Privacy Policy

PRIVACY POLICY


Privacy Policy

1 – Our Commitment

1.1 Founder Enterprises Pty Ltd (ACN 151 779 323) and related entities Dekk RTP Pty Ltd (ACN 618 798 075, and ITC Agriculture Pty Ltd (ACN 651 302 082) (“Fortus”, “we”, “our” or “us”) respects your right to privacy and recognises the trust you are placing in us by providing us with your personal information. We are committed to safeguarding the privacy of our customers, visitors to our website (https://www.fortusgroup.com.au) (“Website”) and other users of our services. All of the entities comprising Fortus make this commitment.

1.2 Your rights to privacy are also protected by the Australian Privacy Principles contained the Privacy Act 1988 (Cth) and if you are a resident of, or in a country that is a member of the European Economic Area, your rights to privacy are protected under the General Data Protection Regulation (“GDPR”). These privacy laws place strict requirements on us to treat certain information collected as confidential, to store your information securely and to allow you easy access to check and correct your information.

2 – Scope of this Policy

2.1 Our Privacy Policy applies to the personal information we collect, store, maintain and use about you via the following channels (the “Collection Channels”):

    2.1.1 our Website, any related Fortus websites, social media pages, mobile or tablet applications, internal websites and / or intranet (“Online Services”); and

   2.1.2 any other means through which an individual provides personal information to us, including either physically or electronically.

2.2 This Privacy Policy sets out how we collect and treat your personal information when you:

   2.2.1 create an account with us;

   2.2.2 use our Website or Online Services; or

   2.2.3 participate in any event, activity or promotion created by us.

2.3 ‘Personal information’ is information we hold which is identifiable as being about you. This includes information such as your full name, date of birth, email address, home address, identification number, or any other type of information that can reasonably identify an individual, directly or indirectly. It may also include information we may collect about your individual preferences and technical information such as device IDs and IP addresses. It does not include data where identity has been removed (i.e. anonymous data).

3 Consent

3.1 By using our products and services, including our Online Services, you agree to the terms of this Privacy Policy and consent to the collection and use of information by us, and the types of disclosure covered by this Privacy Policy. Where we disclose your personal information to third parties, we will request that those third parties follow this Privacy Policy in relation to the handling of your personal information. Any transmission of information within Fortus (for example, to or from any of the Fortus entities referred to above), will be covered by this Privacy Policy, and you agree to the same.

3.2 In order to keep up with changing legislation and best practice, we reserve our right to amend, remove or vary this Privacy Policy from time to time without notice. You should check this page regularly to take notice of any changes we may have made to this policy.

3.3 In addition to the provisions of this Privacy Policy, there may also be specific and additional privacy and consent provisions that apply to certain Collection Channels. Because those specific and additional provisions also relate to your privacy protection, we recommend that you review them wherever they appear. In the event of any inconsistency between the provisions of this Privacy Policy and those other specific and additional provisions, the specific and additional provisions will prevail.

    4 What personal information we collect

    4.1 We may collect, use, store and transfer different kinds of personal information about you which we have grouped together as follows:

  • 4.1.1 Identity Data including your name, gender and date of birth, as well as information required to verify your identity.
  • 4.1.2 Contact Data including email address, telephone number and physical address.
  • 4.1.3 Financial Data including financial, banking and credit card details, your payment information and purchase history (including purchases of products and services).
  • 4.1.4 Profile Data including information you provide when you respond to surveys and/or promotions, provide enquiries, feedback or communicate with our customer support, and any other information you include in your profile.
  • 4.1.5 Loyalty Data including, in the event that Fortus implements a loyalty programme, if you are or become a member of such loyalty program, your membership number and reward redemption history, and information relating to your participation in, and interaction with our loyalty program;
  • 4.1.6 Technical Data including your last known location while accessing the Website, mobile unique device ID, internet protocol (IP) address, device identification, your login data, browser type and version, operating system, websites visited immediately before coming to our Website, time zone setting, browser plug-in types and versions and other technology on the devices you use to access the Website.
  • 4.1.7 Usage Data including information relating to how you use the Website, your account preferences, activity details and interactions (including statistics on page views and clicks), transaction details (such as payment method and where you shopped).
  • 4.1.8 Marketing and Communications Data including your preferences in receiving marketing from us and third parties and your communications preferences.

4.2 We may use GPS technology (or other similar technology) to determine your current location in order to determine the city you are located within and display a location map with relevant advertisements.

