The Sime Darby Australia Limited group of companies (‘the Group’) is committed to ensuring that personal information held by the Group remains private and is protected.
Personal information must relate to a natural person. A natural person is a human being rather than, for example, a company, which may in some circumstances, be recognised as legal 'person' under the law.
Individuals have the right to know:
The object of this policy is to comply with the 10 National Privacy Principles (‘NPPs’), which are high-level statements of principle that form the core of the Privacy Amendment (Private Sector) Act 2000 (‘the Act’). The Act and this policy are concerned with the collection, handling and use of ‘personal information’, that is, information about an individual who can be identified, or whose identity could be reasonably ascertained, from the information.
Overall responsibility for the privacy of data and information concerning individuals rests with the Group’s management.
This policy applies to:
STATEMENT OF POLICY
The Group will only collect personal information for the purposes of effectively managing the Group’s products and services and any other purpose to which an individual has consented.
The Group will collect personal information in a fair and lawful manner without any intimidation or deception. The information collected may include but is not restricted to the following details:
When requested, the Group will disclose to individuals the information collected about them and how it was collected.
The Group will take reasonable steps to ensure the individual is generally aware of the purpose for which the information is collected, who can have access to the information, to whom (in general terms) the information may be disclosed and the main consequences (if any) for the individual if all or part of the information is not provided.
The Group will, where practicable, collect personal information directly from the individual and take reasonable steps to ensure the individual is aware of the Group’s identity and obligations under this policy.
Where information is collected from or confirmed by someone other than the individual, the Group will take reasonable steps to make the individual aware of the matters described in paragraph iv above. Exceptions to this rule are:
Use and Disclosure
The Group will only use or disclose information about an individual:
Where implied or express consent has been obtained, an individual’s personal information may be collected and used for example marketing purposes and disclosed between Group related organisations.
When an individual gives implied or express consent to disclose information concerning them, related to the original purpose, this will include consent to exchange information with a third party. This may include but is not limited to:
When an organisation asks for a credit reference on an individual, the Group will seek confirmation that the necessary consents have been obtained.
The Group will take reasonable steps to confirm that information about an individual is accurate, complete and up-to-date.
The Group will take reasonable steps to protect the personal information it holds on individuals from misuse and loss and from unauthorised access, modification or disclosure.
The Group will be open with the individual about what information is held and what is done with the information.
This policy will be available to any individual on request.
An individual may contact the Group concerning privacy issues connected with their own personal information. If the issue is not resolved to the individual’s satisfaction then it can be referred onto the Group’s Privacy Co-ordinator who will utilise the Group’s Grievance Handling / Disputes Procedure.
Any dispute concerning a privacy issue between an individual and the Group can be directed to the Office of the Federal Privacy Commissioner for determination.
Access and Correction
When requested the Group will provide the individual with the information held about them and will take reasonable steps to correct it if it is wrong.
An individual may lodge a written or verbal request to obtain details of personal information held by the Group by contacting the Privacy Co-ordinator.
The Group may deny access to information if it deems it:
The Group will inform the individual of the reasons for denying access or refusing to correct personal information.
An individual can seek disclosure of information concerning themselves, however where the disclosure may have an unreasonable impact upon the privacy of other individuals, then an extract or summary of the record will be provided in a manner that continues to protect the privacy of the other individuals.
Requests for access to an individual’s details by anyone other than the individual should be accompanied by reasonable evidence that the person requesting disclosure has the authority to act on the individual’s behalf. Reasonable evidence may include legal guardianship, an enduring power of attorney or a parent (natural, step or adoptive) relationship in the case of a minor.
The Group will only collect, utilise or disclose Commonwealth Government identifiers such as the Tax file number and ABN in ways that are consistent with its original intention.
Wherever it is lawful and practicable, individuals can enter into transactions with the Group anonymously.
Transborder Data Flows
The Group will only transfer personal information outside Australia without the consent of the individual if it reasonably believes the information will be given a similar level of protection as under the NPPs.
With the exception of employee records and then only when lawful to do so, the Group will not collect sensitive information such as: