Altia Trust Centre

Your single point of truth for Altia's Compliance, Legal and Trust documentation. Welcome to the Altia Trust Centre.

General Privacy Policy
For Altia Service(s)
Published: | In Effect: to Current
For Agreements prior to the Published Date, please review the Archive

You may download the original PDF copy of this document as signed by Altia's Chief Information Officer under the navigation menu, along with a Microsoft Word copy, allowing for track changed amendments and comments. This document is current at the published date online and made available, by Altia, at https://legal.altiacloud.com. An original PDF copy, Microsoft Word copy or printed version of this document may not be current and is provided as a signed copy, by Altia, for Customer(s) seeking ‘point in time’ referencing against other documents, agreements or arrangements between the Customer and Altia.

Contents

  1. Introduction and General Notes

  2. Applicability

  3. Definitions

  4. Purpose and Simplification

  5. Consent

  6. Altia’s Governing Privacy Principals

  7. Breach

  8. Access to Personal Information

  9. Correction to Personal Information

  10. Complaints, Enquiries or Access to Information

  11. Skill, Diligence and Care

  12. Governing Law

  13. General Data Protection Regulation

  14. Disputes

  15. Contacting Us

1.  Introduction and General Notes

About this document. Altia’s Privacy Policy apply to both visitors of Altia’s public internet presence at https://altiaintel.comhttps://legal.altiacloud.comhttps://altia-abm.com and the web and mobile applications that support Altia Service(s). Altia’s Privacy Policy relates to Customer(s) and User(s) dealings with Alita, generally, as part of the Agreement, or in absence of any Agreement. Altia’s Privacy Policy draws User(s) attention to the Agreement. Altia’s Privacy Policy is written in order to allow individuals to understand Altia’s Privacy Policy regarding their privacy, as well as how their personal information will be handled when accessing Altia’s public facing website(s) or internet presence.

Definitions, terms and interpretation. In this document, defined terms are contained within the Altia Legal Definition Schedule (“Definition Schedule”). Words capitalised in error appearing as a Term, or where words are intentionally not defined as Term(s) but are perceived by a Party as potentially being a Term, are to be given the meaning of the word, or words, in context, as determined by what a reasonable person, having been deemed responsibly capable for reviewing commercial agreement(s), would have understood the word(s). Definitions may be inferred from the subject of the section, and where appropriate, Terms may be defined ‘in line’ or their acronyms introduced.

Agreement Generalisation. The Agreement in its entirety is geographically, currency and Altia Service(s) generalised, to ensure consistency in legal and commercial agreement(s). There may be clause(s), sections or reference to the Agreement and/or Agreement Supplementary Material that are not relevant to a specific Agreement between Altia and a Customer. Section Two of this document, the Agreement and each refenced Agreement Supplementary Material outlines Applicability for Party(s) to determine if the clause(s), sections or referenced Agreement Supplementary Material are in scope of the Agreement.

Document Version. This document is made current at the date published and made available at https://legal.altiacloud.com (the “Reference Date”). The Reference Date determine(s) the Agreement entered into, which survives in perpetuity, through Order Form(s).

Altia’s right to update, change or amend. Altia, from time to time, may update this document, the Agreement and Agreement Supplementary Material. If you are supplied Altia Service(s) by Altia, through an Agreement, you will be advised of changes to this Agreement or Agreement Supplementary Material through the Notices to Parties section of Altia’s Master Services Agreement (“MSA”). Archived versions of Altia’s MSA and any Agreement Supplementary Material form the Agreement against the Reference Date can be found at https://legal.altiacloud.com. If there are any disputes to clause(s) of this document, the Agreement or Agreement Supplementary Material as varied from the Reference Date, you may raise a dispute as per the ‘Dispute Resolution’ Section of Altia’s MSA.

