b'PRIVACY POLICY TRANSFER OF INFORMATION OUTSIDE AUSTRALIA/CROSS-BORDER DISCLOSURE OF PERSONAL INFORMATION In addition to disclosures permitted under this Privacy Policy, Delta may disclose information to organisations such as our ISO Certification Body, within the Certification global network. Some International ISO Standards Certification and Accreditation organisations may not be Australian entities and may not be regulated by the Australian Privacy Act, and accordingly may not be subject to privacy laws that provide the same level of protection as Australia.Any such disclosure, or transfer, of information does not change our commitment to safeguard information, consistent with our management system information security controls.If for any circumstance Delta was to disclose personal information to an overseas recipient, Delta will take reasonable steps to ensure that the overseas recipient does not breach the Australian Privacy Principles (other than APP 1) in relation to that information.QUALITY AND INTEGRITY OF PERSONAL INFORMATION Delta will take reasonable steps to ensure the personal information it collects is relevant, accurate, up-to- date and complete. Delta will ensure that personal information is relevant, as well as, accurate, up-to-date and complete, having regard to the purpose of the use or disclosure. Customers can request to correct information of a minor nature such as their personal contact details through discussion with the Delta office. Customers can request to correct or amend more significant Customer information such as file notes on the grounds that it is inaccurate, incomplete, out-of-date or misleading. Approval for these types of changes can only be granted by the General Manager. Any such changes are to be clearly marked. Words changed are not to be deleted or documents are not to be removed from the file. One clear line is to be marked through the word or sentence so that the original text is readable, and the approved change is to be marked with a date and signature. (Liquid paper or similar product is not to be used). Request documents and processes must be documented with copies of all correspondence kept in a confidential and secure file. We take reasonable steps to ensure that the personal information we collect is accurate, up to date and complete and that the personal information we use or disclose is, having regard to the purpose of such.To that end, we encourage our customers to contact us to update or correct any personal information we hold about them.SECURITY OF PERSONAL INFORMATION We take reasonable steps to protect the personal information we hold from misuse and loss and from unauthorised access, modification or disclosure. We store electronic information on secure servers in access controlled premises, and require all persons authorised to access such information to use logins and passwords to access such information.Delta will endeavour to take all reasonable steps to keep secure any information which we hold, keeping the information accurate and up to date.Delta will take reasonable steps to protect the personal information it holds from interference, in addition to misuse and loss, and unauthorised access, modification and disclosure.We require all our employees and others to whom we disclose personal information, or whom may have access to personal information we collect, to protect such personal information from misuse and loss and from unauthorised access, modification or disclosure.ACCESS TO PERSONAL INFORMATION Customers A customer may request access to personal information we hold about them. We may require a customer to verify their identity and to specify what information they require before any information is disclosed. Where a customer Privacy Policy v2022.08.08Page 7 of 10'