Privacy Policy

Our Privacy Policy outlines what kinds of personal and sensitive information we collect, why we collect this information, and how we handle it.

Personal information is information or an opinion about an identified individual/company or an individual/company who is reasonably identifiable.

Sensitive information is a subset of personal information and includes information or an opinion about your:

  • racial or ethnic origin
  • political opinions
  • religious beliefs or affiliations
  • philosophical beliefs
  • sexual orientation
  • criminal record
  • health information
  • genetic information.

Underground IQ Pty Ltd does not collect Sensitive information.

What we collect

We may collect personal information about you when it’s reasonably necessary for, or directly related to, our functions or activities.

The kinds of personal information we may collect includes all of the following.

Information about you, such as your:

  • name
  • address
  • gender
  • date of birth
  • contact details

Information about your interactions with us, such as your:

  • financial situation: including payments, quotes, invoices, receipts, authorisations
  • emails & phone call records
  • services provided
  • site details
  • job details
  • intentions regarding site
  • asset location details
  • aerial photographs
  • site photographs, which may include staff or visitors to your site
  • feedback and complaints

Information about your company and other related persons, such as any:

  • nominees or authorised representatives.

We may also collect information about how you use our online services, such as:

  • pages you visit
  • online forms you fill in
  • your interactions
  • your chats with our virtual assistants
  • your language preferences
  • searches you make.
  • referring websites and links
  • departing websites and links

How we collect information

We collect your personal information through a variety of channels. This includes paper forms, web forms, site visits, conversations, emails, banking services.

When your personal information is collected from a third party, we take steps to inform you. This may occur through this Privacy Policy, application forms, notices or discussions with our staff.

Social networking services

We use social networking services such as Meta, Twitter, Google, YouTube, Instagram and Yammer to obtain referrals and to talk with the public and our staff. When you talk with us using these services we may collect your personal information to communicate with you and the public.

The social networking service will also handle your personal information for its own purposes. These services have their own privacy policies. You can access the privacy policies for these services on their websites.

Data exchanges

We exchange data with government agencies and 3rd party services through technical pathways Before You Dig services, and ATO services gateway.

Why we collect information

We collect personal information about you where it is reasonably necessary for, or directly related to, one or more of our functions or activities.

To deliver payments and services

We may collect your personal information when it is reasonably necessary for delivering services. For example, we may collect your personal information to:

  • confirm you or your company’s identify
  • communicate with you, including by SMS or email or social media
  • provide advice about available support
  • ensure correct payments are made

For employment and recruitment

We collect personal information to establish and maintain records for the employment and recruitment of staff. You can request further information about this.

For market research

We may share your personal information to conduct statistical analysis and market research to improve service delivery. We may engage external companies to conduct this research on our behalf.

Only when required with third parties

We may disclose your information to Australian Government agencies, state and territory agencies, asset owners, and third parties. The disclosure of your personal information will depend on the payments or services to which the information relates.

To provide you with a more personalised experience

We may use information about your online experience to help us improve our services.

We may need to share your personal information if we’re authorised or required by law to do so.

How we store personal information

We take reasonable steps to protect your personal information against misuse, interference and loss, and from unauthorised access, modification or disclosure. These steps include:

  • minimising data retention time
  • only accessing personal information on a need-to-know basis and by authorised personnel
  • monitoring system access which can only be accessed by authenticated credentials
  • ensuring our buildings are secure
  • regularly updating and auditing our storage and data security systems.

When no longer required, we destroy or archive personal information in a secure manner.

We store your information on local drives, as well as 3rd party services such as Xero, Servicem8, Google Drive, Office365, BYD.

The storage services service will also handle your personal information for its own purposes. These services have their own privacy policies. You can access the privacy policies for these services on their websites. We do this in a similar way to a cloud service provider. We keep the hosted data separate from our own data and protect it with strict access controls. This means we don’t have control over the hosted data. Send requests or complaints about hosted data to the 3rd party the personal information belongs to. If we get a request or complaint about hosted data, we’ll send it to the 3rd party it belongs to.

How we share information outside Australia

We may disclose your personal information overseas, such as to a foreign government or agency, where:

  • the disclosure is required or authorised by law, or
  • international information sharing arrangements are in place.

This may be more likely if you  live or have lived overseas..

Under international information sharing arrangements we can either:

  • collect and disclose information about you where it is requested by an overseas authority
  • request information about you from an overseas authority.

While these arrangements differ, overseas authorities may have agreed to only use information for the purposes of the arrangements, and in accordance with relevant privacy obligations.

How to access and correct information about you

You have the right to both ask:

  • for access to personal information that we hold about you
  • that we correct personal information we hold about you.

If you ask, we must give you access to your personal information, and take reasonable steps to correct it if we consider it is incorrect, unless there is a law that allows or requires us not to.

We will notify you in writing, and explain our reasons if we refuse to give you access to, or correct, your personal information.

Comments

When visitors leave comments on the site we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.

An anonymized string created from your email address (also called a hash) may be provided to the Gravatar service to see if you are using it. The Gravatar service privacy policy is available here: https://automattic.com/privacy/. After approval of your comment, your profile picture is visible to the public in the context of your comment.

Visitor comments may be checked through an automated spam detection service.

Media

If you upload images to the website, you should avoid uploading images with embedded location data (EXIF GPS) included. Visitors to the website can download and extract any location data from images on the website.

Cookies

If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.

If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.

When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.

If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.

Embedded content from other websites

Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.

These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.

Who we share your data with

If you request a password reset, your IP address will be included in the reset email.