- the categories of personal information we collect;
- why we collect an individual's personal information;
- how personal information will be used and who it will be disclosed to;
- the legal basis of our processing of personal information;
- your rights in relation to the personal information we collect;
- and your rights and interests that will be affected if you elect not to provide your personal information.
This policy was last updated: October 2023
- references to "Fair Supply", "we", "our" or "us" are to Fair Supply Analytics Pty Ltd (ABN 33 637 115 587) and our related entities.
- Personal information means any information or an opinion about an identified or reasonably identifiable natural person.
- Privacy Act means the Privacy Act 1988 (Cth), including the 13 Australian Privacy Principles (APPs) set out in Schedule 1 of that Act.
- Sensitive information is a sub-category of personal information which includes information about an individual's racial or ethnic origin, political opinions, membership of political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association or trade union, sexual preferences or practices, criminal record, health information, genetic or certain biometric information.
Who we are
Fair Supply is an ESG data provider and consultancy. We provide risk assessment and compliance solutions through a proprietary Software-as-a-Service (SaaS) ESG Risk analytics product. Fair Supply helps corporations and institutions assess ESG risks such as modern slavery, forced labour, carbon emissions, biodiversity and other ESG risks to Tier 10 of their supply chain. Fair Supply also provides consulting services including desk based and on site audits, due diligence, training and other related services.
What personal information do we collect, for what purpose and legal basis?
We collect information about you and your interactions with us. The types of personal information we may collect about you will depend upon the nature of our interaction with you. In some circumstances the collection of personal information may be required by law.
Specifically, Fair Supply may collect and process personal information for the purposes and legal basis stated below:
If the personal information we collect includes sensitive information, including health information, we will ask for your consent to collect this sensitive information, unless the law allows us to collect the information without your consent.
We understand you may not wish to provide us with particular personal information. If so, we may not be able to provide our products or services to you or communicate with you.
We collect and record personal information about individuals such as:
- our customers and prospective customers;
- our customer's suppliers;
- our suppliers, potential suppliers and their representatives, directors, partners, proprietors and shareholders;
- our contractors, subcontractors, potential contractors and subcontractors and their representatives in relation to providing goods and services to us;
- our past and present employees; and
- any other person who comes into contact with us.
How do we collect your personal information?
We may collect personal information directly from you or from a third party. We may collect personal information directly from you when you communicate with us via our website, by email or via third party platforms we use.
Specifically, we may collect your personal information when:
- you register an account with us;
- you request our services or a demo of our services;
- when you register for our newsletter mailing lists;
- when you purchase a Fair Supply product or service;
- when you register for an event hosted by us;
- provide feedback to us;
- when you contact us by email; and
- when we are otherwise required or authorised by law.
We may collect personal information from third parties such as:
- your nominated representatives; and
- publicly available sources of information or registers.
If the personal information we collect includes sensitive information, we will ask for your consent to collect this sensitive information, unless the law allows us to collect the information without your consent.
We may use your personal information to offer you our products and services and provide you information we believe may be of interest to you.
When you receive electronic marketing communications from us, you may opt out of receiving further marketing communications by following the opt-out instructions provided in the communication.
To whom we disclose personal information
We may disclose your personal information to the following third parties:
- other organisations or individuals who assist us in providing products, events, services and programs to you or to administer our business;
- professional service providers and advisors who perform functions on our behalf such as lawyers and accountants;
- your nominated representatives;
- your referee if you apply for a job with us; and
- Government, regulatory authorities or other organisations as required or authorised by law.
We may disclose your personal information to third parties such as external service providers so that they may perform services for us or on our behalf or to assist us in providing our products and services or to administer our business.
When we disclose personal information to third parties, we make all reasonable efforts to ensure that we disclose only relevant information and that it is accurate, complete and up to date and that the third party will comply with the Privacy Act in relation to the use, disclosure and storage of your information.
Other permitted disclosures
We may disclose personal information in other circumstances, where the person concerned has consented to the disclosure, or where we are expressly permitted to do so by the Privacy Act or another law. These other disclosures may include where:
- you would reasonably expect the disclosure to occur;
- we are authorised or compelled by law to disclose;
- it will prevent or lessen a serious threat to someone’s life, health or safety or a threat to public health or safety;
- it is necessary as part of the establishment or defence of a legal claim;
- it is requested by an enforcement agency such as the police; or
- it is a necessary part of an investigation following a complaint or incident.
Other uses and disclosures
If you are based in the EU, you have the right not to be subject to a decision based solely on automated processing, including profiling, where the decision has a legal consequence or significantly affects you. Fair Supply may engage in automated decisions for such purposes as ensuring you receive relevant communications, marketing or other information.
Fair Supply implements suitable measures to safeguard this right. You have the right to obtain human intervention, to express your point of view and contest the decision. If you wish to exercise the rights concerning automated individual decision-making, or require further information, please contact our Privacy Officer at firstname.lastname@example.org.
We may store and transfer personal information on servers and equipment located in Australia and other countries where our service providers are located, including the United States and the European Union.
Overseas transfer of personal information outside of EU
In certain circumstances, we may need to disclose or transfer your personal information to countries outside the country in which your personal information was collected (or, in the case of personal collected within the European Economic Area (“EEA”) to countries outside the EEA).