Sensitive Information


4.3 We will not collect sensitive information relating to you unless we have your consent and the information is reasonably necessary for one of our functions or activities (unless we are otherwise required or authorised by law to collect that information). Examples of sensitive information include information relating to your health, race and ethnic origin. For example, if you are involved in an incident at one of our facilities, we may also collect sensitive information from you (such as health and medical information).

Cookies


4.4 We may from time to time use cookies or other similar technologies such as pixels on our Website. Cookies are very small files used to identify you when you come back to our Website and to store details about your use of our Website. Cookies are not malicious programs that access or damage your mobile device or computer. Most web browsers automatically accept cookies and similar technologies, but you can choose to reject them by changing your browser settings. However, this may prevent you from taking full advantage of our Website.

Third party sites


4.5 Our Website may have links to other websites not owned or controlled by us. These links are meant for your convenience only. Links to third party websites do not constitute sponsorship or endorsement or approval of these websites. Please be aware that we are not responsible for the privacy practices of other such websites. We encourage our users to be aware, when they leave our Website, to read the privacy statements of each and every website that collects personal identifiable information.

Failure to provide personal information


4.6 Some of the personal information that you may provide might be optional. However, where we need to collect personal information by law, or under the terms of a contract we have with you, and you fail to provide that data when requested, we may not be able to perform the contract we have or are trying to enter into with you (i.e. provide you with access to the Website or to create an account). In this case, we may have to cancel your use of these but we will notify you if this is the case at the time.

5 Collection of personal information


5.1 Fortus will, from time to time, receive and store personal information from and about you including by the following methods:

   5.1.1 Direct interactions. You may give us your Identity, Contact, Financial, Profile and Marketing and Communications Data by filling in forms on our Website or by corresponding with us (including by the Collection Channels), or using our Online Services.

   5.1.2 Automated technologies or interactions. As you interact with our Website or Online Services, we will automatically collect Technical and Usage Data about your equipment, browsing actions and patterns.

   5.1.3 Third parties or publicly available sources. We will receive personal information about you from various third parties including:

   (a) third party service providers who provide services or functions on our behalf, such as IT service providers, delivery service providers and fulfilment managers, mailing houses, our insurers and brokers, and marketing agencies; and

   (b) third party sources and platforms, such as public sources, social networking sites, information service providers and third party analytics providers to whom you have provided your personal information.

6 Use of your personal information


6.1 We may use personal information collected to:

   6.1.1 provide updates to you in relation to our Website;

   6.1.2 assess your suitability for trading with Fortus;

   6.1.3 provide you with products and services, and information (including in respect of products and services); and

   6.1.4 enable authorised parties to better use the functionality of our Website.

6.2 We may also make you aware of new and additional products, services and opportunities available to you. We may use your personal information to improve our products and services and better understand your needs.

6.3 We may contact you by a variety of measures including, but not limited to email, text-message, telephone or by post.

7 Disclosure of your personal information


7.1 We may disclose your personal information to any of our employees, officers, insurers, professional advisers, agents, suppliers or subcontractors (including between entities that comprise Fortus) insofar as reasonably necessary for the purposes set out in this Privacy Policy. Subject to this clause 7, personal information is only supplied to a third party when it is required for the delivery of our services or for the functionality of our Website or Online Services.

7.2 We may from time to time disclose personal information to a third party in order to assess your suitability to trade with Fortus, including financial suitability.

7.3 We may from time to time need to disclose personal information to comply with a legal requirement, such as a law, regulation, court order, subpoena, warrant, in the course of a legal proceeding or in response to a law enforcement agency request.

7.4 We may also use your personal information to protect the copyright, trade marks, legal rights and / or property of Fortus or the safety of our customers or third parties.

7.5 If there is a change of control in our business or a sale or transfer of business assets, we reserve the right to transfer, to the extent permissible at law, our user databases, together with any personal information and non-personal information contained in those databases. This information may be disclosed to a potential purchaser under an agreement to maintain confidentiality. We would seek to only disclose information in good faith and where required by any of the above circumstances.

8 Security of your personal information


8.1 Information that we collect may from time to time be stored, processed in or transferred between parties located in countries outside of Australia. We will only transfer your personal information to countries that have been deemed to provide an adequate level of protection for personal information or where we have adequate safeguards in place. If you would like more details about the transfer of your personal information, please contact our Privacy Officer at privacy@fortusgroup.com.au

8.2 Fortus is committed to ensuring that the information you provide to us is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure information and protect it from misuse, interference, loss and unauthorised access, modification and disclosure.

