Ingram Micro is the world’s largest wholesale technology distributor and a global leader in IT supply-chain, mobile device lifecycle services and logistics solutions. The company supports global operations through an extensive sales and distribution network throughout North America, Europe, Middle East and Africa, Latin America and Asia-Pacific.
2. What personal information do we collect and hold?
2.1. General Information
The types of information that we collect and hold about you could include:
3. What sensitive information do we collect and hold?
4. How we collect personal information:
We collect information through the following means:
Where practicable, we will collect personal information directly from you. If we receive information about you from someone else (for example from someone who supplies goods or services to us), we will take reasonable steps to ensure you are aware that we have collected personal information about you and the circumstances of the collection.
5. The purposes for which we collect, hold, use and disclose personal information
The main purposes for which we collect, hold, use and disclose personal information are:
We may also collect, hold, use and disclose personal information for other purposes explained at the time of collection or where:
Disclosure of personal information to third parties
Personal information may be disclosed to the following third parties where appropriate for the purposes set out under heading 5 above.
In the case of these contracted service providers, we may disclose personal information to the service provider and the service provider may in turn provide us with personal information collected from you in the course of providing the relevant products or services.
6. Direct marketing
We may use personal information of our customers, specifically your name and relevant address details, to let you know about our services and those of third party partners/contractors/suppliers of Ingram Micro. We and/or our partners/contractors/suppliers may contact you for direct marketing purposes in a variety of ways, including by mail, email, SMS, telephone, online advertising or facsimile. By providing us with your personal information you consent to us and/or our partners/contractors/suppliers contacting you for such purposes unless you notify us otherwise in accordance with clause 6.1 below.
6.1. Opting out
You can opt out at any time from receiving direct marketing from us, in the following ways:
Customers can update their communications preferences (including opting out of direct marketing communications) by contacting their account administrator, or by:
6.2. Notification of source
If we have collected the personal information that we use to send you direct marketing material from a third party (for example a direct mail database provider), you can ask us to notify you of our source of information, and Ingram Micro’s policy is to do so unless this is unreasonable or impracticable
7. Collection of information other than personal information through our website
A cookie is a small string of information that a website transfers to your browser for identification purposes. The cookies used by Ingram Micro may identify individual users who log into the website.
Most internet browsers are set to accept cookies. If you prefer not to receive them, you can adjust your internet browser to reject cookies, or to notify you when they are being used. There are also software products available that can manage cookies for you. Rejecting cookies can, however, limit the functionality of our website (such as preventing users from logging on and making purchases).
8. What if you don't want to provide your personal information to us?
Ingram Micro’s policy is to provide individuals with the option of not identifying themselves, or of using a pseudonym, when dealing with us if it is lawful and practicable to do so. A pseudonym is a name or other descriptor that is different to an individual’s actual name.
In some cases however, if you don't provide us with your personal information when requested, we may not be able to respond to your request or provide you with the product or service that you are seeking. For example, you must identify yourself to be able to make purchases through the Ingram Micro website.
9. Unsolicited information
Unsolicited personal information is personal information we receive that we have taken no active steps to collect (such as an employment application sent to us by an individual on their own initiative, rather than in response to a job advertisement).
We may keep records of unsolicited personal information if the Privacy Act permits it (for example, if the information is reasonably necessary for one or more of our functions or activities). If not, Ingram Micro’s policy is to destroy or de-identify the information as soon as practicable, provided it is lawful and reasonable to do so.
10. Cross border disclosure of personal information
Ingram Micro operates in a number of international jurisdictions, including Singapore, the Philippines, and the United States of America. We may need to share some of your information with organisations outside Australia which are located in the following countries:
We may store your information in cloud or other types of networked or electronic storage. As electronic or networked storage can be accessed from various countries via an internet connection, it’s not always practicable to know in which country your information may be held. If your information is stored in this way, disclosures may occur in countries other than those listed.
Overseas organisations may be required to disclose information we share with them under a foreign law.
11. Use of government related identifiers
In certain circumstances we may be required to collect government-related identifiers such as your tax file number. We will not use or disclose this information unless we are required or authorised by law.
