Make sure Group Privacy Policy

Make sure Consulting Pty Ltd (ABN 35 168 163 666) ("Make sure" "we," "us") is bound by the Privacy Act 1988 (Cth) and the Privacy Act 2020 (NZ) ("Privacy Laws") and takes its privacy obligations very seriously. We comply with the Australian Privacy Principles, the Australian Notifiable Data Breaches scheme and the Information Privacy Principles (NZ). This policy sets out how we manage your personal information and applies to all individuals who have dealings with us, either through our websites, our software or otherwise.

This privacy policy applies to all the businesses operated and services offered by Make sure Group including Ratify, RatifyID, Make sure and idSure.

Generally, personal information and personal data is information about an identified individual (or an individual who is reasonably identifiable).

The kind of personal information we collect and hold

We collect personal information where it is reasonably necessary for our functions or activities, such as delivering software and services provided on our websites.

We collect and hold the following personal information:

• Name and contact details;
• Age or date of birth
• Nationality
• details relating to current and past work history;
• academic details;
• names and contact details of referees;
• credit card or other payment details;
• passport number, license numbers and other identification documentation
• Other information identifiable from scanned ID documents you provide, or images of your face.
• information from enquiries you have made;
• Your device ID, device type, geo-location information, computer and connection information, IP address and standard web log information
• communications between us;
• gender information; and
• Results of the following tests:
  • Nationally coordinated criminal history check (in Australia and internationally);
  • publicly available credit check (bankruptcy/debt);
  • identification (politically exposed persons);
  • right to work (in Australia and New Zealand);
  • operator high risk licences check;
  • driver's license validation demerit point or full history check;
  • working with children check;
  • medical check;
  • online and verbal reference check;
  • online assessments;
  • personality or cognitive assessments;
  • social media check;
  • employment confirmations;
  • exit interviews; and
  • Information matching requests.
• Information you provide to us through client or customer surveys; and
• Any other personal information that may be required to facilitate your dealings with us.

How we collect your personal information

We collect personal information about you in a variety of ways and depending on which service of Makesure is accessed, including:

• when you interact with us electronically, via the phone or in person;
• when a third-party organisation provides personal information to us, with your consent, for information matching purposes;
• when you access our website, register as a user or interact with our software;
• when we provide services to you;
• when your prospective or current employer or contracting party gives us your details so that we may provide our services;
• when we conduct checks listed above;
• when we search public registers; and
• through "cookies" that collect information about your use of our website.

Why do we collect this information? When will your personal information be used and disclosed?

We use your personal information to provide our services to you and others and to grant you access to our software.

We may disclose your personal information to:

• your prospective or current employer or other third party that has requested or required you to complete or obtain an induction program, course, training program, qualification, licence, document, policy, security check, medical check or other check or program;
• to public registers, government agencies or referees for the purposes of conducting background, police or reference checks; and
• to our business partners, contractors, suppliers and vendors who assist us in the provision of services to you or on your behalf. This disclosure is solely for the purpose of allowing and assisting us to provide the services to you.

We may use your personal information in connection with:

• any, program, course, induction or training program, licence, document, policy, test, assessment, check or history request by or of you with your consent or that you might be required to undergo;
• verification of identity documentation;
• the investigation, resolution and defense of complaints and legal claims;
• compliance with court orders and other legal obligations and regulatory requirements; and
• any insurance claim or proposal that requires disclosure of your personal information.

We may also use your information to tell you about products and services we think you might be interested in. To do this, we may contact you by email, phone, SMS, social media, mail or advertising. On any such communications you are always given the option to unsubscribe or 'opt-out' of receiving such further communications. If you choose this option, your information will not be used to send you our marketing materials, offers or information of a similar nature again.

How long will we hold your information?

We take reasonable steps to hold your information for only as long as we need it, which may be influenced by the following factors:

• fulfilling our legal or regulatory obligations;
• internal research and analytics;
• responding to a question or complaint; or
• being unable to delete the data for technical reasons.

Access to and correction of your personal information

You may ask to access the personal information we hold about you and we will respond to your request as soon as reasonably practicable and in any event within 20 working days.

We will give you access to that person information unless we are entitled to refuse under the relevant Privacy Laws, in which case we will provide you with a written notice setting out, among other things, the reasons for the refusal.