8.3 We also take measures in respect of destroying or de-identifying personal information that is no longer needed for any lawful purpose. Fortus will retain your personal information for a minimum period of 6 months, or up to a maximum period of 5 years, and following that period, unless (upon review at that time) Fortus reasonably determines that such information continues to be required for a purpose under clause 6, Fortus will take all reasonable steps to ensure that your personal information is destroyed or de-identified in accordance with relevant laws in force at the time.

8.4 Some of the steps we take to protect your information include:

   8.4.1 utilising security restrictions on access to our systems such as passwords, firewalls and anti-virus software;

   8.4.2 external and internal premises security.

8.5 We also have measures in place to detect and prevent online fraud or suspicious activity. In some instances, we may ask you to provide us with information so that we can verify your identity and payment details (for example, if you have never shopped online with us before or if your payment details need to be verified with our payment providers). As part of this process we may ask you to provide redacted (masked) copies of your ID and the credit card used to place your online Order.

8.6 If information is requested from you in order to verify your identity and payment, there may be a delay with the despatch of your Order. You will receive a follow up email once your Order has been approved. There is no obligation for you to provide this information, but if we are unable to verify your identity, we may not be able to finalise your Online order. This information will be used for verification purposes only. Once your details have been verified, the verification information you have provided will be deleted.

8.7 Although we comply with Australian data protection laws and are confident in our security measures, the transmission and exchange of information is carried out at your own risk and like any business, we cannot absolutely guarantee the security of any information that you transmit to us, or receive from us or any third parties at our behest.

8.8 Any breach of our data containing your personal information that is likely to result in serious harm to you will be notified by us in accordance with the Notifiable Data Breaches Scheme.

9 Correction of your personal information

9.1 We will try to ensure that all information we collect, use or disclose about you in accordance with this Privacy Policy is accurate, complete and up-to-date. We expect that you will promptly notify us of any changes to your personal information.

9.2 If you discover that there is an error or information is missing, you can update your details online by signing in and visiting “My Profile” and editing the relevant details.

9.3 Alternatively, if you wish to correct any personal information we hold about you, please contact our Privacy Manager.

9.4 We may ask you to verify your identity to ensure that personal information we hold is not improperly accessed.

10 Pseudonyms and Anonymity

10.1 You have the option of using a pseudonym or remaining anonymous when dealing with us so as not to identify yourself fully to us. Please bear in mind, however, that we will be unable to provide certain services to you unless you disclose your correct identity.

10.2 If you are a candidate for employment you must provide personal information which is in all respects true, accurate and up to date and is not, in any respect, misleading, deceptive or inaccurate or likely to be misleading or deceptive.

11 How we hold your personal information

11.1 We may hold your personal information in either electronic or hard copy form. If you provide information to us electronically we retain this information in our computer systems and databases. This includes computer software programs, internet servers, and hosted internet solutions provided by third parties. If you provide information to us in hard copy (paper) this information is normally retained as part of our electronic files.

12 Your rights under the Privacy Act

12.1 You may request details of personal information that we hold about you in accordance with the provisions of the Privacy Act.

12.2 Further information on your rights is available from the Office of the Australian Information Commissioner (OAIC).

12.3 If you would like a copy of the information which we hold about you or believe that any information we hold on you is inaccurate, out of date, incomplete, irrelevant or misleading, or if you are dissatisfied with the way we have used your information, please contact our Privacy Officer at privacy@fortusgroup.com.au

12.4 We will seek to deal with your request without undue delay, and in any event in accordance with the requirements of the Privacy Act. Please note that we may keep a record of your communications to help us resolve any issues which you raise.

12.5 We reserve the right to refuse to provide you with information that we hold about you, in certain circumstances as set out in the Privacy Act.

12.6 If you remain dissatisfied, you have the right to lodge a complaint with the OAIC at Privacy complaints — OAIC

13 Residents of the European Economic Area

If you are from or in a country that is a member of the European Economic Area (“EEA”), then you have the following rights under the GDPR:

13.1 Erasure of your personal information. You have in certain circumstances the right to request that the personal information that we collect from you is erased. We may need to retain some of your personal information in certain circumstances (for example, we may retain some of your details in our “Do Not Contact” section of our marketing database to ensure that we do not contact you again). If we refuse any request you make in relation to this right, we will provide you with reasons for our refusal.

13.2 Your right to object to or restrict processing of your information. You may request that further processing of your personal information is restricted in certain circumstances, including while we investigate your concerns with this information.

13.3 Your right to object to data processing and right to data portability. You have in certain circumstances the right to request that the further processing of your information is restricted or to object to its processing and the right to data portability (to receive and have transferred the information you provided).

13.4 Individuals under 16 years of age. Individuals over 16 years old can consent to the processing of their personal information, but anyone younger needs the consent of their parent or guardian.