12. Data quality and security
Ingram Micro holds personal information in a number of ways, including in electronic databases, email contact lists, and in paper files held in drawers and cabinets, locked where appropriate. Paper files may also be archived in boxes and stored offsite in secure facilities. Ingram Micro’s policy is to take reasonable steps to:
You can also help us keep your information up to date; by letting us know about any changes to your personal information, such as your email address or phone number.
The steps we take to secure the personal information we hold include ICT security (such as encryption, firewalls, anti-virus software and login and password protection), secure office access, personnel security and training and workplace policies.
Ingram Micro processes payments using EFTPOS and online technologies. Our policy is to ensure that all transactions processed by Ingram Micro meet industry security standards to ensure payment details are protected.
While Ingram Micro strives to protect the personal information and privacy of website users, we cannot guarantee the security of any information that you disclose online and you disclose that information at your own risk.
Please notify us immediately if there is any unauthorised use of your account by any other Internet user or any other breach of security. For the purposes of viewing our Web site you will have a user name and password. You are responsible for the security and confidentiality of your password and log-in information.
12.5.Third party websites
13. Access and correction of your personal information
13.1.Accessing your personal information
If at any time you want to know exactly what personal information Ingram Micro holds about you, you can access your record by contacting us at firstname.lastname@example.org. We‘ll always give you access to your personal information unless there are certain legal reasons why we can’t. We will give you access to your information in the form you want it where it is reasonable and practical. We may charge you a small fee to cover our costs when giving you access, but we’ll always check with you first.
We’re not always required to give you access to your personal information. Some of the situations where we don’t have to give you access include when:
If we can’t provide your information in the way you’ve requested, we will tell you why in writing. If you have concerns, you can contact our Privacy Officer.
If your personal information is inaccurate or out of date, you can e-mail us at email@example.com and ask us to correct it. If you ask us to correct personal information that we hold about you, or if we are satisfied that the personal information we hold is inaccurate, out of date, incomplete, irrelevant or misleading, Ingram Micro’s policy is to take reasonable steps to correct that information to ensure that, having regard to the purpose for which it is held, the information is accurate, up-to-date, complete, relevant and not misleading.
If we correct personal information about you, and we have previously disclosed that information to another agency or organisation that is subject to the Privacy Act, you may ask us to notify that other entity.
13.3.Timeframe for access and correction requests
Except in the case of more complicated requests, we will endeavour to respond to access and correction requests within 30 days.
13.4.What if we refuse your request for access or correction?
If we refuse your access or correction request, or if we refuse to give you access in the manner you requested, Ingram Micro’s policy is to provide you with a written notice setting out:
In addition, if we refuse to correct personal information in the manner you have requested, you may ask us to associate with the information a statement that the information is inaccurate, out-of-date, incomplete, irrelevant or misleading, and we will take reasonable steps to associate the statement in such a way that will make it apparent to users of the information.
If you have a complaint about how Ingram Micro has collected or handled your personal information, please contact our Privacy Officer (details under heading 16 below).
Our Privacy Officer will endeavour in the first instance to deal with your complaint and take any steps necessary to resolve the matter within a week.
If your complaint can't be resolved at the first instance, we will ask you to complete a Privacy Complaint Form, which details (for example) the date, time and circumstances of the matter that you are complaining about, how you believe your privacy has been interfered with and how would you like your complaint resolved.
15. Complaints process
We will endeavour to acknowledge receipt of the Privacy Complaint Form within five business days of receiving it and to complete our investigation into your complaint in a timely manner. This may include, for example, gathering the facts, locating and reviewing relevant documents and speaking to relevant individuals.
In most cases, we expect that complaints will be investigated and a response provided within 30 days of receipt of the Privacy Complaint Form. If the matter is more complex and our investigation may take longer, we will write and let you know, including letting you know when we expect to provide our response.
Our response will set out:
If you are unhappy with our response or if we fail to respond to your complaint in a timely manner, you can refer your complaint to the Office of the Australian Information Commissioner or, in some instances, other regulatory bodies.
16. Further information
Please contact Ingram Micro if you have any queries about the personal information that Ingram Micro Australia holds about you or the way we handle that personal information. Our contact details for privacy queries are set out below.
Ingram Micro Pty Ltd
61 Dunning Ave
Rosebery NSW 2018
P: + 61 2 9381 6000
F: +61 2 9381 6001
17. Changes to this policy