The Group treats the handling of your personal information very seriously. To that end, the Group has systems and procedures in place to protect your privacy in relation to the handling of your personal information.
The Group abides by the Australian Privacy Principles (“APPs”), which provide a scheme in relation to the collection, disclosure, use and storage of personal information. The Group's objective is to handle information responsibly and provide you with some control over the way information about you is handled.
1. Collection of Personal Information
Personal information is information or opinion about an individual, or an individual who is reasonably identifiable (whether the information or opinion is true or not, and whether the information or opinion is recorded in a material form). The nature of personal information collected by the Group generally comprises an individual's name, address, phone number, fax, e-mail address, birth date and gender, as well as interests and information about your transactions with us and with some of our business partners.
The primary purpose for collecting such information is to arrange, conduct and promote the Group’s business and investment activities and provide you with requested products and services.
The Group may collect personal information from you in a number of ways. These include, but are not limited to situations in which you set up an account with a company within the Group, request to receive products or services from the Group, or provide products or services to the Group, make an investment in the Group, complete a survey or questionnaire, or when you communicate with the Group by telephone, fax, writing, email, or any other electronic means.
Whilst the Group will attempt to ensure all transfer of data to a third party and use by a third party is secure, the Group cannot be held responsible for the theft of data by a third party, or the consequences resulting from the loss of data where that loss is associated with the technical malfunction, tampering by a third party, viruses, computer bugs, or any action or event beyond the reasonable control of the Group.
The Group also collects other types of personal information from time to time (eg. credit information and drivers licence details), and will inform you upon collecting such information the purpose for which it is being collected.
The Group does not collect personal information unless it is reasonably necessary for Group to perform one or more of its functions and activities or supply one or more of its services. On occasion, some of this personal information may be sensitive and the Group will only collect it with your consent or when required or authorised to by law.
The Group or its agents will generally collect personal information from you directly. For example, the Group may collect personal information when you attend a function or event, join a mailing list, make a purchase or investment, provide a resume or enter an agreement.
There may be other occasions when the Group needs to source personal information from third parties such as credit agencies and recruitment agencies. If we do this, we will use reasonable efforts to notify you afterwards.
You may choose to deal with the Group anonymously or under a pseudonym where lawful and practicable (ie: provided we are still able to provide the relevant service or do business with you without that information). For example, it might not be practical to deal with you anonymously if we need to process a payment, deliver goods or services or send personalised communications to you.
2. Use & Disclosure of Personal Information
Personal information provided to the Group may be shared with related companies within the Group. The Group takes all reasonably practical steps to keep such information strictly confidential.
The Group may use and disclose your personal information for the purpose for which it was initially collected, namely to arrange, conduct and promote the Group’s business and investment activities and provide you with requested products and services, as well as all purposes necessary and incidental to the provision of goods or services by the Group or by anyone on behalf of the Group.
In addition, the Group may use and disclose your personal information for purposes related to the initial purpose of collection if that other purpose would be within your reasonable expectations. Related purposes include analysing your personal information for the purpose of identifying and referring you to products, services and/ or investments that may be of benefit or interest to you, displaying targeted advertising based on those interests, improving our services, conducting research, contacting you, internal auditing and administration, adding your name to a guest list or invitation list, or assisting the Group to carry out auditing, administration, or product enhancement. Without limiting the foregoing, your personal information may be used to create an anonymous link to additional third party data (for example the data of our business partners) for the purpose of tailoring information you may be more interested in, and that link may be placed in cookies for the purpose of the Group and its business partners sending you targeted advertising when you use websites or other services over the internet, including those supplied to you by the Group as well as by third parties unaffiliated with the Group.
Additionally, in the event of a re-organization, merger or sale, the Group may transfer any and all personal information we have collected from you to the relevant third party. The Group may also be required to disclose your personal information without your consent if the disclosure is:
a. required or authorised by law;
b. required in order to investigate an unlawful activity;
c. required by an enforcement body for investigative activities; or
d. necessary to prevent a serious and imminent threat to a person's life, health or safety, or to public health or safety.
Generally, the Group will retain your personal information within Australia and not use or disclose it overseas. However, on some occasions the information may need to be transferred to overseas countries including but not limited to the UK and the US in order to perform one of the Group's functions or activities. In these circumstances, the Group will either obtain your express or implied consent or will use its reasonable endeavours to ensure that the foreign entity to whom your personal information is transferred has appropriate measures in place to protect your personal information.
Like most business organisations, the Group performs some of its functions under licence and also contracts out some functions and relies on third party suppliers to conduct specialised activities such as website management, share registry services, mailout services, call centre services, data analysis and processing services, insurance broking, vehicle and petrol supply, supply of equipment, engineering services, security services, financial services, credit reporting services and travel and hospitality services.
