This Privacy Policy is maintained by Pegasus Management Pty Ltd (“we”, “us” and “our”) and relates to the collection storage and use of personal information you may supply to us or we may collect from you through your dealings with us, including via access to our contractor engagement and management system known as Onsite Track Easy (the System) or any other system maintained by us or your conduct on any web site maintained by us.

We reserve the right, at our discretion, to modify or remove portions of this Privacy Policy at any time.

We recognise the importance of protecting the privacy of your information, in particular information that is capable of identifying an individual (“Personal Information”). This Privacy Policy governs the manner in which your Personal Information will be dealt with including but not limited to collection, access, storage use and disclosure of Personal Information which we obtain as part of our business operation. By accessing our website, the System, other systems or databases maintained by us or otherwise transacting with us, you agree to and acknowledge the content of this Privacy Policy. This Privacy Policy is in addition to any other terms and conditions applicable to our dealings with you. This Privacy Policy should be reviewed periodically so that you are updated on any changes. We welcome your comments and feedback.

1. Personal Information                                

Personal Information about you is collected only when knowingly and voluntarily submitted and when reasonably required by us to perform one or more of our functions or activities.

Personal Information is collected by our organisation via the following: direct requests for information made by us to you either verbally or in writing, online and hard copy application forms completed by you or on your behalf.

We may also make use of Personal Information collected by our clients from users of the System once it is inputted into the System.

We may also collect Personal Information indirectly through publicly available means or through websites (such as Google or social media sites) who disclose to their users that the user’s Personal Information is provided to businesses such as ours. We may also collect or have access to Personal Information obtained by related entities such as Pegasus Safety & Training Pty Ltd, Onsite Track Easy Pty Ltd, Pegasus International Holdings Pty Ltd or Pegasus Training Options. We will do this only where you have consented to or would reasonably expect us to obtain this information.

It is our intention that this policy will protect your Personal Information from being dealt with in any way that is inconsistent with applicable privacy laws in Australia including the Privacy Act 1988 (Cth) (Act), Australian Privacy Principles (APPs) and will use reasonable endeavours to ensure that where Personal Information is disclosed to overseas recipients, the overseas recipients comply with the APPs. The type of Personal Information that we may collect and hold includes: your names, addresses, contact details such as telephone numbers and email addresses, evidence of competence or specific work skills, details of course attendance and/or achievement, attendance at work sites or locations.

Where it is reasonable and practical to do so, we will only collect Personal Information about you from you. You have no obligation to provide any information requested by us however if you choose to withhold Personal Information from us it may prevent us from being able to provide you with access to the System or other systems maintained by us.

We will take reasonable steps to ensure that your Personal Information is accurate, complete and up-to-date as soon as practicable after receiving your notification of any error or inaccuracy.

If we become aware of any ‘eligible data breach’ as defined under the Act in respect of any of your Personal Information which would be likely to result in  serious harm to you, we will promptly notify you and undertake all required mandatory Eligible Data Breach notification to applicable government entities and affected individuals in accordance with the privacy law.

We will co-operate with your reasonable requests or directions relating to any applicable law concerning the security, use or disclosure of Personal Information.

2. Use of Information

In relation to Personal Information collected from users of our contractor engagement and management system known as Onsite Track Easy or differently skinned systems built on the Onsite Track Easy platform (Portals) (the System), the predominant use of such information is to populate and maintain the databases within those systems, for use by our clients and their personnel and contractors.

If you are a user of the System it is important to understand that collection of Personal Information from you may be used in assessing your competencies, experience, site attendance and other key criteria. Failure to provide certain information or poor assessment results may impact your ability to enter into and work at certain sites.

We may continue to use your Personal Information even after you cease using the System, including retaining your Personal Information in the System unless you give us written notice to the contrary.

Personal Information collected from you is also used for the following purposes:

• to provide tailored product and service information and improve service delivery;
• to process payments, discounts and refunds where required;
• to communicate with our customers regarding products and services (such as warranty and maintenance provisions, product recalls etc.);
• to develop and expand our operations base and plan for future commitments;
• general data analytics for improvement of service delivery, and work site safety management; and
• to direct market to You either by us or by disclosing to a third party contractor to undertake direct marketing on our behalf.

Personal Information is held in computer databases, copies of those databases for purposes of system integrity and backup, and paper based file systems.

3. Disclosure

We will not disclose your Personal Information unless you have consented to that disclosure. Your consent may be express or implied. We may also disclose your Personal Information where it is required or authorised by or under an Australian law or a court/tribunal order or where a permitted general situation exists under the APPs. Where disclosure is necessary for an enforcement related activity of an enforcement agency, we will provide written notification of that disclosure as is required by the APPs.

