The Privacy Act

OneStep Group (including RangerCo Pty Ltd ABN 99 629 582 010, its subsidiaries and related entities from time to time) (ONESTEP, we, us) complies with the Australian Privacy Principles set out in the Privacy Act of 1988 and associated amendments, which provide guidelines for the collection, use, storage, protection and disclosure of Personally, Identifiable Information (PII) and sensitive information. Individuals have the right to know what information an organisation holds about them and to have any information that is incorrect amended.

Your personal information is important to us

ONESTEP is committed to protecting your privacy. We recognise that you have a right to control how your personal information is collected and used. We know that providing personal information is an act of trust and we take that seriously. ONESTEP is bound by the Australian Privacy Principles contained in the Privacy Act 1988 and associated amendments.

Collecting information about you and what personal information we collect

ONESTEP will only collect personal information which is necessary for the purpose of conducting its business. We collect information about you and your interactions with us, for example, when you purchase or use any of our products or services, call us, interact with our chatbot, login to our portal or otherwise visit our website. The information we collect from you may include your identity and contact details, your history of purchases and use of our products and services and details of enquiries or complaints you make.

Using your personal information

Any personal information you give us is used solely for the purpose given and will not be shared, sold, or given to any third parties, unless required or authorised under the exemptions set out in the Privacy Act. We collect, hold and use your personal information so that we can:

(a) provide you with products and services, and manage our relationship with you;

(b) contact you, for example, to respond to your queries or complaints, or if we need to tell you something important;

(c) comply with our legal obligations and assist government and law enforcement agencies or regulators; or

(d) identify and tell you about other products or services that we think may be of interest to you.

If you do not provide us with your personal information, we may not be able to provide you with our services, communicate with you or respond to your enquiries.

Disclosure of your personal information

We may transfer or disclose your personal information to our related companies.

We may disclose personal information to external service providers so that they may perform services for us or on our behalf. Examples of external providers we may disclose your personal information to in various circumstances include Telstra, Fortinet, Apple, Microsoft, Cradlepoint, Paloalto, Cisco, Moorup, Databricks and other partners we work with from time to time.

We may also disclose your personal information to others outside our group of companies where:

(a) we are required or authorised by law to do so;

(b) you may have expressly consented to the disclosure or the consent may be reasonably inferred from the circumstances; or

(c) we are otherwise permitted to disclose the information under the Privacy Act.

Quality of personal information

Our aim is to ensure that your personal information is accurate, complete and up to date. Please contact us (click here) if the information you have provided us changes and we will use all reasonable efforts to correct the data.

Storage and security of your personal information

ONESTEP takes all reasonable steps to keep any personal information which we hold about you protected from loss, misuse or unauthorised access, modification or disclosure.

Do we disclose personal information to overseas recipients

ONESTEP may at times share customer contact details including names, email addresses and phone numbers with the customer’s nominated technology vendors and / or partners, strictly for the purpose of supporting ONESTEP’s customers with technical knowledge transfer, relationship management and other business-related matters.

Those recipients (technology partners & vendors) are likely to be located in the United States, New Zealand, the UK and the European Union.

Access to personal information

You can request access to any personal information that we hold about you at any time. This is subject to some exceptions permitted by law. To request access please contact the ONESTEP privacy officer using the details provided below. Depending on the complexity of your request, a small charge may be applicable.

Collection of sensitive information

ONESTEP will not collect sensitive information about you as defined under the Australian Privacy Principles as being sensitive.

Emails

Any emails we receive from you will only be used for the purpose given and are subject to the conditions set out in this Privacy Policy. Please note, as email communication outside of the ONESTEP Domain is not secure, any personal information you send via email is done so at your own risk.

This Privacy Policy does not apply to:

• Acts or practices of ONESTEP that are directly related to employee records of current or former employees.

• Information about companies, individual partners or sole traders acting in a business capacity.

Policy reviews

We may from time to time review and revise our policies. Accordingly, we reserve the right to change this Privacy Policy at any time based on corporate direction or changes to Australian law.

Contacting us

If you have any questions about this Privacy Policy, our privacy practices, or you wish to make a privacy complaint, please contact us via email (click here).