1. Policy Introduction
“Personal information” is information or an opinion about an identified individual or an individual who is reasonably identifiable, whether true or not and whether the information or opinion is recorded in a material form or not.
IRM Pty Ltd is bound by the Privacy Act 1998 (Commonwealth) (Act) and the Australian Privacy Principles that are contained in that Act.
2. Collection of Personal Information
IRM Pty Ltd may collect personal information about an individual in a variety of ways, including when an individual interacts with IRM Pty Ltd in person or electronically, for example when an individual accesses our website.
IRM Pty Ltd will only collect personal information about an individual where the information is reasonably necessary for one or more of our functions or activities. The kinds of personal information collected and held, how that information is collected and held and the purposes for which that information will be collected, held, used and disclosed will depend on the circumstances.
Examples of instances where personal information may be collected by IRM Pty Ltd include:
- collecting personal information from shareholders for the purposes of enabling proper records to be kept and for reporting purposes; and
- collecting personal information from individuals who enter into service agreements, joint venture agreements or other transactions with IRM Pty Ltd for the purpose of administering those agreements or transactions or for reporting purposes.
Examples of the kinds of personal information IRM Pty Ltd may collect and hold include:
- phone number;
- fax number;
- email address;
- information about goods or services ordered, acquired or supplied;
- information from enquiries made;
- communications between IRM Pty Ltd and an individual; and
- credit card information.
IRM Pty Ltd will take reasonable steps to ensure that the personal information that is collected, used or disclosed by it is complete and up to date. IRM Pty Ltd will only collect personal information about an individual from that individual unless it is unreasonable or impractical to do so.
3. Use and Disclosure of Personal Information
At or before, or if that is not practicable, as soon as practicable after, the time that the personal information is collected, IRM Pty Ltd will take reasonable steps to ensure that the individual is aware of the matters required by the Australian Privacy Principles, including:
- why the personal information is being collected;
- who else the personal information might be given to;
- how to contact IRM Pty Ltd, including to make a complaint.
If IRM Pty Ltd collects personal information about an individual from someone else, IRM Pty Ltd will take reasonable steps to ensure that the individual is aware that IRM Pty Ltd has collected the information and of the above matters.
IRM Pty Ltd will only use or disclose this personal information for:
- the purpose for which it was collected;
- any related purpose for which it would reasonably be expected to be used or disclosed;
- a purpose required or permitted by law; or
- a purpose for which the individual has provided consent.
Examples of instances where IRM Pty Ltd may disclose personal information about individuals to third parties include disclosure to providers of services to IRM Pty Ltd, government agencies, regulatory authorities, related bodies corporate of IRM Pty Ltd and professional advisers of IRM Pty Ltd. IRM Pty Ltd requires its service providers to keep the personal information confidential and not use it for any purpose other than performing those services.
IRM Pty Ltd is unlikely to disclose personal information to overseas recipients.
4. Security of Personal Information
IRM Pty Ltd will take reasonable steps to ensure that the personal information that it holds is protected from misuse, interference and loss and from unauthorised access, modification and disclosure.
IRM Pty Ltd will also take reasonable steps to ensure that personal information it holds that is no longer necessary for the disclosed purpose is destroyed or permanently de-identified, subject to any legal obligation to keep the personal information for any required period of time.
5. Access to, Updating and Correcting Personal Information
At the request of an individual, IRM Pty Ltd will, in most circumstances, provide access to an individual to any personal information that is being held by IRM Pty Ltd about that individual.
There are certain circumstances where IRM Pty Ltd will not provide an individual access to such personal information in accordance with the Act. These circumstances include where providing access would have an unreasonable impact on the privacy of others, where providing access would reveal commercially sensitive information about the organisation or where providing access would be unlawful.
An individual can seek access to, and update or correct, any personal information that is being held by IRM Pty Ltd about that individual by contacting us here.
6. Amendment of Policy
IRM Pty Ltd may amend this Policy from time to time.
7. Intranet and Website
This Policy as amended from time to time is to be placed on the IRM Pty Ltd intranet and website and is also available upon request.
8. Concerns, Queries and Complaints
If a person has any concern, query or complaint about:
- any personal information that may have been collected, used or disclosed by IRM Pty Ltd;
- a breach of the Australian Privacy Principles,
they are to be referred to the Company Secretary/Chief Financial Officer.
IRM Pty Ltd takes complaints very seriously and will respond shortly after receiving written notice of the complaint.
Approved 12 March 2014.