1.1 Policy Statement
Fujitsu Australia Limited, Fujitsu New Zealand Limited, and subsidiaries of Fujitsu Australia Limited (collectively, Fujitsu) respect your right to privacy and are committed to protecting any personal information you provide to Fujitsu or that Fujitsu generates about you. Fujitsu is bound by the Australian Privacy Act 1988 (Cth), as amended, and New Zealand Privacy Act 2020, (the Acts), and in particular complies with the Australian Privacy Principles contained in the Australian Privacy Act, as amended (APPs) and the Information Privacy Principles contained in the New Zealand Privacy Act, as amended (IPPs). The APPs and IPPs govern the way in which Fujitsu collects, uses, discloses, stores, manages and allows access to personal information.
Generally, Fujitsu considers personal information to which it has access to be confidential and will only disclose personal information where it is necessary for Fujitsu to perform its day-to-day operations. Fujitsu will handle personal information it collects in accordance with the Acts, and where applicable, in accordance with the employee records exemption and the related bodies corporate exemption in the Australian Privacy Act.
(i) Any other privacy or collection statement that Fujitsu may provide to you when it collects your personal information or provides a particular product or service; and
(ii) The terms and conditions of use, which govern your access, and use of the Fujitsu website (www.fujitsu.com/au/ and www.fujitsu.com/nz/) or any other website owned or operated by Fujitsu (Website), Fujitsu products and Fujitsu services.
You may request more information about the way Fujitsu manages the personal information it holds by contacting the Fujitsu Privacy Officer in either Australia or New Zealand using any of the contact details below.
1.2 What personal information does Fujitsu collect from you?
Fujitsu collects the personal information it needs from customers (and potential customers) to provide them with products, services and information. Fujitsu also collects personal information that is required for its business operations, such as personal information about employees, contractors and suppliers. Fujitsu does not collect any title or gender markers.
Fujitsu generally collects personal information directly from you when you interact with us in person, by telephone, email, facsimile, post and over the internet. However, our customers, suppliers or affiliates may also provide personal information about third parties to us. The following are examples of the ways that personal information may be collected by Fujitsu.
1.2.1 Accessing our website
If you visit our website, it will automatically collect information about you and your visit, including the Internet protocol (IP) address used to connect your device to the internet among other information such as the webpages visited. This is used to monitor website performance and improve the experience of visitors to our website. Our website may also download "cookies" to your device, which may be changed at your discretion.
1.2.2 Social media interactions
1.2.3 Third party links
1.2.4 Web-based platforms
1.2.5 Electronic communications
All email exchanges, telephone conversations, or other forms of electronic communication with our employees may be recorded by our information technology systems - that may also include its contents. Where telephone conversations or video calls are recorded, you will be advised of this.
1.2.6 On premises
If you visit our premises, closed circuit TV systems and other security and access management systems may be used which can collect certain information about your visit that is used for security and safety purposes.
Other sources where information may be collected includes third party data providers or publicly available sources.
1.3 How does Fujitsu use your personal information?
Fujitsu may collect, store and use your personal information for the following purposes:
- to operate, manage, develop and promote our business (including our products and services) and, in particular, our relationship with the organisation you represent (if any) and related transactions including:
- marketing purposes (when we have either gathered prior opt-in consent and/or have a legitimate interest to send you communications which we believe to be relevant and of use to you);
- warranty processes;
- product compliance processes;
- accounting and billing / payment purposes;
- to operate, administer and improve our website and premises and other aspects of the way in which we conduct our operations;
- for the provision of any requested services or information;
- to inform and update you on relevant products or services that may be of interest;
- to enable you to take part in our online assessments and surveys;
- to manage and maintain relationships with our investors; and
- to operate recruiting activities;
- to protect our business from fraud, money-laundering, breach of confidence, theft of proprietary materials and other financial or business crimes;
- to comply with our legal and regulatory obligations and bring and defend legal claims and assert legal rights; and
- where the purpose is directly made known to you.
Fujitsu may, from time to time, review your information held in our systems which may include the contents, for compliance and business-protection purposes as described above. This may include reviews for the purposes of disclosure of information relevant to litigation and/or reviews of records relevant to internal or external regulatory or criminal investigations. To the extent permitted by law, these reviews will be conducted in a reasonable and proportionate way and approved at an appropriate level of management. This may ultimately involve disclosure of your information to governmental agencies and litigation counterparties as described below. Your emails and other communications may also occasionally be accessed by persons other than the member of staff with whom they were exchanged with for ordinary business management purposes, such as when a staff member is out of the office or has left Fujitsu.
Fujitsu will only process your personal information as necessary for the purposes prescribed above and where we have a legal basis for doing so. Where our lawful basis for processing is that such processing is necessary to pursue our legitimate interests, we will only process your personal information where we have concluded that our processing does not prejudice you or your privacy in a way that would override our legitimate interest. In exceptional circumstances, we may be required by law to disclose or otherwise process your personal information.
1.4 Who does Fujitsu disclose personal information to and why?
In order to perform the functions described at section 2.3, it may be necessary for Fujitsu to disclose personal information overseas and to third parties. Typically, Fujitsu may disclose or provide access to personal information to the following organisations in the following circumstances:
- To our overseas offices where our service desks, specialised teams, data centres or any of the persons listed below may be located;
- To any company in the Fujitsu group (which includes our related companies, contractors to whom we have outsourced the provision of services to our customers and any other entity operating under the Fujitsu brand name with authority from Fujitsu);
- To our suppliers (including service and content providers), contractors, dealers, distributors, repair centres, agents, and business partners who help us deliver services or products to your organisation;
- To our professional advisors;
- To credit reporting agencies and credit insurers for the purposes of assessing new customer applications;
- To anyone to whom our assets or business (or any part of it) is transferred or offered to be transferred;
- Where you have otherwise consented; or
- As otherwise required or authorised by law.
