1900

802

Privacy Policy

1. Introduction

Patrick Group (means any entity (as defined in the Corporations Act 2001 (Cth)) in which PTH No 1 Pty Ltd ACN 611 116 155 has a majority equity interest (direct or indirect)) is committed to protecting your privacy. Patrick Group is bound to comply with the Australian Privacy Principles (“APPs”) as set out in the Privacy Act 1988 (Cth) and as amended.
This Privacy Policy covers and applies to all of the entities within Patrick Group (“we/us”).

This Privacy Policy sets out Patrick Group’s policies on the management of personal information. Employees and individuals dealing with Patrick Group have the right to know what sort of personal information the Company holds, for what purposes, and how it is collected, held, used and disclosed. Individuals are also entitled to access to their own information and to correct that information if necessary.

You may, in certain circumstances, be able to deal with us without identifying yourself, such as when you use our Website.

You do not have to provide us with your personal information but if you do not provide us with the personal information required, we may not be able to provide our services or assist you or our clients on your behalf.

By visiting our Website, using any of our services or otherwise providing us with your personal information, including an authorised representative, you agree to your personal information being handled as set out in this Privacy Policy.

2. Policy

2.1 Revision of this Privacy Policy

Patrick Group may update this Privacy Policy from time to time so please review it periodically for changes. If the changes are significant or substantive, they will either be advised to you in writing or posted on our Website.
Your continued use of our Website or services, requesting our assistance or the provision of further personal information to us after this Privacy Policy has been revised, constitutes your acceptance of the revised Privacy Policy.

2.2 What is personal information?

Personal information is information that identifies you as an individual or from which your identity can be reasonably ascertained. Generally the types of personal information Patrick Group collects includes your name, contact details, identification information, organisation, title, information in forms you submit, payment details and enquiry/complaint details. The other types of personal information that Patrick Group collects depend on what dealings you have with Patrick Group. For example, Patrick Group may also collect and hold information about:

  • Job applicants – information about your qualifications, experience, character and screening checks (including health, reference, background, directorship, financial probity, identity, eligibility to work, vocational suitability and criminal record checks);
  • Employees/personnel – in addition to the job applicant information, your records of phone, internet and email usage by employees and where undertaken, records of optical surveillance and closed circuit television monitoring for security purposes, information relating to your current or former employment or engagement including information about your training, disciplining, resignation, termination, terms and conditions, emergency contact details, performance, conduct, payroll matters, union or professional/trade association membership, recreation, drug/alcohol tests, leave and taxation, banking or superannuation affairs.
  • Customers/prospective customers – information about your organisation, including your representatives and their details.

2.3 How is information collected?

Patrick Group only collects personal information if it is necessary for business purposes or to communicate with you. Personal information may be collected verbally, in writing, by telephone, by email and through Patrick Group’s website, including by monitoring and recording these communications and interactions. For purposes including security, dispute resolution and training we may operate video and audio surveillance devices in our premises. Patrick Group endeavours to collect personal information directly from the individual except where it is not reasonably practical to do so. In some cases Patrick Group collects personal information from third parties including public sources, other Patrick Group companies, information service providers and the parties described in section 2.6 below.

Where you provide us with personal information about someone else you must have their consent to provide their personal information to us based on this Privacy Policy.

In general, you can visit Patrick Group’s website without revealing any personal information about yourself. The server address, domain name, date and time of your visit and the pages visited may be recorded.

2.4 How is information used?

Your personal information will be stored in Patrick Group’s systems (and those of Patrick Group’s service providers). Patrick Group may use your information:

  • to provide, administer and improve our products and services;
  • verify your details;
  • to maintain and update our records;
  • to manage our relationship with you;
  • to protect our lawful interests;
  • to provide you and/or our clients with the services requested, and communicating about the same including in relation to billing;
  • to improve and marketing our services including developing our knowledge management resources;
  • to maintain a database of clients and services that record Patrick Group’s experience globally, and supporting internal management reporting responding to your and/or our clients’ enquiries or providing you with assistance you have requested;
  • in connection with process application forms you have completed on various sections of the Website;
  • to provide you with publications and event invitations based on the areas of interest and mailing lists that you subscribe to, if any;
  • quality assurance, IT security and operations, and training purposes;
  • managing relationships with vendors/contracts/third parties;
  • for personnel management including recruitment of personnel, and/or complying with our legal and professional obligations including checking for conflicts of interest, undertaking anti-money laundering checks and other client take on procedures.
  • in connection with suspected fraud, misconduct and unlawful activity under specific Australian legislation (including the Crimes Act (Cth) 1914, Customs Act (Cth) 1901, the Rail Safety National Law);
  • in connection with acquisitions or potential acquisitions of our business;
  • if you apply for a position, to assess your application and consider you for and contact you about other positions;
  • if you work for us, for purposes relating to your employment or engagement with us including engagement, training, disciplining, payroll, superannuation, health and safety, administration, insurance (including WorkCover) and staff management;
  • in the event that you send an email message, to respond to your email; and to gather demographic information about Patrick Group’s website visitor trends.

