Privacy Policy

1. Introduction and Commitment to Privacy

Bcom IT Solutions Pty Ltd (trading as "Bcom IT Solutions", "BCOM IT Support") is committed to protecting the privacy and confidentiality of personal information in accordance with the Privacy Act 1988 (Commonwealth of Australia), the Australian Privacy Principles (APPs), and the Information Privacy Act 2009 (Queensland). This Privacy Policy explains how we collect, use, disclose, store, and protect your personal information when you use our IT support services, visit our website, or interact with our business.

As a Queensland-based IT services provider operating across the Gold Coast region, we understand the importance of maintaining the trust and confidence of our clients, particularly when handling sensitive technical information and providing remote support services. This policy applies to all personal information collected by Bcom IT Solutions Pty Ltd through any means, including our website, telephone communications, email correspondence, service appointments, remote support sessions, and any other interactions with our business.

We are bound by the Australian Privacy Principles contained in the Privacy Act 1988, which regulate how we collect, use, disclose, and store personal information, and how individuals can access and correct personal information held about them. This policy also addresses specific requirements under Queensland's Information Privacy Act 2009 where applicable to our business operations.

2. Information We Collect

2.1 Personal Information

In the course of providing IT support and technical services, we may collect various types of personal information, including but not limited to:

2.2 Sensitive Information

We generally do not collect sensitive information as defined under the Privacy Act 1988, such as health information, racial or ethnic origin, political opinions, religious beliefs, or criminal records. However, in limited circumstances where providing IT support services, we may inadvertently access sensitive information stored on client devices during troubleshooting or data recovery processes. When this occurs, we implement strict protocols to minimise access, protect confidentiality, and delete any sensitive information that is not directly relevant to the technical service being provided.

2.3 Website and Digital Information

When you visit our website or use our online services, we automatically collect certain information through cookies, web beacons, and similar technologies. This includes your IP address, browser type and version, operating system, referring website, pages visited, time spent on pages, search terms used, and other usage statistics. We also collect information about your device, including device type, screen resolution, and mobile network information when applicable.

3. How We Collect Personal Information

We collect personal information through various methods, always ensuring that collection is lawful, fair, and transparent in accordance with Australian Privacy Principle 3 (Collection of solicited personal information) and Australian Privacy Principle 4 (Dealing with unsolicited personal information).

3.1 Direct Collection

Most personal information is collected directly from you when you contact us for IT support services, book appointments, engage our services, participate in remote support sessions, subscribe to communications, provide feedback, enter service agreements, or make payments for services.

3.2 Indirect Collection

In some circumstances, we may collect personal information from third parties, including referral partners, family members or authorised representatives, employers when providing corporate services, payment processors, government agencies when required by law, and publicly available sources.

3.3 Automatic Collection

Our website and digital services automatically collect certain information through technical means, including cookies, server logs, and analytics tools. This collection is necessary for website functionality, security monitoring, and service improvement purposes.

4. Purpose of Collection and Use

We collect and use personal information for purposes that are directly related to our business functions as an IT services provider, in accordance with Australian Privacy Principle 6 (Use or disclosure of personal information). The primary purposes include:

4.1 Service Delivery

To provide comprehensive IT support services including computer repairs, network installation and configuration, software troubleshooting, data recovery, cybersecurity services, remote technical support, hardware upgrades, and system maintenance. This includes diagnosing technical issues, implementing solutions, testing system functionality, and ensuring service quality and customer satisfaction.

4.2 Customer Relationship Management

To maintain ongoing relationships with our clients, including scheduling appointments, sending service reminders, following up on completed work, managing service warranties, handling customer inquiries and complaints, and providing ongoing technical support and advice.

4.3 Business Operations

To operate our business effectively, including processing payments, maintaining financial records, managing inventory and equipment, coordinating service schedules, training staff, improving service quality, and ensuring compliance with legal and regulatory requirements.

4.4 Communication and Marketing

To communicate with you about our services, send newsletters and promotional materials (with your consent), notify you of new services or special offers, conduct customer satisfaction surveys, and maintain our professional relationship with you.

4.5 Legal and Regulatory Compliance

To comply with our legal obligations under Australian and Queensland law, including taxation requirements, workplace health and safety regulations, consumer protection laws, and privacy legislation.