2.  Applicability

Altia (“We”, “Us”, “Our”) act as the Supplier to Customer(s) of Altia Service(s). Altia is a technology service provider of software, data and Professional Services, all “Altia Service(s)”. Altia comprises a number of legal entities. “Altia” means any of the following legal entities or Affiliates:

a)   Altia-ABM Pty Ltd. An Australian Private Company registered in Australia, to 12 of 440 Collins Street, Melbourne Australia 3000 with Australian Company Number 624 219 156.

b)   Altia-ABM Inc. A Canadian Non-distributing corporation with 50 or fewer shareholders, of 3400, 350 7 Avenue Southwest, Calgary T2P 3N9, Alberta Canada, with Company Number 10011266.

c)   Altia Solutions Limited. Registered as a company in the United Kingdom limited by shares, to 146 West Regent Street, Glasgow G2 2RQ United Kingdom with company number SC228451.

d)   ABM Intelligence Limited. Registered as a company in the United Kingdom limited by shares, to Nottingham Science and Technology Park, Nottingham, England, NG7 2RL, United Kingdom with company number 03319098.

e)   Altia Intel Inc. Registered as a company in the United States of America, at 3500 South Dupont Highway, Dover, Delaware 19901, United States of America with Employer Identification Number 32-0690264.

Altia is committed to protecting the privacy of all Users (“You”, “Your”) accessing Altia Service(s), and our public facing internet presence. As such, Our Privacy Policy has been drafted to align with international Data Protection Laws. Where Altia provides Altia Service(s) and solutions internationally. Altia’s Privacy Policy has been written in order to allow You to understand Our policy regarding Your privacy, as well as how your Personal Data (or personal information) will be handled when accessing or using Altia Service(s), website or email content. Altia’s Privacy Policy will also provide You with information so that You are able to consent to the Processing of Your Personal Data in an explicit and informed manner, where appropriate.

In general, any information and data which You provide to Altia, or which is otherwise gathered by Altia, in the context of the use of Altia Service(s) will be Processed by Altia in a lawful, fair and transparent manner. To this end, and as further described below, Altia takes into consideration internationally recognised principles governing the Processing of Personal Data, such as purpose limitation, storage limitation, data minimisation, data quality and confidentiality.

Altia’s Privacy Policy is also Our Collection Statement and may concern information or an opinion about an identified individual or an individual that is reasonably identifiable (You). For the purpose of Altia’s Privacy Policy ‘privacy’, ‘personal information’ and ‘personal data’ (“PI”) have the same meaning. The PI either identifies, or it has the potential to identify an individual. Altia processes identifying PI and also special categories of PI (“Sensitive PI”).

We make no distinction between employee records and other sources of PI. Neither do We discriminate between different formats of PI (electronic records, paper records, voice files etc.), nor whether the information or opinions are true or not. All PI that We Process and hold (where We have possession or control of a record) or use and disclose (where the information is outside of Our possession or control) is treated with the same respect, security and high standards.

Altia’s Privacy Policy extends to all Personal Data or Personally Identifiable Information that Altia collects and/or process in the course of providing Altia Service(s), in complying with Law and in managing risk. In providing Altia Service(s), this Privacy Policy extends to Altia’s business activities which include Our Customer relationships, internal operations (management, employees, temporary staff, contractors) and external operations (including third parties, such as business partners and service providers). Altia’s Privacy Policy extends to our external public facing activities such as Altia’s online presence(s)/websites including https://www.altiaintel.comhttps://altia-abm.comhttps://altiacloud.com (including any subdomains or connected domains) and to the Personal Data or Personally Identifiable Information that may be collected through these public facing activities, Altia Service(s) or the use of email for general communications and marketing purposes.

Altia’s Privacy Policy does not extend to third party websites or to social media accessed via links on Altia’s Website, Altia Service(s) or email communications. Use of third party links and social media will be governed by the privacy policies and terms of use of the relevant service providers. Further, Altia’s Privacy Policy does not extend to Customer Systems, Customer Hardware or Device(s), or to Altia’s Customer(s) own privacy practices.

