Purpose
This Policy covers the collection and management of personal information by the pitt&sherry group of entities. The Policy also forms part of the terms of use of pitt&sherry’s websites.
Definitions
Personal Information has the meaning given to it in the Privacy Act and includes information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether the information or opinion is true or not.
Sensitive Information is a type of personal information that is provided higher protection under the Privacy Act, and includes racial or ethnic origin, political opinions, religious beliefs, trade union membership, criminal record or details about your health, genetic or biometric information.
pitt&sherry is a specialist consultancy delivering intelligent and sustainable solutions to industry, government and communities for over 60 years. We value and respect the privacy of the people we deal with. pitt&sherry is committed to respecting the privacy and security of personal information provided to or collected by pitt&sherry. This Privacy Policy (Policy) describes
- how we collect, hold, use and disclose your personal information, and
- how we maintain the quality and security of your personal information.
- how you can contact us in relation to your personal information and, if requested by you, opt-out of this Privacy Policy, limit the use of, or amend, any personal information we may have about you
By providing us with personal information about yourself through your interactions with pitt&sherry, our website, or otherwise, you consent to the collection, use, disclosure, storage and transfer of that personal information as set out in this Policy. If at any time, you wish to withdraw your consent to the collection, use, disclosure, storage and transfer of your personal information in accordance with our Privacy Policy, you may opt-out by contacting us (refer to the Contact Us information below).
Employee records are not generally subject to the Privacy Act and therefore this policy may not apply to the handling of personal information about our employees.
Policy
Types of Personal Information we collect
We aim only to collect personal information that is reasonably necessary to provide the service, product or information you have requested from us.
Personal Information we may collect, and hold may include (and is not limited to) the following:
- contact information such as your name, phone number, email, occupation, education, qualifications and postal or residential address.
- financial information such as your credit card and banking details.
- information about your use and interaction with our websites or social media accounts.
- information about how you engage with us, or our services.
- information related to job applications such as your work history, passport details, driver’s license.
- sensitive information, such as your health information or criminal record.
When we collect sensitive information, we will always get your consent, unless the collection of the sensitive information permitted under the Privacy Act.
How and why we collect information
The primary purpose for which we collect personal information about individuals is to perform our business activities and functions and to provide best possible quality and customer service.
We may collect, your personal information in several ways that may include the following:
- In performance of our professional service and duties in accordance with terms of a contract.
- When you fill in our forms (either online or hard copy).
- When you contact us (e.g., call or email us).
- When you give us feedback or make a complaint.
- Through you visiting our websites.
- Via social media.
- When you apply for a job with us.
- When we conduct surveys, community consultation, environmental and other studies as part of our business.
- From third parties during, or related to, our business activities such as our vendors, business or commercial partners.
Unless it is unreasonable or impracticable to do so, we collect your personal information from you directly. In many cases however, we will collect information about you from a third party such as your employer, your referees, recruitment agencies, contractors and business partners, government departments, insurers, or from publicly available sources.
At the time of collection, or as soon as practicable after we have collected it, we will take reasonable steps to notify you of the collection and of any matters relevant to the collection, unless it is obvious from the circumstances that you would know or would expect us to have the information.
The main purposes for which we collect hold and use personal information are: -
- to enable us to provide services to you or our clients.
- to communicate information about our services.
- for our internal administrative, account management, planning, business development, and research requirements.
- to promote contact with you, clients and other business partners via marketing communications, market surveys, strategies and campaigns.
- for our marketing, promotional, business planning, quality control and research purposes.
- to conduct due diligence and compliance requirements such as verifying your identity.
- to consider the suitability of applicants for employment with us.
- to facilitate and manage our relationships with current or potential customer, suppliers, contractors, employees, and community stakeholders.
- for our marketing, promotional, business planning, quality control and research purposes.
- where required or permitted by law, regulation, rule or professional standard.
Use and Disclosure of information
We strive to ensure that use and disclosure of your personal information is limited to the primary purposes of our business, marketing and/or related purposes as necessary. We do not routinely disclose personal information to third parties unless it is required in circumstances such as:
- For provision of Legal, financial or other professional services.
- For compliance with legal obligations.
- For due diligence and screening for compliance requirements such as employment and vendor pre–screening or credit references.
- To our Information Services function to provide services and technical support, data hosting, data analytics and other similar services for us.
- For underwriting insurance or assessing insurance risk and claims.
- To other external providers of services that we use to operate our business and manage our business including but not limited to: payment system operators or financial institutions, file storage service providers, database and mailing service providers, couriers and/or freight service providers, printers, software vendors, providers of payment processing and identity verification services and IT technicians.
