Privacy Act 1988 (Cth)
As a small business, we are exempted from the operation of the Privacy Act. However, protection of your personal information that we collect is very important to us. This policy sets out how we handle any personal information we collect or receive about you.
The Privacy Act 1988 (Cth) can be viewed at https://www.austlii.edu.au/au/legis/cth/consol_act/pa1988108/
OUR PERSONAL INFORMATION HANDLING PRACTICES
What is personal information?
We use the definition of personal information contained in s 6(1) of the Privacy Act. It states that personal information is 'information or an opinion (including information or an opinion forming part of a database), whether true or not, and whether recorded in a material form or not, about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion'.
Collection of personal information
We try to collect personal information directly from the individual.
We only collect personal information for purposes which are directly related to our activities and only when it is necessary for or directly related to such purposes. These purposes include:
- To provide you with information you have enquired about
- To provide you with goods you have purchased
- To provide you with services you have purchased
- When you ask to be on an email or mailing list so that we can send you information about our activities and/or publications
- When you send us information about an event you are organising for us to publicise on our website
- For normal communication processes when we might email you, text you or phone you
When you only browse the website, we do not collect your personal information.
When you look at our website, our hosting provider makes a record of your visit and logs (in server logs) the following information for statistical purposes:
- Your IP address
- The pages you accessed and documents downloaded
- The date and time of your visit to our site
- Whether you have visited our site before
- The previous site you visited, and
- The type of browser being used.
- We do not identify you or your browsing activities except, in the event of an investigation, where a law enforcement agency may exercise a warrant to inspect the internet service provider's server logs.
- The date and time that you click on a link in the email
We use a trusted 3rd party payment processor (Commweb - Commonwealth Bank Australia) for processing all online credit card purchases. At no stage do we collect or store credit card details in our systems.
If we manually process a credit card payment from you (via phone, fascimile or mail order) we only retain your credit card details until payment is processed before destroying those details.
For accounting and fraud management purposes, or otherwise as required by Law, we retain payment confirmation details supplied by the payment processor.
Use and disclosure of your personal information
We disclose personal information to selected third parties. Primarily we disclose information to GRDC for the purposes you would reasonably expect us to, consistent with our primary purpose for collecting any personal information.
We also disclose only sufficient information you would reasonably expect us to do, for partners, such as Australia Post, in order to complete any order from you for services and products.
We take steps to ensure that the personal information we collect is accurate, up to date and complete. These steps include maintaining and updating personal information when we are advised by you that your personal information has changed.
We take steps to protect the personal information we hold against loss, unauthorised access, use, modification or disclosure and against other misuse. These steps include password protection for electronic file storage and physical access restrictions.
If you choose to join our email lists, complete online forms or lodge enquiries, your contact details are stored on secured databases.
Cross-border transfer of personal information
We utilise secured servers in other countries for the purposes of backup storage or backup web server functions. The service providers we utilise observe comparable internationally recognised Privacy Policies that are consistent with this Policy. These service providers are in USA or Singapore.
Deletion of data and unsubscribing
You can request that your personal information be deleted at any time.
You may also request us to delete any personal information we hold about you by emailing our contact person whose details are below. You may choose to opt out of further contact from us by following the instructions in the mailing list email that we send you.
Access and correction
If you wish to request access to the personal information we hold about you, or request that we change that personal information, we will allow access or make the changes unless we consider that there is a sound reason to withhold the information under relevant law such as the Privacy Act or other relevant information.
You can obtain further information about how to request access or changes to the information we hold about you by contacting us (see details below).
How to contact us