A statement about privacy and collection of personal information
The Company aims to protect the privacy of the personal information that we collect and hold
whilst carrying out our activities. Personal information is any information or opinion that is
capable of identifying a person.
This statement applies to personal information collected from and about employees, customers,
suppliers and any other person whose personal information the Company may collect from time
The Company is bound by the Principles established under the Privacy Act 1988 (Cth) (Act).
This statement has been developed as part of the Company’s efforts to comply with its
obligations under that legislation.
This statement explains:
- what types of personal information we might collect;
- how we aim to use personal information;
- when we will disclose personal information to others;
- how we manage and secure personal information;
- how you can access and seek to correct personal information that we hold about
- how you may make a complaint if you think that we have breached the Principles.
From time to time, we may review and update this statement – for example, to reflect changes
to the law, technology or our company. You should check the Privacy Statement posted on our
website periodically to read about any changes, modifications, or revisions to this statement.
Exception in relation to employee records
The Principles do not apply to employee records. As a result, this statement does not apply to
the Company’s treatment of employee records, where the treatment is directly related to a
current or former employment relationship between the Company and an employee.
1. What types of personal information do we collect?
The Company aims only to collect ‘personal information’ (as defined under the Act) that is
reasonably necessary for its activities. The types of personal information that we collect will
depend on the nature of the interaction between you and the Company, and where and how we
collect the information.
Personal information collected by the Company includes:
- information about customers including names, addresses, email addresses,
telephone and fax numbers and other contact details and also information about
their use of the Company’s services;
- information about job applicants, staff members, volunteers and contractors; and
- details of other people who come into contact with the Company such as suppliers.
If some information that the Company requests is not provided, the Company may not be able
to do business with you or engage you to work at the Company.
Some of the information we collect may be ‘sensitive information’ (as defined under the Act),
including information about your racial or ethnic origin, religious beliefs or affiliation, or health.
The Act requires us only to collect sensitive information from you where this is consented to by
you and reasonably necessary for our activities, or if the collection is required by law or a court
or tribunal order, and only to share personal information including sensitive information if the
Company has a belief that its use and/or disclosure is necessary:
- to lessen or prevent threats to health, life or safety of any individual;
- to investigate unlawful activity or serious misconduct within its business;
- to assist enforcement bodies, such as the police, with their activities:
- to assist in locating a missing person;
- to establish, exercise or defend a legal or equitable claim; and/or
- for the purpose of confidential alternative dispute resolution.
2. How do we collect your personal information?
We usually collect personal information directly from you, for example when you send us
correspondence by e-mail or in writing, deal with us over the telephone or in person, contact us
or place an order through our website.
Sometimes, someone else may provide us with personal information about you, with or without
your direct involvement. For example, we might collect your personal information from:
- another organisation of which you are a member;
- a representative;
- publicly available sources of information (such as telephone directories);
- a social media website to which you are a member, primarily through anonymised
data provided by that website that we use to assess our marketing reach; or
- commercially available mailing and marketing lists.
3. How do we use your personal information?
Information of customers and suppliers
Personal information is collected from customers and suppliers to enable the Company to
conduct its business. The purposes for which the Company uses personal information of
customers and suppliers include:
- to provide them with its services and/or products;
- to provide ongoing support or help to manage products, for example if they have a
- to communicate with them;
- to do business with them;
- for the general management and conduct of our business;
- to provide information about other products or services that the Company considers
would interest them (which they can tell the Company not to do at any time);
- to investigate incidents (including potential incidents) which occur on or at our
- to consider the suitability of prospective employees;
- for security and risk management purposes;
- to help the Company run its company, for example to improve its products or
services or its security, train staff or undertake marketing activities; and
- to comply with its legal obligations.
If we collect your personal information for any other purpose, we will generally let you know that
purpose at the time we collect the information.
Information of job applicants, staff members and contractors
The Company collects personal information of job applicants, staff members and contractors for
the primary purpose of assessing and (if successful) engaging the applicant, staff member or
contractor, as the case may be.
The purposes for which the Company uses personal information of job applicants, staff
members and contractors include:
- managing the individual’s employment or engagement;
- insurance purposes;
- ensuring that it holds relevant contact information; and
- satisfying its legal obligations.
4. When will we disclose your personal information to others?
The Company aims to confine its disclosure of personal information to the primary purpose for
which it has been collected, or for a related purpose. This means the Company will usually only
disclose personal information in connection with its business and administrative functions,
including when disclosure is necessary to provide you with a product or service that you have
requested; help us with the running of our organisation; or for security reasons.
