1.1 “Pask”, “we”, “us” and “our” means NPD Management Pty Ltd ACN 088 099 254, its related bodies corporate and their officers, employees, agents and contractors.
1.3 We are committed to complying with the Privacy Act 1988 (Cth) (Privacy Act) in relation to all personal information we collect. Our commitment is demonstrated in this policy. The Privacy Act incorporates the Australian Privacy Principles (APPs). The APPs set out the way that personal information must be treated.
1.4 By providing your details, you consent to us collecting, holding, using and disclosing your personal information in accordance with this policy.
1.6 This policy applies to any person in relation to whom we currently hold, or may in the future collect, personal information. Broadly, we collect personal information from our current and prospective customers, other individuals that contact us with enquiries, prospective and current contractors and agents and prospective employees.
1.7 This policy does not apply to acts and practices in relation to ‘employee records’ of our current and former employees, as these are exempt from the Privacy Act.
1.8 This policy applies to personal information (including sensitive information). In broad terms, ‘personal information’ is information or opinions relating to a particular individual who can be identified.
1.9 Information is not personal information where the information cannot be linked to an identifiable individual.
Anonymity and pseudonymity
1.10 We will take reasonable steps to destroy or de-identify personal information if that information is no longer needed for the purposes for which we are authorised to use it.
1.11 If you want to use a pseudonym or remain anonymous when dealing with us, you should notify us and we will try to accommodate your request, subject to our ability to interact with you without having your personal information.
1.12 You do not have to provide your personal information to us but if you do not provide the information requested by us, we may not be able to provide you with our products or services or otherwise engage with you.
2 What kinds of personal information do we collect and hold?
2.1 The personal information we may collect differs, depending on the nature of our interaction with you. Generally, it will include information which is relevant to providing our products and services to you, including responding to your enquiries about a property.
2.2 If you are a customer or prospective customer, we may collect and hold personal information about you, which may include:
(a) individual and company details including names, email address and contact information;
(b) profile related details such as home ownership, income bracket, age group, marital status, lifestyle interests, employment status, employment history, visa and residency status;
(c) details about your personal requirements and preferences in relation to our products or services;
(d) financial information;
(e) insurance information;
(f) credit information;
(g) banking details;
(h) government related identifiers such as passport numbers and driver licence numbers;
(i) details of incidences, enquiries or complaints; and
(j) any other personal information required to provide our products and services.
2.3 If you are a current or prospective contractor or agent or a prospective employee, we may collect and hold personal information about you, which may include:
(a) sensitive information (see below);
(b) contact information;
(c) date of birth;
(d) employment history;
(e) visa and residency status;
(f) tax file number information;
(g) insurance information and claims history;
(h) credit information;
(i) licence details;
(j) education details;
(k) banking details;
(l) government related identifiers such as driver licence numbers;
(m) any other personal information required to engage you as our contractor, agent or employee; and
(n) records of contact and details of enquiries, conversations or correspondence made or received with you.
2.4 ‘Sensitive information’ is a subset of personal information and includes personal information that may have serious ramifications for the individual concerned if used inappropriately.
2.5 We may collect sensitive information about prospective or current contractors or agents or prospective employees including:
(a) health information (including vaccination status);
(b) racial or ethnic origin;
(c) criminal history;
(d) membership of professional or trade associations; and
(e) membership of trade unions.
2.6 We generally do not collect sensitive information from our current or prospective customers but on occasion we may collect sensitive information from these individuals if it is relevant to the delivery of our products or services.
2.7 In any case, we will not collect sensitive information without the individual’s consent to whom the information relates unless permitted under the Privacy Act.
2.8 Our website automatically collects hardware and software information about your computer or device including:
(a) your IP address;
(b) your browser type;
(c) the types of devices you are using to access the website;
(d) language and operating system;
(e) domain names, access times and referring website addresses; and
(f) page clicks, time spent and other automatically collected meta-data.
2.9 Our website also collect usage information from users of the website. Broadly, this information relates to how you use and navigate the website, including:
(a) information about pages, content or advertisements you have browsed or clicked on;
(b) any content, information or material you disclose to us;
(c) the location from which you have come to the site and the pages you have visited; and
(d) information about the features you have used on our website.
