PRIVACY POLICY

1. General

This Privacy Policy was last updated on 23/11/2023

1.1 This Privacy Policy applies to all Personal Information collected, stored, used or disclosed by DCARB Australia Pty Ltd ACN 652 927 887 (DCARB, we, our or us). 

1.2 We are committed to complying with our obligations under the Privacy Act 1988 (Cth) (the Act) and the Australian Privacy Principles (APPs) in respect of that information. In this Privacy Policy, we explain how and why we collect your information, how we use it, how we disclose it and what controls you have over our use of it. 

1.3 Please read this Privacy Policy carefully. Your use of any part of our Website, App or Services will constitute your consent to the collection, transfer, processing, storage, disclosure, and other uses of your Personal Information in accordance with this Privacy Policy.  If you do not agree with the terms and conditions of this Privacy Policy, please do not use our Website, App or Services. 

2. Definitions

In this Privacy Policy: 

(a) Act means the Privacy Act 1988 (Cth); 

(b) App means the mobile phone application provided by us, which may include, but is not limited to the following functionalities:  

  1. a GPS-style location and tracking functionality that activates in limited circumstances;  
  2. an ability to calculate the approximate carbon emission and fuel consumption savings for vehicles retrofitted with our units, and aggregating data as required; and 
  3. an ability to create and maintain user profiles, including any associated software updates and/or patches (as required);  

(c) OAIC means the Office of the Australian Information Commissioner; 

(d) Personal information means information about you which personally identifies you or may reasonably be used to personally identify you and otherwise has the meaning given to that term in the Act; 

(e) Privacy Law means the Act, the Privacy Regulation 2013 (Cth), and any law that contains a relevant privacy obligation; 

(f) Sensitive information has the meaning given to that term in the Act, which includes racial and ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual orientation or practices, criminal record, health information, genetic information, biometric information and biometric templates;  

(g) Services means the services that are to be provided by us, which may include, but is not limited to:  

  1. us providing the DCARB PM Program and DCARB Engine Carbon Removal Service as detailed on our Website, including consults from our mobile technicians;  
  2. monitoring engine data & inject H2 & O2 into the engine air intake for varying driving conditions;  
  3. partnering with distributors to build relationships in sales and marketing across our four main target markets: marine, rail, power generation, and trucking;  
  4. engaging employees, contractors (including subcontractors), consultants, and agents in the ordinary course of our business; and 
  5. providing Website services from time to time, including engagement with third party websites (as applicable).  

(h) Surveillance Legislation means any relevant surveillance or workplace surveillance law in Australia, including Surveillance Devices Act 2004 (Cth), Listening Devices Act 2007 (NSW), Invasion of Privacy Act 1971 (Qld), Surveillance Devices Act 1999 (Vic), Surveillance Devices Act 2016 (SA), Listening Devices Act 1992 (ACT), Surveillance Devices Act 1998 (WA), Listening Devices Act 1991 (Tas), Surveillance Devices Act 2007 (NT), Workplace Privacy Act 2011 (ACT), Workplace Surveillance Act 2005 NSW), and any associated regulations;     

(I) Website means the website available at https://www.dcarb.com/ 

(j) You or your means you and anyone using the Website, Services, App, or otherwise contacting us (on your own behalf, or for another individual or entity). 

3. What types of Personal Information do we collect?

3.1 We collect, use, store and transfer various types of Personal Information, including:

  (a) personal details, including your name and any other personal details that you provide to us as part of the Website, Services and/or App;  

  (b) contact details, including your email address, mailing address, billing address (for purchases), telephone number and any other contact details (including job title) that you provide to us as part of the Website, Services and/or App;

  (c) profile details, including username and password for our App, Website and/or App preferences, feedback, and survey responses;  

  (d) technical details, including internet protocol (IP) address, your login data, browser type and version, access times, webpage you were redirected from, webpage(s) or content you historically accessed for us, time zone settings and location (as applicable), browser plug-in versions and types, App update preferences, operating system and websites, and other technology in devices used to access our Website, App or discuss the Services;  

  (e) usage records, including information about the usage of our Website and App, and information retrieved from ‘cookies’;  

  (f) marketing and communications preferences, including preferences in retrieving marketing from us (as applicable) or communications, including our third parties;  

  (g) financial information, including billing and payment details (as applicable);

  (h) transaction information, including payments made to and from you in connection with the Services, identity of customers, distributors, or suppliers (as applicable), details of Services booked, purchased or otherwise dealt with in the course of our business;  

  (I) location information, including the location of customers using the App (when in the proximity of DCARB units), tracking of location of users of the App (in live time), records of locations the user or user’s vehicle retrofitted with a DCARB unit has travelled (while using the App);

  (j) recruitment information, including your CV, personal information, relevant records from your previous employer or university, letters of recommendation and any information required by us to assess whether to employ or contract youThis information may reveal Sensitive Information about you;

  (k) and any other Personal Information that may be required in order to facilitate your dealings with us.

