Freyssinet Australia New Zealand (We / us) is committed to managing Personal Information in accordance with the Australian Privacy Principles (APPs) and the New Zealand Information Privacy Principles (IPPs) (together, the Privacy Principles (PPs)) contained in the Privacy Act 1988 (Cth) and the Privacy Act 2020 (NZ), respectively (together, the Privacy Acts).
A copy of the Privacy Principles may be obtained from:
- (APPs) the website of the Office of the Australian Information Commissioner at Australian Privacy Principles | OAIC; and
- (IPPs) the website of the New Zealand Office of the Privacy Commissioner at Office of the Privacy Commissioner | Privacy Act 2020.
This document sets out our policy for managing your Personal Information and is referred to as our Privacy Policy.
What is Personal Information and why do we collect it?
Personal Information is information that identifies an individual.
We may collect the following Personal Information:
Internal (employees):
- names and birth date;
- addresses;
- email addresses;
- phone numbers;
- next of kin details;
- bank account and superannuation fund details;
- qualification and experience details;
- licences and professional registration details;
- health information; and
- video or photo record.
External:
- name;
- addresses;
- email addresses;
- phone numbers;
- employer name;
- video or photo record.
This Personal Information is obtained in many ways including interviews, correspondence, by telephone, by email, via our website www.freyssinet.com.au, from other publicly available sources, from cookies and in the course of conducting our business, such as CCTV, and from third parties.
The purposes for which we usually collect and use Personal Information depends on the nature of the interaction, but may include:
- to ensure the safety of our employees, clients, contractors and invitees;
- for human resources administration;
- for accounting purposes, such as to ensure that employees and clients are set up correctly in our systems and are paid or invoiced correctly;
- to carry out normal business operations and manage client needs;
- responding to requests for information and other general inquiries;
- managing, planning, advertising and administering programs, events, competitions and performances;
- researching, developing and expanding our facilities and services;
- informing you of our activities, events, facilities and services;
- recruitment processes (including for induction, volunteers, internships and work experience); and
- responding to enquiries and complaints.
We may also use Personal Information for secondary purposes closely related to the primary purpose, in circumstances someone would reasonably expect such use or disclosure.
Clients may unsubscribe from our mailing/marketing lists at any time by contacting us in writing.
When we collect personal information, we will, where appropriate and where possible, explain to you why we are collecting the information and how we plan to use it.
Sensitive Information
Sensitive information is defined in the Australian Privacy Act to include information or opinion about such things as an individual’s racial or ethnic origin, political opinions, membership of a political association, religious or philosophical beliefs, membership of a trade union or other professional body, criminal record or health information.
We collect the following examples of sensitive information:
- employee membership of professional organisations; and
- health information.
We collect sensitive information for the same purposes foreshadowed above in relation to Personal Information.
Sensitive information will be used by us only with your consent and where required or authorised by law.
Employee records
We are entitled at law to handle employee records in relation to current and former employment relationships.
Third Parties
Where reasonable and practicable to do so, we will collect Personal Information only from an individual, however, in some circumstances we may be provided with information by third parties. In such a case we will take reasonable steps to ensure that the individual is made aware of the information provided to us by the third party.
Disclosure of Personal Information
Personal Information may be disclosed in a number of circumstances for the purpose for which it was collected (or a related purpose which someone may reasonably expect).
We may also disclose or use Personal Information (including to overseas recipients) in any of the following scenarios:
- to third party service providers and business associates, including our joint venture and alliance partners, who provide services in connection with our business. These third parties may be located locally or overseas;
- with the individual’s consent;
- to a person authorised to act on the individual’s behalf; or
- as required or permitted by law, for example to any government agency if we believe in good faith that we must do so to comply with the law or that doing so is required to prevent, detect, investigate or remedy improper conduct potentially affecting it.
Where we hold or transfer Personal Information outside Australia or New Zealand, it will meet the safeguards set out in the Privacy Acts. Where Personal Information is held or disclosed overseas, all reasonable steps will be taken to ensure that the recipient will handle the information in a manner consistent with the Privacy Acts and in the case of the European Union the General Data Protection Regulation.
For example, as we have a French parent company, Personal Information may be saved on systems which can be accessed by our parent company, or transferred to and held in France.
Security of Personal Information
We will take reasonable steps to protect the security of personal information.
Personal Information is stored in a manner that reasonably protects it from misuse and loss and from unauthorised access, modification or disclosure, for example by:
- secure electronic databases;
- restricted access to electronic records;
- secured hard copy documents; and
- cyber security measures.
In accordance with the Privacy Acts, we are required to notify the impacted individual and the Commissioner if we become aware of a data breach (such as an unauthorised disclosure of or unauthorised access to data, or a loss of data) where that breach is reasonably likely to result in serious harm. This will apply even if the data is being held offshore.
When the Personal Information is no longer needed for the purpose for which it was obtained, we will take reasonable steps to destroy or permanently de-identify it. However, most of the Personal Information is or will be stored in files which will be kept by us for a minimum of 7 years.
Access to your Personal Information
You may access the Personal Information we hold about you and request to correct it, subject to certain exceptions. If you wish to access your Personal Information, please contact us in writing.
We will not charge any fee for your access request, but may charge an administrative fee for providing a copy of your Personal Information.
In order to protect your Personal Information we may require identification from you before releasing the requested information.
At the company, all staff will have access to the company’s HRIS system which provides each employee with their own company profile including personal and sensitive information. This can be reviewed and corrected by advising Payroll or HR.
Policy Updates
This Policy may change from time to time and is available on our website: Privacy policy of Freyssinet Australia website
Privacy Policy Complaints and Enquiries
If you have any queries about our Privacy Policy or have any complaints about privacy issues please contact us at:
| Contact: | Privacy and Data Protection Officer |
| By email: | privacyanddataprotection@freyssinet.com.au |
| By post: | 3/13 – 15 Lyonpark Rd Macquarie Park NSW 2113 |