Gratex International AUST Pty Ltd (Gratex) is sensitive to the private nature of information you provide us with. We are committed to protecting your privacy. This Privacy Policy document describes how we will collect and use your data. Gratex is not involved in selling, trading or in other unauthorized use of personal information. If you choose not to provide any information about yourself or your organization, Gratex may not be able to provide you with the complete service you require.

INFORMATION WE COLLECT

We collect and store personal information about you for the purposes of

1. Providing support services
2. Testing software solutions we develop for you
3. Marketing activities
4. Website usage data
5. Managing employee records

A. SUPPORT SERVICES

In order to provide you with support services, we ask you to provide us with personally identifiable information which may include your name, company name, job title, address, contact numbers and e-mail address.

When you use Gratex’ secure Web sites (for the example Help Desk), we may require you to provide personally identifiable information. The personally identifiable information you provide may include your name, password, company or e-mail address.

In addition we collect information about your IT infrastructure including but not limiting to technical details on your servers, PCs, peripherals, data/voice infrastructure, data connections, software licenses, applications and access credentials. For the purpose of dealing with third parties in solving Help Desk incidents we may also collect information on your suppliers involved in supplying IT services to you.

B. TESTING SOFTWARE SOLUTIONS

From time to time, our clients provide us with personal data they have collected from their customers for the purposes of testing and migrating our clients’ software systems. This data may include personal and/or sensitive information.

C. MARKETING ACTIVITIES

We maintain a database of names, postal addresses and email for clients and potential clients gathered from publically available material or provided directly by individuals on the database.

D. WEBSITE USAGE DATA

Gratex’ web servers may automatically collect website usage information from you when you visit our websites. Website usage information informs Gratex about how visitors and subscribers use and navigate the websites, including the number and frequency of users to each web page, their IP address, and the length of their stays.

Like most websites, Gratex automatically collects information and data through the use of "cookies". A "Cookie" is a small file that is placed on your hard disk by a web page server which enables a website to recognize repeat users, facilitate the user's ongoing access to and use of the website and allows a website to track usage behaviour and compile aggregate data that will allow content improvements. A cookie does not provide Gratex with personal information. You have the ability to accept or decline cookies. Most web browsers automatically accept cookies; however you can modify your browser setting to decline cookies if you prefer. If you choose to decline cookies, you may not be able to fully experience the interactive features of this or other websites which you visit.

E. MANAGING EMPLOYEE RECORDS

Personal information including phone, email and address details, dates of birth, next of kin and tax information is collected.

STORAGE AND ACCESS TO INFORMATION COLLECTED

The personally identifiable information we collect about you is stored in password-controlled, encrypted in our data centers located in Australia Access is strictly limited. Gratex maintains safeguards to protect the security, integrity, and privacy of these servers and your personally identifiable information. Paper records are kept in a locked location with limited access.

Access to personal information is limited to those with a need to know and management responsible for systems maintenance. This access is reviewed regularly to ensure access rights are current. Access may include members of staff located in Slovakia. These staff follow the same protocols as Australian staff and the Slovakian company is certified for ISO 27001:2005.

Gratex employs strict guidelines to protect our clients’ privacy and data. All employees sign confidentiality agreements upon commencement of their employment (to ensure security for both the clients’ and company’s data) and receive training on our Privacy procedures. Your personal information is never shared outside the company without your permission, except under conditions explained in this document.

Gratex maintains a protocol for access, management and destruction of this data.

REMOTE ACCESS

It is agreed and understood that when employing the services of Gratex, we may have both remote and/or on site access to your computer systems. These privileges are used solely for the purposes of maintaining, troubleshooting, analyzing, developing, implementing or configuring systems as required.

DISCLOSING INFORMATION COLLECTED

At times, it may be necessary for Gratex to employ a third party to perform services on our behalf. In these cases, we will request your verbal consent to disclose the information required by the appointed third party company to perform their services.

Gratex may disclose any information about you to law enforcement agencies, government officials or other authorities, as Gratex, in its sole discretion, believes necessary or appropriate in the circumstances.

Except where required by law, we will only disclose information concerning you under circumstances described above.

LINKS TO OTHER WEB SITES

Should you make a use of external links which may be provided for your convenience, you should be aware that those websites are not subject to this Privacy Policy. Gratex recommends that you review the privacy policy at each such website to determine how that website protects your privacy.

YOUR RIGHTS AND CHOICES

You have the right to request access and correction of personal information held by Gratex. Requests should be made in writing to privacy@gratex.com.au and will be responded to within 21 days. You should be aware that if you choose not to provide any information about yourself or your organization, Gratex may not be able to provide you with the complete service you require.

HOW TO MAKE A COMPLAINT

If you would like to make a complaint regarding Gratex International’s handling of your data, please make your complaint in writing to privacy@gratex.com.au. Gratex will follow its Complaint Handling Procedure to resolve your complaint.

POLICY MODIFICATIONS

Gratex will review this Privacy Policy annually and may amend it from time to time, and will publish any changes on our Web site. Notwithstanding the right to amend the Privacy Policy, Gratex will not use your personal information in a manner materially different from this Privacy Policy without your prior consent.  -

COMMENTS AND QUESTIONS

If you have any questions or comments about this Privacy Policy, please contact Gratex by emailing us on info@gratex.com.au or by calling us on 1800 111 110.

Gratex International AUST Pty Ltd

Lakes Business Park,

Level 1, 2A Lord Street,

Botany NSW 2019

LAST REVIEW DATE

29 January 2015