Custard Pty Ltd (ABN: 82 106 686 097) trading as Red Jelly
This policy was last updated August 2014.
The latest version of this policy is published online at www.redjelly.com.au
Red Jelly is committed to ensuring your privacy is protected.
We comply with the Australian Privacy Principles (APPs) as contained in the Privacy Act 1988.
Throughout this policy we are referred to as Red Jelly, we or us. We refer to an individual as you.
This policy explains how we comply with the APPs when collecting, using, disclosing, storing and destroying your personal information. It also explains how you can access or correct personal information we hold about you and what you can do if you think your privacy has been interfered with.
What personal information does this policy cover?
Personal information is information or an opinion about an identified individual, or an individual who is reasonably identifiable.
Personal information may include sensitive information about the individual such as racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual orientation or practices, criminal record, health, genetic or biometric information.
When might this policy not apply?
In some cases we may act in a way other than described in this policy, however we will only do that with your informed consent or if required by law.
How do you contact us?
The person responsible for privacy at Red Jelly is our General Manager. Nicole may be contacted via:
post: GPO Box 666, Hobart TAS 7001
phone: 03 6237 2700
fax: 03 6224 5656
What personal information do we collect?
Red Jelly only collects personal information that is necessary for our functions or activities. We will ensure you are aware when we collect your personal information and the primary purpose of its collection. We will only collect sensitive information with your consent or where permitted by the Privacy Act.
There may be consequences if you do not provide us with all information sought from you. We will let you know what those consequences are when requesting the information. If you provide us with more information than we have requested we will destroy it unless it is necessary for our functions or activities.
The type of information we collect will depend on the reason we are collecting your information but may include contact details, employment and educational history (for prospective employees), or financial details (for prospective contractors, customers or guarantors).
How do we collect personal information?
Red Jelly collects personal information when you have contact with us, including at meetings, by completing forms, in correspondence and by telephone conversations. We may collect information about you through our website or when you contact us by email.
We may collect information from others about you, including from publicly available sources, where it is unreasonable or impractical to collect it from you directly, or where we have your consent.
How do we use your personal information?
We will use your personal information for the purpose for which we collected it. We may also use your personal information for related purposes which you would reasonably expect. We will take reasonable steps to ensure the information we use is accurate, up-to-date, complete and relevant, having regard to the reasons why it is being used.
Sensitive information will be used and disclosed only for the purpose for which it was collected, a directly related secondary purpose, with your consent or as required or allowed by law.
What about direct marketing?
We may use your personal information for the purpose of direct marketing to you where you would reasonably expect this. We may provide you with information about relevant products and services offered by us or our clients. If you do not wish to receive direct marketing materials from us or our clients you can opt-out by contacting us. Our contact details are included with all direct marketing materials.
How do we store personal information?
Personal information is stored electronically, on paper, or both. We take reasonable steps to protect the security of personal information including the physical security of our premises and use of access level permissions and passwords to restrict access to electronic records. Archived files are stored at our premises and offsite in a separate secure area at a document storage facility.
Please be aware that sending personal information by email or through our website may not be secure. If you are concerned about the security of email you should arrange alternative delivery of information, for example by registered post or encrypted email.
How can you access personal information we have about you?
You may at any time request access to your personal information and, subject to any exemptions in the APPs applying, we will give you access by providing you with copies of or allowing you to inspect the requested personal information.
We may charge you a reasonable fee to access that information, for example to recover the costs of photocopying or if we have to spend a significant amount of time to provide you with access. We may need to verify your identity before providing access to your personal information.
If we refuse you access to your personal information, we will provide you with an explanation for that refusal. We will try to provide you with access to your personal information within 14 days of receipt of your written request for access or 30 days where responding to the request is more complicated.
What if your personal information is not correct?
We will take reasonable steps to ensure your personal information held by us is up-to-date, complete and accurate. If your personal information changes or you believe our records are not up-to-date, complete and accurate please contact us. If we agree the information needs correcting, we will take reasonable steps to correct that information.
If we do not agree the information needs correcting, you can ask us to put a statement on your file explaining what you say needs to be corrected. We will do that in such a way as is apparent to our staff who use your personal information.
If we refuse to correct your personal information, we will provide you with a written explanation for that refusal. We will try to resolve all requests within 14 days of receipt of your written request or 30 days where the matter is more complicated. We will not charge a fee for the correction of personal information.
When do we destroy personal information?
Red Jelly securely destroys or de-identifies personal information when it is no longer required. We usually destroy information about our customers seven years from the date they are last used. Some documents, for example original executed agreements, are kept at least seven years after they expire.
Who do we disclose personal information to?
Red Jelly may disclose your information to entities located in Australia. We make those disclosures on the basis of a reasonable belief that entities in those countries are subject to laws which protect your personal information in a way that, overall, is substantially similar to the way the Australian Privacy Principles protect your information. You can access mechanisms to enforce those schemes in those countries.
Your personal information may be disclosed to our service providers or professional advisors within Australia where necessary for our activities, for example to IT service providers, accountants, auditors, lawyers or insurers.
We will take reasonable steps to ensure the personal information we disclose to others is accurate, up-to-date, complete and relevant, having regard to the reasons why it is being disclosed.
Red Jelly may disclose your personal information to other overseas entities but only if:
- we have taken reasonable steps to ensure that the overseas recipient does not breach the Australian Privacy Principles;
- you have provided your express prior consent;
- we reasonably believe that the overseas entity is subject to a law or binding scheme that has the effect of protecting your information in a way that, overall, is at least substantially similar to the way in which the Australian Privacy Principles protect the information, and that you can access mechanisms to enforce those protections; or
- the disclosure is otherwise authorised by the Privacy Act.
How do you complain about interferences with your privacy?
If you are concerned about an interference with your privacy, this policy or the APPs please submit a complaint in writing, marked to the attention of our Privacy Officer. We will consider and respond to your complaint within 10 working days. We will seek to resolve the complaint with you. We prefer to address all matters in this manner prior to a complaint being taken further.
Is there anyone else you can complain to?
You can make a complaint about interferences with your privacy to the Office of the Australian Information Commissioner. Their contact details are:
post: GPO Box 5218, Sydney NSW 2001
phone: 1300 363 992
fax: 02 9284 9666