
Who are we and what do we do?
The SUBCO group, which includes SUBCO Holdings Pty Ltd (SUBCO Australia), APX Partners Pty Ltd (APX Partners), SUBCO Singapore Pte Ltd (SUBCO Singapore) and their affiliates (together SUBCO) respects your privacy. SUBCO operates high-capacity optical fibre cable networks and provides bandwidth, spectrum, carrier ethernet and transmission services.
This policy explains how SUBCO collects your personal information and how we use, share, store and retain your personal information. In this policy, personal information means any information relating to an identified or reasonably identifiable natural person.
How to contact us
// Contact SUBCO
SUBCO Australia and APX Partners are Australian registered businesses. SUBCO Singapore is a Singapore registered business.
You can contact SUBCO:
By post at: SUBCO Legal, PO BOX 173, Fortitude Valley QLD 4006
By email at notices@sub.co
// Contact our Data Protection Officer
If you have an enquiry regarding privacy, or you wish to raise a complaint, you can contact SUBCO’s Data Protection Officer by email at notices@sub.co.
Our collection of personal information
// Information collected directly from you
The personal information we collect directly from you will be apparent from the context in which you provide the information. In particular, we may collect your name, email address, phone number, company name, employer and any other information you choose to provide directly to us: (i) as part of your business relationship with us, (ii) in response to marketing or other communications, (iii) through social media or online forums, (iv) in connection with an actual or potential business relationship with us, (v) when you fill in an online form on our website or contact our team by phone or email, or (vi) when you give us your business card or contact details in person.
// Data from other sources
We may also collect personal information from other sources, such as representatives authorised to act on a customer’s behalf, our employees, agents, contractors, suppliers, credit reporting bodies and credit providers and public sources.
Team members within your organisation may provide us with your business contact information, such as your name, business email address, phone number, job title or role. In some cases, we may also collect business contact information from public sources or from third party service providers who licence your data to us. We use this data for direct marketing purposes based on our legitimate interests in marketing our services to your employer. You can exercise any of your rights described in this policy, including the right to ask us to erase your business contact information or object to the processing, by contacting our Data Protection Officer at notices@sub.co.
// Data created through use of our website
We use Google Analytics for aggregated, anonymised website traffic analysis. In order to track your session usage, Google drops a cookie with a randomly-generated anonymised ClientID in your browser. This information is important to us for improving the user experience and determining site effectiveness.
// CCTV and physical security monitoring
We operate closed-circuit television (CCTV) and other physical security and monitoring systems at and around our premises, offices, data centres, points of presence, cable landing stations and other facilities. If you visit or attend any of these locations, our CCTV may capture footage and images of you. We collect and use this footage for security, safety, access control and the investigation of incidents, and to protect our people, visitors, property and network infrastructure. We may disclose CCTV footage to our security personnel and service providers, and to government, law enforcement and regulatory bodies, where appropriate or required by law. We retain CCTV footage only for as long as is necessary for these purposes or as required by law.
How we use personal data
We rely upon a number of legal grounds as outlined in this section to ensure that our use of your personal data is compliant with applicable law. We will retain your information for only as long as there is a business or legal need.
// Contractual and pre-contractual business relationships
We use personal information for the purpose of entering into business relationships with prospective customers and suppliers, and to perform contractual obligations under contracts with customers and suppliers.
Activities that we may conduct in this context include:
a. customer management, accounting, auditing, billing and debt collection activities;
b. customer credit worthiness checks and vendor risk management;
c. provisioning customer services;
d. communications regarding the services we provide or receive, future business relationships and related customer service;
e. investigating complaints and carrying out dispute resolution; and
f. administering SUBCO’s agreement with each customer.
// Consent
If you consent, we may process your data or share it with third parties for the purposes of marketing, advertising and related analytics.
If our data collection or processing is based on your consent, you may at any time withdraw your consent with effect for the future by email to notices@sub.co.
Who SUBCO shares personal information with
// Government, Law Enforcement and Regulatory Bodies
We may share personal information with government, law enforcement and regulatory bodies where this is required for SUBCO to comply with legal and regulatory obligations.
// Service Providers
We may share your information with a limited number of third party service providers who we engage to perform tasks or provide capabilities on our behalf, such as other telecommunications and information service providers, our customer relationship management software providers and email service providers.
We may also share your information with SUBCO’s legal, accounting, human resources and financial advisers.
// Purchasers of SUBCO business
If any SUBCO company or substantially all of its assets are acquired by a third party, the personal information held by it about its customers will be one of the transferred assets.
// Credit reference bureaus
We may share personal information with credit reference bureaus for the purpose of preparing credit reports or evaluation of creditworthiness.
The organisations that SUBCO shares personal data with are located throughout the world, but predominantly in the United States, United Kingdom, European Union, Singapore, Oman and Australia. If you are in the European Union, some of the countries to which data will be transferred in our use of service providers, such as the United States and Australia, may not necessarily have data protection laws as comprehensive or protective as those in your country of residence. SUBCO has adopted internal policies and implemented measures to ensure appropriate and suitable safeguards are in place in relation to such transfers. You can request more information at notices@sub.co.
Your rights and choices
Depending on your location and subject to applicable laws, you may have the following rights with regard to the personal information we control about you:
a. The right to request access to and rectification of personal information relating to you.
b. The right to request that we erase your personal information in certain circumstances provided by law.
c. The right to request that we restrict our use of your personal information in certain circumstances, such as while we consider another request that you have submitted.
d. Where the processing of your personal information is based on your previously given consent, you have the right to withdraw your consent at any time.
e. The right to object to the processing of your personal information for direct marketing purposes or on grounds relating to your particular situation.
You can exercise the above rights by contacting us at notices@sub.co.
You also have the right to lodge a complaint with your local supervisory authority, which will vary depending on your location.
How we protect personal information
We take reasonable steps to protect the personal information we hold from misuse, interference and loss, and from unauthorised access, modification or disclosure. These steps include technical, physical and organisational safeguards such as access controls, network and infrastructure security, encryption where appropriate, and policies, procedures and training for our personnel.
While we work to safeguard your personal information, no method of transmission or storage is completely secure, and we cannot guarantee absolute security. If we become aware of a data breach that is likely to result in serious harm, we will respond in accordance with applicable law, including notifying affected individuals and the relevant authorities where required.
How we protect personal information
We retain your personal information only for as long as is necessary for the purposes for which it was collected, including to provide our services, to maintain our business relationship with you, and to satisfy any legal, accounting, regulatory or reporting requirements.
The criteria we use to determine retention periods include the nature of the information, the purposes for which it is processed, and any applicable legal or contractual obligations. When personal information is no longer required, we will take reasonable steps to delete, destroy or de-identify it.
Changes to this policy
We may update this policy from time to time to reflect changes in our practices, technology, legal requirements or other factors. When we make significant changes to this policy, we will take reasonable steps to notify you. We encourage you to review this policy periodically to stay informed about how we handle your personal information.