1. Policy Objective
This Policy sets out how the Company complies with the principles of the Privacy Act 1988 (Cth) (“Act”) with respect to the collection, use, management and disclosure of the personal information of, including personal information collected when accessing the Company website by, its employees, contractors, clients, end customers, visitors, suppliers or third parties with whom the Company has dealings with.
2. Scope of Policy
This policy applies to all employees, independent contractors, business partners, customers and any other third parties of Cameron and will be referred to collectively as “Relevant Persons” in this policy.
3. Policy Statement
Cameron respects the right of individuals to privacy under the Act and is committed to protecting the personal information which it collects in accordance with the principles set out in this policy.
4. Policy Details
Cameron only collects personal information for its business purposes and the amount of personal information collected depends on an individual’s interaction with Cameron.
To enable Cameron to fulfil its responsibilities as an integrated provider of transport, logistics, warehousing and related services, Cameron collects personal information about individuals to enable it to effectively conduct its businesses. This necessarily means that personal information must be sufficiently detailed in order to effectively conduct its business.
Information can be sensitive by its nature, and can also be sensitive due to regulations and industry standards.
The types of sensitive information can include:
- customer information (both for customer companies and for people as individuals);
- financial information, including credit cards, salaries, banking, transactions and more;
- medical information of all types;
- company patents, business plans, and other intellectual property;
- company business records and planning materials, including our customer list, marketing and sales efforts, product line plans, and more; and
- copyrighted materials, both which our company creates and those which we obtain under license from others.
The rules by which information is handled are determined by the regulations, business requirements, and company commitments relating to that type of information.
Every Relevant Person must be aware of the significance of the information being handled, and ensure that proper controls are applied to prevent copying, disclosure, or other misuse of the information.
Cameron relies upon Relevant Persons to properly develop, maintain, and operate our systems, networks, and processes which keep our sensitive information safe and properly used. This means that every person and organization handling our information has the responsibility to keep the information safe, no matter where the information is located. This includes computing systems, networks, paper copies, business processes, and verbal transmission of information.
Cameron will meet all applicable requirements in properly protecting the information, including:
- industry standards; and
- contractual commitments
The protections we apply to information assets will be in proportion to the value and sensitivity of the information and will balance the sensitivity of the information against:
- the cost of controls;
- the impact of the controls on the effectiveness of business operations; and
- the risks of disclosure, modification, destruction, or unauthorized use of the information.
Cameron will protect all types of sensitive information, including but not limited to:
- business transaction and planning; and
- personal information, both of our employees and of our customers.
- ensure that these controls are accepted by all employees, service providers, representatives and associates of our company who may have access to our information.
- this includes ensuring that all employees at all levels are aware of, and are held accountable for safeguarding information assets;
- ensure that access to information is controlled, and based upon, job function and need-to-know criteria;
- maintain proper business continuity and security procedures, including information systems, networks, resources, and business processes;
- report any suspected or actual breach of these policies, and will cooperate with investigative agencies; and comply with other related policies.
4.2 Employees personal information
Cameron values each Relevant Person, and has a commitment to protect the personal information which we handle on behalf of our Relevant Persons.
- collect only information about employees which is needed and relevant;
- strive to make certain that personal information about employees is kept accurate and up-to-date;
- use appropriate controls to ensure that this information is kept secure and is only viewed or used by appropriate personnel;
- not disclose information about employees to any external parties unless appropriate;
- tell employees how they can review information about them, make updates, and report problems;
- comply with applicable laws, regulations, and industry standards when protecting employee information; and
- hold our employees, vendors, contractors, suppliers, and trading partners to meet this same set of policies.
4.3 Access and corrections to personal information
Individuals may request access or correct any personal information that Cameron holds about them by contacting the Privacy Officer via the details provided in Section 4.4.
To ensure the integrity and safety of personal information, Cameron will only disclose personal information it holds to the individual concerned, their legally authorised representative, or to fulfil legal or regulatory requirements.
Cameron may, at its discretion, charge a reasonable fee to cover its administrative and other reasonable costs in providing the information to an individual.
There may be instances where Cameron cannot grant an individual access to the personal information it holds. For example, Cameron may need to refuse access if the granting of that access would interfere with the privacy of others or if it would result in a breach of confidentiality, if this happens Cameron will provide the individual with written reasons for any refusal.
4.4 Contact and/or Complaints
If an individual believes that their privacy has been breached or any information that is held about them is not accurate, they may contact Cameron explaining their concern for the company to consider the appropriate action.
In the event of the request to amend the personal information of concern, Cameron will consider if the concerning information requires amendment and if in agreement, Cameron will amend the information. Alternatively, should Cameron not agree that there are grounds for amendment, then the company will make a note to the concerning personal information which states that the individual disagrees with it.
In the event the request is regarding a breach of privacy, Cameron will treat the complaint confidentially, investigate the complaint, aim to contact the individual and resolve the complaint within a reasonable time and, in any event, within the time required by the Act, if applicable.
Please refer to the Privacy Officer details below:
|Postal Mail||Privacy Officer The Cameron Group 33 Stud Road BAYSWATER, VIC 3153|
|Telephone||+61 3 9729 9988|
4.5 Website and Cookies
This Policy also applies to the Cameron website: https://camerons.com.au/
When accessing the company’s website, “cookies” (i.e. small summary files containing a unique ID number) may be used by the company’s website third party service provider to assign a user ID to an individual’s device.
Cameron cookies do not collect personal information. If individuals do not wish to receive cookies to their devices, they may adjust their browser settings so that their devices do not accept these cookies. However, please note that some of the cookies which Cameron uses are essential for its website to operate, should individuals disable cookies altogether, they will not be able to use all parts of the website.
The Cameron website may contain links to other websites which are owned and operated by third parties. The company makes no representations or warranties in relation to the privacy practices and policies of, or content, product or services provided by or contained on, any third-party website. Third party websites are responsible for informing its users about their own privacy practices.
4.6 Data Retention
Cameron may retain personal information for as long as is necessary in accordance with its records management policies for the purpose or purposes for which they were collected.
Cameron will take all reasonable steps to delete or de-identify personal information from its systems when no longer required or when Cameron is no longer required by law to retain it, whichever is the later.
However, please note that Cameron may retain some limited information about individuals even when it is known that an individual has left the organisation which they represented in order for Cameron to maintain a continuous relationship with the individual concerned, if and when the company is in contact with the individual again as a representative of a different organisation.
5.1 Breach of Policy
All suspected breaches of this Policy will be duly investigated and appropriate disciplinary and remedial action may be taken. Employees or contractors who are found to have breached this Policy will be subject to disciplinary action, including counselling, formal warnings or termination of employment or engagement.
5.2 Access to this Policy
This Policy will be made available by Cameron through the following means:
- On implementation, this Policy will be available via the Company’s training induction system. All new and existing employees are expected to undertake such policy training; and
- This Policy will also be available on the Cameron Intranet and Cameron Website.
5.3 Policy Review
This Policy may be varied, amended, replaced or terminated from time to time and, at any time, at the absolute discretion of the Company. Any updated versions of this Policy will be effective from the date of issue noted above.