1. Purpose and scope
Sycle respects the privacy of its clients, Employees, prospective employees, shareholders, suppliers, sub-contractors and all others in which it deals with. This Policy describes the types of private data we collect and describes how we use private information, with whom we share it, your rights and choices, and how you can contact us about our privacy practices.
2. Definitions
‘APP’ means Australian Privacy Principles.
‘Sycle’ means Geelong Landfill Pty Ltd T/A Sycle and any other related bodies corporate.
‘Employee(s)’ means a full time, part time, casual or volunteer employee of Sycle and includes contractors and agents of Sycle.
‘Personal Information’ means information or opinion about an identified individual, or an individual who is reasonably identifiable.
‘Privacy Act’ means the Privacy Act 1988 (Cth) and related regulations as updated and amended from time to time.
3. Responsibilities
• Implementation of policy and processes: Managing Director
• Complaints regarding privacy: Group HR Manager
4. Regulatory Requirements
Privacy Act 1988 (Cth).
5. Policy and Procedure
Sycle complies with the requirements of the Privacy Act, which includes the APPs, and where applicable State or Territory legislation relating to health information. This legislation regulates the collection, storage, quality, use and disclosure or Personal Information and ensures that individuals are given certain rights in respect to this information.
What Personal Information Does Sycle Collect?
Sycle collects Personal Information, including Sensitive Information. Examples of the types of Personal Information we collect include names, addresses, other contact details such as email address, financial details such as a credit card number for payments made to us, transaction history and products and service preferences. Personal Information we collect from Employees also includes identification information including driving licence details, passports, medical checks, police checks, and role-specific requirements such as white cards, plant operator tickets, rail tickets etc. From prospective employees we also collect occupation and employment details including employment status and any previous work experience, as well as information from or in connection with your resume or job application. From our investors and shareholders we collect Personal Information as required to receive and process your application and to manage and report on your shareholding. From our suppliers, contractors and subcontractors and their representatives we also collect Personal Information as required to engage with you or your organisation in connection with our receipt or supply of goods and services.
We are authorised to collect, record and handle tax file numbers and related information (‘TFN information’) by the Taxation Administration Act 1953 (Cth). It is not compulsory for you to provide TFN information for our products and services, but if you do not, taxation law may require additional deductions to be made from amounts payable to you.
How Does Sycle Collect Your Personal Information?
Sycle collects Personal Information in several ways and how we collect Personal Information from you will depend on the nature of your interaction with us or how you use our services.
Sometimes Sycle will collect this information directly from you. For example, Sycle may collect Personal Information about you when you deal with us over the telephone, enter into an agreement with us or send us correspondence (whether by letter, fax or email), visit our web site, you have contact with us in person or any other mode of communication.
Sycle may also collect this information from a third party you have authorised to provide the information, or from a client, supplier, subcontractor or other third party (such as our share registry provider) where it is unreasonable or impracticable to collect it from you.
Where practicable and legal we will allow persons to remain anonymous or to use a pseudonym, when dealing with us, however we will generally need your name and contact information to be able to respond to questions and requests and to provide you with our services, and to engage with you or your employer in connection with our supply or receipt of goods and services from your organisation. If you choose not to provide your Personal Information to us for the purposes set out in this Policy, or if we are unable to collect the Personal Information we require, we may not be able to provide you with requested information, products or services, or to effectively conduct our relationship with you.
How Does Sycle Use and Disclose Your Personal Information?
Sycle generally uses and discloses Personal Information:
We may otherwise collect, use or disclose your Personal Information where the collection, use or disclosure is:
We may disclose, or provide access to, your Personal Information to third parties in connection with the purposes set out in this Policy. Depending on the circumstances and the nature of your engagement with us, we may disclose your Personal Information:
As we continue to develop our business, we may buy, merge or partner with other companies or organisations, and in so doing, acquire Personal Information. In such transactions, Personal Information may be among the transferred assets. Similarly, in the event that a portion or substantially all of our business or assets are sold or transferred to a third party, we may also disclose certain information including your Personal Information to a purchaser or potential purchaser in connection with the sale or potential sale of us, our business or any of our assets, including in insolvency.