Whilst personal information may be provided to these licensors and suppliers in order to enable them to perform the agreed tasks, the Group will make every effort to ensure that the supplier handles the personal information in accordance with the Australian Privacy Principles and confidentiality principles. The Group will require all such suppliers to provide privacy undertakings and enter confidentiality agreements.
3. Direct marketing
From time to time the Group may use your personal information to identify products and services that may be of interest to you. The Group may use your personal information to send you information regarding the Group's products, services and investments, and those available through the Group's business partners.
From time to time, the Group may also provide your personal information to carefully selected third parties for the purpose of them providing you with information regarding products and services specific to your needs, and to help the Group conduct product enhancement activities.
If you do not wish to receive direct marketing information from the Group or third parties (as applicable) as outlined in this section, please let the Group know by using the unsubscribe function in the communication you receive, or alternatively by contacting firstname.lastname@example.org. The Group will take immediate steps to ensure that you do not receive any such direct marketing information in future.
4. Personal Information Quality
The Group's objective is to ensure that all personal information collected by the Group is accurate, complete and up-to-date. To assist the Group in achieving its objective, please contact the Privacy Officer if any of your details change. Further, if you believe that the information the Group holds is not accurate, complete or up-to-date, please contact the Privacy Officer on email@example.com in order to have the information corrected.
5. Personal Information Security
The Group is committed to keeping your personal information secure, and we will take reasonable precautions to protect your personal information from unauthorised access, loss, release, misuse or alteration.
Your personal information may be stored in hard copy documents, but is generally stored electronically on the Group's software or systems.
The Group maintains physical security over its paper and electronic data stores, such as locks and security systems. The Group also uses computer and network security technologies such as firewalls, intrusion prevention software, antivirus software, external email filtering and passwords to control and restrict access to authorised staff for approved purposes and to secure personal information from unauthorised access, modification, disclosure, misuse and loss.
Whilst the Group takes all reasonable steps to secure your personal information from loss, misuse and unauthorised access, you acknowledge that all activities in which you intentionally or unintentionally supply information to the Group carries an inherent risk of loss of, misuse of, or unauthorised access to such information. The Group cannot be held responsible for such actions where the security of the personal information is not within the control of the Group, or where the Group cannot reasonably prevent such incident.
Additionally, you acknowledge that the collection and use of your personal information by third parties may be subject to separate privacy policies and/or the laws of other jurisdictions.
6. Access To Personal Information
You may request access to the personal information the Group holds about you.
The procedure for gaining access is as follows:
a. All requests for access to your personal information must be made in writing and addressed to the Privacy Officer.
b. You must provide as much detail as possible regarding the business entity, department or person to whom you believe your personal information has been provided, and when. This will allow the Group to process your request faster.
c. The Group will acknowledge your request within 14 days, and access will usually be granted within 14 days, or if it is more complicated, 30 days. The Group will inform you if this timeframe is not achievable.
d. You will be asked to verify your identity.
e. A fee may apply to such access in the event that a request for access is onerous or time consuming. Such a fee will cover staff costs involved in locating and collating information, and reproduction costs.
f. Depending on the circumstances, you may be forwarded the information by mail or email, or you may be required to personally inspect your records at the appropriate place.
g. You will be given the opportunity to correct any personal information that is no longer accurate.
In some circumstances, the Group may not be in a position to provide access. Such circumstances include the following:
a. access would create a serious threat to safety;
b. providing access will have an unreasonable impact upon the privacy of other individuals;
c. denying access is required or authorised by law;
d. the request is frivolous or vexatious;
e. legal proceedings are underway or anticipated, and the information would not be accessible through the process of discovery in the proceedings;
f. negotiations may be prejudiced by such access;
g. providing access is likely to prejudice law enforcement;
h. providing access is likely to prejudice action being taken or to be taken with respect to suspected unlawful activity or serious misconduct relating to the Group’s functions or activities; or
i. access would reveal a commercially sensitive decision making process.
If the Group denies access to your personal information, it will provide you with reasons in writing.
7. Changes To This Policy
The Group may, without notice, change this Policy from time to time for any reason and will update the Policy accordingly. We ask that you visit our website periodically in order to remain up to date with such changes.
If you believe that your privacy has been infringed or a breach of the APPs has occurred, you are entitled to complain. All complaints should initially be in writing and directed to the Privacy Officer. The Group will respond to your complaint as soon as possible, within 14 working days, to let you know who is responsible for managing your query. The Group will try to resolve the complaint within 30 working days. When this is not possible the Group will contact you to provide an estimate of how long it will take to handle the complaint.
If you believe the Group has not adequately dealt with your complaint, you may complain to the Privacy Commissioner whose contact details are as follows:
Officer of the Australian Information Commissioner (OAIC)
Phone: 1300 363 992
GPO Box 5218 Sydney NSW 2001
9. Privacy Officer's Contact Details
Please address all written correspondence to:
Privacy Officer, c/- Legal Department
Seven Group Holdings Limited
PO Box 745, Darlinghurst NSW 1300