LSH Auto is an organisation and "APP Entity" for the purposes of the Privacy Act and is subject to the Australian Privacy Principles. No general exemptions under the Privacy Act apply to us or to any of our acts and practices.
How we collect, hold and use personal information
Information We Collect
We will collect your personal information directly from you unless it is unreasonable or impracticable to do so, and will limit the personal information we collect to that which is reasonably necessary for our functions or activities.
So that we can provide you with our Services, we collect a range of personal information, including:
- Information you provide to us when accessing or using our Services. We collect information you provide to us, including, but not limited to:
- your name, email address, telephone number, occupation, vehicle registration details, driver's licence details, financial information, and current and past vehicle information. The specific information we collect will depend on the circumstances of our interaction with you, but we often collect some or all of these kinds of information when you access or use our Services, participate in our promotions or competitions, or when you visit us to test drive or purchase a vehicle or arrange to have your vehicle serviced or repaired, or if you apply for a position or employment with us;
- your credit card details, bank account information and/or billing information if required to process a transaction with you, for example if you purchase products or services from us. Credit card details are not stored in any form by us or on any internal or external databases that are accessible to us; and
- any other information you may choose to provide to us. For example, when you communicate with us (whether by telephone, email or SMS) we will collect your contact details and any other information you volunteer to us.
- Information about your use of our Website. We also collect information when you use or access our Website. Our collection and use of this information is discussed below in the section headed "Website Usage, Tracking Information and Cookies".
We do not generally collect (or, if it is provided by you to us, retain) any "sensitive information" (as that term is defined in the Privacy Act) about you.
If you fail to provide personal information requested by us, there may be a range of consequences, for example we may not be able to respond to your enquiry or otherwise provide you with our Services. There will not usually be Australian laws or court/tribunal orders which require or authorise us to collect your personal information.
We may, in some circumstances, collect personal information about you from third parties, in which case we will take reasonable steps to notify you of that information and the circumstances of its collection. Some specific circumstances in which we collect personal information from other sources may include collection from:
- other members of LSH Auto's corporate group. The Privacy Act allows the sharing of certain personal information within our corporate group (ie, the collection of personal information from a related body corporate);
- customers or other individuals who provide us with information about you, such as joint owners, family members or referees;
- third party suppliers such as roadside assistance service providers;
- publicly-available sources such as data aggregators, public databases and other commercial providers, and information that you or others may post online, eg on social media platforms. This may include information such as your name, demographic, interests and other publicly-available data. We (or our service provider on our behalf) may combine this information with other information including information we collect directly from you. We may also associate information about your use of our digital services over time with your personal information, eg where on any occasion you have logged in, followed a link sent to you by email or where we have otherwise been able to identify you;
- Austroads Ltd’s National Exchange of Vehicle and Driver Information System if we are conducting a recall; and/or
Use of Information
We will generally only use your personal information for the purpose for which we collected it, and for related purposes we consider would be within your reasonable expectations. Purposes for which we may use your personal information include to:
- provide the products and services requested, respond to your enquiries, send you information that you request, or otherwise achieve the purpose for which the information was submitted to us;
- facilitate the sale of our products or services, or the products and services of third parties;
- set-up and configure customer accounts, and identify our customers, potential customers and people acting on their behalf;
- record and maintain user details and profile information;
- contact you to invite you to events (such as a new program we are launching) or inform you about new Services we provide;
- deliver marketing materials to you regarding new Services and offers we believe may be of interest to you, and conduct market research, marketing or promotional activities;
- improve our Services, for example conducting customer satisfaction surveys following the purchase of a vehicle from us or following vehicle servicing;
- provide customer support including responding to your concerns and resolving disputes;
- help us plan for the future by using some information for administrative purposes such as statistical information (with such statistical information usually being de-identified);
- compare information provided by you for accuracy and verify it with third parties; and
- engage in other activities where required or permitted by law.
Where we propose to use your personal information for another purpose other than as outlined above, we will generally seek your permission (unless we are required or permitted by law to do so without seeking consent).
STORAGE AND SECURITY
We will take reasonable steps to keep the information we hold about you secure and protect your personal information from misuse, interference and loss as well as unauthorised access, modification or disclosure.
Information stored by us is protected by our security access policies and procedures. For example, personal information we collect and store on our computer network is stored on secure servers and is only accessible by those persons who need access to the information to carry out their business functions. We also maintain physical security measures to protect tangible (hard-copy) records containing personal information.
We undertake regular monitoring of our practices, procedures and systems to ensure the effectiveness our security policies and identify and implement improvements where appropriate. However, no method of transmission or electronic storage is completely secure, and we cannot guarantee the security of data, particularly if it is transmitted through services such as the Internet or third-party platforms (eg, email or social media platforms). You transfer your personal information to us at your own risk.
If your information is disclosed to third-party service providers, we will ordinarily enter into arrangements which require them to maintain the security of your information.
We will endeavour to destroy or de-identify your personal information as soon as it is no longer required by us (where permitted by law). When we dispose of personal information, we endeavour to ensure that it is destroyed or permanently de-identified in a secure manner.
Disclosure of Personal Information
We will generally only disclose your personal information for the purpose for which we collected it, and for related purposes we consider would be within your reasonable expectations.
We may disclose your personal information to others, including but not limited to:
- other members of LSH Auto's corporate group. The Privacy Act allows the sharing of certain personal information within our corporate group (ie, the disclosure of personal information to a related body corporate);
- third party suppliers such as the vehicle manufacturer, Mercedes-Benz Australia/Pacific Pty Ltd, where necessary for us to provide products to you and for related purposes such as administration of your vehicle manufacturer's warranty;
- third party providers of financial and credit services, such as Mercedes-Benz Financial Services Australia Pty Ltd, where you apply for finance offered by a provider in connection with the purchase of a vehicle from us;
- service providers contracted by us, including information technology service providers, printers and distributors of marketing materials, creditors, banks, financiers, credit providers, insurers and external business advisors (such as auditors and lawyers);
- third parties as necessary in order to detect and prevent fraud and protect the rights, property and safety of our business, you and others; and
- third parties as necessary in order to enforce our policies and agreements.
