Privacy and Data Handling Policy

SECTION 01

Purpose and Scope

This Privacy and Data Handling Policy sets out how Data Scan Technologies Pty Ltd (“Data Scan Technologies”, “we”, “us”, “our”) collects, uses, stores, discloses, and manages personal information in the course of operating our business and delivering our products and services — including our signature pad solutions and integration services.

This Policy applies to:

  • All personal information collected through our website Data Scan Technologies.com.au (hosted on Hostinger via WooCommerce);
  • Personal information stored in our CRM, accounting, and cloud collaboration platforms;
  • Personal information processed through any integration applications developed by Data Scan Technologies;
  • All employees, contractors, partners, and third parties who handle personal information on our behalf.

 

SECTION 02

Legislative Framework

Data Scan Technologies is committed to full compliance with applicable Australian privacy legislation.

Privacy Act 1988 (Cth)

We comply with the Privacy Act 1988 (Cth) and the thirteen Australian Privacy Principles (APPs) contained in Schedule 1 of the Act. The APPs govern how we collect, use, disclose, store, and provide access to personal information.

Notifiable Data Breaches (NDB) Scheme

Data Scan Technologies operates in accordance with Part IIIC of the Privacy Act 1988, which establishes the Notifiable Data Breaches (NDB) scheme. In the event of an eligible data breach, we will notify affected individuals and the Office of the Australian Information Commissioner (OAIC) as required by law.

Spam Act 2003 (Cth)

All electronic communications sent by Data Scan Technologies comply with the Spam Act 2003 (Cth), including requirements for consent, sender identification, and unsubscribe functionality.

Australian Consumer Law (ACL)

Where applicable, Data Scan Technologies also observes its obligations under the Australian Consumer Law as it relates to the handling of customer data and fair trading practices.

 

SECTION 03

Personal Information We Collect

In accordance with APP 3, Data Scan Technologies only collects personal information that is reasonably necessary for, or directly related to, one or more of our business functions or activities.

Types of Personal Information

  • Contact details — name, email address, phone number, business address;
  • Business information — company name, ABN, industry type;
  • Order and transaction data — product details, order history, invoice records;
  • Technical data — IP addresses, browser type, and device information collected via our website;
  • Communications — enquiries, support requests, and correspondence with Data Scan Technologies.

Sensitive Information

Data Scan Technologies does not intentionally collect sensitive information as defined under the Privacy Act 1988 (e.g. health information, racial or ethnic origin, political opinions, or religious beliefs). If sensitive information is inadvertently received, it will be securely deleted.

How We Collect Information

We collect personal information through: APP 5

  • Our website via WooCommerce enquiry forms, checkout, and lead capture;
  • Direct correspondence — email, phone, and in-person meetings;
  • Our CRM system, which captures leads and contact interactions;
  • Integration applications developed and hosted by Data Scan Technologies.

Individuals will be notified of the purposes of collection at or before the time their information is collected.

 

SECTION 04

Use and Disclosure of Personal Information

Primary Purposes APP 6

Personal information is used only for the primary purpose for which it was collected, or for a directly related secondary purpose that the individual would reasonably expect. Primary purposes include:

  • Processing and fulfilling customer orders and service requests;
  • Managing customer and partner relationships via our CRM;
  • Communicating with customers, partners, and leads about products, services, and enquiries;
  • Providing and supporting integration applications, including signature pad integrations;
  • Complying with our legal and regulatory obligations;
  • Maintaining and improving our website and services.

Secondary Use

Data Scan Technologies does not use personal information for any secondary purpose — such as sale to third parties, profiling, or unrelated direct marketing — without the explicit consent of the individual concerned.

Disclosure to Third Parties

Data Scan Technologies may disclose personal information to the following categories of third parties where necessary to deliver our services:

  • Cloud platform providers — Microsoft (SharePoint/OneDrive), CRM, Accounting software, AWS, and Hostinger — who process data on our behalf under contractual data processing agreements;
  • Business partners — where a customer has engaged Data Scan Technologies to deliver an integration service, relevant information may be shared with that partner with the customer’s knowledge;
  • Regulatory authorities — where required by law, court order, or government regulation.

We do not sell, rent, or trade personal information to any third party for commercial purposes.

 

SECTION 05

Data Storage and Cross-Border Disclosure

Data Storage Locations APP 8

Data Scan Technologies operates a fully paperless and no on-premises data environment. All data is stored digitally across the following platforms:

Data Category

Platform / Service

Location

Offshore?

