications.

1.4    By:  

(a)    using and engaging our services generally; 

(b)    accessing, subscribing to, downloading or using content or functions of the Platform and its services;

(c)    requesting information on, enquiring about, using, receiving or providing feedback in relation to our services (online, in writing, by telephone or in person); or 

(d)    otherwise providing, or consenting to the collection of, Personal Information by us or our agents or employees,

after this Policy has been brought to your attention, you acknowledge and consent to the use, collection, storage or disclosure of your Personal Information by us in accordance with this Policy and the Privacy Act.

1.5    If you do not agree to us handling your Personal Information in the manner set out in this Policy we will not be able to provide our services to you and you should not provide us with any Personal Information.

2.1    We follow the definition of Personal Information given in the Privacy Act:

“Personal Information means information or an opinion about an identified individual, or an individual who is reasonably identifiable:

(a)    whether the information or opinion is true or not; and 
(b)    whether the information or opinion is recorded in a material form or not.”
And the GDPR definition of Personal Data: 
“any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”

2.2    In some circumstances we may be required to collect and hold Sensitive Information. According to the Privacy Act, Sensitive Information includes but is not limited to:

“personal information, health, racial or ethnic origin, political opinions, membership of a political association, professional or trade association or trade union, religious beliefs or affiliations, philosophical beliefs, sexual orientation or practices, criminal record, biometric information that is to be used for certain purposes.” 

The Personal Information we may collect, hold and process about you depends upon your relationship with us, the service you have requested from us and how you interact with us, for example, as a customer, job applicant, volunteer or visitor to our Platform. This information may vary depending on our specific needs. 

3.1    For our customers and prospective customers

When you enquire about our services or when you become a client, a record is made which includes your personal information. We may collect the following kinds of personal information:

(a)    personal and contact details which includes your name, address, email address, telephone number and other identification information;

(b)    socio-demographic information such as age, date of birth, occupation, nationality and marital status;

(c)    government identifiers;

(d)    identity documents such as drivers licence, birth certificate and passport;

(e)    educational information, such as institution, enrolment details, dates of attendance, achievement of micro-credentials, academic transcripts (or excerpts from academic transcripts) and details on the award of academic achievements;

(f)    your professional memberships;

(g)    employment history;  

(h)    information about how you interact with us such as details of when you call us, use our services, make an enquiry, provide feedback or make a complaint;

(i)    digital information including information such as location information (if enabled on your devices), IP address, details of the device and software used to access our Platforms and digital services;

(j)    call records when you contact us (we will let you know at the start of each phone call if the call is being recorded); 

(k)    information required to provide a service or information you have requested; and

(l)    any other information relating to you that you provide to us directly.

We limit the collection of Sensitive Information to when the information is reasonably necessary for, and directly related to, our services and activities and with your consent.  We will treat your Sensitive Information appropriately and with utmost confidentiality and respect.  
We will only keep your Sensitive Information whilst you consent to us doing so, or if we are required to by law or to protect a legal right. If you want us to destroy or de-identify your Sensitive Information you may request we do so in writing and unless legally required to retain it or it is needed to protect our legal rights, we will do so promptly. This may, however, limit our ability to serve and assist you. 

3.2    Prospective employees or applicants

We collect personal information when recruiting staff, such as your name, contact details, qualifications and employment history. Generally, we will collect this information directly from you. 

We may also collect personal information from third parties in ways which you would reasonably expect (for example, from referees you have nominated or recruitment agencies). Before offering you a position, we may collect additional details such as your tax file number (TFN) and superannuation information and other information necessary to conduct background checks to determine your suitability for certain positions (for example, positions which involve working with children).

We will manage your TFN (if recorded) in accordance with the Privacy (Tax File Number) Rule 2015 and the Taxation Administration Act 1953. 

3.3    Other individuals

We may collect personal information about other individuals who are not our customers such as members of the public who participate in our events we are involved with, service providers and contractors, and other individuals who interact with us on a commercial basis. The kinds of personal information we collect will depend on the capacity in which you are dealing with us. Generally, it would include your name, contact details, postal address and information regarding our interactions and transactions with you.
3.4    Visitors to our Platform

You may visit our website without identifying yourself. If you identify yourself (for example, by providing your contact details in an enquiry), your Personal Information will be managed in accordance with this Policy. 

