We respect your rights to privacy under the Privacy Act 1988 (Cth) (Privacy Act) and we comply with all of the Privacy Act’s requirements for the collection, management and disclosure of your personal information.
What is your personal information?
What personal information do we collect and hold?
We may collect the following types of personal information about you:
- mailing or street address;
- email address;
- telephone number;
- facsimile number;
- age or birth date and gender;
- bank account details;
- education, employment and work history;
- details of the services you have acquired from us or which you have enquired about, together with any additional information necessary to deliver those services and to respond to your enquiries;
- information you provide to us through customer surveys, market or social research or visits or interviews by our representatives from time to time; and
- any additional information relating to you that you provide to us directly through our website or indirectly through use of our website or online presence, through our representatives or otherwise.
When using cookies we may collect information on browser access and session identifiers, profile expiration dates, response fields and access preferences (This is discussed further in the ‘Our website’ section below). We may also collect some information that is not personal information because it does not identify you or anyone else. For example, we may collect anonymous answers to surveys or aggregated information about how users use our website.
How do we collect your personal information?
We collect your personal information directly from you unless it is unreasonable or impracticable to do so. When collecting personal information from you, we may collect it in various ways, including:
- through your access and use of our website;
- during conversations between you and our representatives including during interviews;
- when you agree to participate in any research or consultations we are conducting or when you register to attend or attend one of our events;
- when you take part in an online survey or consultation;
- when you engage us to provide you with services;
- when you sign up to receive any email communications or newsletters from us; or
- if applicable, when you apply for employment or a contract role with us.
Where relevant, we may also collect personal information from third parties including:
- your past or current employer;
- from third party organisations such as government entities, non-government organisations and companies (for example credit reporting bodies and law enforcement agencies) including for research purposes; or
We generally do not collect sensitive information about you, unless you have consented to the collection of this information by us or we are required by law to collect this information. “Sensitive information” includes health information, racial or ethnic background, sexual orientation or practices, criminal record, biometric information, religious, political or philosophical beliefs and membership of a union or political or professional association.
What happens if we can’t collect your personal information?
If you do not provide us with the personal information described above, some or all of the following may happen:
- we may not be able to provide our services to you, either to the same standard or at all;
- you may not be able to participate in any research that we conduct or attend an event that we host or organise;
- we may not be able to provide you with information that you have requested; or
- we may be unable to tailor the content of our website to your preferences and your experience of our website may not be as enjoyable or useful.
For what purposes do we collect, hold, use and disclose your personal information?
We collect personal information about you so that we can perform our business activities and functions and to provide the best possible quality of customer service. We collect, hold, use and disclose your personal information for the following purposes:
- to provide our services to you and to send communications requested by you;
- to answer enquiries and provide information or advice about existing and new services;
- for business administration purposes (including human resources, client management and debtor management);
- for marketing purposes (including to create and maintain subscriber databases used for client profiling or events management purposes);
- for research purposes (including to conduct market and consumer research, social research and public policy research programs);
- to provide you with access to protected areas of our website;
- to assess the performance of our website and to improve the operation of our website;
- to conduct business processing functions including providing personal information to our related bodies corporate, contractors, service providers or other third parties;
- if applicable, to consider your application for employment or a contract role with us and to manage the application process;
- if you are or become an employee or contractor of ours, to manage and administer your employment or contracting relationship with us;
- to update our records and keep your contact details up to date;
- to process and respond to any complaint made by you; and
- to comply with any law, rule, regulation, lawful and binding determination, decision or direction of a regulator, or in co-operation with any governmental authority.
As our website is linked to the internet, and the internet is inherently insecure, we cannot provide any assurance regarding the security of information during transmission online from you to us. We also cannot guarantee that the information you supply will not be intercepted during transmission over the internet to our website. Accordingly, any personal information or other information which you transmit to our website online is transmitted at your own risk.
Refer to the further commentary in the ‘Security and data quality’ section below.
Our website may contain links to other websites operated by third parties. We make no representations or warranties in relation to the privacy practices of any third party website and we are not responsible for the privacy policies or the content of any third party website. Third party websites are responsible for informing you about their own privacy practices.
Who do we disclose your information to?