If You are provided access to Altia Service(s) by your employer or contractor, who is a Customer of Altia, You will be asked to agree to the Altia’s End User Licence Agreement (“EULA”), Altia’s Privacy Policy and any other relevant Altia legal documentation before You as in individual are authorised by the Customer to use the Altia Service(s). You will be asked to consent in Your own right because Our Customer cannot give consent for the Processing of Your PI on Your behalf.

3.  Definitions

Definitions in used in this document are defined in Altia’s Agreement Definition Schedule (Or, “Definition Schedule”).

4. Purpose and Simplification

The purpose of Altia’s Privacy Policy is to inform You about the PI that We Process (hold, collect, record, organise, structure, store, adapt, alter, retrieve, consult, use, disclose, transmit, disseminate or make available, align, combine, restrict, erase and destroy) about You, how We handle it and inform You about Your choices.

Altia’s Privacy Policy is written in simple language so that it is easy to understand. If something is not clear, We invite You to contact Us so that We can provide assistance. Our contact details are provided at the end of Our Privacy Policy. They will also be provided every time that We make contact with You as a User of the Altia Service(s).

Altia’s Privacy Policy outlines the current PI handling practices of Altia. We will update Altia’s Privacy Policy when Our information handling practices change and We will publish updates on Our website, Altia Service(s), and through Our email distribution lists.

While We publish Our Privacy Policy on Our website so that it is easily accessible, We also make copies available on request in paper format. In most circumstances We do not charge a fee for providing a copy of Our Privacy Policy. If, however, a request is made for a copy in some other format (foreign language requirements or those linked to disabilities such as sight or hearing impairment), special arrangements may need to be made and a charge may apply.

5.  Consent

In all cases where consent is required, whether it be express consent (verbal, in writing, click-wrap tick box) or implied consent (browse wrap without a tick box and other behaviour which indicates consent through continued use), it must be voluntary, current, specific and based upon adequate information about the circumstances and choices available to You as an individual. Naturally, You must have the capacity to understand, to give (for example be 16 years or older) and to communicate consent. Individuals who are not sure about giving consent are encouraged to contact Us through the details found at the bottom of Our Privacy Policy.

In some circumstances, such as if you are employed or contracted by an Altia Customer who is accessing, using or facilitating the Altia Service(s) on behalf of the Altia Customer, then Your choices may be determined or limited by the Altia Customer. Only when You, as an individual, engage directly with Altia to use the Altia Service(s) do We become responsible for obtaining your consent and for Processing your PI is accordance with Law and Your choices. 

6.  Altia’s Governing Privacy Principals

Altia is committed to making every reasonable effort to manage PI in an open and transparent way.

Open and Transparent Management of Personal Information. To support this commitment, We have implemented practices, procedures and systems to align Our handling of personal information with principles that have been derived from Applicable privacy Law, relevant international Law, international standards and best practice. These practices, procedures and systems are intended to regulate Our internal and external business operations through the use of administrative, technical and physical controls. Altia’s Privacy Policy and the legal notices published on Our website are examples of Our administrative controls. Technical and physical controls are generally not made publicly available for security reasons (security through obscurity). Altia’s Privacy Policy, together with Our website Terms of Use and email disclaimer(s), set out how We provide for open and transparent management of personal information, to give You the ability to make informed choices about Altia Services and to communications with Us.

Anonymity and Pseudonymity. As an individual, You MAY (depending on the Altia Service(s) or public facing presence you are accessing or using) choose to remain anonymous (where You cannot be identified and We do not collect Your personal information), or You can choose to use a pseudonym (You can use a name, Term or description that is different from Your own) when dealing with Us. Circumstances where We give individuals the option to remain anonymous or to use a pseudonym include, for example, where individuals prefer not to be identified, to be left alone, to avoid direct marketing, to keep their whereabouts and choices from others, and to express views in the public arena without being identified. Examples of circumstances where We Will need to know the identity of the individual that We are dealing with relate to the provision of the Altia Service(s), where identification is required or authorised by Law, where a refund is requested, for Dispute Resolution, where access to information is requested for correction and where cost becomes excessive or impractical without knowing the identity of an individual We are dealing with.