Our international offices and partners are located throughout the world making it impractical to list each country here. If you would like further information about the countries where your personal information is likely to be disclosed or stored, please contact the Fujitsu Privacy Officer in either Australia or New Zealand using the contact details set out below.
1.5 How does Fujitsu store and secure personal information?
Fujitsu regards the security of your personal information as a priority and has implemented a number of physical and electronic measures to protect it and its records generally.
Fujitsu’s electronic records are protected by restricted password access, role based access controls and is backed up daily and stored off site. You should be aware, however, that the Internet is not a secure environment and although all reasonable care is taken, Fujitsu cannot guarantee the security of information you provide to us via our website or other electronic means.
Our offices have restricted access, and paper records containing personal information are stored in secure cabinets or rooms, which are locked after hours, or archived offsite at professional offsite archive centres. When disposed of, these are disposed of in secure bins on site and sent for secure destruction.
As indicated above, personal information may be stored in Australia, New Zealand, and overseas. Under those circumstances, Fujitsu will take steps to impose equivalent physical and logical security measures as required under the relevant legislation.
1.6 How long does Fujitsu keep your personal information?
Fujitsu will delete your personal information when it is no longer required. These instances include:
- Where is it no longer necessary to retain your personal information to fulfil the purpose/s for which it was collected;
- Where Fujitsu believes that the personal information held is inaccurate; or
- Cases where you have informed us that you no longer consent to Fujitsu processing your personal information.
However, in the following circumstances, Fujitsu may be required to retain your personal information for a specified or longer period of time:
- Where there are legal or regulatory requirements that require this; and
- For product liability purposes or in relation to legal disputes.
It is also important to note that where you have left the organization you represent, Fujitsu may retain some limited personal information for the purposes of continuing a business relationship.
1.7 What rights do I have in relation to my personal information held by Fujitsu?
You have the following rights in relation to the personal information held by Fujitsu:
- To access your personal information;
- To request that any inaccurate personal information is changed or corrected;
- To request updating your personal information as part of your gender affirmation or transition;
- To object to our use or processing of your personal information for direct marketing purposes;
- For the deletion of your personal information where the circumstances permit;
- For the restriction or blocking the processing of your personal information in certain circumstances (when processing is restricted, Fujitsu can still store your personal information);
- To obtain your personal information held by Fujitsu in a structured, commonly used and machine-readable format in certain circumstances. You may also request to have this information transmitted to another person where technically feasible to do so; and
- To withdraw your consent for the processing of any of your personal information.
Any of these rights can be exercised at any time by contacting the Fujitsu Privacy Officer in Australia or New Zealand using the contact details below. Fujitsu will give you access to that information in accordance with the Acts, and in any case, within a reasonable time of your request.
Please note, that there are a limited number of situations provided in the Acts by which Fujitsu is permitted to refuse access to personal information. If Fujitsu refuses you access to your personal information, Fujitsu will provide you with an explanation of the refusal and will give you access to any part of the information which is not exempt from access in accordance with the relevant legislative regime.
Fujitsu will require evidence of your identity before giving you access to your personal information.
1.8 Personal information of children
Fujitsu respects the privacy of children and does not knowingly collect, use or disclose personal information of children under 16 years of age without verifiable consent from a parent or guardian.
If Fujitsu becomes aware that the information submitted to or collected is personal information of children received without verifiable consent from a parent or guardian, Fujitsu will take prompt steps to delete such personal information.
If any parent or guardian wishes to raise a concern regarding personal information pertaining to a child, please contact the Fujitsu Privacy Officer in Australia or New Zealand using the contact details below.
1.9 Automated Decision Making
Fujitsu may use technology which tracks your use of our websites and your interactions with us to help us build a profile of your preferred products and requests. This means that you are more likely to receive offers and information tailored to your specific preferences based on your previous profile activity.
If we use automated decision making in respect of any specific service or product and such automated decision making produces legal effects concerning data subjects or similarly significantly affects them, we will provide information required by law in respect of such automated decision making.
1.10 Unauthorised use, disclosure or loss of personal information
If you become aware that personal information held by Fujitsu or any of its contractors or suppliers may have been lost, or used or disclosed without authorisation, please notify the FAL Privacy Officer Privacy.AU@fujitsu.com for privacy matters relating to FAL or FAST, or the FNZ Privacy Officer Privacy.NZ@fujitsu.com for matters relating to FNZ, as soon as practicable.
- in Australia, comply with the Privacy Amendment (Notifiable Data Breaches) Act 2017; and
- in New Zealand, the notifiable privacy breaches scheme under the Privacy Act 2020,
in relation to any suspected or actual eligible data breach, including investigating any suspected breach and notifying the relevant individuals and the relevant Privacy Commissioner as required.
1.11 How can I make a complaint about Fujitsu's handling of my personal information?
If you wish to complain about a breach or possible breach of the APPs or IPPs by Fujitsu concerning its handling of your personal information, please contact the relevant Fujitsu Privacy Officer. Fujitsu will acknowledge receipt of your complaint within 14 days and use its best endeavours to resolve the complaint to your satisfaction.
If you are not happy with Fujitsu's response, you may ask the Office of the Australian Information Commissioner in Australia, or the Office of the Privacy Commissioner in New Zealand, to investigate your complaint further.
1.12 Who do I contact in relation to Privacy issues?
The Privacy Officer
Fujitsu Australia Limited
118 Talavera Road
Macquarie Park NSW
In New Zealand:
The Privacy Officer
Fujitsu New Zealand Limited
141 The Terrace