Date: September 2020
Total Solutions IT Pty Ltd trading as Total Solutions IT (ABN 64 151 110 753) (Total Solutions IT) respects your privacy and is committed to its protection.
Why and when Total Solutions IT collects your information
Total Solutions IT collects the information you give us either online or by email, post, facsimile, face to face, over the phone or through our reseller channel, including wholesalers and partners. In most cases, the personal information Total Solutions IT will collect from you is the personal information required in order to provide services to you, and also for ongoing management and support of those services. This information may include your full name, mailing address, phone number, email address, ABN, facsimile number and other relevant additional details. We also collect your payment details such as your credit card number or bank account details.
If you are a domain name registrant, when you register or renew a domain name, we will collect data from you in order to satisfy the requirements of ICANN (the Internet Corporation for Assigned Names and Numbers), auDA (.au Domain Authority) or other gTLD (generic top level domain) or ccTLD (country code top level domain) policies. We only collect data that is obligatory. The collection of this data is required in order to ensure a coordinated, stable and secure operation of the Internet’s unique identifier system.
How Total Solutions IT uses your information
We collect and use your personal information to deliver our services to you. This will include provision to you of sales and technical support, billing and credit control, renewal notices, maintenance notices, system changes and other functions relevant to your services with us.
As a domain name registrar, we are required by ICANN to make available certain personal information we collect from you when you apply to register any generic top level domain names (eg., com, net, org, biz, info and name) to the public on a publicly accessible database known as the WHOIS database. This obligation also applies to some of the country code top level domains including the .au domains. The public policy behind this requirement is that the personal details of domain name licence holders should be freely available to all other users of the Internet. This public policy has been adopted by the domain name industry as a whole. The requirement means, however, that Total Solutions IT will not be able to control how members of the public may use the information made available on these publicly accessible databases.
On 17 May 2018, the ICANN Board adopted a Temporary Specification modifying the WHOIS specification. It defines requirements for processing personal data which is subject to the GDPR. That personal data will be redacted from the WHOIS query, however, we will still need to provide reasonable access to that personal data to third parties on the basis of legitimate interests.
In addition, ICANN has another mandatory requirement that all its accredited registrars make the WHOIS database of personal information for com, net and org available for bulk downloads by third parties who have entered into a bulk access agreement with Total Solutions IT.
We may use your information to measure your experiences of our services, improve existing services, develop new services and perform research and analysis associated with your services. We also use the information to provide you with special offers and promotions, newsletters or invitations to events. All our marketing communication will contain an unsubscribe function. You can use that function to opt-out of our marketing at any time.
We may monitor telephone conversations with you in order to facilitate staff training and to maintain our high levels of customer service. We will always inform you prior to any telephone conversation which is monitored in this way to obtain your prior approval.
Where you purchase a digital certificate through us, we are required by the provider of those certificates to collect personal information from you to pass back to that provider (other than your payment details, which we hold internally).
Disclosure of your information to third parties
We operate under a number of different subsidiaries. Your information may be shared within the internal company group but you can be confident that each member of the group has the same commitment to protect your personal information.
Total Solutions IT has offices in Albury, Australia. Any information which you supply to Total Solutions IT or any of its international subsidiary companies will likely be shared within the internal company group to facilitate our provision of products and services to you. Each of our international subsidiary companies is committed to protecting your personal information.
We may supply your personal information to third parties to perform services on our behalf, or who provide services to us in assisting us with the purposes for which we have collected and use your personal information, such as the following:
- If you are a domain name registrant, we will have to provide your data to the registry operator, or in respect of certain new gTLDs and ccTLDs, to the back-end Registrar. Under ICANN policy, we are also required to transfer your data to a data escrow agent. In response to ICANN contractual compliance requests, we may be required to provide your data to ICANN;
- market research and distribution of marketing information to you (except where you have chosen to opt-out of receiving this information from us);
- the supply of webhosting, website design, SEO and other services (providers in Australia and US);
- Call center sales and support services (provider in The Philippines and India);
- Suppliers of infrastructure services such as Amazon Web Services and Dyn.
Our relationships with such third party service providers are governed by our contracts with them and we will ensure that your personal information is given adequate protection as required by law.
We may also disclose your personal information to law enforcement and national security agencies, and other government and regulatory authorities as required or authorised by law.
Accuracy / Access
If you’ve moved, changed phone numbers or email address, please let us know. We can’t help you if we can’t contact you. If you want to know what information we hold of yours, if you believe that we may hold other personal information about you which is inaccurate, if you wish to change or update any of the personal information you have provided, you can always ask us. Subject to our obligation to retain your personal information for the purposes of providing services to you, you may also contact us to request erasure of your personal data. You may access and update the personal information we provide to the registries in respect of your domain name licence at any time. The procedure to do this is explained on the Help Centre on our website at https://www.totalsolutionsit.com/help.
The transfer of information across any media may involve a certain degree of risk, and the Internet is no different. However, helping you to keep your information secure is very important to Total Solutions IT.
In order to protect the security of personal information transmitted to Total Solutions IT online, our Web servers support the use of the Secure Socket Layer (SSL) Protocol where appropriate. Using this protocol, information transferred between our systems is encrypted.
You can also use simple precautions to help protect your security, such as protecting against the unauthorized use of your username or password or other authentication id.
Retention of Data
We will only retain your personal data for as long as is necessary. We will need to retain your data for as long as you have an account with us and will keep your data while your account is active and for a reasonable period afterwards to ensure we are able to properly deal with any enquiries. We will also need to retain data in order to comply with our legal obligations such as compliance with tax laws.
Notifiable Data Breach
From 22 February 2018, a data breach that is likely to result in serious harm to individuals must be reported to those affected and also to the Office of the Australian Information Commissioner (OAIC). A data breach happens when personal information is accessed or released without authorization, or is lost. Serious harm may include physical, financial, emotional, psychological or reputational harm. We have procedures in place to ensure that a data breach is properly identified, assessed, contained and reported if necessary.