Privacy Policy
1 Introduction
Retail Finance Intelligence Pty Ltd (RFI Global) acquired DBM Atlas in April 2023. We are a specialist agency that has been providing evidence-based insights and solving challenging problems for our clients since 1992. This privacy policy covers all the work of DBM Atlas and related products under:-
Retail Finance Intelligence Pty Ltd (ABN 64 121 015 192)
2 Commitment to Privacy
RFI Global respects and upholds your rights under the Australian Privacy Principles contained in the Privacy Act 1988 (Commonwealth) (“Privacy Act”) and the Notifiable Data Breach scheme. DBM follows the guidance of the Australian Data and Insights Association (ADIA) and adheres to the Privacy (Market and Social Research) Code 2014 (“Code”). For more information about the Privacy Act, the Australian Privacy Principles and the Notifiable Data Breach (NDB) scheme click here: Australian Privacy Principles, OAIC For more information about the Code click here: ADIA Code This Privacy Policy for DBM Atlas products let you know what personal information of yours we hold, what we do with it, who we will disclose it to and how you can access the personal information we hold about you. You can also find out here how to change inaccurate personal information and how to opt out of receiving communications from us.3 The Purpose of the Information We Collect
We collect personal information from individuals for research purposes only, with further details set out below. We do this in order to provide accurate and timely information to government, commercial and not-for-profit organisations about issues relevant to their activities to support their decision-making processes. In each case we must have your consent for the use of your personal data. Where we use your personal data with your consent, you have the right to withdraw your consent at any time. The basis for us collecting personal information includes:- to offer you opportunities to participate in research to help our clients make decisions about their products, services and brands;
- to respond to your research inquiries;
- to validate the research answers you gave;
- to update our records to ensure your information is correct;
- to send you information regarding your research participation such as how to redeem rewards;
- to ensure that our research surveys are presented in the most effective manner for you;
- to provide you with information that you request from us;
- to notify you about changes to our service (this is based on our legitimate interest in keeping you informed about changes to our service);
- to provide notice regarding changes to our terms, conditions, and policies.
3.1 Data Collection from Children
We never knowingly invite children under the age of 14 years to participate in research studies without consent from a parent or legal guardian. If it is necessary and appropriate to a particular project to directly involve children under the age of 14 years, we take measures to ensure we have been given permission by the child’s parent or legal guardian. When inviting children under the age of 18 years old to participate in research on sensitive subjects, we take measures to ensure we have been given permission by the child’s parent or legal guardian to proceed.3.2 Digital Data Collection
A cookie is a piece of information that an Internet website sends to your browser when you access information at that site. Cookies are either stored in memory (session cookies) or placed on your hard disk (persistent cookies). Our online market research survey collection software only uses session cookies. Upon closing your browser the session cookie set by this web site is destroyed. In contrast, our corporate website uses persistent cookies. We use cookies for the following information for statistical and administrative purposes:| Categories of Use |
Type of Information |
Description |
|---|---|---|
| Authentication |
the visiting domain name or IP address or user’s server address | To consider users who visit our corporate website regularly and tailor the site to their interests and requirements |
| Authentication | Computer Operating System, Browser Type and Screen Resolution |
To allow us to optimize the corporate website and our surveys for your hardware and software |
| Administrative | Date and time of the visit to the site | This is important for identifying the corporate website and our surveys busy times and ensuring maintenance on the site is conducted outside these periods |
| Administrative | Pages accessed and documents downloaded |
To indicate which pages or documents on our corporate website are most important to users and also helps identify important information that may be difficult to find |
| Administrative | Duration of the visit |
To indicate to us how interesting and informative the corporate website is to prospects, clients and job candidates; and to let us know how long our surveys take to complete |
3.3 Information We Collect from Other Sources
From time to time, we will collect personal information about you from third parties. This may include, for example, information provided by:- Our clients (in these cases, your consent would have been given to our client who would have provided us only with information about you that is relevant to the research);
- Organisations that collect online data;
- Data suppliers;
- List providers (e.g. organisations that specialise in providing contact lists like illion);
- Other entities that have a legal right to provide such information to us.
