The clause below is an extract that is contained in the Service T&Cs

 

 

Privacy

17.1.        The Service Provider must:

 

(a)      Use Personal Information received from the Client only for the purposes of fulfilling its obligations under this Agreement, a SOW, RFS or SCC schedule

 

(b)      Not otherwise use, modify or disclose Personal Information received from the Client except with the prior written consent of the Client;

 

(c)       Restrict access to the Personal Information referred to in clause 17.1(a) to such of its employees and contractors who need to access that Personal Information to fulfil the Service Provider’s obligations under this Agreement

 

(d)      take all reasonable measures to ensure that any Personal Information in its possession or control or to which it has access in connection with this Agreement as referred to in clause 17.1(a), is protected against loss and unauthorised access, use, modification or disclosure;

 

(e)      Comply with all legal requirements and regulations which concern the security, use and disclosure of Personal Information referred to in clause 17.1(a);

 

(f)        comply with any reasonable and lawful direction, policy or guidelines of the Client as prior notified in writing to the Service Provider which concern the security, use and disclosure of Personal Information referred to in clause 17.1(a) (including any such direction, policy or guideline that the Client is entitled to make under the Privacy Amendment (Private Sector) Act (Cth) 2000); and

 

(g)      ensure that any person who is authorised to have access to any Personal Information, referred to in clause 17.1(a), is made aware of, and undertakes in writing, to observe the obligations of this clause -

 

provided this clause will survive the expiration or termination of this Agreement.