Similarly, if for any other reason any agreement you enter into with us is assigned or proposed to be assigned by us to a third party, we may disclose to that third party all information including personal information that we hold about you relating to that agreement, the products and services provided, each party’s performance, and our relationship with you, to allow the third party to assess whether to proceed with the assignment, and to enable them to understand the nature and history of our engagement with you and to fully and effectively exercise their assigned rights and perform their assigned obligations under that agreement.
Marketing
If you sign up to receive marketing from us such as our electronic newsletter, or if you are a representative of one of our clients or potential clients, we may use your Personal Information to send you information, including promotional material, about us or our products and services, as well as the products and services of our related entities and third parties, now and in the future. We may send you such information by means of direct mail, email, SMS and MMS messages.
If you do not want to receive marketing information from us, you can unsubscribe in any of the following ways:
Accessing and Correcting Personal Information
You may request access to Personal Information Sycle holds about you and you may request corrections be made to that information by contacting us using the details listed in the “Complaints” sections at the end of this Policy. It would assist us to ensure we properly understand your request, and allow us to respond more promptly, if requests are made in writing and include as much detail as possible.
Sycle will generally provide you with access to any Personal Information we hold about you on request. In limited circumstances, however, access may be refused if required or permitted by law. If Sycle does not provide you with access, we will explain the reasons for our refusal in writing. We will not unreasonably refuse requests to access Personal Information and we will endeavour to respond to requests for access within a reasonable time.
Sycle will not charge you for making an application to access your Personal Information but may charge a reasonable fee to cover the cost of giving access, such as photocopying costs. Sycle will advise you if such a charge applies before your request is dealt with.
How Does Sycle Secure Personal Information?
Your Personal Information is held on databases and physical files. Sycle takes reasonable technical, organisation and physical measures to keep your Personal Information secure.
If Sycle outsources services involving the use of Personal Information, it will take reasonable steps to ensure the protection of your Personal Information.
Website
In the course of using our website, you may provide us with Personal Information. We may use various technological methods from time to time to track the visiting patterns of individuals accessing our Website.
For example, when you read, browse or download information from our website, we or our internet service provider may also collect information such as the date, time and duration of a visit, the pages accessed, the IP address of your computer, and any information downloaded. This information is used for statistical, reporting and website administration, maintenance and improvement purposes.
Our website may also use ‘cookies’ from time to time. Cookies are small text files that are transferred to a user’s computer hard drive by a website for the purpose of storing information about a user’s identity, browser type or website visiting patterns. Cookies may be used on our website to monitor web traffic, for example the time of visit, pages visited and some system information about the type of computer being used. We use this information to enhance the content and services offered on our website.
Cookies are sometimes also used to collect information about what pages you visit and the type of software you are using. If you access our website or click-through to our website from a link in an email we send you, a cookie may be downloaded onto your computer’s hard drive.
Cookies may also be used for other purposes on our website.
You can configure your browser to accept all cookies, reject all cookies, or notify you when a cookie is sent. Each browser is different, so check the “Help” menu of your browser to learn how to change your cookie preferences.
If you disable the use of cookies on your web browser or remove or reject specific cookies from our website or linked sites then you may not be able to gain access to all of the content and facilities in those websites.
Some of the content on our website may also include applications made available by third parties, such as social media buttons or links that allow you to share content or links to our website through the relevant third party platforms. These third party applications themselves may facilitate collection of information by those third parties, through your interaction with the applications and sometimes even if you do not interact directly with them. We are not responsible for the technical operation of these applications or the collection and use practices of the relevant third parties. Please visit the relevant third party websites to understand their privacy practices and options they may make available to you in relation to their collection of your Personal Information.
Sending Personal Information Overseas
We may from time to time disclose Personal Information to overseas recipients, including if:
In particular, we may disclose Personal Information to recipients located in the USA, Philippines, and such other countries in which those parties or their, or our, computer systems may be located from time to time, where it may be used for the purposes described in this Policy.