Collection of Solicited Personal information. We are committed to collecting personal information by lawful and fair means and wherever possible only collecting it directly from the individual concerned. We collect personal information from individuals where the information is reasonably necessary for one or more of Altia’s functions, activities and legal obligations relating to the Altia Service(s) that We provide. In providing Altia Service(s) to individuals We may collect Sensitive PI. This Sensitive PI is provided by the individual themselves, or, by an organisation, partner or other stakeholder. Where We collect Sensitive PI, We always ask for prior consent in “writing”, where writing includes electronic forms of writing such as email. Broadly, We collect and process PI and Sensitive PI such as name, age, email address, sex and language details, for example English as an additional language or dialect. We do not use Your PI for Profiling. Information collected and processed can vary depending upon the country where Altia Service(s) are offered. For internal human resourcing, We also collect sensitive PI, such as religious beliefs, trade union memberships and health information when it is required for employment reasons, or by Law. We may solicit or request personal information from a third party such as an employment agency or referees in the context of employment. In most instances, even for non-sensitive PI where We collect personal information, We only do so after a direct request to, and with the consent of the individual to whom the information relates. In exceptional circumstance and for human resourcing, or when authorised or required by Law, We may collect personal information from some source other than the individual themselves. Where We provide Altia Service(s) to a Customer, We do not solicit personal information about an individual employed by, or contracted to the Customer, nor do We solicit the personal information of any individual third party authorised by the Customer to use the Altia Service(s). Rather, We require Our Customers to enter into legal agreements with Us that impose obligations on them to secure the confidentiality and privacy of individuals that use the Customer’s Altia Service(s).

Dealing with Unsolicited Personal information. Personal information is sometimes provided to Us in circumstances where We have not requested it. In these circumstances, where the information is unsolicited, We will examine whether it could have been collected as outlined above. We will then apply Our minds and decide whether this unsolicited information should be retained, de-identified or destroyed. Having made that decision, We will implement the decision within a reasonable time. We do not actively seek to collect unsolicited information.

Notification of the Collection of Personal Information. Altia’s Privacy Policy, other legal notices published on Our website and Our internal practices, procedures and systems (administrative controls) are Our way to ensure that individuals know about the personal information that Altia collects. We are committed to making all reasonable efforts to inform individuals about the personal information We collect before We collect it, for example by making Altia’s Privacy Policy and Our other legal notices publicly available. We will also inform individuals about collection at the time We collect personal information, for example through website activity and other forms of communication such as email. In exceptional circumstances where this does not happen, for example, when We receive unsolicited personal information from a third party which We decide to retain, We will inform individuals as soon as reasonably possible, if possible, after the collection of personal information. Through Altia’s Privacy Policy and other legal notices published on Our website and email, We seek to ensure that individuals are informed about the reasons for the collection, and that they know how to contact the accountable office bearers at Altia.

Use or Disclosure of Personal Information. Where We hold personal information about an individual that was collected for a particular purpose (the primary purpose) We will not use or disclose the information for another purpose (a secondary purpose) unless required or authorised by Law, the individual has consented or the individual would reasonably expect Us to use or disclose it for a related purpose. In some circumstances, for example, where We believe that Altia Service(s) may be improved through new technologies such as data science (analytics), or where We see a benefit to individuals, We may use personal information that has been provided to Us by the individual themselves or received from third parties for a purpose that is different form the purpose for which it was given to Us in the first place. Where We do this, We will use and/or disclose the personal information in a de-identified format. Broadly speaking, We use (process, handle and manage) personal information internally for two reasons: To provide Altia Service(s) with examples including name, address (physical, postal, email and Internet Protocol address), telephone numbers Cookies; and Diagnostic Data, Services Data and Usage Data; or For internal human resourcing with examples including name, address (physical, postal, email and Internet Protocol), health information, medical service provider details, next-of-kin, spouse or partner, banking details, tax, photo identity, trade union membership, religious beliefs, gender, cultural and ethnic identity, qualifications, training and the like. We do not collect biometric forms of personal information such as fingerprints. We also use and retain personal information records which are required to be retained for legal, business and evidential reasons. Sometimes these come from external sources and third parties. Broadly speaking We disclose personal information (release it outside of Our possession or control) for the same primary reasons listed above, providing the service, for human resourcing and where there is a legal obligation to do so.