You may ask us to amend the information if it is not accurate, complete or up to date and we will respond to your request within the time frames stated above. If we refuse to amend the information:

• we will provide you with a written notice setting out, among other things, the reasons for that refusal; and
• you may ask us to attach a note to the information indicating what you think is inaccurate, incomplete, or out of date or misleading and we will respond to that request as soon as reasonably practical.

If you wish to exercise your rights of access and correction, please contact us using the details provided below. In some cases, we may impose a moderate and reasonable charge for providing access to personal information. We will not charge you simply because you lodge a request for access.

How will we keep your information safe?

Your information will be stored on a secure database which has restricted access to only those personnel that need to have access to this information. Access to our computer environment is through a secure login environment and all efforts have been made to ensure that it cannot be accessed by unauthorised personnel.

At any time at your request, we will destroy your personal information. We will do this for any lawful request, provided it is in writing. In some of our applications, you are able to delete your own personal information. Otherwise, we will delete personal information as required by the relevant Privacy Laws.

Forms submitted to carry out checks are audited by some of our suppliers and these will be conducted in line with the policies of those suppliers (e.g. Australian Criminal Intelligence Commission). Any payment details such as credit card details will be destroyed securely upon a successful transaction.

At Makesure Group, we are committed to protecting your personal information and take data security seriously. In the event of a data breach, we have established procedures to manage and mitigate any potential impact.

Sensitive Information

We only collect sensitive information about you where that information is reasonably necessary for us to carry on our functions or activities and you have consented or where we are required or permitted by law to do so.

Sensitive information includes personal information about an individual's racial or ethnic origin, political opinions, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual orientation or practices and criminal record and also health and genetic information about an individual.

We only collect the following types of sensitive information with your written consent:

• health and medical information; and
• criminal record.

Overseas recipients

We may disclose your information to overseas recipients for specific purposes, for example, to conduct international police history checks or when our services are located overseas. In such situations, it is not practicable for us to list the countries in which those recipients are based.

The developers (Next Logic) who service our websites and may have access to personal information are based in Romania. Next Logic is certified to ISO27000 in relation to information security standards and we have taken reasonable steps to ensure that Next Logic does not breach the Privacy Laws. All accesses are logged, and stringent access management and privilege-only protocols are enforced. Compliance is ensured through:

• Contractual Agreement: Makesure and Next Logic have a contract outlining obligations under the Privacy Act 1988 (Cth) for protecting personal information.
• Access Control: All Makesure data, including backups, is kept within Australia. Access is tightly controlled, with measures like Two-Factor Authentication (2FA) for key personnel.
• Training Compliance: Next Logic personnel working with Makesure receive comprehensive training in data privacy, breach protection, fraud prevention, and cyber security to maintain compliance.

Otherwise, we are not likely to disclose your personal information to overseas recipients.

Cookies

Our websites use cookies, small text files placed on your computer or mobile device when you visit.

• Information Collected: Cookies gather data such as IP addresses, visit sources (e.g., search engines or links), and navigation patterns on our site. They cannot access data from your hard drive or read other websites' cookies.
• Usage Tracking: We use cookies to understand how visitors interact with our site. These anonymized cookies provide an aggregated view of user behavior without revealing personal identification details.
• Session Cookies: Temporary cookies are used when you log in, creating a secure session and allowing seamless navigation through secure areas without re-entering information.
• Managing Cookies: You can delete cookies, but this may limit access to certain parts of our websites and affect your browsing experience.

Cookies help us improve your website experience while keeping your data secure and anonymized.

Contacting us and Making a Complaint

We prioritize protecting your privacy. If you have any questions about this privacy policy or how we manage your personal information, you can reach us:

• Australia: Call 1300 245 235
• New Zealand: Call 0800 033 333
• Email: privacy@makesure.com.au

If you have any complaints about our privacy practices or believe we have breached Privacy Laws, please send us the details of your complaint.

We take complaints very seriously and will make every effort to address and respond to your concerns within 30 days of receiving your written complaint. We will keep a record of your complaint as we work to resolve it.

If you are not satisfied with our response, you may refer your complaint to the relevant government office:

• Australia: Office of the Australian Information Commissioner - www.oaic.gov.au
• New Zealand: Office of the Privacy Commissioner (NZ) - www.privacy.org.nz

Document download

Privacy Policy