Before disclosing Personal Information to an overseas recipient, Sycle will take reasonable steps to ensure that the overseas recipient does not breach the APPs in relation to the information, or that the disclosure is otherwise permitted by the Privacy Act.
Employees’ Use Of Company Software
If an Employee is using company software on a personal or work device for work purposes, Sycle may have access to location information which relates directly to an Employee’s employment. Employees will have access to this information kept, ensuring transparency. Sycle will rectify the information if it is found to be incorrect or incomplete. Employees’ use of Sycle’s computer facilities is also subject to Sycle’s applicable Employee policies and procedures.
Complaints Procedure – Employees
This Privacy Complaint Handling Procedure sets out the process Sycle will undertake to deal with complaints from Employees regarding breaches of Australian privacy law including under the Privacy Act and State and Territory legislation relating to health information.
Any complaints should be made in writing to Sycle HR Manager.
Sycle will resolve all Employee-related privacy complaints through this procedure:
Step 1: A privacy complaint is received (Complaint).
Step 2: Within (5) business days following receipt of the Complaint, Sycle will send a communication via post, fax or email to the person who made the complaint (Complainant) acknowledging receipt of the Complaint.
Step 3: Following the acknowledgment of receipt of the Complaint (as outlined in Step 2), a Sycle investigator will notify the Complainant via post, fax or email, that they have been assigned to investigate the Complaint and commence the investigation.
Step 4: The investigator will investigate the Complaint. During this process, the investigator may request further information from the Complainant.
Step 5: Within thirty (30) business days from the date all information is received, the Investigator will contact the Complainant via post, fax or email, notifying the Complainant of proposed avenues of resolution. The Complainant and the investigator may work together to collaboratively resolve the Complaint to the Complainant’s satisfaction. Sycle will notify the individual if additional time is needed to respond due to the complexity of the inquiry.
Step 6: If the Complaint cannot be resolved by the Complainant and the Investigator in accordance with Step 5, then the Investigator will notify the HR Manager (Notification) who will then take steps to resolve the matter.
Step 7: Following receipt of all requested information, the HR Manager will contact the Complainant via post, fax or email, and propose an avenue(s) of resolution.
Step 8: If the Complainant agrees to the proposed avenue(s) of resolution, the Complainant and the HR Manager will work together to close the matter.
Step 9: In circumstances where resolution cannot be achieved in accordance with Steps 1 to 8, the HR Manager will advise the Complainant that they may direct their Complaint to the Federal Privacy Commissioner or take independent advice as to their rights.
The Complainant may contact the Federal Privacy Commissioner as follows:
By telephone: 1300 363 992
By writing: Director of Complaints, Office of Federal Privacy Commissioner, GPO Box 5218, Sydney NSW 1042
By email: enquiries@oaic.gov.au
Complaints Procedure – Other Individuals
Any complaints or concerns relating to privacy from individuals other than Employees should be directed to our Privacy Officer as follows:
Email: sandra.costanzo@Sycle.com.au
Mail: 208-210 Hall Street, Spotswood Vic 3015
We will investigate your queries and privacy complaints within a reasonable period of time depending on the complexity of the complaint. We will notify you of the outcome of our investigation and of any proposed avenues of resolution.
If a person receives our response to a complaint and is unsatisfied, then they may refer their complaint to the Office of the Australian Information Commissioner as follows:
By telephone: 1300 363 992
By writing: Director of Complaints, Office of Federal Privacy Commissioner, GPO Box 5288, Sydney NSW 1042
Online: www.oaic.gov.au
Updates To This Policy
We may, from time to time, review and update this Policy, including to take into account new laws, regulations, practices and technology. All Personal Information held by us will be governed by our most recent Policy, posted on our website. Any changes to this Policy may be advised to you by updating this page on our website. We will aim to provide reasonable advance notice of such changes though this may not always be possible depending on the circumstances. We encourage you to check this page from time to time for any changes.
6. Enforcement
Employees must comply with the requirements of this Policy. Any breach of this Policy may result in disciplinary action up to, and including, termination of employment.
7. Document Review
Sycle reserves the right to vary, replace or terminate this Policy from time to time.