We are bound by the Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (Cth) (Privacy Act). The APPs are designed to protect the confidentiality of information and the privacy of individuals by regulating the way personal information is collected, used, disclosed and managed. Personal information is, generally speaking, information or an opinion relating to an identified, or reasonably identifiable, individual.
This policy explains the types of personal information that we may collect and hold, how that information is used and with whom the information is shared. It also sets out how you can contact us if you have any queries or concerns about this information.
Why do we collect personal information?
We collect personal information about our customers, suppliers, contractors, job applicants and other contacts to understand and meet their needs, to conduct our activities and meet legal obligations.
What personal information do we collect?
The types of personal information we may collect include contact information (such as your name, address, email address, fax and telephone number), information about your employer or the organisation that you work for, your newsletter preferences, comments you submit by way of our website and any feedback that you provide to us about our products and services, our website, or other matters.
What other information do we collect?
Personal information may be collected by way of forms filled out by individuals (including via online forms), surveys, emails, telephone conversations, online user-generated content and market research, face-to-face meetings and interviews. Where necessary and with your consent, we supplement the information we receive from you with information from third party sources, such as your employer or organisation.
You may in some circumstances have the option of not identifying yourself or using a pseudonym when you deal with us. However, if you choose not to provide the information we need to fulfil your request for a specific product or service or to participate in the sales and enquiry process we may not be able to provide you with the requested product or service or we may not be able to allow you to interact with our business.
In addition we may use Google Tag Manager and other analytics software to consolidate information on each unique visitor and their interactions with our site. This consolidated information provides a more accurate picture of visitor journeys and use of our services and website. Such tracking may include assigning a unique randomly generated identifier to each visitor and use of this identifier to link all activity associated with that particular visitor. The unique identifier, web analytics data and Cookies do not contain personally identifiable information such as your name or email address and therefore cannot be used to identify you.
You can find out more information on how Google uses data when you use our sites or apps at www.google.com/policies/privacy/partners/.
You can find out more information on how Hotjar uses data when you use our site at https://www.hotjar.com/legal/policies/privacy. You can opt-out from having your information recorded by Hotjar by visiting Hotjar’s opt-out page and clicking “Disable Hotjar” or enabling a Do Not Track (DNT) in your browser.
How might we use and disclose your personal information?
We may use and disclose your personal information for the primary purpose of collection, or for reasonably expected secondary purposes which are related to the primary purpose, or for purposes to which you have consented, and in other circumstances authorised by the Privacy Act.
Generally, we may use and disclose your personal information for a range of purposes, including to:
- provide you with our products or services that you have requested;
- respond to your queries or feedback;
- analyse and improve all aspects of our business including, but not limited to, our development processes, our business systems, processes, outcomes, communication, website, engagement and performance;
- facilitate your participation in product development in various capacities;
- provide you with any communications or publications in which we think you might be interested, or which you have requested;
- let you know about developments in our procedures, products, services, activities and programs that might be useful to you;
- facilitate your participation in forums, social events and educational events; and
- consider employment applications.
Disclosure of personal information to other parties
We may disclose your personal information to third parties such as our staff, our professional advisers, our external service providers that provide services to us (such as training, website hosting or cloud storage, distribution of newsletters, publications developed by our business, and market research), other organisations, your employer or organisation, government, statutory or regulatory bodies. We may disclose your personal information for the purposes set out above.
We may disclose to the public information concerning the operation of our technical committees, including information about the members of those committees on a trial or other basis where we consider that it is appropriate to do so having regard to our public interest objectives and subject to their consent.
We may also disclose your personal information if it is required or authorised by law, where disclosure is necessary to prevent a threat to life, health or safety, or where we are otherwise permitted by the Privacy Act.
We do not sell or license your personal information to third parties
Security and management of personal information
We will take reasonable steps to protect the personal information we hold from misuse and loss and from unauthorised access, modification or disclosure. The ways we do this include:
- limiting physical access to our premises;
- limiting access to the information we collect about you (for instance, only those of our personnel who need your information to carry out our business activities are allowed access);
- requiring any third party providers to have acceptable security measures to keep personal information secure; and
- putting in place physical, electronic, and procedural safeguards in line with industry standards.
If we no longer require your personal information and are not legally required to retain it, we will take reasonable steps to destroy or permanently de-identify the personal information.
Links from our website to other websites
Our website may contain links to third party websites. We do not operate these websites and therefore are not responsible for the collection or handling of personal information by the operators of these websites.
Accessing the information we hold about you
Under the APPs, you may be able to obtain a copy of the personal information that we hold about you. The APPs provide some exceptions to your rights in this regard. To make a request to access this information, please contact us in writing. We will require you to verify your identity and specify what information you require. We may charge a fee to cover the cost of verifying the application and locating, retrieving, reviewing and copying any material requested.
Updating your personal information
We endeavour to ensure that the personal information we hold about you is accurate, complete and up-to-date. Please contact us if you believe that the information we hold about you requires correction or is out-of-date.
Sending information overseas
Personal information is sent overseas in limited circumstances, including to:
- external service providers that assist our organisation such as with internal operations (including training, website hosting or cloud storage), market research and the distribution of our newsletters, standards and other publications by our business.
We will not send your personal information to a recipient outside Australia without obtaining your consent or otherwise complying with the APPs.
The countries in which recipients are likely to be located include New Zealand and the United States.
Updates to this Policy
If you are concerned that we have not complied with your legal rights or applicable privacy laws, you may bring a complaint internally through our complaints process or you may decide to make a formal complaint with the Office of the Australian Information Commissioner (www.oaic.gov.au) (which is the regulator responsible for privacy in Australia).
We will deal with complaints as follows:
Step 1: let us know
- If you would like to make a complaint, you should let us know by contacting our Privacy Officer.
Step 2: investigation of complaint
- Your complaint will be investigated by our Privacy Officer.
- A response to your complaint will be provided in writing within a reasonable period.
Step 3: contact OAIC
- We expect our procedures will deal fairly and promptly with your complaint. However, if you remain dissatisfied, you can also contact the Office of the Australian Information Commissioner as follows:
Office of the Australian Information Commissioner (OAIC) Complaints must be made in writing. GPO Box 5218 Sydney NSW 2001 – www.oaic.gov.au
We will endeavour to respond to all complaints and correspondence promptly.