- As permitted by law, regulation, rule or professional standard.
We only permit access to the personal information external providers need to deliver the service to us or to you. We take reasonable steps to ensure that these organisations are bound by confidentiality and privacy obligations in relation to the protection of your personal information. However, the privacy and collection practices of entities to which we disclose personal information are governed by their own privacy policies.
We will not disclose sensitive information to third parties without your consent, unless the circumstances give rise to an exception under the Privacy Act.
We must seek additional consent from you to use or retain your personal information other than as set out in this Privacy Policy, and you have the choice to opt-out at any time by contacting us (as outlined below).
Disclosure of information outside of Australia
In addition to disclosures permitted under this policy, we may also use overseas facilities or contractors to process, store or backup our information or to provide certain products or services to us.
We take care to ensure that third parties outside Australia to whom we disclose personal information are subject to appropriate restrictions on their handling of that personal information. Due to differences in foreign laws and the global nature of some arrangements in place, however, these restrictions may not be substantially similar to those required under the Australian Privacy Principles, and the Privacy Act (including mechanisms entitling you to seek redress) may not apply.
Any such disclosure of personal information does not change any of our commitments to safeguard your privacy, and the information remains subject to any existing confidentiality obligations.
Consequences of not providing personal information
You are not obligated to provide your personal information, however where this information is required for us to provide services and deal with legitimate interests, we may not be able to offer our services without it. In situations where anonymity is both lawful and practicable, you may remain anonymous or use a pseudonym when dealing with us.
Period of retention of personal information
We will not keep your personal information for longer than we need to. In most cases, this means that we will only retain your personal information for the duration of your relationship with us unless we are required to retain your personal information to comply with applicable laws, for example record-keeping obligations.
Security
The Company will take all reasonable steps and apply appropriate internal measures to keep secure personal information that we hold, whether electronically or in hard copy and keep that information up to date.
We use a variety of secure techniques to store and protect your information. We also require our employees and data processors to respect the confidentiality of any personal information held by us.
Marketing
We may collect, hold, and use personal information to send out direct marketing communications and information about services that we consider may be of interest. These communications may be sent in various forms, including phone, letter, or email.
The Company does not provide your personal information to other organisations for the purposes of direct marketing.
At any time, you may opt-out of receiving any communications from us (other than as required for the operation of our business, for example, regarding payment of accounts) or change your marketing communication preferences by contacting the Privacy Officer – details below or by using the unsubscribe option.
Automated decisions
pitt&sherry does not make decisions based solely on the automated processing of data, including profiling, which produce legal effects that significantly affect the individuals involved. If automated decisions are made, affected persons will be given an opportunity to express their views on the automated decision in question and object to it.
Children’s Information
The Company’s websites and services hosted by third parties on behalf of the Company are intended to be used by adults and corporate entities interested in the Company. They are not intended for children, and the Company does not knowingly collect or store personal information about children under the age of 13. To the extent pitt&sherry was to collect any personal information from children under 13 years of age, it would be limited to collection with a parent or guardian’s consent.
Accuracy of the information the Company holds
The Company will make all reasonable attempts to maintain the accuracy of personal information held and keep it up to date.
Contact Us - Accessing and correcting information
All information provided to us can be accessed in order to obtain a copy of the personal information held, request any changes to inaccurate, changed or out of date information, or request the removal of any information.
Requests to access information or to correct information should be made to the Privacy Officer as outlined below and a response will be provided as required by applicable law. For security reasons, verification of identity of the person requesting access to information or correcting information will be required.
If you have any questions on the protection of the information that you have given to us or would like further information on our Privacy policy, please contact our Privacy Officer at:
Privacy Officer
pitt&sherry
PO Box 1409
LAUNCESTON TAS 7250
Telephone: (03) 6323 1900
Website: www.pittsh.com.au
Email: privacy.officer@pittsh.com.au
How to Make a Complaint
If you believe there has been a breach of your privacy or would like to make a complaint, please forward your complaint in writing to the Privacy Officer. See above Contact Us information. We will aim to investigate and respond to complaints within 28 days of receiving the complaint. If we require more time to investigate a complaint, we will let know when we expect to be able to provide a response.
You can also make a complaint to the Office of the Australian Information Commissioner. Further information is available at www.oaic.gov.au. Individuals can also seek redress through the courts for serious privacy breaches.
Changes to Policy
This policy may be changed from time to time. Any updated versions shall be posted on our website.