AR treats the handling of your personal information very seriously. To that end, the Group has systems and procedures in place to protect your privacy in relation to the handling of your personal information.
AR abides by the Australian Privacy Principles (“APPs”), which provide a scheme in relation to the collection, disclosure, use and storage of personal information. AR’s objective is to handle information responsibly and provide you with some control over the way information about you is handled.
The Privacy Act provides for exemptions:
a. in relation to employee records (being records relating to a current or former employment relationship between AR and the individual); and
b. from coverage in relation to the journalism activities of AR (as explained further at section 3).
1. Collection of Personal Information
Personal information is information or opinion about an individual, or an individual who is reasonably identifiable (whether the information or opinion is true or not, and whether the information or opinion is recorded in a material form). The nature of personal information collected by AR generally comprises an individual’s name, address, phone number, fax, e-mail address, birth date and gender, as well as interests and information about your transactions with us and with some of our business partners.
The primary purpose for collecting such information is to arrange, conduct and promote AR’s media activities (including but not limited to production, broadcasting and publishing) and provide you with requested products and services.
AR may collect personal information from you in a number of ways. These include, but are not limited to situations in which you set up an account with a company within AR (for example a magazine or newspaper subscription), request to receive products or services from AR, provide products or services to AR, enter a competition or voting forum, utilise AR’s services (including, but not limited to IPTV services, websites, newsletters, mobile phone apps, blogs and online forums), complete a survey or questionnaire, or when you communicate with AR by telephone, fax, writing, email, or any other electronic means.
Whilst AR will attempt to ensure all transfer of data to a third party and use by a third party is secure, the Group cannot be held responsible for the theft of data by a third party, or the consequences resulting from the loss of data where that loss is associated with the technical malfunction, tampering by a third party, viruses, computer bugs, or any action or event beyond the reasonable control of AR.
AR also collects other types of personal information from time to time (e.g. credit information and drivers licence details), and will inform you upon collecting such information the purpose for which it is being collected.
AR does not collect personal information unless it is reasonably necessary for AR to perform one or more of its functions and activities or supply one or more of its services. On occasion, some of this personal information may be sensitive and the Group will only collect it with your consent or when required or authorised to by law.
AR or its agents will generally collect personal information from you directly. For example, AR may collect personal information when you subscribe to one of the Group’s publications, complete a survey, become a member, attend a function or event, enter a competition, make a purchase, provide a resume or enter an agreement.
There may be other occasions when AR needs to source personal information from third parties such as credit agencies and recruitment agencies. If we do this, we will use reasonable efforts to notify you afterwards.
You may choose to deal with AR anonymously or under a pseudonym where lawful and practicable (i.e. provided we are still able to provide the relevant service or do business with you without that information). For example, it might not be practical to deal with you anonymously if we need to process a payment, delivery goods or services or send personalised communications to you.
2. Use & Disclosure of Personal Information
Personal information provided to the Group may be shared with related companies within AR. AR takes all reasonably practical steps to keep such information strictly confidential.
AR may use and disclose your personal information for the purpose for which it was initially collected, namely to arrange, conduct and promote AR’s media activities (including but not limited to production, broadcasting and publishing) and provide you with requested products and services (and renewals thereof), as well as all purposes necessary and incidental to the provision of goods or services by AR or by anyone on behalf of AR.
In addition, AR may use and disclose your personal information for purposes related to the initial purpose of collection if that other purpose would be within your reasonable expectations. Related purposes include analysing your personal information for the purpose of identifying and referring you to products and services and/or production and broadcast activities and/or media activities that may be of benefit or interest to you, displaying targeted advertising based on those interests, improving our services, conducting research, contacting you, internal auditing and administration, adding your name to a guest list or invitation list, or assisting AR to carry out auditing, administration, or product enhancement. Without limiting the foregoing, your personal information may be used to create an anonymous link to additional third party data (for example the data of our business partners) for the purpose of tailoring information you may be more interested in, and that link may be placed in cookies for the purpose of the Group and its business partners sending you targeted advertising when you use websites or other services over the internet, including those supplied to you by the Group as well as by third parties unaffiliated with AR.
Additionally, in the event of a re-organization, merger or sale, AR may transfer any and all personal information we have collected from you to the relevant third party. AR may also be required to disclose your personal information without your consent if the disclosure is:
a. required or authorised by law;
b. required in order to investigate an unlawful activity;
c. required by an enforcement body for investigative activities; or
d. necessary to prevent a serious and imminent threat to a person’s life, health or safety, or to public health or safety.
Generally, AR will retain your personal information within Australia and not use or disclose it overseas. However, on some occasions the information may need to be transferred to overseas countries including but not limited to the UK and the US in order to perform one of AR’s functions or activities. In these circumstances, AR will either obtain your express or implied consent or will use its reasonable endeavours to ensure that the foreign entity to which your personal information is transferred has appropriate measures in place to protect your personal information.
Like most business organisations, AR performs some of its functions under licence and also contracts out some functions and relies on third party suppliers to conduct specialised activities such as website management, share registry services, mail out services, call centre services, data analysis and processing services, insurance broking, vehicle and petrol supply, supply of equipment, engineering services, security services, financial services, credit reporting services and travel and hospitality services.