5. Disclosure of Personal Information

We may disclose your personal information to third parties in certain circumstances, always in accordance with Australian Privacy Principle 6 (Use or disclosure of personal information) and with appropriate safeguards to protect your privacy.

5.1 Service Providers and Contractors

We may disclose personal information to trusted third-party service providers who assist us in delivering our services, including payment processors, cloud storage providers, software vendors, telecommunications providers, and specialist contractors. All such disclosures are governed by strict confidentiality agreements and data protection requirements.

5.2 Legal Requirements

We may disclose personal information when required or authorised by law, including to law enforcement agencies, courts, government departments, or regulatory bodies. This includes circumstances where disclosure is necessary to prevent or investigate suspected illegal activities, protect public safety, or comply with legal processes.

5.3 Overseas Disclosure

Some of our service providers may be located overseas, particularly cloud storage and software providers. When personal information is disclosed overseas, we ensure that appropriate safeguards are in place and that the overseas recipient is subject to privacy laws that provide substantially similar protections to the Australian Privacy Principles.

6. Data Security and Protection

We implement comprehensive security measures to protect personal information from misuse, interference, loss, unauthorised access, modification, or disclosure, in accordance with Australian Privacy Principle 11 (Security of personal information).

6.1 Technical Safeguards

Our technical security measures include encrypted data transmission and storage, secure server infrastructure with regular security updates, multi-factor authentication for system access, regular security audits and vulnerability assessments, intrusion detection and prevention systems, secure backup and disaster recovery procedures, and restricted access controls based on job requirements.

6.2 Physical Security

Physical security measures include secure office premises with controlled access, locked storage for physical documents and devices, secure disposal of confidential information and electronic media, and restricted access to areas where personal information is processed or stored.

6.3 Data Breach Response

In the unlikely event of a data breach that is likely to result in serious harm to affected individuals, we will comply with the Notifiable Data Breaches scheme under the Privacy Act 1988, including notifying the Office of the Australian Information Commissioner and affected individuals within the required timeframes.

7. Your Privacy Rights

Under Australian privacy law, you have several important rights regarding your personal information:

7.1 Access Rights

You have the right to request access to the personal information we hold about you, in accordance with Australian Privacy Principle 12 (Access to personal information). We will provide access unless there are valid legal reasons for refusing the request.

7.2 Correction Rights

You have the right to request correction of personal information that is inaccurate, out-of-date, incomplete, irrelevant, or misleading, in accordance with Australian Privacy Principle 13 (Correction of personal information).

7.3 Complaint Rights

You have the right to make a complaint about our handling of your personal information. We encourage you to contact us first to resolve any concerns, but you also have the right to complain directly to the Office of the Australian Information Commissioner.

8. Contact Information and Complaints

If you have any questions about this Privacy Policy, wish to access or correct your personal information, or want to make a complaint about our privacy practices, please contact us:

8.1 Complaint Process

We are committed to resolving privacy complaints promptly and fairly. When you contact us with a complaint, we will acknowledge receipt within 5 business days, investigate the matter thoroughly, and provide a written response within 30 days. If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner at www.oaic.gov.au.

9. Policy Updates and Changes

We may update this Privacy Policy from time to time to reflect changes in our business practices, legal requirements, or technology. Any material changes will be notified to you via email (where we have your email address) or by posting a prominent notice on our website. The updated policy will be effective from the date specified in the notice.

We encourage you to review this Privacy Policy periodically to stay informed about how we protect your personal information. Your continued use of our services after any changes indicates your acceptance of the updated policy.

10. Legal Framework and Compliance

This Privacy Policy is designed to comply with the following Australian and Queensland legislation:

• Privacy Act 1988 (Commonwealth) - The primary federal privacy legislation governing the handling of personal information by businesses
• Australian Privacy Principles - Thirteen principles that regulate the collection, use, disclosure, and management of personal information
• Information Privacy Act 2009 (Queensland) - Queensland legislation governing privacy practices
• Spam Act 2003 (Commonwealth) - Regulating commercial electronic messages
• Australian Consumer Law - Consumer protection provisions relevant to privacy and data handling

We regularly review our privacy practices to ensure ongoing compliance with these legal requirements and industry best practices.