This Policy is applicable to Grocon Group Holdings Pty Ltd and its related entities (Grocon).
Grocon is committed to protecting the privacy of personal information and complying with the Australian Privacy Principles contained in the Privacy Act 1988 and the Privacy Amendment (Enhancing Privacy Protection) Act 2012.
This policy describes how Grocon complies with the privacy requirements in protecting the personal information Grocon holds about individuals.
Where this Privacy Policy refers to “personal information”, it means information about an
individual from which their identity is apparent, or can reasonably be ascertained. An
individual’s name and address are examples of personal information.
The type of personal information that Grocon collects will depend upon the relationship and dealings the relevant individual may have with Grocon. Grocon may collect and hold information about:
Grocon only collects personal information necessary for our functions and activities.
Grocon will not collect personal information in an unfair, unlawful or unreasonably intrusive manner. The types of personal information collected may include, but is not limited to:
The Privacy Act imposes restrictions on collecting sensitive personal information (this includes information about religious views, ethnicity, political opinions, personal health information). Grocon generally does not collect sensitive personal information about an individual. Grocon may collect some sensitive information if it is necessary to allow Grocon to deal with the individual and the individual has provided their consent.
Generally, Grocon tries to collect personal information directly from individuals. However, there are certain situations in which Grocon may collect personal information about individuals from 3 other sources. In either case, Grocon will take reasonable steps to ensure the individual is aware of the purposes for which the information is collected.
4. Use and Disclosure of Personal Information
Grocon will use and disclose personal information for purposes related to why the information was collected, or where the individual has consented to its use or disclosure.
For example, Grocon may provide personal information to our service providers. These may include companies that help Grocon with data processing and data analysis. Grocon will only disclose personal information to those third party service providers on a confidential basis so that the service provider can work effectively.
Personal information may be shared between companies within the Grocon group. In those cases, the purpose for which the information was originally collected will be taken into account.
Grocon may otherwise use or disclose personal information where required or authorised to do so by law, which may include emergency situations and assisting in law enforcement.
Grocon may also use or disclose the information collected for any other related purpose for which the individual would reasonably expect it to be used.
In general, Grocon uses personal information for the following purposes:
External parties may be given access to personal information held by Grocon in certain
circumstances. These include, but are not limited to:
Grocon limits the information disclosed to external parties to what is required for them to
perform their services for Grocon or the relevant individual, or what is required by law.
From time to time, Grocon may disclose personal information to external parties located outside Australia to allow the external parties to perform their services for Grocon. Grocon will only disclose personal information overseas when it is necessary for the services provided by these external parties and when it is in accordance with the Australian Privacy Principles. This includes taking reasonable steps to ensure that the external party has appropriate data handling arrangements in place.
Grocon may send marketing materials to its customers or potential customers where Grocon has collected the personal information from the individual and the marketing material is related to the purpose for which the information was collected.
The individual’s prior consent will be obtained before personal information is used for marketing purposes in situations where the personal information has not been collected directly from the individual or where sensitive information is involved.
If the customer no longer wishes Grocon to use his or her personal information for marketing materials, the customer is to advise Grocon’s Company Secretary.
Grocon collects personal information from individuals who submit applications or register
interest for employment with Grocon. If the application is unsuccessful, Grocon may retain the information in case a more appropriate opportunity becomes available. The unsuccessful applicant may contact Grocon’s Company Secretary to request Grocon not to retain the applicant’s information.
Grocon takes reasonable steps to prevent the personal information it holds from being misused or lost and from unauthorised access, modification or disclosure. This protection applies in relation to information stored in both electronic and hard copy form. Grocon maintains physical security measures over its physical premises, and a range of computer and network security measures over its electronic systems. Grocon employees are required to maintain the confidentiality of any personal information held.
Data transmission over the telecommunications system or the Internet cannot be guaranteed to be totally secure.
Grocon takes reasonable steps to ensure the personal information it collects, uses and
discloses is accurate, complete and up-to-date.
If an individual needs to access or correct any personal information Grocon holds, he or she may contact a People & Culture Manager (internal) or the Company Secretary. Individuals should provide as much detail as possible about the particular information sought, in order to help Grocon retrieve it.
An access fee may be charged to cover Grocon’s costs of providing the information. In the
event Grocon incurs costs to retrieve or source information, some or all costs may be
transferred to the employee.
If Grocon disagrees with the individual that the personal information should be changed, Grocon will provide the individual with the reasons for doing so. The individual has the right to request that a statement be associated with their personal information noting that they disagreed with its accuracy.
Grocon reserves the right to change this Privacy Policy at any time. Any changes will be notified by posting an updated version on the Grocon website at https://www.grocon.com.
Individuals who have any questions or feedback about privacy, or who wish to make a complaint, or who would like to know which entities are part of Grocon, may contact the Company Secretary.
You may also contact the Office of the Australian Information Commissioner as follows:
Phone: 1300 363 992
Web: www.oaic.gov.au
Address: GPO Box 5218, Sydney, NSW 2001
The Company Secretary can be contacted as follows:
Phone: (03) 9631 8833
Email: [email protected]
Address:
Company Secretary, Grocon Group Compliance
3 Albert Coates Lane, Melbourne VIC 3000
This policy was approved by the Grocon Group executive on 8 December 2015.