CSC Australia PRIVACY policy

CSC is committed to protecting the privacy of all the individuals it deals with.  This document sets out our policy on handling personal information.  

If you are a CSC employee or contractor you should refer to the “CSC Privacy Statement for Staff” for more specific details on how CSC handles your personal information.

WHAT KINDS OF PERSONAL INFORMATION DOES CSC COLLECT? HOW IS IT COLLECTED? WHAT IS IT USED FOR?

CSC is in the business of providing IT products and services to business customers.  The following lists the main types of personal information collected by CSC, how it is collected, and the purposes for which it is used. 

Personal Information

Information such as names, business contact details and dealings with suppliers and potential suppliers to CSC (collectively “suppliers”).

HOW IT IS COLLECTED

  • through suppliers’ advertisements, emails and order forms when suppliers offer or sell goods and services to CSC

What it is used for

  • to administer CSC’s dealings and potential dealings with suppliers of products and services

PERSONAL INFORMATION

Information such as names, business contact details, professional and business details of customers and potential customers, and their dealings with CSC.

HOW IT IS COLLECTED

  • from customers when asking CSC to respond to  tenders and other requests for CSC’s products and services
  • from customers when CSC is providing products and services to them
  • by CSC account staff for customer administration such as invoicing
  • marketing and sales staff may collect information volunteered by individuals during trade shows, conferences,
    industry networking events and product demonstrations

WHAT IT IS USED FOR

  • to supply products and services
  • to administer CSC’s dealings and potential dealings with customers
  • where permitted by privacy law, to market our products and services

Personal Information

Information such as names and contact details of persons who contact CSC with requests for information.

How it is collected

  • details entered by the enquirer into CSC’s website
  • sales and account staff may collect information should an existing or potential customer request further information from CSC

What it is used for

  • to respond to those requests
  • where permitted by privacy law, to market our products and services

Personal Information

Information about applicants for employment or contractual positions with CSC.

How it is collected

  • from interview responses, CVs, referees, previous employers, recruitment agents, and history and details from relevant educational institutions and contracting agencies

What it is used for

  • to assess those applications for employment or contractual position

Personal Information

Information about CSC’s employees and contractors relevant to their employment or contract with CSC.

How it is collected

  • as above through the hiring process
  • from staff directly, such as emergency contact, salary banking details from CSC’s IT systems,
  • from other CSC staff and customers’ staff (for example from asset usage monitoring reports, performance measurement)
  • as required by customers in connection with their operations

What it is used for

  • to fulfil CSC’s responsibilities as employer and contractor
  • to fulfil CSC’s responsibilities to its customers

Personal Information

Information such as identification numbers and security footage.

How it is collected

  • by scanners at security doors
  • through video surveillance images

What it is used for

  • to provide a safe and secure environment for CSC staff and visitors
  • to provide security for CSC facilities and assets

Personal Information

Customers’ information for storage or handling in connection with cloud, outsourcing and systems management services.

How it is collected

  • when CSC’s customers transfer information, or require CSC to transfer customers’ information, into CSC’s IT environment

What it is used for

  • to fulfil CSC’s contractual responsibilities to its customers

How does CSC handle personal information?

  • Applicable laws: CSC is bound by the Australian Privacy Principles under the Privacy Act 1988 and other applicable laws governing privacy.  Where appropriate, CSC may handle personal information relying on the related bodies corporate exemption and the employee records exemption in the Privacy Act and any other applicable exemptions in other legislation. 
  • How is it held? Personal information held by CSC is stored on CSC’s and its related companies’ internal IT infrastructure.  In some circumstances, it may be held on a third party’s infrastructure, as further described in this policy.  Where appropriate, access to personal information by CSC staff is limited to those individuals with a relevant requirement for access.
  • Who is the personal information disclosed to? As a general rule, CSC will not disclose personal information to any third parties except:
    • to related companies of CSC, for the same kinds of purposes as listed above (as well as for general backing-up of CSC’s local servers);
    • - to third parties engaged to provide services in connection with the purposes mentioned above (eg. cloud third party service providers with whom CSC has partnerships, for administration of marketing communications, for technical services and maintenance on infrastructure used to hold information, to reference check job applicants);
    • - to another company to ensure continuity of service if the supply of the product or service has been transferred to that company; and
    • - if it is otherwise permitted or required by the Privacy Act or any other law.
  • Does CSC disclose personal information offshore? Personal information may be transferred or disclosed overseas for the purposes and processes described in this policy (eg: to back-up CSC’s local systems, in connection with fulfillment of contracts with our customers, to a cloud environment controlled by an offshore CSC cloud services partner, for administration of accounts payable, for administration of international customer dealings, for potential overseas work opportunities).
  • Where is the offshore recipient likely to be located? If CSC transfers personal information offshore from Australia, the destination will usually be one or more of the USA, Canada, and countries in the European and Asian regions.

How can I access my personal information or make a complaint?

To the extent you are entitled under the Privacy Act and other applicable laws, you can:

  • access (and where necessary seek correction of) your personal information held by CSC; and
  • complain if you consider CSC has breached its privacy obligations,

by contacting the CSC Australia Legal Department (contact details below) in writing.

Any complaint about a privacy issue will be reviewed and, where appropriate, investigated by CSC legal staff and/or other appropriately senior CSC staff.  A written response to the complaint will be forthcoming to the person who lodged the complaint within a reasonable time (depending upon the nature of the complaint and the issues and logistics involved with its investigation).    

At CSC we also welcome any suggestions for how we can improve our personal information handling processes.  Please send your comments or suggestions to the CSC Australia Legal Department.

CSC Australia Legal Department


The CSC Australia Legal Department can be contacted by:

  • sending an email including in the subject line “Privacy Issue – Australia” to ethics@csc.com;
  • sending a letter to The General Counsel, CSC Australia Pty Ltd, 26 Talavera Road, Macquarie Park  NSW 2113; or
  • sending a fax to +61 (0)2 9034 2198.

Consent


By providing CSC with personal information, you consent to the collection, use and disclosure of your personal information as described in this policy.

Changes to this Policy


CSC may vary this policy from time to time. The most current version of this policy (the “CSC Australia Privacy Policy”) will be published at www.csc.com/au or can be obtained by contacting the CSC Australia Legal Department. We encourage you to check the policy regularly. We will not separately notify you of changes to it.

Definitions


The terms “personal information” and “employee record” are used in this document with the meanings given to them in the Privacy Act 1988. To summarise their meaning:
personal information means information or an opinion, in whatever form including a database, whether true or not, from which your identity is apparent or can be reasonably ascertained. 
employee record means personal information relating to the employment of an employee, for example:

  • health information;
  • engagement, training, disciplining or resignation;
  • termination of employment;
  • terms and conditions of employment;
  • hours of employment and salary or wages;
  • recreation, long service, sick, personal, maternity, paternity or other leave;
  • taxation, banking or superannuation affairs.
  • personal and emergency contact details;
  • performance or conduct; or
  • membership of a professional or trade association or trade union.

All references to “CSC”, “we”, “us”, or “our” in this document are references to CSC Australia Pty Limited (ACN 008 476 944) and its Australian related bodies corporate such as Servicemesh Australia Pty Ltd (ACN 143 785 657) and iSoft Australia Pty Ltd 088 674 757.

© CSC Australia Pty Ltd 2014