3.2 Where possible, we will allow you to interact with us anonymously or using a pseudonym that corresponds to a record you retain. However, this may limit or otherwise restrict your access to our Website, App and/or Services.

4. How do we collect Personal Information?

4.1 We may collect Personal Information from you when:

  (a) you access, use, provide feedback, or otherwise interact with our Services, App or our Website including through third party websites connected or integrated with our Website or App;   

  (b) a person who accesses, uses or otherwise interacts with our App, Website or Services (as applicable), including through third party websites connected or integrated with our Website or App, and provides your personal information to us for the purpose of us performing our Services or services under the App at their request;

  (c) you communicate with our staff or representatives during the course of us providing you the Services or App;

  (d) when you apply for employment or a position with us;

  (e) we solicit it from, or it is provided to us by, any person connected with our provision of the Services or App to you; or 

  (f) you otherwise deal with us in the course of our business.

4.2 Where we solicit Personal Information, we only collect:

  (a) non-Sensitive Information, if it is reasonably necessary for the Services we provide; and  

  (b) Sensitive Information, if it is reasonably necessary for or directly related to Services we provide and you have consented to its collection, or its collection is permitted or authorised by law.

4.3 If we solicit Personal Information, we will generally solicit it directly from you, unless it is unreasonable or impracticable for us to do soWhere we collect Personal Information about you from a third party without your prior consent, we will take reasonable steps to inform you that we have collected Personal Information.

5. How do we store and protect Personal Information?

5.1 We prioritise the security of your Personal Information whilst it is in our possession. We may hold Personal Information in various forms, including without limitation physical documents, electronic records, visual records, and audio recordings. Physical files are kept securely inside our accesscontrolled premises. Electronic files are stored securely on protected information systems and are only accessible through our secure network. We maintain physical security over our paper and electronic data stores, and confidentiality provisions form part of the engagement contracts for all our staff members and contractors.

5.2 We take reasonable steps to:   

  (a) ensure that Personal Information we collect is accurate, up-to-date, complete and relevant, other than where it is only collected to provide advice in respect of a particular point in time, in which case we will seek to ensure it is accurate, complete and relevant as at that particular point in time;

  (b) ensure that Personal Information we use or disclose is accurate, up-to-date, complete and relevant, having regard to the purposes for which Personal Information is used or disclosed;

  (c) protect Personal Information from misuse, interference and loss, and from unauthorised access, modification or disclosure;

  (d) implement appropriate controls for mobile devices and backend systems to store Personal Information, including but not limited to, encrypting user information for the App when it is transferred via the internet or stored and not storing passwords in plaintext on our server; 

  (e) updating and adapting code for the App to allow for differences in mobile platforms;

  (f) generating credentials securely, including conducting appropriate due diligence on libraries of credentials and other third party code;

  (g) maintaining data retention period, whereby we destroy or de-identify Personal Information which we no longer need for the purposes for which it was collected, except where it is necessary to retain it in order to maintain ongoing records for our clients; and

  (h) preparing, implementing, regularly updating a data breach response plan.  

5.3 We cannot guarantee the security of information transmitted via the internet. As such, transmission of Personal Information via the internet is at your own risk and we cannot be held responsible for the security of such information. This includes transmission of your Personal Information to us from third parties via the internet.

5.4 Your use of, or the supply of your information to, third parties who supply us with information, or who we are required to supply information to, in connection with the Website, Services or App is entirely at your own risk and we make no representations or warranties regarding third parties’ privacy practices.