We may provide your personal information to:
- companies related to the Company that are located overseas;
- outsourced service providers who perform functions on our behalf, such as
organisations providing security services, conducting market research, providing
email and mail handling services;
- authorised agents and representatives of the Company who sell products or provide
services on our behalf;
- anyone authorised by you to receive your personal information (your consent may
be express or implied and can be withdrawn at any time);
- an actual or prospective purchaser in the event we sell part of our business; and
- anyone to whom we are required by law to disclose personal information.
We generally require third parties only to use your personal information for the specific purpose
for which it was given to us and to protect the privacy of your personal information. We are not
always able to control the use to which those companies use that information, but we endeavour
to treat your personal information with due care and respect and, where we are able to do so,
require that the party agree with the Company to keep your information confidential.
You consent to us disclosing your personal information to the third parties listed above, and
similar organisations who may in turn provide your information to other third parties (for
example, for marketing purposes). You can withdraw your consent at any time by informing us
in writing that you withdraw that consent.
If you do not permit the disclosure of some personal information as the Company requests, the
Company then may not be able to meet its legal obligations and may not be able to do business
with you or engage you to work at the Company. If this is the case, we will let you know.
Sending information overseas
The Company will not send personal information outside Australia without first:
(a) obtaining the individual’s consent (in some cases this is implied); or
(b) otherwise complying with the Principles or other applicable legislation.
5. The Company’s website
When you visit the public pages of our website, our website server makes a record of your visit
and logs the following information;
- your IP (‘Internet Protocol’) address (which, in general terms, is a unique identifier
assigned to your computer when it is connected to the Internet);
- search terms used;
- the operating system and Internet browser software you are currently using; and
- the data that you download (such as web pages or other document files or software),
and the time that you download it.
This information cannot be used to identify you and is only used for statistical purposes to help
us identify what parts of our website our users visit the most, which in turn assists us to
determine how to improve our services.
If you contact us through our website or email us, we will not add your email address to our
mailing list without your consent.
The Company uses ‘cookies’ in the secure section of our website, which are a mechanism to
keep track of certain information between visits to the site by the same user. Our website uses
cookies to make the browsing experience more responsive when accessing some services on
the website. This information is not linked to any personal information and cannot be used to
identify the user. This means that the Company’s obligations in relation to personal information
do not apply to the information that it collects via cookies.
You can adjust your web browser’s settings to detect or disable cookies if preferred.
To the extent that our website contains links to sites operated by third parties, including other
organisations, those linked websites are not controlled by us and we are not responsible for the
privacy practices of the site operators. Before you disclose your personal information to any
linked websites, we advise you to examine their privacy policies and terms and conditions of
6. How we manage and secure personal information
Company staff are required to respect the confidentiality of all personal information and the
privacy of individuals, and we have directed our staff that personal information must be dealt
with in accordance with this statement.
The Company has security systems in place which are intended to protect your personal
information from misuse, loss, unauthorised access, modification or disclosure by the use of
various methods including locked storage of paper records and passworded access rights to
If the Company receives personal information about you which it did not request and which it
does not reasonably require, the Company may destroy or de-identify this information where
If you reasonably believe that there has been an unauthorised use or disclosure of your
personal information, please let us know.
7. Updating personal information that we hold about you
The Company aims to keep all personal information that we hold accurate, complete and up-to-
date. We encourage you to tell us if you change your contact details. If you believe that the
information we hold about you is incorrect, incomplete or out-of-date, please contact us.
The Company is required by law to keep some types of information for certain periods of time.
If we no longer require your personal information, we may destroy or de-identify that
information. The Company reserves the right to retain information for a period longer than that
for which it is required to retain the information if the Company considers that it is necessary,
and as long as it is in accordance with the Principles.
8. How you can access personal information that we hold about you
Under the Act, an individual generally has the right to obtain access to any personal information
which the Company holds about him/her and to advise the Company of any perceived
inaccuracy in that information. There are some exceptions to this right.
In some circumstances, the Act entitles the Company to deny access, for example if providing
access would impact unreasonably on the privacy of others or prejudice negotiations in which
we are involved. If we do refuse access, we will generally let you know the reasons for our
If you make a request for access to your personal information, we may ask you to verify your
identity and specify what information you require. The Company may charge a fee to cover our
costs of locating, retrieving, reviewing and copying any material requested. If the information
sought is extensive, the Company will generally advise the likely cost in advance.
9. Questions or complaints
If you have any questions or would like to make a complaint about the Company ‘s compliance
with the Principles, please contact us in writing.
All complaints will be dealt with in accordance with the Company’s grievance policy.
Any suspected data breach will be dealt with in accordance with our data breach response plan.