This policy is based on the guidelines outlined in the Australian Privacy Principles, Schedule 1 of the Privacy Amendment (Enhancing Privacy Protection) Act 2012, which amends the Privacy Act 1988.
Agility collects personal information about individuals directly from those individuals or their authorised representative and can include:
- Name, address and contact details
- Tax file number
- Bank account details
- Next of kin and emergency contacts
The information is collected only by lawful and fair means.
Occasionally, information is collected from a third party or from a publicly available source, but only if:
- the individual has consented to such collection or would reasonably expect us to collect their personal information in this way, or
- the collection of the information is required or authorised by or under an Australian law or a court/tribunal, or
- if it is necessary for a specific purpose such as the investigation of a privacy complaint.
We only collect personal information for purposes which are directly related to our functions or activities.
Information collected is stored in a number of different ways depending on the source of information
- Electronically where possible where the information is provided via electronic means (emails, etc.)
- Locked file storage where the information is provided in hard-copy, e.g. Tax File declarations
Use and disclosure
Agility will only use personal information for the purposes for which it is collected – purposes which are directly related to one of the company’s functions or activities.
Agility does not give personal information about an individual to other Government agencies, private sector organisations or anyone else unless one of the following applies:
- the individual has consented
- the individual would reasonably expect, or has been told, that information of that kind is usually passed to those individuals, bodies or agencies
- it is otherwise required or authorised by law
- it will prevent or lessen a serious and imminent threat to somebody’s life or health
- it is reasonably necessary for the enforcement of the criminal law or of a law imposing a pecuniary penalty.
In the event that personal information is disclosed for one or more enforcement related activities conducted by, or on behalf of, an enforcement body Agility must make a written note of the use or disclosure.
Agility take steps to protect the personal information stored against loss, unauthorised access, use, modification or disclosure, and against other misuse.
Access and rights
Each individual can access the personal information that is held about them, and can ask to correct the personal information held about them. That said, Agility has the right to refuse access to personal information to the extent that:
Agility reasonably believes that giving access would pose a serious threat to the life, health or safety of any individual, or to public health or public safety
- giving access would have an unreasonable impact on the privacy of other individuals
- the request for access is frivolous or vexatious
- the information relates to existing or anticipated legal proceedings between Agility and the individual, and would not be accessible by the process of discovery in those proceedings
- giving access would reveal the intentions of Agility in relation to negotiations with the individual in such a way as to prejudice those negotiations
- giving access would be unlawful
- denying access is required or authorised by or under an Australian law or a court/tribunal order
- Agility has reason to suspect that unlawful activity, or misconduct of a serious nature, that relates to Agility’s functions or activities has been, is being or may be engaged in and giving access would be likely to prejudice the taking of appropriate action in relation to the matter
- giving access would be likely to prejudice one or more enforcement related activities conducted by, or on behalf of, an enforcement body; or
- giving access would reveal evaluative information generated within Agility in connection with a commercially sensitive decision-making process.
Should any individual want access to their personal information it must be done in writing at which point Agility will respond to the request for access:
- within a reasonable period after the request is made; and
- give access to the information in the manner requested by the individual, if it is reasonable and practicable to do so
Should Agility refuse to give access to the personal information because of possible reasons outlined above, or to give access in the manner requested by the individual, Agility must give the individual a written notice that sets out:
- the reasons for the refusal except to the extent that, having regard to the grounds for the refusal, it would be unreasonable to do so; and
- the mechanisms available to complain about the refusal; and
- any other matter prescribed by the regulations.
In the event Agility holds personal information about an individual and either:
- Agility is satisfied that, having regard to a purpose for which the information is held, the information is inaccurate, out of date, incomplete, irrelevant or misleading; or
- the individual requests the entity to correct the information;
Agility must take such steps (if any) as are reasonable in the circumstances to correct that information to ensure that, having regard to the purpose for which it is held, the information is accurate, up to date, complete, relevant and not misleading.