Thank you for choosing to shop with Carmet! We want the very best shopping experience for you, and in the rare case of a data breach the following steps will be taken by us to mitigate the damage and keep you shopping safely:
-
ASSESS THE BREACH
1.1 Identify the type of data that has been breached and determine the severity of the breach.
1.2 Determine the scope of the breach and the number of individuals affected.
1.3 Determine if the breach has been contained and prevent further access to the data.
-
NOTIFY THE APPROPRIATE AUTHORITIES
2.1 Notify the Office of the Australian Information Commissioner (OAIC) as soon as practicable.
2.2 Comply with the notification requirements set out in the Privacy Act 1988.
-
NOTIFY AFFECTED INDIVIDUALS
3.1 Notify affected individuals as soon as practicable.
3.2 Provide clear and concise information about the breach, including the type of data that has been breached, the scope of the breach, and the steps being taken to mitigate the breach.
3.3 Advise affected individuals on what actions they can take to protect themselves, such as changing passwords.
-
INVESTIGATE THE BREACH
4.1 Investigate the cause of the breach and take steps to prevent a similar breach from occurring in the future.
4.2 Review and update security protocols and procedures to prevent future breaches.
-
MONITOR FOR FUTURE BREACHES
5.1 Continue to monitor for any future breaches.
5.2 Regularly review and update security protocols and procedures to ensure they remain effective.
-
RECORD KEEPING
6.1 Keep a record of the breach and the steps taken to mitigate the breach.
6.2 Keep a record of any communication with affected individuals and the OAIC.
-
SEEK LEGAL ADVICE
7.1 Seek legal advice on any legal obligations and liabilities that arise from the breach.