Data Security, Privacy and Cookies Policy
BBMS International Group Pty Ltd Client Portal
This information is provided so that you can better understand the security and privacy measures that have been put in
place to protect the information that you provide using this Client Portal. This Client Portal is controlled by
BBMS International Group Pty Ltd and on their instructions the data is processed by Migration Manager Pty Ltd (as the Data Processor), which is
located in Queensland, Australia. This overview is about the security and privacy Migration Manager (“we”) provide
as the processor of the data you enter in to this Client Portal.
What personal data do you collect and store?
The Client Portal collects data and documents that you enter in to the various fields and pages. This data includes
sensitive personal information that is entered by you for the purpose of being transferred to
BBMS International Group Pty Ltd.
Do you automatically collect other data or use Cookies?
We automatically receive certain types of data whenever you interact with the Client Portal. For example, when
you use the Client Portal our systems automatically collect your IP address and the type of browser or operating
system you use. We may also collect standard access data, such as the time and date of accessing the Client
Portal, usage of the Client Portal and error tracking. We use such data to help us understand how our visitors
use the Client Portal, to address performance issues and to manage security.
We also use session-based cookies to manage your login to the Client Portal. These session cookies exist only
during one session and disappear from your computer when you close your browser or turn of your computer.
These processes and cookies do not collect data that individually identifies a visitor. All usage data that is
collected is aggregated and anonymous. It is only used to tell us how our Client Portal is used so that we
can optimize our users experience.
By using the Client Portal, you are consenting to our use of cookies and our collection and processing of usage
data and the usage of services such as Raygun to assist us with this processing. Please note that if you
decide not to accept our Client Portal cookies, you may not be able to use certain features of the Client
Portal.
How and where is my personal data stored?
If you save your Assessment, we encrypt the personal data and files that you enter in to the Assessment App using
the AES-256 standard, which is the same encryption standard used by banks to secure customer data. Encryption
for storage is applied at the time the data and files are saved or submitted.
This Assessment App uses Azure for data storage using exclusively its data centres in Australia. Azure stores
data over several large-scale data centres. According to Azure, they use military grade perimeter control
berms, video surveillance, and professional security staff to keep their data centres physically secure.
You can find more information about Azure’s security on their website.
How is my personal data transferred?
When you enter information into the Client Portal (including a web questionnaire) your data and files are sent
between the Client Portal, the Client Portal servers and
BBMS International Group Pty Ltd’s processing software over an encrypted and secure channel using 256-bit SSL (Secure Sockets Layer) encryption,
the standard for secure Internet network connections.
Once your data is transmitted, your data is stored by
BBMS International Group Pty Ltd and authorised staff at
BBMS International Group Pty Ltd will be able to view the data you have provided via their Migration Manager desktop software.
Your information, including Personal Data, may be transferred to — and maintained on — computers and servers
located outside of your state, province, country or other governmental jurisdiction where the data protection
laws may differ than those from your jurisdiction. If you are located outside Australia and choose to provide
information to us, please note that we transfer the data, including Personal Data, to Australia and process
it there.
How do I see or edit my personal data?
For Documents: If you have uploaded a document to the Client Portal, you can view details of what you have sent
by clicking the + button next to the document list or by opening up the secure message used to submit the
document. Note that once the document is submitted it is securely transmitted to
BBMS International Group Pty Ltd and then is deleted permanently from the Client Portal Server. You will need to contact
BBMS International Group Pty Ltd in order to view any document that has previously been uploaded.
For Questionnaires: If you have not submitted a Questionnaire, you can log in to the Portal you can edit your
data by clicking through the pages/fields of the Client Portal and manually change your data yourself. Once
you have submitted your Questionnaire, your data is automatically and permanently deleted from the Client
Portal after it has been securely transmitted to
BBMS International Group Pty Ltd. If you would like your data to be edited after this point in time please contact
BBMS International Group Pty Ltd.
How do I delete my personal data?
If you would like your data deleted please contact
BBMS International Group Pty Ltd who are your Data Controllers. As Data Processors, Migration Manager can not edit or delete your data.
Is my personal data backed up?
Redundant backups of encrypted data stored in the Client Portal are stored in multiple locations in Australia
to prevent the remote possibility of data loss. These backups include geo-replication of the data to a separate
Azure data centre located in Australia. All back up are deleted automatically after 90 days.
The Client Portal is not intended for use by children. Due to the nature of the services provided by
BBMS International Group Pty Ltd, personal details of children may be entered in to the Client Portal but only with the permission of an
authorised adult responsible for that child.
Disclosure of Data and Compliance with Laws and Law Enforcement
Other than stated above, unless required by law, we do not share your data with any third party other than
BBMS International Group Pty Ltd. In compliance with the law of Australia, Migration Manager will cooperate with law enforcement agencies
of Australia when it receives a valid legal request, which may require us to provide a copy of your encrypted
data to those authorities.
We may change this Policy at any time and from time to time. All updates and amendments are effective immediately
upon notice, which we may give by any means, including, but not limited to, by posting a revised version
of this Policy or other notice on the Website. We encourage you to review this Policy often to stay informed
of changes that may affect you, as your continued use of the Website signifies your continuing consent to
be bound by this Policy.
Updated: 14 May 2018