We may not be able to do these things without your personal information. For example, we may not be able to provide our services.

In certain circumstances we may be required or permitted by law or a court or tribunal order to collect certain personal information about you or release such information. For example, we may need to collect your name, residential address, date of birth, business name (if any), directorship appointments (if any) and to comply with Anti-Money Laundering and Counter Terrorism and Anti-Bribery and Corruption Legislation (e.g. in Australia the Anti-Money Laundering and Counter Terrorism Financing Act 2006 (Cth)) or professional conduct and practice rules or legislation in the jurisdictions in which we operate.

2.5 How do we protect personal information?

Patrick Group is committed to safeguarding personal information that you provide. A range of measures are undertaken to protect the security of data supplied from misuse, unauthorised access, modification or disclosure. Internally, strict controls and procedures are in place to ensure that the privacy and security of personal information provided to Patrick Group is protected.

However, data protection measures are never completely secure and, despite the measures we have put in place, we cannot guarantee the security of your personal information. You must take care to protect your personal information (for example, by protecting any usernames and security passwords). You should notify us as soon as possible if you become aware of any security breaches.

In the event that there is a breach of Patrick Group’s safeguarding of personal information, which includes but is not limited to any unauthorised access to, unauthorised disclosure of, or loss of, personal information held by Patrick Group, and where the access, disclosure or loss is likely to result in serious harm to any of the individuals to whom the information relates, Patrick Group will take all reasonable steps to notify you or those whose information being disclosed or lost is likely to result in serious harm. An example of when data breach notification may be required would be malicious breach of the secure storage and handling of information (e.g. in a cyber security incident), an accidental loss (most commonly of IT equipment or hard copy documents), a negligent or improper disclosure of information, or otherwise, where the incident satisfies the applicable harm threshold.

2.6 Sharing information with other organisations

Patrick Group may exchange personal information with:

Other Patrick Group companies;
Your representatives;
Contractors and service providers which assist Patrick Group with share registry, archival, auditing, accounting, customer contact, legal, business consulting, banking, payment, delivery, data processing, data analysis, information broking, recruitment providers, external communications, research, investigation, website and technology services;
If you work for us, additional service providers including providers of payroll, superannuation, banking, staff benefits, surveillance and training services;
Joint venture partners for the purposes of seeking any relevant regulatory approvals;
Third party lenders and Patrick Group’s insurers;
The Australian Stock Exchange, the Australian Securities and Investments Commission and other government agencies as required by law;
Anyone authorised by an individual to whom personal information relates;
Solicitors and other parties where Patrick Group is subpoenaed to provide the information;
government bodies, regulators, law enforcement agencies and any other parties where authorised or required by law;
any other entities identified at the time of collecting your personal information or to which we are legally required to disclose your personal information.
Patrick Group may disclose your personal information in the following countries: Australia.

2.7 Is the information we hold accurate?

Reasonable steps are taken to ensure that your personal information is accurate, complete and up-to-date whenever Patrick Group receives or uses it.

You should notify Patrick Group of a change to your personal information or if you believe that the information held about you is incorrect or incomplete.

2.8 How can you access and correct personal information?

Patrick Group will provide access to and correction of personal information upon request by an individual, subject to certain legal exceptions. Patrick Group may ask you to verify your identity and to specify what information you require.

If you wish to obtain access to your personal information held by us, please write to:

The Privacy Officer
Patrick Group
Gate B105A, Penrhyn Road
PORT BOTANY NSW 2036

Attention: Company Secretary

Patrick Group reserves the right to charge a fee for searching for and providing access to your information, unless contrary to law.

3. Complaint handling process

If a person believes that Patrick Group has breached the APPs, they should be directed to lodge a complaint in writing to the Privacy Officer. Patrick Group takes complaints seriously and will investigate all complaints and will respond in writing within a reasonable time. You will need to provide us with sufficient details regarding your complaint together with any supporting evidence.