1.1 Personal Information

Our clients provide personal information including names and addresses, email addresses, mobile phone numbers, bank and customer account details, website activity and other information relevant to the communication they require.  We will only collect personal information by lawful and fair means and not in an unreasonably intrusive way.

We can also receive information directly from our clients’ customers at our client’s request or by customer access to client information collection points such as websites.  We also hold contact information of employees of our clients including names, addresses, email addresses and phone numbers.

1.2 Information Use

Blue Star DIRECT will not use personal information concerning an individual for a purpose other than the primary purpose for which it was intended. Consent for use of the information is to be obtained from our client’s customer through our client, and provided to us with consent via a Client Contract or Quote Approval.

If an individual has made known to us their desire not to receive any further direct marketing communications, we will advise the client of the individuals wish to cease any direct marketing communications.

In addition, Blue Star DIRECT is a member of the Australian Direct Marketing Association (ADMA) and subscribes to its “Do Not Mail” and “Do Not Call” lists; all clients are recommended to wash data against these lists.

1.3 Disclosure

Personal information stored for one client is never used for or disclosed to another client or to any other third party.

Blue Star DIRECT may however provide personal information to third parties who are engaged with us to assist in the provision of client communications and services including email, SMS and video platforms as well as organisations that participate in payment systems, including merchants and payment organisations. Where information is provided to these third parties, Blue Star DIRECT takes reasonable steps to ensure that its contracts and agreements with the third parties include requirements for them to comply with the Australian Privacy Act 1988.

We may also provide information to authorities where required by law.

1.4 Overseas Disclosure

We may use overseas suppliers to assist in the delivery of electronic communication material.  Prior to establishing a relationship with an offshore supplier, we confirm their data security arrangements to protect the information, confirm measures are in place to restrict the use to which they can use the information and require their acknowledgement and compliance with the requirements of Australian privacy laws.

We will not use overseas suppliers without the concurrence of Blue Star DIRECT clients.  We currently use suppliers in the United States of America and the United Kingdom.

1.5 Quality

Blue Star DIRECT will take all reasonable steps to ensure that personal information it holds is accurate, complete and up-to-date.

We are certified to ISO 9001:2015 and apply quality processes to all our work.

1.6 Security

Blue Star DIRECT‘s network is complemented by firewalls, hardware and software encryption, password protection, virus protection and other high grade security controls.

We are certified to ISO 27001:2013 and ensure that all security requirements are maintained and kept at a high level to ensure that comfort and assurance of our clients.

Data is managed via the following methods:

  • Our preferred method of receiving files is via SFTP or Mass Transit. It is recommended that files sent are encrypted. Very rarely, data is received on removable media and is immediately copied to secure file servers and the removable media is then securely destroyed or by the clients request returned to its originator.
  • Data containing personal information is held on file servers by us for a period of time where it is required for its intended purpose (standard is 90 days) or as specified by a client.
  • Backups are stored to disk on our secured file servers. Data containing personal information is removed during backup cycles.

We may use third party suppliers to electronically store personal information. Where we do this, we use contractual arrangements to ensure that appropriate measures are taken to protect that information and restrict the use of it to its purpose. Data retention policies also apply.

1.7 Government Related Identifiers

In certain circumstances we receive or collect government related identifiers such as tax file numbers. We will not use this information to manage personal information nor will we disclose this information.

1.8 Access and Correction

You should contact our Privacy Officer if you require details of the personal information we may hold about you.  Please note that we are generally not the primary point of collection of the information, so if you would like your personal information updated, you should contact the client that provided your information to us.  In either case, we will assist you if you require help. Details of the Privacy Officer are below.

1.9 Privacy Breaches

If you believe that your privacy has been breached, please contact us using the information below and provide details of the incident so that we can investigate it.

Our process for investigating privacy breaches is to gather all relevant information and communicate directly with those involved (including where relevant our clients), determine the outcome of the investigation and attempt to reduce the impact of any breach where possible by remediation and implementation of preventative measures.

Refer to the Blue Star DIRECT Data Breach Policy for further details.

All queries should be directed to the Privacy Officer at:

Attention: The Privacy Officer
Locked Bag 555
SILVERWATER NSW 2128
AUSTRALIA

Or by email: privacy@bluestargroup.com.au

Working with Blue Star DIRECT – Productions Guidelines

Blue Star DIRECT Terms and Conditions