3 How do we collect personal information?
3.1 We may collect personal information directly from the individual concerned for example via:
(a) our website;
(b) online forms;
(c) surveys and questionnaires;
(d) telephone calls;
(e) physical or virtual meetings; and
3.2 We may also collect personal information from third parties such as:
(a) your representatives and advisors;
(b) through referrals from individuals or other entities;
(c) from banks and financial institutions;
(d) your current and previous employers;
(e) government bodies (such as relevant departments, regulatory authorities etc.);
(f) our employees, contractors and agents;
(g) paid search providers; and
(h) through marketing and business development events and competitions.
3.3 Our website uses ‘cookies’, a text file that is placed on your hard disk by a webpage server. Cookies are uniquely assigned to you.
3.4 A cookie notifies the webserver that you have returned to a specific page. For example, if you personalise our webpage or create an account on our website, a cookie:
(a) helps us to recall your specific information on subsequent visits; and
(b) simplifies the process of recording your personal information.
3.5 You have the ability to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer.
4 How do we hold personal information?
4.1 Our usual approach to holding personal information is to store it:
(a) physically, in paper files stored securely at our premises; and
(b) electronically, in computer systems, databases and cloud servers either operated by us or our external service providers.
4.2 We implement and maintain processes and security measures to protect personal information which we hold from misuse, interference or loss, and from unauthorised access, modification or disclosure.
4.3 Some of these processes and systems include:
(a) using secure servers to store personal information;
(b) using unique usernames, passwords and other protections on systems that can access personal information;
(c) arranging for our employees to complete training about information security;
(d) holding certain sensitive documents securely; and
(e) monitoring and reviewing our policies.
5 Why do we collect, hold, use or disclose personal information?
5.1 We take reasonable steps to hold, use and disclose personal information for the primary purpose for which we collect it. The primary purpose for which we collect information varies depending on the individual that we are collecting the information from but is generally as follows:
(a) in the case of customers and prospective customers, to provide our products and services – for example:
(i) to manage, perform and renew any contract entered into with you;
(ii) to help us identify and develop products and services that may interest you;
(iii) to provide customer service functions;
(iv) to maintain and enhance our relationship with you;
(v) to conduct market or customer satisfaction research;
(vi) to conduct promotions;
(vii) to invite you to events;
(viii) to send you newsletters;
(ix) to ensure compliance with legislative and regulatory requirements;
(x) to provide you with information about other products and services that you may be interested in;
(xi) with respect to information generated by the website – to monitor online traffic, deliver customised content and assess user experience;
(xii) to provide your contact details to a builder when considering or purchasing a house and package from us; or
(xiii) to provide your contact details to your new neighbours for the construction of fencing;
(b) in the case of a current contractor and agent, to assist us in providing our products and services;
(c) in the case of a prospective contractor, agent or employee, to assess your suitability for employment or engagement; and
(d) in the case of other persons that contact us, to assist us to respond to your enquiries.
5.2 Personal information may also be collected, held, used or disclosed by us for secondary purposes that are within your reasonable expectations and that are related to the primary purpose of collection.
5.3 We may disclose personal information to:
(a) our contractors, agents, employees and related entities;
(b) our external auditors, brokers and insurance providers, legal and other advisors;
(c) employers of individuals;
(d) banks and financial institutions;
(e) your advisors;
(f) government bodies (such as relevant departments, regulatory authorities etc.);
(g) law enforcement agencies; and
(h) third parties considering the acquisition of the whole or part of our assets or business.
5.4 We will only disclose personal information to third parties if:
(a) we are required or authorised by law to do so;
(b) we have received express consent to the disclosure, or consent may be reasonably inferred from the circumstances; or
(c) we are otherwise permitted to disclose the information under the Privacy Act.
6 Marketing activities
It is important for us to maintain contact with our customers and prospective customers. From time to time, we may send advertising or marketing material through the post or by email to existing and prospective customers. In these circumstances, it is our policy to comply with the stated purpose for which personal information was collected and consequently we will only ever contact you in this way if you give your permission. Pask’s existing and prospective customers will always have the opportunity to decline to receive further advertising or marketing material and can ask to be removed from our marketing lists at any time. If we receive such a request, we will update our records appropriately, within a reasonable time.
7 Will we disclose personal information outside Australia?
7.1 We will disclose personal information outside of Australia if you expressly request us to do so.
7.2 In some cases, we may indirectly disclose personal information overseas through disclosures to our service providers that have data servers located overseas. For example, we disclose personal information to service providers such as Campaign Monitor, which is based in and/or has data centres located in the United States of America.