Where applicable, international transfers of your personal information are protected by appropriate safeguards or undertaken in accordance with legally compliant mechanisms, such as the standard data protection model clauses adopted by the European Commission or any other supervisory authority, which we will incorporate into our agreements with such transferees of personal information.
Overseas disclosure of personal information outside of Australia
Where we disclose information outside of Australia, we will take reasonable steps to ensure any overseas recipient to whom personal information is disclosed will deal with that information in a way that is consistent with the APPs or we will obtain your consent to disclose your personal information to the overseas recipient.
Where we obtain your consent to such disclosure, we will not be responsible for the collection, use, storage and disclosure of your information by the overseas recipient. We will not be responsible under the Privacy Act for the collection, use, storage and disclosure (or breach) of your information by the overseas recipient. You may have rights to enforce the overseas recipient’s compliance with applicable data protection laws, but you may not have recourse against the overseas recipient under the Privacy Act in relation to how it collects and handles your personal information.
Information collected via our website
A “cookie” is a small file stored by the web browser software on your computer when you access our website. An explanation of cookies can be found on the Office of the Australian Information Commissioner’s (OAIC) website.
When you interact with our services online, for example, by opening emails or browsing our website, automated technologies like cookies help us to:
Understand how you use and interact with our online services, information and communications;
Customise or otherwise improve our online services to your preferences;
Measure how useful and effective our services and communications are to you; and
Continue to manage and enhance our products and services.
We use session cookies for maintaining contact with a user throughout a web browsing session. Session cookies expire when the browsing session comes to an end or a user shuts down their computer. We may use persistent cookies for statistical purposes and to improve our website.
The information generated by the cookie about your use of our website (including IP address) may be transmitted to and stored on servers in Australia, the United States, or elsewhere.
You may opt out of this tracking at any time by activating the “Do Not Track” setting in your browser.
Third party websites
Our website may link to other websites which are outside our control, and other websites outside our control may link to our website. Whilst we try to ensure that we link to websites which share our privacy and security standards, once you have left our website we cannot be responsible for the protection and privacy of any information which you provide on other websites. You should exercise caution and review third party website privacy statements.
Security of your personal information
We store information about you in computer systems and databases operated by either us or our external service providers.
We implement and maintain processes and security measures to protect personal information which we hold from misuse, interference or loss, and from unauthorised access, modification or disclosure.
However, there are inherent risks in transmitting information across the internet, including the risk that information sent to or from a website may be intercepted, corrupted or modified by third parties.
If the personal information we store is no longer required by us for any purpose for which it was collected and is no longer required by law to be retained by us, we will destroy or de-identify the personal information.
If you are a “data subject” under certain data protection laws in regions or countries, including the European Union, United Kingdom or China, you may have the following rights in relation to your personal information held by Fair Supply:
Right to Access: you may request confirmation from Fair Supply as to whether we process your personal data, and if so, you may request a copy of that personal data. However, it may not be possible to give you a copy of the information if it was provided anonymously or if it may lead to harm being done to another person.
Right to Rectification: you have the right to request that we rectify or update any personal information that is inaccurate, incomplete or outdated without undue delay.
Right to Erasure: you have the right to request that we erase your personal information without undue delay in certain circumstances, such as where we collected personal information on the basis of your consent and you withdraw your consent.
Right to Restriction of Processing: you have the right request that we restrict the use of your personal information in certain circumstances, such as while we consider another request that you have submitted, for example a request that we update your personal information.
Right to Withdraw Consent: where you have given us consent to process your personal information, you have the right to withdraw your consent.
Right to Data Portability: you have the right to request that we provide you with a copy of your personal information in a structured, commonly used and machine readable format in certain circumstances.
If you reside in Australia, you have the “Right of Access” and the “Right of Rectification” set out above. If we refuse to provide you with access to your personal information or to update your information in the way you request, we will provide you with written reasons. If we refuse to correct or update your information, you may request that we make a note on your record that you are of the opinion that the information is inaccurate, incomplete, out of date, irrelevant or misleading, as the case may be.
Fair Supply considers a child to be anyone under the age of 18. Our website and services are not intended for or targeted at children under 18, and we do not knowingly or intentionally sell products or services for purchase by children or collect personal information from or about children under 18, without the consent of a parent or guardian. If you believe that we have collected personal information about a child, please contact us using the below contact details.
If Fair Supply becomes aware that personal information we collect relates to a child without the consent of a parent or guardian, Fair Supply will use reasonable efforts to delete that personal data from its files as soon as possible. If deletion is not possible, Fair Supply will ensure that the personal information is not used for any purpose.
How can I make a complaint?
If you have a complaint or concern about our handling of your personal information or you think your privacy has been affected, you should contact us using our contact details set out below to raise your complaint or concern.
We will consider your complaint and determine whether it requires further investigation. We will notify you of the outcome of this investigation and any subsequent internal investigation.
If you remain unsatisfied with the way in which we have handled your privacy complaint or concern, you may approach an independent advisor or contact the OAIC or, if you are in the EEA, the data protection authority in your jurisdiction.
See the OAIC website for more information about how to make a complaint, or visit the European Data Protection Board website to find the data protection authority for your jurisdiction.
- wish to make a complaint about the way we have collected, used, held or disclosed your personal information;
- would like to opt out of receiving our newsletter or information about Fair Supply products or services, or
- have any other privacy related enquiries;
please contact our Privacy Officer at email@example.com.