OUR PHILOSOPHY
Nelmaro Pty Ltd ACN 648 606 437 trading as Bunya Vista ABN 74 648 606 437 (we or us) is committed to protecting and respecting your privacy by handling all personal information securely and with care, in accordance with the Australian Privacy Principles (the APPs) as set out in the Privacy Act 1988 (Cth) (the Act). The APPs regulate the manner in which personal information is collected, used, disclosed, stored, accessed, corrected and disposed of.
We have adopted this Privacy Policy to ensure that we comply with the
APPs. The Policy provides an overview of the types of information held
by us, as well as our information handling practices, procedures, and
systems.
Please read the Policy carefully to ensure that you
understand our practices regarding the management of any information you
disclose to us.
WHAT IS ‘PERSONAL INFORMATION’ AND ‘SENSITIVE INFORMATION’?
‘Personal
Information’ is any information or an opinion about you that identifies
you or that could reasonably identify you. This could include
information such as your name, contact details, date of birth or
employment details.
‘Sensitive Information’ is any information or
opinion about you which is health information or which relates to your
racial or ethnic origin, political opinion, religious beliefs, sexual
orientation or criminal record. The APPs place more stringent
obligations on us when we handle your sensitive information.
WHAT INFORMATION DO WE COLLECT?
The Personal
Information and Sensitive Information that you disclose to us or which
we obtain from third parties enables us to provide letting agent and
related services to you. We will only collect and retain information
that is reasonably necessary for the performance of our activities and
functions so that we are able to provide you with the services you
require or which we recommend to you.
The kinds of Personal
Information and Sensitive Information we collect and hold depends on the
specific services provided to you, but will generally include basic
personal contact information, as well as other information that is
deemed relevant. This will usually include the following:
1. your contact details (name, postal address, email address, etc.);
2.
your personal details (date of birth, gender, financial information,
bank account details, credit card details, occupation etc.);
3. specific information relating to property that you own; and
4. any other information required to provide our services to you.
If you do not provide us with the required information, we may not be able to perform the services which you require us to provide.
HOW WE COLLECT AND HOLD PERSONAL AND SENSITIVE INFORMATON.
During the course of providing our services to you, we will collect
Personal Information and Sensitive Information from you by asking you
verbally for that information, or requiring you to complete forms or
documents necessary to enable us to provide you with our services.
We
will take reasonable steps to store information in a secure manner,
protected by a combination of physical and technical measures.
Information that we store in hard copy, is stored securely within a
locked filing cabinet. Information that we store electronically, is
stored in a local server/secure cloud-based facility and/or on our
computers, which are password protected and are kept in secure locations
at all times.
We will take all reasonable steps to protect the
security of your Personal Information and Sensitive Information held by
us. This includes appropriate technology to protect your Personal
Information and Sensitive Information stored electronically, such as
passwords, as well as limiting the number of personnel who have access
to your Personal Information and Sensitive Information, whether stored
electronically or in hard copy.
To limit the possibility of human
error, we will regularly provide training to our staff regarding the
collection, storage and handling of your Information.
When we no
longer require your Personal Information and Sensitive Information, it
will be destroyed or permanently de-identified. However, we will retain
information for as long as the law requires.
WHAT HAPPENS IF THERE IS A DATA BREACH?
A data breach is when Personal Information and/or Sensitive
Information held by us is lost or subjected to unauthorised access,
modification, disclosure, or other misuse or interference. Examples of a
data breach are when a device containing personal information of
clients is lost or stolen, an entity’s database containing personal
information is hacked or an entity mistakenly provides personal
information to the wrong person. A ‘data breach’ may also constitute a
breach of the Privacy Act, however this will depend on whether the
circumstances giving rise to the data breach also constitute a breach of
one or more of the APPs.
We have a data breach response plan. Our
actions in the first 24 hours after discovering a data breach are
crucial to the success of our response. A quick response can
substantially decrease the impact on the affected individuals.
However,
despite our reasonable efforts, we cannot guarantee that the security
of your Personal Information and Sensitive Information will not be
breached. Therefore, to the fullest extent permitted by law, we disclaim
all liability and responsibility for any damage you may suffer due to a
data breach, except to the extent that our liability cannot be excluded
by applicable laws and regulations which we are subject to.
