The purpose of this policy is to ensure that the Cica Group is aware of its obligations and has appropriate practices in place for managing the privacy of Client’s information. (in accordance with the Privacy Act 1988 (Cth).

The Cica Group uses information that we collect from our clients to provide them with the agreed services. The Cica Group has a contract including confidentiality clauses with each client that governs the provision of the services and sets out the purposes for which the Cica Group may use any information that the client provides (including any personal information). The Cica Group does not use that information for any other purposes, unless it is necessary to comply with a legal or professional right or duty.

Because the Cica Group provides a wide range of different types of services to our clients, the way we use personal information also varies. For example, the Cica Group might use personal information:

• About a client’s customers to help the client improve the quality of the services they offer;
• Collected by a client as part of their ordinary business activities in the course of helping that client restructure their business; or
• Collected by a client as part of their ordinary business activities to help that client manage their cyber-security and other business risks.

How does the Cica Group protect your information? 

The Cica Group holds information in hard copy and/or electronic formats. The Cica Group uses a range of physical, operational and technological security measures to protect this information. These measures include:

• Staff education and training to ensure our staff are aware of their privacy obligations when handling your client information;
• Administrative and technical controls to restrict access to client information to only those people who need access;
• Technological security measures, including fire walls, encryption and anti-virus software;
• Physical security measures, such as access to Cica Group premises, secure document storage and disposal bins.