Privacy Policy

V6.18

About this policy

This policy sets out the information handling practices for Aerial Capital Group Ltd and/or any of its subsidiaries including our websites and mobile apps. It does not cover personal information about our employees.

We strive to manage personal information in a best practice way which is open and transparent while enabling us to better serve our customers and the community.

Personal information means information or an opinion, true or false and whether recorded in a material form or not, about an identified or reasonable individual.

Our primary goal is to promote and maintain a high level of customer service and satisfaction.

By contacting us, downloading our App, setting up an account, or otherwise providing us with your personal information, you consent to your personal information being collected, stored, used and disclosed as set out in this Privacy Policy.

Data collection

We collect personally identifiable information that is specifically and voluntarily provided by visitors to our services including our websites. Such identifiable information includes name, title, phone number, commercial or private address, email addresses and any other information necessary for the provision of our services. Typically, identifying information is collected to:

• Register for and use certain services

• Administer and manage the services we provide

• Adhere to our policies and procedures

• Deliver information to you, such as information on products and services, newsletters, promotions and events

• Improve our marketing and promotional efforts, by enabling statistical analysis of site and product usage in aggregated form

• Answer your requests and queries

Notice where you give us information about third parties

If you provide us personal information about any other individual (e.g. name, address, contact details and other relevant information for the provision of service) you warrant that you have that person’s consent and we ask that you make them aware of our privacy policy for example providing them the link.

Sound and Image Recording

We use sound recordings from customers as part of our quality assurance and assessment of staff for training and educational purposes. We have special protections around this information including separate storage and technical and policy restrictions on who can access this information.

We use in-vehicle image recordings for the purpose of passenger and driver safety where special protections are also around this information including separate storage and technical and policy restrictions of who can access this information.

We undertake Privacy Impact Assessments under the OAIC (Office of Australian Information Commission) guidelines where possible surrounding personal information to manage, minimise or eliminate privacy impacts.

Uses of personal information

We use information we collect to;

• Administer services we provide

• Target marketing communications

• Statistical analysis in aggregated form

• provide your details to taxi service providers in order to procure a taxi for you;

• maintain your profile, favourites and booking details on our server for the purposes of your account;

• present advertisements, special offers and promotions to you about our services, from time to time;

• respond to your enquiries;

• forecast future needs of our services and for general quality assurance and training purposes; and

• any other purposes identified at the time of collecting your information.

We will only use your sensitive information for the purposes for which it was collected, the purposes listed above, as required or permitted by law or purposes to which you otherwise consent.

Marketing communications

We send marketing material to customers to provide information on products and services that the company pro- vides that will be of personal and/or professional benefit including any special offers from third parties. If you are not interested in receiving such material, ‘Unsubscribe’ to opt out of electronic marketing material is made available. Alternatively you can contact us to have your details removed.

Disclosure (sharing) of Personal Information

Aerial Capital Group and any of its subsidiaries may disclose your information:

• To drivers so that they can perform the services required

• Where the law requires or permits us to do so such as law enforcement agencies

• To other entities, including an agent of yours who will pass the information to you, or with your consent

• To government agencies as part of our regulatory or statutory obligations in aggregated form

• For registration of events

• Where you would reasonably expect

Overseas Disclosure

Some of our contracted service providers are located in New Zealand. Where we use a service provider that hosts personal information in other countries, we take steps that are reasonable in the circumstance to ensure that the host does not breach the Australian Privacy Principles. The steps we take include:

• adding provisions in our contract with the service provider that require them to protect the personal information they hold,

• Where a privacy breach occurs in relation to an overseas service provider, we support and work in handling the breach.

Social media

We participate in social media such as Facebook, LinkedIn and Twitter for internal purposes. These sites have their own privacy policies.

Mobile Apps

When individuals access our mobile application, we collect user details such as names, email addresses and contact numbers in order to authenticate user access to our services. We use personal data gathered for internal purposes such as marketing.

Website

This section applies to all Aerial Capital Group websites including any Aerial Capital Group Subsidiary;

• Aerialcapitalgroup.com.au

• Canberraelite.com.au

• QeTaxis.com.au

• Silverservicecanberra.com.au

• Canberrahc.com.au

• Servitel.com.au

We use Google Analytics to collect a range of information about your interactions with our websites for statistical purposes. Our websites use ‘cookies’ to record details of your server address or other usage of our websites such as the pages you view for statistical analysis.

Emails

If you send us an email, that address will be recorded automatically by our email messaging system for the purpose of replying to your email.

Security of personal information

We take reasonable steps to protect the personal information it holds from misuse, interference and loss and from unauthorised access, modification or disclosure.

We do this by limiting personal information accessibility to authorised employees. Our data base is protected through the use of firewalls, regular updates of anti-virus software, voice encryption – phone hacking prevention, passwords and other user log-on procedures. We use secure gateways for the processing of credit card details and we are fully compliant with the PCI-DSS (Payment Card Industry Data Security Standards). For security please refrain from writing your credit card information in the body of an email. Physical security over paper and electronic data is maintained by the use of locks and security alarms.

Despite the measures we have put in place, we cannot guarantee the security of your personal information. You must take care to protect your personal information (for example, by protecting any usernames and passwords). You should also notify us as soon as possible if you become aware of any security breaches.

Although we are required to keep information for a period of 7 years, we take reasonable steps to de-identify information once it is no longer required.

Data Breach Notification

The Company has a Notifiable Data Breach Response Plan established under the OAIC Office of Australian Information Commission (OAIC) guidelines.

Any data breach will be assessed on a case by case basis to determine if a breach notification is required.

If a data breach is determined to create a real risk of serious harm to the individual, the affected individual and third parties, such as the OAIC (Office of Australian Information Commission), and the relevant authorities will be notified.

Accuracy, access and correction

We take reasonable steps to ensure that the personal information that we collect and hold is accurate, complete and up-to-date. However, we rely on you to advise us of any changes to your personal information to help us maintain accurate, complete and up-to-date information.

We will, on request, provide you with access to the personal information we hold about you unless otherwise required or permitted by law. We will notify you of the basis for any denial of access to your personal information.

To request access to your personal information or to update or correct your personal information, please contact us via the contact details provided below.

If you ask us about personal information we have collected about you, or are seeking to transact or update information for the provision of our services, we will confirm your identity.

How to make a complaint

If you wish to make a complaint about a breach of this Privacy Policy or if you have any questions or concerns about our Privacy policy or its implementation you can contact us using the contact details below. You will need to provide us with sufficient details regarding your complaint as well as any supporting evidence and information.

Attn:

The Privacy Officer Aerial Capital Group Ltd

PO Box 1233 Fyshwick ACT 2609

Ph: 02 6126 1500

Email: Feedback@aerialcapitalgroup.com.au

We will refer your complaint to our Privacy Officer who will investigate the issue and determine the steps (if any) that we will undertake to resolve your complaint. We will contact you if we require any additional information from you and will notify you in writing of the outcome of the investigation. If you are not satisfied with our determination, you can contact us to discuss your concerns or contact to the Australian Privacy Commissioner via www.oaic.gov.au.

Revisions to Aerial Capital Group Ltd’s Privacy Policy

We reserve the right to revise this Privacy Policy or any part of it from time to time. Please review this Privacy Policy periodically for changes. If we make material changes to this Privacy Policy, we will notify you here, by email, or by means of a notice on our homepage.

A copy of our privacy policy can be provided to you on request.