We may disclose your personal information to overseas recipients if it is required to fulfil the purpose for which we collected it, in which case we take reasonable steps to ensure that the overseas recipient does not breach the Australian Privacy Principles. However, we are not generally likely to disclose personal information to overseas recipients other than our parent company located in Hong Kong SAR in order to comply with reporting and other corporate obligations.
Access to, and correction of, personal information
You may contact us to request access to or correction of the personal information about you that we hold, in which case we will respond to your request within a reasonable period after the request is made. We may refuse your request to allow access or to amend your personal information (or only partially comply with such a request) if we are legally required or entitled to do so. In that case, we will provide you with written reasons for the refusal (unless it is unreasonable to do so) together with information about the options available to complain about the refusal.
We may require you to pay certain costs in order to access your personal information held by us. We will advise the amount payable (if any) once we have assessed your application for access. We will not however charge a fee for you to lodge a request for access to or correction of your personal information.
If you lodge a request for access to your personal information, we request that you identify, as clearly as possible, the types of information requested. We may fulfil that request in any of a range of ways (for example, by supplying you with a copy of that personal information or providing you with the opportunity to inspect our records). We may require you to comply with certain procedures before we allow access to or amendment of your personal information to ensure the integrity and security of information that we hold. Depending on the nature of your request, this may include verifying your identity to our satisfaction.
We will take reasonable steps to ensure that the personal information that we collect, use and/or disclose is accurate, up-to-date and complete and relevant. If we are satisfied that any personal information we hold about you is inaccurate, out-of-date, incomplete, irrelevant or misleading, we will amend our records accordingly.
Please notify us if your personal details change so that we may keep our records current.
Website usage, tracking information and cookies
We collect limited information about people who use our Services so that we can track the use of those resources, maintain and improve our Services, and understand how our users navigate through and use our Services. We do not use these technologies for tracking of any information about your use of other websites or services. Information we collect may include:
- details about you and your device, such as your IP address, top level domain names, location or device information, and any other information provided by your mobile device, if you access or use our Website via a mobile device or application. If you do not want us to collect your location information you may be able to disable the GPS or location-tracking function of your device;
- data collected using any integrated plugins on our Website. Where this data is collected by a third party (which we will generally seek to make you aware of) please refer to the third party’s privacy statement to understand their data handling practices as we do not control the information you may share with them;
- data relating to your use of our Website, which may include your IP address, data, and time of your access or use of our Website, page views and documents downloaded, the referring URLs, and any other information about your activities on our Website; and/or
- search terms, interactions with other users, and any other activities on our Website.
(collectively, Usage Information).
Unless you have registered for an account with us, we will not link Usage Information to your personal information such as your user name. If you register for an account with us, Usage Information may be associated with your registration data. If you do not register for an account with us, Usage Information will be aggregated with that of other unregistered users and will not be associated with an identifiable person.
You may decline our cookies if your browser or browser add-on permits, but doing so may interfere with your use of our Websites, products and services. You can refer to the documentation for your browser or installed applications for instructions on blocking, disabling or deleting cookies.
By using our websites you consent to the storing and accessing of cookies or other information on your device for the purposes of Google Analytics, unless you have opted out. To opt-out you may be able to install the Google Analytics Opt-out Browser Add-on. You may also be able to opt out of Google Analytics Advertising Features, such as interest-based advertising served by Google on its products or across the Google Display Network through the Google Ads Settings or other available means (for example, the Network Advertising Initiative opt out). The Google opt-outs may not stop all advertising. Google may still serve advertising that is not interest based, and you may still receive interest based advertising that is not served by Google.
Our website uses the Facebook pixel (Pixel), which is a website feature which allows us to receive information on user activity on our website from users that have been redirected to our website by clicking on our Facebook advertisements. This enables us to measure the effectiveness of our Facebook advertisements for statistical and market research purposes. The Pixel does not collect any personal information of individual users. The data collected by the Pixel is stored and processed by Facebook, which has ultimate control of the information gathered through the Pixel. Facebook may link the information collected from the Pixel to your Facebook account and also use it for its own promotional purposes in accordance with Facebook's Data Usage Policy: https://www.facebook.com/about/privacy/.
You may be able to opt-out of our use of the Pixel through the settings of your Facebook Account. By using our website you consent to our use of the Pixel, unless you have opted out.
Our Services may include links to other websites whose operators’ privacy practices may differ from ours. If you provide your personal information to any of those sites, your information will be governed by those operators’ privacy policies.
CHANGES AND UPDATES
If you believe that a breach of your privacy has occurred, we encourage you to contact us to discuss your concerns. Our contact details can be found below.
Your complaint will be considered and dealt with by our LSH Auto Australia Group Privacy Officer. The Privacy Officer may escalate the complaint internally within our organisation if the matter is serious or if necessary to resolve it. We will treat your complaint confidentially and, after investigating your complaint, may contact you to discuss the ways in which we can remedy the situation.
Please allow us a reasonable time to respond to your complaint. If you are not satisfied with our proposed resolution, you may make a complaint to the Office of the Australian Information Commissioner, whose contact details can be found at: www.oaic.gov.au
You may contact us if you require further information about the ways we manage your personal information.
Group Privacy Officer
LSH Auto Australia
Level 1, 135 Kings Way
South Melbourne Victoria 3205
Tel: (+61)3 9133 2216