THIRD PARTY PERSONAL AND SENSITIVE INFORMATION
We may ask you for Personal Information and Sensitive Information about other individuals, for example, your family members. If you provide us with this information, we rely on you to tell those individuals that you are giving their Personal Information and Sensitive Information to us, and to make them aware of this Policy.
HOW WE USE YOUR PERSONAL AND SENSITIVE INFORMATION
We may use your Personal Information and Sensitive Information for the following purposes:
• to confirm your identity;
• to provide you with letting agent and related services;
• to contact you directly about your services;
•
to share it with our related entities, subsidiaries or other specialist
providers as required to perform functions on our behalf;
• for other purposes communicated to you when your information is collected;
• for disclosures required by law, regulation or court order; and
• to conduct internal client research and assessment.
This
includes us using this information to communicate with you about our
services, for internal administration, direct marketing and planning
purposes. We will also use your personal information for purposes
related to those described above which would be reasonably expected by
you. You may request not to receive direct marketing communication from
us.
We will not use your Personal Information and Sensitive
Information for purposes other than those described above, unless we
have your consent, or there are specified law enforcement or public
health and safety reasons (as permitted under the Act).
TRANSFER OF PERSONAL AND SENSITIVE INFORMATION
We may outsource business functions to other organisations and as
such, it is possible that your Personal Information and Sensitive
Information will, as required from time to time, be disclosed or
transferred to other organisations to allow them to assist us to provide
you with services.
It is very unlikely that we will disclose yours
or your child’s Personal Information and Sensitive Information to
overseas recipients. If we transfer your Personal Information outside
Australia, we may endeavour to comply with the requirements of the Act
that relate to transborder data flows, but we cannot guarantee
compliance and you specifically agree that you understand this.
Therefore, to the fullest extent permitted by law, we disclaim all
liability and responsibility for any damage you may suffer due to our
non-compliance with APP 8.1, except to the extent that our liability
cannot be excluded by applicable laws and regulations which we are
subject to.
You should also be aware that:
• any overseas recipient may not be subject to any privacy obligations or to any principles similar to the APPs;
• you may not be able to seek redress in the overseas jurisdiction; and
•
any overseas recipient may be subject to a foreign law that could
compel the disclosure of personal information to a third party, such as
an overseas authority.
While we will not directly disclose your
Personal Information and Sensitive Information to overseas recipients
without your consent, the entities to which we may disclose your
Personal Information and Sensitive Information may do so. We are unable
to say what countries, if any, those recipients are likely to be located
in.
CHANGES TO THIS PRIVACY POLICY
This Privacy Policy discloses our current privacy practices. From time to time and in line with client expectations and legislative changes, this Privacy Policy will be reviewed, and, if appropriate, updated at any time without notice. We will endeavour to provide you with notice of the changes as soon as reasonably practicable to do so.
HOW TO CHANGE OR ACCESS THE INFORMATION WE HOLD ABOUT YOU.
You can access the Personal Information and Sensitive Information we hold about you.
We
will take reasonable steps to ensure that any Personal Information or
Sensitive Information that we collect, use, store or disclose, is
relevant, accurate, complete and up-to-date. If you believe the
information we hold is inaccurate, incorrect, or incomplete, you may
request that your information be corrected and we can then take
reasonable steps to correct this information.
Please contact our
Privacy Officer (details below) to access or request updates to any
Personal Information and/or Sensitive Information which we hold.
COMPLAINTS
If you have a complaint about the way we have dealt with your
Personal Information or Sensitive Information, or about this Policy
itself, we invite you to provide written details of your complaint to
our Privacy Officer (contact details below).
Our Privacy Officer will
contact you within 14 days of the date we receive the written details
of your complaint to acknowledge that we have received it. Our Privacy
Officer will then:
1. review the way we dealt with your Personal Information and/or Sensitive Information;
2.
conduct an internal investigation (if necessary) into how your Personal
Information and/or Sensitive Information came to be handled in the way
that it was; and
3. provide a report to you within one month of the date we acknowledged receipt of your complaint.
If
you believe we have breached the APPs, you may also lodge a complaint
with the Office of the Australian Information Commissioner.
CONTACT US
Should
you have any queries, complaints or comments about this Privacy Policy,
please contact our Privacy Officer in writing by post or email at:
POST:
Attention: The Privacy Officer
Bunya Vista
4/69 Drayton Street
DALBY Q 4405
EMAIL: admin@bunyavista.com.au