Reference in this policy to GBAR is an inclusive term which refers to and is binding upon:
- the employees of GBAR Australia Pty Ltd; and
- contractors to GBAR Australia Pty Ltd or other third parties;
- the employees of the GBAR Group;
- Clients of the GBAR Group;
- Supplies of the GBAR Group.
The types of personal information we collect includes name, contact details, identification information, payment and transaction details/history, records of your communications and interactions with us, and details/history of preferences, interests and behaviour relating to transactions, services and activity with our digital services.
At GBAR Australia Pty Ltd, we respect the privacy of your personal information in our care. Personal information means information which identifies you as an individual or from which your identity can be reasonably ascertained.
What is Personal Information and why do we collect it?
Personal Information is information or an opinion that identifies an individual.
This Personal Information is obtained in many ways including correspondence, via our website www.gbargroup.com.au, from your website, from media and publications, payment cards, video and audio surveillance in some of our premises and from third parties, anyone authorised to act on your behalf.
We collect your personal information for the primary purpose of providing our services to you, providing information to our clients, and marketing. We may also use your Personal Information for secondary purposes closely related to the primary purpose, in circumstances where you would reasonably expect such use or disclosure. You may unsubscribe from our marketing lists at any time by contacting us in writing.
We handle your personal information in connection with providing, administering, improving and personalising our services. This can include processing payments, delivering orders, managing promotions, providing refunds and discounts, verifying your identity, communicating with you (including direct marketing), conducting product and market research, maintaining and updating our records, dealing with enquiries from you, and working with our service providers and other GBAR group companies.
Sensitive information is defined in the Privacy Act to include information or opinion about such things as an individual’s racial or ethnic origin, political opinions, membership of a political association, religious or philosophical beliefs, membership of a trade union or other professional body, criminal record or health information.
Sensitive information will be used by us only:
- For the primary purpose for which it was obtained;
- For a secondary purpose that is directly related to the primary purpose; and
- With your consent; or where required or authorised by law.
Where reasonable and practicable to do so, we will collect your Personal Information only from you. However, in some circumstances we may be provided with information by third parties. In such a case we will take reasonable steps to ensure that you are made aware of the information provided to us by the third party.
Disclosure of Personal Information
Your personal information may be disclosed in a number of circumstances including the following:
- Third parties where you consent to the use or disclosure;
- Financial services including debt collection;
- Data hosting;
- Website monitoring and operations;
- Correspondence; and
- Where required or authorised by law.
When we do this, we will only provide them with such information about you as they need to perform those services and we will make it clear how they should handle your personal information. They will not be permitted to use your personal information for any purpose except to perform the services we have specifically asked them to provide.
Integrity and Security of your personal information
Our obligation is to ensure that information about you that we collect, use and disclose is secure, up to date and complete. We employ a range of strategies to protect your personal information is stored in a manner that reasonably protects it from misuse and loss and from unauthorized access, modification or disclosure.
When your personal information is no longer needed for the purpose for which it was obtained, we will take reasonable steps to destroy or permanently de-identify or securely delete your Personal Information.
Access to your Personal Information
You may access the Personal Information we hold about you and to update and/or correct it, subject to certain exceptions. If you wish to access your Personal Information, please contact us in writing.
GBAR Group will not charge any fee for your access request, but may charge an administrative fee for providing a copy of your Personal Information.
In order to protect your Personal Information we may require identification from you before releasing the requested information.
Only employees who need the information to perform a specific job (for example, billing or customer service) are granted access to personally identifiable information. The computers/servers in which we store personally identifiable information are kept in a secure environment.
Maintaining the Quality of your Personal Information
It is an important to us that your Personal Information is up to date. We will take reasonable steps to make sure that your Personal Information is accurate, complete and up-to-date. If you find that the information we have is not up to date or is inaccurate, please advise us as soon as practicable so we can update our records and ensure we can continue to provide quality services to you.
Links to other Sites
Our website contains links to other sites. Please be aware that we are not responsible for the content or privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of any other site that collects personally identifiable information.
This policy will be posted to our website and given to workers during induction periods and following any changes.
If an individual has any enquiries or complaints about GBAR’s privacy practices, details of enquiries or complaints can be sent to GBAR’ s Compliance Manager whose details are set out below. GBAR takes complaints very seriously and will respond shortly after receiving written notice of a complaint.
If contacting the Compliance Manager by phone about a complaint GBAR will also ask that the complaint is put in writing so that the full details of the complaint can be fully investigated.
All queries are to be directed to the Head Office.
Phone: 1300 422 728 Email: email@example.com
GBAR (Australia) Pty Ltd ABN 93 166 408 635
For information about privacy generally, or if your concerns are not resolved to your satisfaction, you may contact the Office of the Australian Information Commissioner at www.oaic.gov.au and on 1300 363 992.
This policy should be read in conjunction with other GBAR policies and procedures and relevant legislation codes of practice. This policy is subject to the requirements outlined in relevant state / territory legislation and guidance documents including those outlined below:
- Privacy Act 1988;
- Australian Privacy Principals (APPS)
Confidentiality is vital in promoting the effectiveness of this Policy and all reasonable efforts, consistent with safety, legal requirements and common sense, must be made to privacy.
The Compliance Manager will provide private and confidential information only to those persons who have responsibility for ensuring the workers and only after written consent has been obtained from the individual.
While we use encryption to protect sensitive information transmitted online, we also protect your information offline. Only employees who need the information to perform a specific job (for example, accounts or customer service) are granted access to personally identifiable information. The computers/servers in which we store personally identifiable information are kept in a secure environment hosted within Australia.
Monitoring, Evaluation and Review
This policy will be reviewed 4 yearly or at any stage considered necessary based on changes to legislation obligations, company process and similar.