PRIVACY POLICY
Version: 1.1
Updated 09/12/2019
What is it?
Coombes Property Group (CPG) is committed to personal privacy and is concerned about the privacy, security and rights of individuals in relation to their personal information.
This policy has been developed to reflect our obligations under the Privacy Act 1988 (Cth) and adopts Australian Privacy Principles to ensure that employees are aware of our requirements when collecting, managing and disclosing your personal information.
Who does it apply to?
This policy applies to all CPG employees and contractors (together referred to in this policy as employees).
All employees are required to comply with this policy at all company or company related locations.
How does the policy work?
Types of personal information collected
The personal data collected by CPG varies depending on the purpose for which it was collected. In all matters, we collect personal data about an individual that is relevant to our business relationship with them. This data may include, without limitation, an individual’s name, mailing address, e-mail address, telephone number, date of birth, ABN and ACN (if applicable), details of your company or operating structure (if applicable), insurance details (if applicable), information relating to your retail or business experience, information relating to your assets and financial standing and information relating to your business turnover.
CPG generally does not collect sensitive information about an individual. However, in certain circumstances, CPG may collect some sensitive information if it is necessary to allow CPG to deal with the individual and provided the individual has given consent for CPG to do so.
Generally, CPG only collects personal information directly from the individual. In some circumstances, personal information may be provided to CPG by other parties such as the individual’s agent or CPG agents and subcontractors. CPG will take reasonable steps to inform the individual that it has the individual’s personal information, unless it is obvious from the circumstances.
How personal information is collected
CPG collects your personal information directly from you unless it is unreasonable or impracticable to do so. When collecting personal information from you, we may collect it in ways including:
- during verbal conversations between you and our representatives;
- during written correspondence between you and our representatives;
- when you complete an application or lease agreement; or
- from third parties with whom we do business.
We may also collect personal information about individuals from external parties such as credit reporting agencies, law enforcement agencies and other government entities.
In the event where personal information is collected from an external party such as these, we will assess whether it has been collected in a manner that satisfies the Australian Privacy Principles. If it could not have been collected in this manner, we will take steps to destroy or de-identify the information where it is lawful and reasonable to do so. If it could have been collected in this manner, we will deal with it in compliance with the Australian Privacy Principles.
Disclosure of personal data to third parties
External parties may be given access to personal information held by CPG in circumstances that come within our disclosure policy. These include, but are not limited to:
- CPG’s contractors and service providers and those that act as data processors, auditors, taxation or legal advisors, who assist CPG in the operation of its business to provide a customer service;
- Joint venture partners for the purposes of seeking relevant regulatory approvals;
- Third party lenders and insurers;
- The Australian Securities Exchange, the Australian Securities and Investments Commission and other government agencies as agreed to or required by law; and
- Other parties as permitted by law.
CPG limits the disclosure of information to external parties to what is required for them to perform their services for CPG or the relevant individual or what is required by law.
CPG does not sell personal information to entities outside of CPG.
The purposes for which personal information is collected, held, used and disclosed
The policy of CPG is only to use personal information for the purpose which was either specified or reasonably apparent at the time when the information was collected. CPG may also use or disclose the information collected for any other related purpose for which the individual would reasonably expect it to be used.
Personal information collected is generally used for the following purposes, without limitation:
- Providing products or services that have been requested;
- Communicating with the individual;
- Assessing the suitability of prospective tenants;
- Managing security and safety requirements in CPG managed buildings and sites (Properties);
- Complying with regulatory and legal obligations;
- Recruiting employees and contractors;
- Fulfilling its obligations to employees;
- Assessing whether to enter into a lease, licence or other agreement with you;
- Assisting with our preparation of lease, licence or other agreements;
- Facilitating our collection of rent, outgoings or licence fees;
- Managing the operations of the Properties; or
- Monitoring the performance of the Properties.
How an individual may access their personal information and seek its correction
The information you provide to us is kept secure and only accessed by persons authorised by us. You can ask for access to your information by contacting us and we will endeavour to give you appropriate access to the information that you have provided to us.
It is important that we have your correct details, such as your current address, contact number and email, to provide you with the information that CPG is entitled to provide. Where you reasonably believe that the details held by CPG are incorrect, out-of-date, irrelevant, incomplete or misleading, you may contact our Privacy Officer (refer to contact details below) and CPG will rectify any discrepancies or errors as soon as possible.
Management and protection of personal data
CPG will take reasonable steps to protect personal information that it holds from unauthorised access, modification, misuse, interference and loss. CPG maintains physical security measures over its premises, and a range of computer and network security measures (such as systems access, firewalls, data encryption) over its electronic systems. CPG employees are required to maintain the confidentiality of any personal information held.
If other parties provide support services, CPG generally requires them to agree to appropriately protect the privacy of the information provided to them.
Where to direct privacy enquiries
If you have any enquiries regarding this Privacy Policy, wish to access or amend your personal data or wish to make a complaint in relation to how CPG has handled your personal data, you should contact the Group General Counsel at:
ATTN: Group General Counsel
Coombes Property Group
Level 5, 2 Grosvenor Street
Bondi Junction NSW 2022
Variations
We reserve the right to vary, replace or terminate the policy from time to time.