ECOLE DE POLE is committed to the protection of privacy in relation to personal and/or sensitive information collected by ECOLE DE POLE. Personal information is protected under the Privacy Amendment (Enhancing Privacy Protection) Act 2012 (Cth) and the Privacy Act 1988 (Cth). Further information about the Privacy Act is available on the Australian Privacy Commissioner’s website.
ECOLE DE POLE only uses personal information for the purpose(s) for which it is given and for directly related purposes (unless otherwise required by or authorised by law) or as consented to by the individual concerned.
Any personal or sensitive information that ECOLE DE POLE has acquired is kept as securely as possible and accessed only by those who have the authority to do so.
ECOLE DE POLE respects the privacy of all contractors, clients, business partners and pledgers and is committed to safeguarding the personal information that is provided to us.
ECOLE DE POLE takes all reasonable steps to ensure that personal information and sensitive information is protected and treated confidentially. This includes protecting privacy in accordance with the Privacy Act 1988 (as amended) and the Australian Privacy Principles.
The purpose of these procedures is to provide guidelines for the management of personal information collected by ECOLE DE POLE.
“Personal information” – means information or an opinion (including information forming part of a database), whether true or not, and whether recorded in material form or not, about an individual whose identity is reasonably apparent, or can be reasonably ascertained, from the information or opinion.
“Sensitive information” – means any information about a person’s individual preferences, race, religion, political opinions, affiliations, philosophy, memberships, health, genetic or criminal record.
We adhere to the Privacy Act 1988 (Cth), all other applicable privacy legislation and guidelines issued by the Office of the Australian Information Commissioner and similar regulatory bodies when we collect, use, disclose, store, provide access to, or otherwise deal with personal information.
It is our usual practice to collect personal information directly from the individual or their authorised representative.
Sometimes we collect personal information from a third party or a publicly available source, but only if the individual has consented to such collection or would reasonably expect us to collect their personal information in this way.
In some circumstances we may receive personal information about third parties from individuals who contact us and supply us with the personal information of others in the documents they provide to us.
We only collect personal information for purposes which are directly related to our functions or activities under the Privacy Act, and only when it is necessary for or directly related to such purposes. We also collect personal information related to service engagement, human resources management, and other corporate service functions.
We only use personal information for the purposes for which it was given to us, or for purposes which are directly related to one of our functions or activities, and we do not give it to government agencies, organisations or anyone else unless one of the following applies:
- The individual has consented
- The individual would reasonably expect, or has been told, that information of that kind is usually passed to those individuals, bodies or agencies
- Your communications are relevant to a joint booking where the parties are jointly responsible for the fulfilment of the booking. Your PCI and PII data will remain protected. We reserve the right to share any and all relevant non PCI communication regarding a joint booking between the affected parties.
- It is otherwise required or authorised by law
- It will prevent or lessen a serious and imminent threat to somebody’s life or health
- It is reasonably necessary for the enforcement of the criminal law or of a law imposing a pecuniary penalty, or for the protection of public revenue.
We do not disclose personal information to any overseas recipients.
We take steps to ensure that the personal information we collect is accurate, up to date and complete. These steps include maintaining and updating personal information when we are advised by individuals that their personal information has changed, and at other times as necessary.
We take steps to protect the personal information we hold against loss, unauthorised access, use, modification or disclosure, and against other misuse. These steps include password protection for accessing our electronic IT system, securing paper files in locked cabinets and physical access restrictions.
When no longer required, personal information is deleted, de-identified or destroyed in a secure manner.
Individuals have the right to request access to the information ECOLE DE POLE holds about them and may do so by contacting the Privacy Officer (below). If an individual requests access to the personal information we hold about them, or requests that we change that personal information, we will allow access or make the changes unless we consider that there is a sound reason under the Privacy Act, FOI Act or other relevant law to withhold the information, or not make the changes.
If we do not agree to provide access to personal information or to amend or annotate the information we hold about them, the individual may seek a review of our decision or may appeal our decision under the FOI Act.
If we do not agree to make requested changes to personal information the individual may make a statement about the requested changes and we will attach this to the record.
If an individual believes that the Australian Privacy Principles have been breached in relation to personal or sensitive information provided to ECOLE DE POLE they have the right to make a complaint and have it investigated and dealt with under this procedure.
If you have a complaint about ECOLE DE POLE’s privacy practices or handling of your personal or sensitive information please contact the Privacy Officer (contact details below).
Once a complaint has been made we will try to resolve the matter in the following ways:
Request for further information: we may request further information from you and you should be prepared to provide us with as much information as possible including details of any relevant dates and documentation. This will allow us to investigate your complaint and determine an appropriate solution. All details provided will be kept confidential.
Discuss options: we will discuss options for resolution with you and you should raise any suggestions as to how the matter might be resolved with the Privacy Officer.
Investigation: we will investigate your complaint and will do so within a reasonable timeframe. We may need to contact others in order to proceed with our investigation.
If your complaint is found to be substantiated you will be informed of this finding and we will then take the appropriate steps to resolve the complaint, address your concerns and prevent the problem from recurring.
If the complaint is not substantiated or cannot be resolved to your satisfaction and this policy has been followed the issue may be referred to an appropriate intermediary.
If you are still not satisfied with the outcome you are free to take your complaint to the Office of the Australian Information Commissioner at www.oaic.gov.au
We will keep a record of your complaint and the outcome.
We are unable to deal with anonymous complaints because we are unable to investigate or follow up. However, in the event that an anonymous complaint is received we will note the issue raised and, if appropriate try to investigate and resolve.