4 How We Use Personal Information
We will only use your personal information for the purpose of conducting our research and in accordance with this Privacy Policy. We will never use your personal information for the purpose of advertising, promotions or direct marketing activities. We use your feedback about your preferences, behaviours and attitudes in relation to products, services and brands in order to help our clients solve the most challenging business issues and make informed decisions. We use the information we collect to create a variety of research insights reports for our clients. We use tools and methods to make sure that there is no reasonable possibility of identifying an individual in most of the reports that we create for our clients. For example, we combine the responses we collect from you with the responses of others to produce “aggregated” reports. We would only use your individually identifiable personal information in reports with your prior consent and only if it is directly related to, or reasonably necessary for, the research we conduct. Among other things, our insights have helped clients to:- understand the highest priority areas to focus on in order to improve in their existing products and services;
- understand which parts of a service interaction lead to the highest consumer satisfaction;
- forecast the likely demand for new products and services;
- identify and locate different groups of people who would be most likely to use new services;
- determine the best pricing and bundling strategies for products and services.
5 How We Store and Retain Personal Information
We will take reasonable steps to protect your personally identifiable information as you transmit your information from your computer/device to our website. Unfortunately, the transmission of information via the internet is not completely secure and we cannot guarantee the security of your data during transmission to our site, any transmission is at your own risk. You should therefore take special care in deciding what information you transmit. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access. We store your information for as long as needed for our research purposes and in accordance with law. We use reasonable organisational, technical and administrative measures to protect your information under our control. Please remember that storage of personal data cannot always be one-hundred percent secure. All information you provide to us is stored on secure servers. We limit access to the information by our own employees, contractors, site service providers and those individuals who are authorised for the proper handling of such information. We request that our third party contractors and site service providers follow similar standards of security and confidentiality. We will destroy or de-identify your personal information as soon as practicable once it is no longer needed for our research purposes. The period for which we keep your personal data will be determined by a number of criteria including the purposes for which we are using the information, the amount and sensitivity of the information, the potential risk from any unauthorised use or disclosure of the information, and our legal and regulatory obligations. However, we may in certain circumstances be required by law to retain your personal information after our research has been completed. In this case your personal information will continue to be protected in accordance with this Policy. If we destroy personal information we will do so by taking reasonable steps and using up-to-date techniques and processes.6 Disclosure and Transfer of Personal Information
We will never disclose any personal information we collect from you unless you have provided express prior consent. We will never use or disclose your personal information for the purpose of advertising, promotions or direct marketing activities. In most instances, our clients have no access to your personal information. The information we provide to most of our clients will only report the information you provide in an “aggregate” form (combined with responses of others) or another form that will not personally identify you. We will not disclose any personal information or identifiable research information to a third party for a purpose other than conducting our research unless you have provided express prior consent, or we are required to do so by an Australian law or court/tribunal order. In the course of conducting our research we may use third-party service providers who are located overseas, to assist us in the purpose of conducting our research. These activities include, but not exclusively, data hosting, data storage, and digital fingerprinting technologies which may be used for quality control and validation. In most cases, this research data will not be identifiable research information. We will also take reasonable steps to ensure any third-party service providers (and their employees and contractors) comply with the Privacy Act and this Privacy Policy and/or are subject to similar privacy laws and you have the ability to enforce those rights.7 How You Can Access or Correct Your Own Personal Information
You have the following rights in relation to your personal data:- the right to change your mind and to withdraw your consent;
- the right to access your personal data;
- the right to rectify/correct any personal data that we hold about you that’s inaccurate or incomplete;
- the right to erase your personal data from our systems, unless we have legitimate reasons for continuing to process the information;
- the right to port your personal data (portability right);
- the right to restrict processing of your personal data;
- the right to ask whether we’re processing your personal data and, if we are, to find out details of that processing;
- the right to object to how we’re processing your personal data, and to ask us to restrict how we’re processing your personal data;
- the right to have the personal data that you’ve provided to us, provided to you, in a structured and commonly-used electronic format;
- the right to ask us to transfer your personal data directly to another company if that’s feasible.