6. Why do we collect, hold, use, and disclose Personal Information?

6.1 We collect, hold, use, and disclose Personal Information for the following purposes: 

  (a) for the purpose(s) for which it was disclosed to or collected by us; 

  1. facilitating interactions with you in the course of operating our business; 
  2. responding to your enquiries and information requests; 
  3. providing Services or the App to our clients if it was validly collected for that purpose; 
  4. processing forms submitted through the Website or during the course of the Services or App;  
  5. storing information at third-party data centres; 
  6. performing quality assurance, IT security and ordinary business operations;  
  7. updating your Personal Information; and 
  8. complying with our legal obligations; 

  (b) for secondary purposes where it would be reasonable to expect us to do so, and that secondary purpose is related (or directly related in the case of Sensitive Information) to the primary purpose for which it was collected; and :   

  (c) for any other purposes for which you have consented from time to time.

6.2 The above purposes include using and disclosing your Personal Information:

  (a) to supply the Services or App to a third party;

  (b) to facilitate other interactions with you or a third party receiving the Services or App related to you in the course of operating our business;

  (c) to share your Personal Information to employees, contractors, subcontractors or any other of our third party service providers to assist us with providing the Services or App;

  (d) to run analytics on the use of our Website and otherwise to improve our Website on an anonymised and de-identified basis

  (e) to improve and market our Services or App, including internal management reporting, on an anonymised and de-identified basis; 

  (f) to respond to your enquiries and provide you with relevant information;   

  (g) to update your Personal Information; 

  (h) to collect information required for reporting to relevant regulatory bodies (if required) 

  (I) as permitted or required by law; and  

  (j) for any other uses identified at the time of collecting your Personal Information. 

6.3 We may disclose your Personal Information to such persons as is necessary to achieve the above purposes. This will often include disclosure to our related bodies corporate and third parties related to the Services or App, including without limitation, a professional association or registration body that has a proper interest in the disclosure of your Personal Information.

6.4 We may use or disclose Personal Information for secondary purposes where it would be reasonable to expect us to do so, and that secondary purpose is related (or directly related in the case of Sensitive Information) to the primary purpose.

7. Direct Marketing

7.1 If we send you direct marketing communications and information via mail, email, or social media platforms about our Services or App, we will only do so with your express consent and for the primary purpose disclosed in gaining that consent. 

7.2 If you do not provide your consent to receive direct marketing communications, you may opt-out of receiving marketing communications from us by contacting us at the details below or by using opt-out facilities provided in our communications. 

7.3 We do not provide your Personal Data to other organisations for the purposes of their direct marketing. If we provide direct marketing communications or information, our emails will be designed to be compliant with anti-spam laws, including Australia’s Spam Act 2003 (Cth) and the Do Not Call Register Act 2006 (Cth).      

7.4 If you believe you have received mail in violation of these laws or any other anti-spam law, please contact us using the contact information in this Privacy Policy.

8. Unsolicited information

8.1 If you provide Personal Information that we have not requested, we will only retain it in limited circumstances. We will only retain the unsolicited information if it is reasonably necessary for us to provide you with the Services, and you have consented to the information being collected, or it was not practical or reasonable for us to obtain your consent under the circumstances. 

8.2 If these conditions are not met, we will destroy the unsolicited information. If the unsolicited information we receive about you is Sensitive Information, we will always obtain your consent.

9. Location Tracking Surveillance

9.1 Where we collect and store location tracking data through your use of the App, we will undertake to ensure we or your employer (as applicable) has complied with all Privacy Laws and Surveillance Legislation 

9.2 If you do not consent to us collecting, storing, using or disclosing your location tracking data, then you will not be able to use our App. 

10. Overseas disclosure

10.1 It is unlikely that we will need to disclose your Personal Information to an overseas recipient or otherwise store your Personal Information overseas. If we do need to do so, this will generally be limited to third party providers of services such as website hosting, data storage, electronic communications, and data analysisAny such disclosure will be done in accordance with the Act.   

10.2 We will attempt to ensure that persons to whom the disclosed Personal Information relates have comparable rights in relation to that information once disclosed overseas.

10.3 Please note you have the right to refuse to have your Personal Information transferred overseas. You must contact our privacy officer to make this request. However, you acknowledge that making this request may prevent you from being able to use part or all of our Website and/or Services (as applicable).

11. Using our Website and cookies

11.1 To improve your experience on our Website, we may use ‘cookies’, being small data files that are served by our Website and stored on your deviceThese are used by us or third parties for a variety of purposes including to operate and personalise the Website.    