We may disclose your personal information for the purpose disclosed when it was collected or a purpose which is reasonably expected and in other circumstances (including with your consent) to:
- our employees, related bodies corporate, contractors, service providers and other third parties for the purposes of the operation of our website or our business, ask you to participate in research, invite you to attend our events, fulfilling requests made by you, and to otherwise provide services to you. These third parties may include, without limitation, web hosting providers, IT systems administrators, mailing houses, couriers, payment processors, data entry service providers, electronic network administrators, debt collectors, and professional advisors such as accountants, solicitors, business advisors and consultants;
- suppliers and other third parties with whom we have commercial relationships, for business, marketing, and related purposes;
- clients with whom we have commercial relationships and those who have engaged us to undertake market, consumer or social research for which your personal information was collected; and
- any organisation for any authorised purpose with your express consent.
We may combine or share any information that we collect from you with information collected by any of our related bodies corporate (within Australia).
Direct marketing materials
We may send you direct marketing communications and information about our services that we consider may be of interest to you. These communications may be sent in various forms, including mail, SMS, fax and email, in accordance with applicable marketing laws, such as the Spam Privacy Act 2003 (Cth). If you indicate a preference for a method of communication, we will endeavour to use that method whenever practical to do so. In addition, at any time you may opt-out of receiving marketing communications from us by contacting us (using the details in the ‘Contacting us’ section below) or by using the opt-out facilities provided in the marketing communications. We will then ensure that your name is removed from our marketing distribution lists.
Our marketing communications database containing your personal information is hosted by a third party organisation solely for the purposes of undertaking our direct marketing, with email direct marketing undertaken on our behalf by another third party organisation.
Do we disclose your personal information to anyone outside Australia?
We may disclose personal information to our related bodies corporate and third party suppliers and service providers located overseas for some of the purposes listed above.
We take reasonable steps to ensure that the overseas recipients of your personal information do not breach applicable privacy obligations relating to your personal information.
We may disclose your personal information to entities located outside of Australia, including the following:
- our related bodies corporate, located in Singapore; and
- our data hosting, online survey platforms and other IT service providers, some of which are located in the United States of America.
Security and data quality
We take reasonable steps to ensure your personal information is protected from misuse and loss and from unauthorised access, modification or disclosure.
We have secure firewalls in place and our servers and hardware (including standalone servers and hardware used for online survey and research projects) utilise a high standard of security. We utilise several other IT security measures and procedures including windows defender and endpoint protection for scanning of local and network files, Office 365 for spam, virus and malware security and safe links and safe attachments protections.
Workstations at Urbis are password protected and any electronic files for survey and research projects which contain sensitive data are given their own additional password protection which is restricted to those working on the project. Paper copies of documents used in survey and research projects such as consent forms are stored in locked cupboards and archived to a secure archive facility on completion of the project.
We may hold your information in either electronic or hard copy form. Personal information is destroyed or made non-identified when no longer needed or when we are no longer required by law to retain it (whichever is the later).
How can you access and correct your personal information?
You may request access to any personal information we hold about you at any time by contacting us (using the details in the ‘Contacting us’ section below). Where we hold information that you are entitled to access, we will try to provide you with suitable means of accessing it (for example, by posting or emailing it to you). We may charge you a reasonable fee to cover our administrative and other reasonable costs in providing the information to you. We will not charge for simply making the request and will not charge for making any corrections to your personal information.
There may be instances where we cannot grant you access to the personal information we hold. For example, we may need to refuse access if granting access would interfere with the privacy of others or if it would result in a breach of confidentiality. If that happens, we will give you written reasons for any refusal.
If you believe that personal information we hold about you is incorrect, incomplete or inaccurate, then you may request that we correct it. We will consider if the information requires correction. If we do not agree that there are grounds for correcting your personal information, then we will add a note to the personal information stating that you disagree with it.
What is the process for complaining about a breach of privacy?
If you believe that your privacy has been breached, please contact us using the contact information for our Privacy Officer below and provide details of the incident so that we can investigate it. We will treat your complaint confidentially, investigate your complaint and aim to ensure that we contact you and your complaint is resolved within a reasonable time (and in any event within the time required by the Privacy Act, if applicable).
If we take more than 30 days to respond to your privacy complaint, or if you are dissatisfied with the outcome, you can make a complaint to the Privacy Commissioner at the Office of the Australian Information Commissioner (OAIC). The contact details for the OAIC are:
Tel: 1300 363 992
TTY: Call 133 677 then ask for 1300 363 992
Fax: +61 2 9284 9666
Post: GPO Box 5218, Sydney NSW 2001
Please contact our Privacy Officer at:
Post: Privacy Officer
Level 12, 120 Collins Street, MELBOURNE, Victoria 3000
Tel: 1800 244 863