The entity responsible for your personal information (and the controller for the purpose of, and to the extent that, the Privacy Act 1988 (Cth) applies) will be ABM Risk Partnership.
Collecting Personal Information
The types of personal information we may collect depends on the nature of your dealings with us. We only collect information that is reasonably necessary for ABM’s functions and activities or for matters directly related to them. Related purposes (or secondary purposes) include matters such as marketing and statistical analysis associated with the use of websites our products and services or recruitment, for product, process and system improvement and development, to obtain your feedback and to comply with our legal obligations. We may also collect personal information for any other reason that we disclose to you, and which you consent to, at time of the collection.
Typically, the information we collect may include details of your name, date of birth, address, contact details and financial information such as bank account details. We may collect other information from you with your consent. Depending on the nature of your dealings with us, we may collect sensitive information. For example, where you are applying for employment with ABM, we may collect information regarding your citizenship and health related information. If you provide us with sensitive information, you understand and give your explicit consent that we may collect, use and disclose this information to appropriate third parties for the purposes described in this policy.
Usually we collect information directly from you or your authorised representative. We may collect information about you where you register, visit or use the ABM Risk website, where you obtain products or services from us, or where you otherwise engage with us. We may also collect information about you via third parties with your consent. For example, where you apply for employment with us, we may use a third-party provider to collect and process your personal information via an online portal, careers site or correspondence with you. To the extent the Privacy Act 1988 (Cth) applies, we will only collect and use personal information on a lawful basis.
Where you engage with us on or through third party social media sites or applications, you may allow us to have ongoing access to certain information from your social media account (e.g. your name, e-mail address, photo, gender, birthday, the posts or the 'likes' you make). If you post information when you interact with our websites through social media sites or other applications, depending on your privacy settings, this information may become public on the internet. You can control what information you share through privacy settings available on some social media sites. If you access our websites on your mobile telephone or mobile device, we may also collect your unique device identifier and mobile device IP address, as well as information about your device's operating system, mobile carrier and your location information.
If we ask you for personal information and you do choose not to provide that information to us, we might not be able provide you with services, information regarding our businesses, answer your queries, assist you or proceed with an employment application.
Using your personal information
The following is a summary of the purposes for which we may use your personal information. More information about the personal information collected for each of our services will be provided to you in separate privacy notices which are relevant to the services which affect you. We may use your personal information for the following:
Supplying products and services to you
Administering our relationship as a customer of ABM
Processing applications of employment
Analysing data about how you use or interact with the services offered or our website
Sending you email notifications that you have specifically requested
Sending you marketing communications relating to our businesses where you have specifically agreed to this, by email or similar technology
Providing third parties with deIdentified and anonymous statistical information about our users
Dealing with inquiries and complaints made by you
Keeping our websites secure and preventing fraud to comply with any law, rule, regulation, lawful and binding determination, decision or direction of a regulator, or other governmental authority
How long do we retain your personal information?
Disclosing personal information
We may disclose your personal information:
to the extent that we are required to do so by law, to respond to a subpoena, search warrant, or other legal request or to comply with any legal rule or regulation
in order to establish, exercise or defend our legal rights (including provided information to others for the purposes of fraud prevention)
to business partners or consultants that provide specialised services to us including banking and finance consultants, lawyers, insurers, credit reporting agencies, fraud detection agencies, recruitment agencies and law enforcement agencies or other agencies for the purposes of performing background checks
to service providers we have retained as processors of your information to perform services on our behalf (either in relation to services performed for you, or information which we use for its own purposes) and includes third party employment service providers. These service providers are contractually restricted from using or disclosing the information except as necessary to perform services on our behalf or to comply with legal requirements; or
in the event that ABM or its related partner entities are subject to a merger or acquisition, to the new owner.
International data transfers
Information that we collect may be stored, processed in and transferred between any of the countries in which we operate in order to enable us to use the information in accordance with this policy.
Web traffic information is disclosed to Google Analytics when you visit our websites. Google stores information across multiple countries.
When you communicate with us through a social network service such as LinkedIn or Twitter, the social network provider and its partners may collect and hold your personal information overseas.
The security of your personal information is important to us, and ABM has implemented reasonable physical, technical and administrative security standards to protect personal information from loss, misuse, alteration or destruction.
Only authorised individuals access your personal information, and they are trained in the importance of protecting personal information.
Our service providers and agents are contractually bound to maintain the confidentiality of personal information and may not use the information for any unauthorised purpose. We take reasonable steps to destroy or de-identify personal information if we no longer need the information for any permitted purpose or if we are not required by law to retain the information.
You may instruct us to provide you with any personal information that we hold about you. We may withhold personal information that you request to the extent permitted by law. You may instruct us at any time not to process your personal information for marketing purposes.
In practice, you will usually either expressly agree in advance to our use of your personal information for marketing purposes, or we will provide you with an opportunity to opt out of the use of your personal information for marketing purposes.
Accessing and correcting your personal information
Under the Privacy Act (APPs 12 and 13) you have the right to ask for access to personal information that we hold about you and ask that we correct that personal information. You can ask for access or correction by contacting us and we must respond within 30 days. If you ask, we must give you access to your personal information, and take reasonable steps to correct it if we consider it is incorrect, unless there is a law that allows or requires us not to.
We will ask you to verify your identity before we give you access to your information or correct it, and we will try to make the process as simple as possible. If we refuse to give you access to, or correct, your personal information, we must notify you in writing setting out the reasons.
The steps appropriate to verify an individual’s identity will depend on the circumstances. We will seek the minimum amount of personal information needed to establish an individual’s identity. For example, during a telephone contact it may be adequate for us to request information that can be checked against our records.
If we make a correction and we have disclosed the incorrect information to others, you can ask us to tell them about the correction. We must do so unless there is a valid reason not to.
How to make a complaint
If you wish to complain to us about how we have handled your personal information you should first complain to us in writing.
If we receive a complaint from you about how we have handled your personal information we will determine what (if any) action we should take to resolve the complaint.
If we decide that a complaint should be investigated further, the complaint will usually be handled by a Partner, other than the Partner or Associate whose actions you are complaining about.
We will tell you promptly that we have received your complaint and then respond to the complaint within 30 days.
You can contact us by:
Post: Level 8, 124 Walker Street, North Sydney NSW 2060