The Policy explains how Australian Naval Infrastructure (‘ANI’) handles personal information, including how we collect, use and disclose personal information. ‘We’ or ‘us’ means ANI.
ANI is committed to complying with the Australian Privacy Principles (‘APPs’) set out in the Privacy Act 1988, and to being open and transparent about our information handling practices. We respect the confidentiality of the personal information we hold and take steps to safeguard that information.
The kinds of personal information we collect and hold (and why)?
ANI needs to collect some limited personal information to effectively run its business. In particular, we may collect and hold the following personal information:
- our suppliers’ and contractors’ names and contact details; and
- personal information provided to us in applications for employment with us.
How we collect personal information
Where it is practical to do so, we aim to collect personal information directly from the individual it relates to. However, there may be circumstances where we need to collect personal information from a third party. We may also collect personal information indirectly, for example where it is included in a communication with us. Some examples of how we collect personal information include:
- directly from individuals during telephone calls or meetings;
- through other forms of communication such as when individuals email us;
- through this website (www.ani.com.au);
- from publicly available sources of information; and
- when we are permitted or required to collect personal information by or under law.
Storage and security of personal information
We take the security of personal information we hold seriously. All ANI staff handle personal information sensitively and in accordance with the APPs.
We take all reasonable steps to protect the personal information we hold from misuse, interference and loss, and from unauthorised access, modification or disclosure. These steps include using electronic and physical security measures, including password protected software and hardware.
If we no longer need the personal information we hold physical copies of, we take reasonable steps to destroy or de-identify that information. It may be necessary for us to retain personal information to comply with our legal obligations, or for insurance or audit purposes. Personal information stored electronically may be stored securely indefinitely for IT back up and electronic audit trail purposes.
How we use personal information and for what purposes
We use personal information to perform our functions as a Government Business Enterprise.
Where necessary, we may also use personal information to comply with applicable laws (e.g. to meet obligations we may have under legislation).
We may use personal information for audit or quality assessment purposes, billing and invoicing, and staff training.
We only use personal information in accordance with the APPs and are committed to maintaining supplier and contractor confidentiality.
Disclosure of personal information
In order to conduct our business, we may disclose personal information to third parties.
We may disclose personal information:
- if the person to whom the information relates agrees to the disclosure;
- where the disclosure is for the purpose the personal information was collected;
- in circumstances where the person about whom the personal information relates would reasonably expect this disclosure to occur;
- where required to do so by law.
How individuals can access the personal information we hold about them
Individuals can seek access to the personal information we hold about them by contacting us at the address below under ‘Contact details’. We will need to verify the individual’s identity and may charge a fee to cover the cost of providing access. If a fee is charged for providing access, the individual will be informed of the details of the fee prior to provision of access.
How to update or correct personal information
Individuals can request to update or correct personal information we hold about them which they believe is inaccurate or out of date. To do so, the person about whom the information relates may contact us using the address under ‘Contact details’.
How to make a privacy complaint
If an individual has any concerns about our information handling practices they can contact us at the address below under ‘Contact details’ so that we can try and resolve the issue quickly and directly.
If we are unable to resolve a privacy complaint, the individual concerned may contact the Office of the Australian Information Commissioner at: GPO Box 5218, Sydney NSW, 2001 (telephone 1300 363 992), www.oaic.gov.au.
Individuals may request to update or access personal information we hold about them, or make a privacy complaint, by contacting us at firstname.lastname@example.org.