Whilst personal information may be provided to these licensors and suppliers in order to enable them to perform the agreed tasks, the Group will make every effort to ensure that the supplier handles the personal information in accordance with the Australian Privacy Principles and confidentiality principles. AR will require all such suppliers to provide privacy undertakings and enter confidentiality agreements.
3. Collection, Use and Disclosure of records collected in the course of journalism
As a media organization involved in the collection, preparation and dissemination of news, current affairs and information, the journalistic activities and practices of AR are exempt from the APPs.
4. Direct marketing
From time to time AR may use your personal information to identify programs, products and services that may be of interest to you. The Group may use your personal information to send you information regarding AR’s programs, products and services, and those available through the Group’s business partners.
From time to time, AR may also provide your personal information to carefully selected third parties for the purpose of them providing you with information regarding products and services specific to your needs, and to help AR conduct product enhancement activities.
If you do not wish to receive direct marketing information from the Group or third parties (as applicable) as outlined in this section, please let AR know by using the unsubscribe function in the communication you receive, or alternatively by contacting [email protected] AR will take immediate steps to ensure that you do not receive any such direct marketing information in future.
5. Personal Information Quality
AR’s objective is to ensure that all personal information collected by AR is accurate, complete and up-to-date. To assist AR in achieving its objective, please contact the Privacy Officer if any of your details change. Further, if you believe that the information AR holds is not accurate, complete or up-to-date, please contact the Privacy Officer on [email protected] in order to have the information corrected.
6. Personal Information Security
AR is committed to keeping your personal information secure, and we will take reasonable precautions to protect your personal information from unauthorised access, loss, release, misuse or alteration.
Your personal information may be stored in hard copy documents, but is generally stored electronically on AR’s software or systems.
AR maintains physical security over its paper and electronic data stores, such as locks and security systems. The Group also uses computer and network security technologies such as firewalls, intrusion prevention software, antivirus software, external email filtering and passwords to control and restrict access to authorised staff for approved purposes and to secure personal information from unauthorised access, modification, disclosure, misuse and loss.
Whilst AR takes all reasonable steps to secure your personal information from loss, misuse and unauthorised access, you acknowledge that all activities in which you intentionally or unintentionally supply information to the Group carries an inherent risk of loss of, misuse of, or unauthorised access to such information. The Group cannot be held responsible for such actions where the security of the personal information is not within the control of AR, or where AR cannot reasonably prevent such incident.
Additionally, you acknowledge that the collection and use of your personal information by third parties may be subject to separate privacy policies and/or the laws of other jurisdictions.
7. Access To Personal Information
You may request access to the personal information AR holds about you.
The procedure for gaining access is as follows:
a. All requests for access to your personal information must be made in writing and addressed to the Privacy Officer.
b. You must provide as much detail as possible regarding the business entity, department or person to whom you believe your personal information has been provided, and when. This will allow AR to process your request faster.
c. AR will acknowledge your request within 14 days, and access will usually be granted within 14 days, or if it is more complicated, 30 days. AR will inform you if this timeframe is not achievable.
d. You will be asked to verify your identity.
e. A fee may apply to such access in the event that a request for access is onerous or time consuming. Such a fee will cover staff costs involved in locating and collating information, and reproduction costs.
f. Depending on the circumstances, you may be forwarded the information by mail or email, or you may be required to personally inspect your records at the appropriate place.
g. You will be given the opportunity to correct any personal information that is no longer accurate.
In some circumstances, AR may not be in a position to provide access. Such circumstances include the following:
a. access would create a serious threat to safety;
b. providing access will have an unreasonable impact upon the privacy of other individuals;
c. denying access is required or authorised by law;
d. the request is frivolous or vexatious;
e. legal proceedings are underway or anticipated, and the information would not be accessible through the process of discovery in the proceedings;
f. negotiations may be prejudiced by such access;
g. providing access is likely to prejudice law enforcement;
h. providing access is likely to prejudice action being taken or to be taken with respect to suspected unlawful activity or serious misconduct relating to the Group’s functions or activities; or
i. access would reveal a commercially sensitive decision making process.
If AR denies access to your personal information, it will provide you with reasons in writing.
8. Changes To This Policy
AR may, without notice, change this Policy from time to time for any reason and will update the Policy accordingly. We ask that you visit our website periodically in order to remain up to date with such changes.
If you believe that your privacy has been infringed or a breach of the APPs has occurred, you are entitled to complain. All complaints should initially be in writing and directed to the Privacy Officer. AR will respond to your complaint as soon as possible, within 14 working days, to let you know who is responsible for managing your query. AR will try to resolve the complaint within 30 working days. When this is not possible AR will contact you to provide an estimate of how long it will take to handle the complaint.
If you believe AR has not adequately dealt with your complaint, you may complain to the Privacy Commissioner whose contact details are as follows:
Officer of the Australian Information Commissioner (OAIC)
Phone: 1300 363 992
Email: [email protected]
GPO Box 5218 Sydney NSW 2001 –
Contact [email protected] for inquiries.