Website hosting & files

Hostinger (WooCommerce)

Singapore (primary)
Mumbai, India (backup)

Yes — SG & IN

Customer order data

Microsoft SharePoint & OneDrive

Australia (AU data centre)

No

Accounting & financial data

Cloud Software

Australia (AU data centre)

No

Customer & lead CRM data

Cloud CRM

Australia (AU data centre)

No

Integration application data

AWS ap-southeast-2 (Sydney)

Australia (AU data centre)

No

Physical / on-premises data

None — paperless operation

N/A

N/A

Website Hosting — Offshore Storage Disclosure

Important — Offshore Storage Notice Our website (Data Scan Technologies.com.au) is hosted on Hostinger’s infrastructure. Website data — including web forms and WooCommerce customer data — is stored on servers located in Singapore (primary)and Mumbai, India (backup). By using our website and submitting information through our web forms or checkout, you acknowledge that your data may be stored and processed at these locations. Data Scan Technologies takes reasonable steps to ensure Hostinger handles personal information consistently with the Australian Privacy Principles, in accordance with APP 8.1.

All other business data — including order records, CRM data, accounting data, and integration application data — is stored exclusively within Australia.

Data Retention

Data Scan Technologies retains personal information only for as long as necessary to fulfil the purpose for which it was collected, or as required by law. APP 11.2 Once data is no longer required, it is securely deleted or de-identified.

 

SECTION 06

Data Security

In accordance with APP 11, Data Scan Technologies takes reasonable steps to protect personal information from misuse, interference, loss, and unauthorised access, modification, or disclosure.

  • Access controls — platform access is restricted to authorised Data Scan Technologies personnel via role-based permissions across all cloud platforms;
  • Encryption — data is encrypted in transit (TLS/HTTPS) and at rest across all platforms;
  • Multi-factor authentication (MFA) — enforced across Microsoft 365, Zoho CRM, AWS, and other critical platforms;
  • No on-premises storage — Data Scan Technologies does not store personal information on local servers, physical devices, or printed copies;
  • Enterprise-grade infrastructure — we rely on Microsoft Azure (Australia East), AWS (ap-southeast-2), CRM, and accounting software, all of which maintain ISO 27001 or equivalent certifications;
  • Regular review — security practices and access permissions are reviewed periodically by management.

 

SECTION 07

Your Rights

Access to Your Information APP 12

You have the right to request access to personal information that Data Scan Technologies holds about you. Requests should be made in writing using the contact details in Section 10. We will respond within 30 days, unless an exception under the Privacy Act applies.

Correction of Your Information APP 13

If you believe information Data Scan Technologies holds about you is inaccurate, out of date, incomplete, or misleading, you may request a correction. We will take reasonable steps to correct the information within 30 days, or explain why correction is not appropriate.

Anonymity and Pseudonymity APP 2

Where lawful and practicable, you may interact with Data Scan Technologies anonymously or by pseudonym. However, in most circumstances we require identifying information to provide our products and services effectively.

 

SECTION 08

Cookies and Analytics

Our website (Data Scan Technologies.com.au), powered by WooCommerce on Hostinger, may use cookies and similar tracking technologies to:

  • Maintain shopping cart and session state;
  • Understand website usage patterns and improve user experience;
  • Support WooCommerce functionality and e-commerce operations.

You may configure your browser to refuse cookies; however, this may affect the functionality of certain parts of the website.

 

 

 

SECTION 09

Privacy Complaints

In accordance with APP 1.2, Data Scan Technologies has established a process for receiving and responding to complaints about breaches of the Australian Privacy Principles.

If you believe Data Scan Technologies has interfered with your privacy, please contact our Privacy Officer in writing (see Section 10). We will:

  • Acknowledge receipt of your complaint within 5 business days;
  • Investigate and respond substantively within 30 days;
  • Take corrective action where appropriate.

External Complaints — OAIC

If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC):

Website

www.oaic.gov.au

Phone

1300 363 992

Post

GPO Box 5218, Sydney NSW 2001

NDB Notifications

oaic.gov.au/privacy/ndb

 

SECTION 10

Contact — Privacy Officer

For all privacy-related enquiries, access requests, or complaints, please contact Data Scan Technologies’ Privacy Officer:

Organisation

Data Scan Technologies Pty Ltd

Website

Datascan.com.au

 

Privacy Enquiries

 

Contact form on our website

 

Response Time

Within 5 business days

 

SECTION 11

Policy Review and Updates

This Policy is reviewed annually or whenever there is a material change to Data Scan Technologies’s data handling practices, platforms, or applicable legislation.

Data Scan Technologies reserves the right to update this Policy at any time. The effective date at the top of this page reflects the date of the most recent revision. Continued use of our website or services following any update constitutes acceptance of the revised Policy.

The current version of this Policy is always available at Data Scan Technologies.com.au/privacy-policy. If you have any questions about changes to this Policy, please contact us using the details in Section 10.

 

 

Main Menu

Call Us WhatsApp