Direct Marketing. When We provide or promote Altia Service(s), We ask for consent to communicate directly with the individuals concerned in order to provide information and to promote them. Whenever We do, We allow individuals to opt-out of receiving direct communications and direct marketing notifications. You will always be provided with an easy means of withdrawing your consent to Altia Processing your PI. When You request Us to stop communicating with You, We will comply with that request. If an individual requests information about how We came to have their personal information, We will respond and provide the source of an individual’s personal information wherever possible. We will respond to these requests within a reasonable time. We do not disclose, sell or share personal information to third parties for direct marketing purposes.

Adoption, Use or Disclosure of Government Identifiers. We do not adopt, use or disclose government identifiers of an individual as Our own identifiers. We do use and disclose government identifiers (such as tax file numbers for example), for human resource purposes and where required or authorised by Law.

Quality of Personal Information. We are committed to taking such steps as are reasonable in the circumstances to ensure that the personal information We collect, hold, use and disclose (process) is, having regard to the purpose of the use or disclosure, accurate, up-to-date, complete and relevant. To do this, We ask individuals to assist Us. We provide various technical means, including email notifications and User registration access where individuals can access, verify and update personal information records that We hold. We ask individuals to participate by ensuring their information is accurate, up-to-date, complete and relevant.

Security of Personal Information. We are committed to taking reasonable steps to protect personal information that We hold from misuse, (wrong or improper use) interference (access even where the content is not necessarily modified) and loss (accidental, inadvertent, misplaced personal information). We are also committed to securing personal information from unauthorised access (by someone that is not permitted access the information), modification (alteration by someone that is not permitted to do so, or who acts beyond the scope of their authority to modify personal information) and unauthorised disclosure (where personal information is released from Our effective control without authority). To comply with Law and manage risk, Our practices, procedures and systems aim to protect the confidentiality, integrity and availability of Our information systems and information, especially the personal information that We collect, hold, use and disclose. Where there is no legal obligation to retain records and evidence, and in circumstances where We no longer need personal information to provide Altia Service(s) or for any purpose for which the information may be used or disclosed under applicable Law, We take reasonable steps to destroy the information or to ensure that the information is de-identified. Our information security and privacy practices include circumstances where Our data handling practices are outsourced to third parties. Because of this We endeavour wherever possible to bind third party service providers through appropriate legal agreements. We also endeavour to monitor their privacy and security practices where possible.

7.  Breach

Eligible Data Breach. Depending on Your location, Altia may need to notify a governing body and affected individuals of an Eligible Data Breach in relation to PI, credit reporting information, credit eligibility information or tax file number information if, and when: there is unauthorised access or unauthorised disclosure of the information and a reasonable person would conclude that this is likely to result in serious harm to any individual to whom the information relates; or the information is lost, and the loss will lead to unauthorised access or unauthorised disclosure and consequently to serious harm to individuals.

Actual Eligible Data Breach. If, and when, Altia becomes aware of a breach of its network or information systems resulting in the circumstances outlined in above, Altia will take remedial action; where remedial action fails to adequately limit the risk, notify the individuals concerned, and any applicable governing body; and work with the individuals concerned and the governing body to protect everyone and everything concerned.