11.2 We use cookies and other digital identifiers that fall largely within the following three categories:  

  (a) Necessary Cookies: these are required to enable the basic functions of the Website, and do not store any personally identifiable information; 

  (b) Functional Cookies: these provide information on how the Website is used so that we can make the necessary improvement or changes to enhance your experience; 

  (c) Analytics Cookies: these give us the statistics to understand how many people are on the Website, which areas are most popular and which areas require improvement; and  

11.3 You may refuse to accept cookies by selecting the appropriate setting on your internet browserHowever, please note that if you do this, you may not be able to use the full functionality of our Website.

12. Third parties

12.1 Our Website may contain links to websites of third parties that may be of interest to you. Third party websites are responsible for their own privacy practices, and you should review their respective privacy policies and terms of use. We make no representation as to the accuracy or completeness of the information contained on third party websites.   

12.2 We are not responsible for such third parties or any associated websites or resources that relate to them. If you access such websites or resources, you do so at your own risk, and we make no representations or warranties regarding third parties’ privacy practices. We encourage you to read the privacy policies of every such third party, associated website or resource that you use or that your information is provided to.

12.3 If our Website, Services or App (as applicable) are linked to or integrated with a third party or their associated website or resource, this does not automatically imply that we endorse that associated website or resource and their contents.

13. Data Retention

13.1 We will only retain your Personal Information for as long as reasonably necessary to fulfil the purposes we collected it for, including for the purposes of satisfying any legal, regulatory, tax, accounting or reporting requirements. We may retain your Personal Information for a longer period in the event of a complaint or if we reasonably believe there is a prospect of litigation in respect to our relationship with you.   

13.2 To determine the appropriate retention period for Personal Information, we consider the amount, nature and sensitivity of the Personal Information, the potential risk of harm from unauthorised use or disclosure of your Personal Information, the purposes for which we process your Personal Information and whether we can achieve those purposes through other means, and the applicable legal, regulatory, tax, accounting, or other requirements.

13.3 Where we anonymise your Personal Information (so that it can no longer be associated with you) for research or statistical purposes, we may use this information indefinitely, unless you notify us otherwise.  

14. Age of Consent

14.1 Our Websites and Services are not intended for persons under 17 years of age (‘Children’). We do not knowingly collect and use Personal Data from Children.     

14.2 In the event we become aware of any inadvertent receipt of Personal Information from Children through the Websites or Services, we will delete such information from our records in accordance with applicable law.

15. How you can access or correct Personal Information

15.1 We are committed to maintaining accurate, timely, relevant, and appropriate information.     

15.2 Where requested, we will provide you with a copy of the Personal Information that we hold which relates to you, provided that the request is made in accordance with the APPs (contained in the Act)We will also update any inaccurate information about you if you inform us that the information is inaccurate, out of date, incomplete, irrelevant, or misleading

15.3 There are no charges for requesting access to or the correction of your Personal Information, however, if the volume of information we hold is excessively large, we reserve our rights to charge you any reasonable administration fees (including fees for photocopying) associated with your request. 

15.4 You may contact us to access your Personal Information or to correct inaccurate, out-of-date, incomplete, irrelevant, or misleading Personal Information by (as applicable for the Services):  

Privacy Officer 

Email:  

info@DCARB.com 

15.5 We will respond to those requests within a reasonable period in accordance with our obligations under the Act. If we refuse a request to access or correct Personal Information, where reasonable, we will provide our reasons for doing so and information about your ability to complain about such refusal. 

15.6 In order to protect the confidentiality of your Personal Information, details of your information will only ever be passed on to you where we are satisfied that the information relates to youAccordingly, we may request documentation from you which confirms your identity before passing on any Personal Information which relates to you. 

16. Making a complaint

16.1 Complaints about our Privacy Policy or our collection, use, disposal, or destruction of your Personal Information should first be directed to us at the details set out above. 

16.2 We will investigate and attempt to resolve your complaint in accordance with the Act. If you are not satisfied with the outcome of this process, then you may contact the OAIC.

17. Privacy Policy changes 

We may change this Privacy Policy at our discretion. If we do so, the latest version of our Privacy Policy will be available on our Website, and it will apply to all your Personal Information held by us at that time. 

18. Further information 

18.1 If you require any further information or have any queries regarding our Privacy Policy, please contact us at the details set out above. 

18.2 Should you wish to read more information on the Act, we recommend that you visit the website of the OAIC at www.oaic.gov.au.