We may engage third parties to provide you with goods or services on our behalf. In that circumstance, we may disclose your Personal Information to those third parties in order to meet your request for goods or services.

We may be engaged by third parties (such as site operators who have implemented the System at their site) to collect Personal Information from you via the System. In that instance we may disclose your Personal Information or Sensitive Information to them via the System to allow them to make full use of the System.

We may disclose your Personal Information to recipients that are outside of Australia. We will use reasonable endeavours to ensure that any overseas recipients of your Personal Information comply with the APPs.

4. Sensitive Information

During the course of business we may at times be required to collect Sensitive Information about individuals, which may include information about your health (including genetic information), racial or ethnic origin, political opinions or memberships, religious or philosophical affiliations or criminal record. Collection of any Sensitive Information will be done in accordance with the APP’s and the Act.

We will only disclose Sensitive Information that we may collect or hold about you for the purposes for which it was collected, or for directly related purposes you would reasonably expect us to use it for, or if you have expressly consented to that disclosure, or if we are otherwise authorised or compelled by law or a court/tribunal order to disclose that Sensitive Information.

We may disclose your Sensitive Information to recipients that are outside of Australia. We will use reasonable endeavours to ensure that any overseas recipients of your Sensitive Information comply with the APPs

5. Security

We strive to ensure the security, integrity and privacy of Personal Information collected and held by us, and we review and update our security measures in light of current technologies. Unfortunately, we cannot guarantee that our data storage measures are totally secure.

However, we will endeavour to take all reasonable steps to protect the Personal Information and Sensitive Information we collect from you from misuse, interference, loss and unauthorised access, modification or disclosure.

Where the Personal Information is no longer required for the purpose for which it was collected (or a permitted secondary purpose) we will take all reasonable steps to destroy or de-identify the information.

6. IP Addresses

If information is gathered by our website/portal or online database, our web servers may gather your IP address to assist with the diagnosis of problems or support issues with our services. This information is gathered in aggregate only and cannot be traced to an individual user.

7. Cookies and Applets

We may use cookies to provide you with a better experience when using our website/portal. These cookies allow us to increase your security by storing your session ID and are a way of monitoring single user access. This aggregate, non-personal information is collated and provided to us to assist in analysing the usage of the site.

8. Transborder Data Flows

There may be occasion where, in the course of providing our services to you or to our customers, we may need to transfer your Personal Information or Sensitive Information outside of Australia, If and when, we transfer data outside of Australia, we will still comply with the obligations under the Act and the data will still have the same protections afforded to it under the Act.

As part of our services we may store information using online or cloud software. This information that you provide to us may be transferred to the servers of our host providers. By providing your Personal Information and Sensitive Information you are consenting to that information being transferred to and stored on the servers as set out in this Privacy Policy.

Currently we disclose Personal Information and Sensitive Information to the following nominated overseas recipients located in the Philippines.

We may disclose your Personal Information and/or Sensitive Information to a third party for the purposes of which we collect the information for. We have taken reasonable steps to ensure that your Personal Information and/or Sensitive Information is not held, used or disclosed by the recipient that is inconsistent with the Act

9. Access to Information                                

Depending on which services you are attempting to access, you may be able interact with us anonymously or using a pseudonym. However, this will mean that there are some products and services that you will not be able to enjoy. These include: Onsite Track Easy, Rail Industry Work and portals configured for specific clients.

We will endeavour to take all reasonable steps to keep information about you accurate and up to date. If, at any time, you discover that information held about you is incorrect, you may contact us to have the information corrected. Further you may request access to any of your Personal Information or Sensitive Information we hold except if the provision of the information is contrary to any applicable privacy law. In addition, our employees and the contractors who provide services related to our information systems are obliged to respect the privacy of and confidentiality of any Personal Information or Sensitive Information held by us.

If you wish to make a complaint regarding any aspect of the collection, access to, use storage or disclosure of Personal Information or Sensitive Information by us, please make your complaint in writing to the address below. We will consider your complaint promptly and contact you to seek to resolve the matter. If we have not responded to you within a reasonable time, you are entitled under privacy legislation to make a complaint to the Office of the Australian Information Commissioner.

Please direct all requests for access to or correction of personal information or all complaints to: support@onsitetrackeasy.com.au

10. How long is it held for?

We hold the information at a time of our own discretion or until such time as you contact us and ask for your information to be removed from our System or destroyed.

11. Questions

For more information about privacy issues in Australia and protecting your privacy or to make a complaint about our handling of your Personal Information, visit the Office of the Australian Information Commissioner’s web site; http://www.oaic.gov.au/.

New Zealand Payments: Your payment is processed through the secure Fat Zebra system. Any credit card details stored for recurring payments are done so on the Fat Zebra system. No credit card information is stored by us.