4.1    We collect Personal Information:

(a)    directly from you, for example, when you provide that information to us, we contact you or when you contact us;

(b)    when providing our services;

(c)    when you participate in our services, including marketing or promotional activities;

(d)    from third parties who you have authorised to provide us with information; and

(e)    from publicly available sources such as the internet and social media

5.1    We store your personal information digitally and in hard copy (unless legally required to retain in hard copy format). All hard copy material is secured at our headquarters in Sydney, Australia.

5.2    All digital material is secured using password protected computers and databases. Any digital transfer of personal is via secure channels such as HTTPS where possible, and user passwords are encrypted using a one-way hash. All confidential documents are securely shredded by a third-party provider after storage is no longer necessary or required for our purposes.

5.3    We primarily use data storage providers located inside Australia such as, but not limited to, Office 365 and Microsoft Azure. Where appropriate, we have agreements with our storage providers to keep all personal information they store secure, using reasonable and appropriate security methods. 

5.4    We destroy or de-identify Personal Information in a secure manner when we no longer need it.  For example, we generally destroy a record about a complaint after 7 years from when the complaint was resolved.

5.5    We conduct regular audits of our compliance with this Policy and the Privacy Act to ensure that our privacy framework is in line with industry best-practice

6.1    We collect Personal Information for a number of reasons, including:

(a)    providing you or a third party with our services or information about our services. This includes allowing parties to view your Personal Information for the purpose of assessing whether you have achieved certain micro-credentials, academic or professional achievements and qualifications;

(b)    sending communications you request or contacting you and responding to your enquiries;

(c)    providing third parties with information about you and your activities for the purpose of providing to you our products and/or services (for instance a courier/package postal service or our manufacturer);

(d)    ensuring consistency of service across our business and other internal business purposes;

(e)    developing or refining our services as well as tailoring our services;

(f)    notifying you about changes to our Platform, services, or activities we offer or provide via our Platform;

(g)    internal business purposes;

(h)    with your consent (which you may then later unsubscribe from), providing you with marketing material or contacting you in relation to our business, networking or promotional activities;

(i)    publishing testimonials you provide us; and

(j)    internal corporate purposes, corporate governance, auditing and record keeping.

6.2    Our use of Personal Information may extend beyond the uses described above in clause 6.1, but will be restricted to purposes that we consider to be related to our functions and activities.

6.3    We do not collect your personal information for the purpose of selling or providing it to third parties to directly market their services to you.

6.4    We may however disclose your personal information as part of a corporate restructure or sale of business, we will however post a notification on our Platform 14 days prior to any sale or restructure event which results in control of your Personal Information changing

7.1    If we collect Personal Information, we may:

(a)    use that information for the purposes stated in this Policy and directly related purposes;

(b)    store that information in accordance with this Policy; 

(c)    pass that information amongst entities we work with, our members, business partners or affiliates;

(d)    to the extent necessary pass that information to third parties who provide products or services to us (including our accountants, auditors, lawyers, IT contractors, and other service providers); and

(e)    provide that information to third parties as required or allowed by law.

8.1    When you access our Platform or social media channels, or when you use our services and products, we may receive information about you via automated methods, including (but not limited to) use of a ‘cookie’, a ‘pixel’ or from other analytics software. 

8.2    These are tools that our web server may direct your traffic to, send to your computer, or embed on a Platform, when you visit our Platform. These tools help us provide services and Products to you, and to recognise when you re-visit the Platform, serve you customised content and to optimize your experience. 

8.3    We generally don’t collect Personal Information through the use of these tools, though we may be able to access your IP address and information about what your computer technology is when using analytical software.

8.4    You may be able to change the settings of your browser so that cookies are not accepted generally or that you are provided with options to accept or reject them as they are sent to your browser.

9.1    We are an Australian based organisation however our data may be stored in cloud back up software (such as MS Outlook 365, Dropbox, Google Drive) which may be potentially be stored overseas, most likely in the United States of America.
9.2    If you engage with the Platform and our services and you’re from outside Australia your Personal Information may be sent to Australia and stored in accordance with this Policy. 

9.3    It may be necessary for us to deliver our Services to send your Personal Information overseas. Where applicable, in the event that your information is sent overseas, we will use our reasonable endeavours to ensure that any overseas recipients will keep all Personal Information secure

9.4    We may upload images and / or footage to our social media accounts of Platform from time to time. The social media accounts and Platform may be hosted on an overseas server.

10.1    You may request access to the Personal Information that we hold about you by contacting us. Upon receiving an access request we may request further details from you to verify your identity.

10.2    We reserve the right not to provide you with access to Personal Information if we cannot verify your identity to our reasonable satisfaction. An administrative fee may be charged to cover our costs in providing you with access to your Personal Information. This fee will be explained to you before it has been incurred.