Suspected Data Breach. If, and when, Altia suspects a breach of its network or information systems resulting in the circumstances outlined in above, Altia will undertake an assessment of the situation with a view to establishing the facts; and do so within a reasonable time; and When a suspected breach is found to be an actual breach, Altia will follow the steps above. If You suspect or become aware of a breach or an impending breach, please contact Us by the details at end of Our Privacy Policy as a matter of urgency.

8.  Access to Personal Information

Where We hold or have the right and power to deal with personal information (for example, where it is stored by one of Our Third Party Service Providers), We will, on request by an individual, normally give that individual access to their information. We do this so that individuals know what information We hold on them and because it assists Us to ensure that the personal information that We hold is up-to-date, complete and relevant. In considering a request for access to personal information by an individual, We will require identification. We reserve the right not necessarily to give access to an individual to their personal information in circumstances, for example, where provided for in Law, in instances of commercial sensitivity and where a third party may be negatively affected. We will respond to an individual’s request for access to their information within a reasonable time and We will consider reasonable requests for access to be given in a particular format, for example, by email, telephone and postal services. As a matter of courtesy, We will provide reasons for the refusal if access is refused. No charge will apply when an access to information request is received. We do however, reserve Our rights to charge a fee where We incur costs, for example, for photocopying, postage and costs associated with using an intermediary if one is required.

9.  Correction to Personal Information

Where We hold personal information, We will take reasonable steps to correct it to ensure that, having regard to the purpose for which We hold it, it is accurate, up-to-date, complete, relevant and not misleading. You, as an individual may request that We correct personal information that We hold about You in circumstances where You believe that the information is inaccurate, out of date, incomplete, irrelevant or misleading. In considering a request for the correction of personal information that We hold; We will require identification of the requesting individual. We reserve the right not necessarily to effect the changes sought but undertake to consider reasonable requests and to associate a statement to the record reflecting Our refusal to correct the failed request for correction if We consider refusal the appropriate action. We will respond to a request to change information within a reasonable time although changes sought may take longer, for example, because We may need to contact and notify other organisations and individuals about the request. No charge applies for making a request, correcting personal information or associating a statement for refusal to change a record. As a matter of courtesy, We will provide reasons for the refusal if correction is refused, and also a reminder of the complaint process available to individuals that feel aggrieved by the refusal.

10.      Complaints, Enquiries or Access to Information

In most circumstances, a governing body will not investigate a complaint if an individual has not first raised the matter with Us. For this reason, We ask individuals to agree to submit all complaints relating to Our Privacy Policy to Us first, so that We have an opportunity to resolve complaints before they proceed to any relevant governing body. Individuals are asked to direct all complaints and enquiries to Us at legal@altiaintel.com. Individuals wanting to lodge a complaint can make general enquiries, request access to their information and complain to Us in writing. This includes email communications but excludes text and social media. We will respond to complaints within a reasonable time. As in the case of requests to change information, a longer response time may be needed, for example, because We may need to contact and notify other organisations and individuals affected by the complaint. In this case We will endeavour to respond within 60 business days.

11.      Skill, Diligence and Care

Altia will exercise reasonable skill, diligence and care as may reasonably be expected from a similar service provider.

12.      Governing Law

The principles outlined in Altia’s Privacy Policy are governed by Law(s) of the United Kingdom, and international best practice.

13.      General Data Protection Regulation

The General Data Protection Regulation (“GDPR”) is a Regulation by which the European Commission intends to strengthen and unify data protection for individuals within the European Union (“EU”) (citizens and residents, even when not physically located in the EU). Information on Altia’s compliance with GDPR can be found in Altia’s Data Processing Agreement (“DPA”) here.

14.      Disputes

Any disputes relating to this document is to be handled in accordance with the Dispute Resolution clause of Altia’s MSA which can be found here.

15.      Contacting Us

Any contact to Altia relating to any part of this document may be directed to its Chief Information Officer, Brice Neilson, by email at legal@altiaintel.com, by mail at 146 West Regent Street, Glasgow G2 2RQ or by phone on +61 370 654 120.