Privacy Policy
At Eternix Global Pty Ltd, we are committed to protecting your privacy and privacy of your clients in accordance with the Privacy Act 1988 (Cth) and Privacy Amendment Act 2012 (Cth). This Privacy Policy describes our current policies and practices in relation to the handling and use of personal information.
What information do we collect and how do we use it?
As a service provider we are subject to requirements to obtain and hold detailed information, which personally identifies you and/or contains information about you (“personal information”). In addition, to provide you with a comprehensive service we need to obtain certain personal information about you or your clients.
We use personal information only for the purposes defined in a Supply of Services Agreement providing loan processing, and administrative services.
We use your information to send you requested information to enable us to manage your ongoing requirements, e.g. further information regarding specific job and our relationship with you, e.g. invoicing. We may use your information internally to help us improve our services and help resolve any problems.
How do we hold and protect your information?
We keep personal information only for as long as is reasonably necessary for the purpose for which it was collected or to comply with any applicable legal or ethical reporting or document retention requirements.
We have access to the information collected from you using secure online server facility powered by our software partners. We will strive to maintain the privacy of this data for our part, but we encourage you to ensure you practice the highest level of online security for your personal logins when using these Software packages.
We ensure that your information and information you provided to us is safe by limiting access to your personal data to your assistant and his/her associate as requested. An External Auditor may request access to any of our files for the purpose of compliance audit only and you will be advised in this instance.
Will we disclose the information we collect to anyone?
We do not sell, trade, or rent your personal or your client personal information to others.
We may disclose to, and obtain from, the following organizations personal information about you to for the purposes described above (as well as otherwise permitted by the Privacy Act): banks and finance organizations, valuation companies, mortgage
insurers, real estate agents, settlement agents and solicitors.
We may provide your information to others if we are required to do so by law or under some unusual other circumstances which the Privacy Act permits.
How can you check, update or change the information we are holding?
By calling 0451 460 758 and providing enough information to allow us to identify you, we will disclose to you the personal information we hold about you. We will also correct, amend or delete any personal information that we agree is inaccurate.
You may complain to us about a breach of the Australian Privacy Principles by writing to our email address listed on our website (https://eternixglobal.com.au/). We will review your complaint and notify you within 48 hours of outcomes of such review.
Promotional communications
If you are a customer or a potential customer, from time to time we may contact you with information about products and services offered by Eternix Global Australia Pty Ltd, which we think may be of interest to you. When we contact you it may be by mail, telephone, email or SMS.
You may opt out of receiving promotional communications from us by using the unsubscribe link within each email or emailing us to have your contact information removed from our promotional email list or registration database. Although opt-out requests are usually processed immediately, please allow ten (10) business days for a removal request to be processed. Even after you opt out from receiving promotional messages from us, you will continue to receive messages from us regarding our services.
Physical Access Policy
Restricting physical access to Data Centre using biometric and only authorized person is allowed to access.
Logical Access Policy
We are using 3 Layer of Security:
Gateway Level Security | DMZ Level Security | End Point Security
1. Gateway Level Security :
SonicWall firewall are providing IDS-IPS, Web Content and Anti Spamming.
2. DMZ Level Security :
DMZ level network that protects and adds an extra layer of security to internal local-area network from untrusted traffic.
3. END Point Security :
We are using Seqrite Endpoint Security to all end point device, and it is providing real time email scanning, Anti-Spam system, and strong DLP System.
VPN Access
For outside users we are providing SonicWall SSL VPN with encryption with logical work place only. And we have installed an employee monitoring system
software that will frequently collect the user’s screenshots for monitoring their activities.
Password
For password management we are using Lastpass to encrypt and store passwords so our employees will not have passwords with them, by this policy we can assure that even our employees cannot access confidential information outside office network.
Password Policy: (With Active Directory Controller)
Following are password policy maintaining for all users and devices, and USB blocked through Group policy and Seqrite.
1. All system-level passwords (Administrator, etc.) must be changed on a Monthly basis, at a minimum.
2. All user-level passwords (e.g., email, web, desktop computer, etc.) must be changed at least every 42 days.
3. All user-level and system-level passwords must conform to the standards described below.
Standards
All users at Eternix Global Pty Ltd should be aware of how to select strong passwords. Strong passwords have the following characteristics:
Contain at least three of the five following character classes:
- Lower case characters
- Upper case characters
- Numbers
- Punctuation
- “Special” characters (e.g. @#$%^&*()_+|~-=\`{}[]:”;’<>/ etc.)
Backup and Recovery
We scheduled data backup hourly/weekly and monthly in Network Access Storage and it configured with RAID 5, and NAS is configured with DR mode.