10.3    We will respond to your access request within a reasonable period of time by:

(a)    providing you with access to your Personal Information;

(b)    rejecting your access request, and providing you reasons for this rejection.

10.4    Access requests may be denied where:

(a)    we believe your request is frivolous or vexatious;

(b)    we are entitled to reject a request by law; 

(c)    we are unable to verify your identity; or

(d)    you have not paid the administrative fee (if any).

10.5    If you believe that the Personal Information that we hold is inaccurate or otherwise requires correction, you may send us a correction request by contacting us. We will review your Personal Information and respond to the request within a reasonable period of time.

We will only keep your Sensitive Information whilst you consent to us doing so, or if we are required to by law or to protect a legal right. If you want us to delete your Sensitive Information you may request we do so in writing, subject to verification of your identity in accordance with paragraph 10.1 and 10.2 above. This may, however, limit our ability to serve and assist you.

When contacting us, you can do so either anonymously or by using a pseudonym. If you do so, we may not be able to provide you with accurate or useful information, and you may not be able to access a full range of our services. Further, we may not be able to investigate incidents or complaints you have made.

In the case of a suspected or actual data breach involving Personal Information we will comply with our Data Breach Policy, which may be provided upon request (except where the identity of the requesting party cannot be verified or is otherwise vexatious). To the extent required, we will cooperate with the OAIC and any other relevant authority in the management of any suspected or actual data breach.

14.1    This notice is to California residents and is supplementary to our Privacy Policy to explain your additional or specific rights as a Californian resident (if we’re deemed a CCPA Business). This provision will not apply to a significant portion of the persons who use our site or services.

14.2    You have the following rights: 

(a)    right to request access to personal information we collect, use, disclose and if relevant sell up to two times per year;

(b)    right to request we delete personal information we collect from you, subject to applicable legal exceptions;

(c)    (if relevant) right to opt-out of sale of personal information.
14.3     To make an access or deletion request please contact us. 

This notice is to European residents and is supplementary to our Privacy Policy to explain your additional or specific rights as a European resident. This provision will not apply to a significant portion of the persons who use our site or services.

15.1    The GDPR is the European Union (EU) data protection law. 

15.2    From time to time, we may capture or collect personal information that passes through the EU. This might occur, for example, if a person in the EU accesses the Platform and we collect analytical data about them, enquiries about our services from the EU, or if one of our customers gives us information about a person in the EU. If this occurs, we will treat the personal information received in accordance with this policy. 

15.3    Where data is processed or monitored in the EU, you may have additional rights, such as:

(a)    The right to request that we delete your personal information (unless we require that information to comply with a legal obligation, or need it to bring or defend a legal claim);

(b)    The right to restrict our processing of your Personal Information (where it is inaccurate, would be unlawful to process, or where it has not been deleted due to us needing it to meet a legal obligation); and

(c)    Right to data portability (the right to receive your personal information in a readable format); and

(d)    The right to object to the processing of personal information.

A complete list of your rights may be viewed here: General Data Protection Regulation (GDPR) – Official Legal Text (gdpr-info.eu).     

15.4    We also have certain obligations in relation to the management of a data breach, including: 

(a)    We must advise the relevant statutory authority of a data breach within 72 hours of becoming aware of the breach; and

(b)    We must advise affected individuals without undue delay where there is a high risk to their rights and freedoms. 

This notice is to Malaysian residents and is supplementary to our Privacy Policy to explain your additional or specific rights as a Malaysian resident. This provision will not apply to a significant portion of the persons who use our site or services. Under the PDPA you have the following additional data rights: 

a)    have your data deleted or corrected where it is inaccurate;

b)    access your data which we process and keep with us;

c)    stop any of our new promotional products sent to you;

d)    withdraw your consent for us to process your personal data; 

e)    the right to data portability (to request transfer to a different holder).

From time to time we may make changes to this Policy. When we do, we will highlight those changes in yellow highlight for a period of 14 days. Please make sure you review this Policy each time you visit our Platform to keep up to date on any changes.

18.1    If you have a question or complaint, you can raise it with us by contacting us at: Email: privacy@ripltec.com

18.2    We take all complaints seriously and will respond to you within a reasonable period of time, usually 30 days, unless we consider your complaint to be frivolous or vexatious or if we are unable to verify your identity.

18.3    If you are not satisfied with the way we have handled your complaint, you can make a complaint to the Office of the Australian Information Commissioner at http://oaic.gov.au.