7.3 Where we disclose your personal information to parties located overseas (or which have data centres located in other countries), we take reasonable steps to ensure that those parties will handle the personal information in accordance with the Australian Privacy Principles. We are not required to take such steps if we believe that the overseas recipient is already subject to a law that has the effect of protecting personal information in a substantially similar way to the relevant law in Australia, or with your consent.
8 How to we manage your credit information
8.1 This section applies to the extent that we provide products or services on deferred terms of payment of at least 7 days from time to time.
What kinds of credit information may we collect?
8.2 In the course of offering and providing our products and services, we may collect and hold the following kinds of credit information:
(a) identification information;
(b) payment details;
(c) your repayment history;
(d) information about overdue payments;
(e) the terms of credit made available to you;
(f) if terms and conditions of your credit arrangements are varied;
(g) any publicly available information about your credit worthiness; and
(h) any information about you where you may have fraudulently or otherwise committed a serious credit infringement.
How and when do we collect credit information?
8.3 In most cases, we will only collect credit information about you if you disclose it to us and it is relevant in providing you with our products or services.
8.4 We usually collect credit information directly from you.
8.5 We do not collect and hold credit information from credit reporting bodies unless it is incidentally collected in providing our products and services.
How do we store and hold the credit information?
8.6 We store and hold credit information in the same manner as outlined in section 4 of this policy.
Why do we collect the credit information?
8.7 Our primary purpose for collecting, holding, using and disclosing credit information is to provide you with our products and services on credit and to process payments.
Overseas disclosure of the credit information
8.8 We may disclose your credit information to entities outside of Australia in the same manner as outlined in section 7 of this policy.
How can I access my credit information, correct errors or make a complaint?
8.9 You can seek access to and request a correction to your credit information, or complain about a breach of your privacy in the same manner as set out in section 10 of this policy. We will deal with a complaint in the same manner as set out in section 10 of this policy.
9 How do we handle data breaches?
9.1 A data breach occurs when personal information is lost or subjected to unauthorised access, use, modification or disclosure or other misuse or interference.
9.2 We have implemented a data breach response plan to assist us to effectively contain, evaluate and respond to data breaches in order to mitigate potential harm to any persons affected by a data breach.
9.3 In summary, our data breach response plan:
(a) directs our staff as to the steps they should take in the event of an actual or suspected data breach;
(b) appoints a team to handle data breaches;
(c) specifies a strategy for assessing and responding to data breaches;
(d) sets out the process for notifying any affected persons, the Privacy Commissioner and other relevant parties; and
(e) outlines the review process to help prevent data breaches in the future.
10 How do you make complaints and access and correct your personal information?
10.1 It is important that the information we hold about you is up-to-date. You should contact us if your personal information changes.
Access to information and correcting personal information
10.2 You may request access to the personal information held by us or ask us for your personal information to be corrected by using the contact details in this section.
10.3 We will grant you access to your personal information as soon as possible, subject to the request circumstances.
10.4 In keeping with our commitment to protect the privacy of personal information, we may not disclose personal information to you without proof of identity.
10.5 We may deny access to personal information if:
(a) the request is unreasonable;
(b) providing access would have an unreasonable impact on the privacy of another person;
(c) providing access would pose a serious and imminent threat to the life or health of any person; or
(d) there are other legal grounds to deny the request.
10.6 We may charge a fee for reasonable costs incurred in responding to an access request. The fee (if any) will be disclosed prior to it being levied.
10.7 If the personal information we hold is not accurate, complete and up-to-date, we will take reasonable steps to correct it where it is appropriate to do so.
10.8 If you would like to complain about an interference with your privacy, then you must follow the following process:
(a) The complaint must first be made to us in writing, using the contact details in this section. We will have a reasonable time to respond to the complaint.
(b) If the privacy issue cannot be resolved, you may take your complaint to the Office of the Australian Information Commissioner.
Who to contact
10.9 A person may make a complaint or request to access or correct personal information about them held by us. Such a request must be made in writing to the following address:
Privacy Officer: Casey Webster
Postal Address: PO Box 3278 Southport 4215
Telephone number: (07) 5531 2399
Email address: firstname.lastname@example.org
11 Changes to the policy
11.1 We may update, modify or remove this policy at any time without prior notice.
11.2 This policy is effective October 2022. If you have any comments on the policy, please contact the Privacy Officer with the contact details in section 10 of this policy.
Last Updated: November 2022© Pask Places for Generations 2022