1. Privacy Act
We respect your rights to privacy under the Privacy Act and we will comply with the Act’s requirements in respect of the collection and management of your personal information.
Our website may contain links to other websites operated by third parties. The Harbour Trust makes no representations or warranties in relation to the privacy practices of any third party website and we are not responsible for the privacy policies or the content of any third party website.
2. Personal information
3. What types of personal information may the Harbour Trust collect?
We collect, store and from time to time disclose information. This information may contain your personal information, such as your:
The personal information collected by the Harbour Trust may also consist of:
4. How does the Harbour Trust collect your personal information?
We collect personal information directly from the individual unless it is unreasonable or impracticable to do so. When collecting personal information, we may collect it in a number ways that include:
These third parties may include:
5. Privacy notice
At or before the time we collect your personal information (or as soon as practicable afterwards), we will provide you with a notice (also known as 'Privacy Notice' or 'Australian Privacy Principle (APP) Notice') containing the following information:
6. Sensitive information
We will only collect sensitive information about you with your consent (unless we are otherwise allowed or required by law to collect that information). Sensitive information includes information about your health, your race or ethnic origin and religious beliefs, association memberships; sexual orientation or criminal history.
In some cases, we may also collect your personal information using cookies. When you access our website, we may send a “cookie” (a small summary file containing a unique ID number) to your computer.
Cookies are used to maintain a user’s settings and preferences on a website, and can be analysed by us to help improve our online services. Our cookies do not collect personal information. If you do not wish to receive cookies, you can set your browser so that your computer does not accept them.
We may also log IP addresses (the electronic addresses of computers connected to the Internet) to assist in analysing trends, administering the website, and gathering broad demographic information.
Our website also uses Google Analytics, a service which transmits website traffic data to Google servers in the United States. We use Google Analytics in order to understand how users engage with our website. Data transmitted includes, for example, the web address of the page that you're visiting and your IP address. Google may also set cookies on your browser, or read cookies that are already there. Google may transfer this information to third parties where required to do so by law, or where such third parties process the information on Google's behalf.
8. What happens if the Harbour Trust can’t collect your personal information?
When interacting with us, you are not required to identify yourself. You may use a pseudonym. However, this does not apply if:
If you do not provide us with the personal information described above, some or all of the following may happen:
9. How does the Harbour Trust treat Unsolicited personal information
From time to time, we receive personal information that is additional to information that we have solicited or information that we have not taken active steps to collect. This is known as ‘unsolicited personal information’ and includes:
If we receive unsolicited personal information and we decide that we are not permitted to collect it in accordance with the privacy principles, we will take reasonable steps to destroy or de-identify the information as soon as practicable, unless it is contained in a ‘Commonwealth record’ or it is unlawful or unreasonable to do so.
10. Why does the Harbour Trust collect, store, use and disclose your personal information
We collect personal information about you so that we can perform our activities and functions and endeavour to provide quality customer service.
We collect, hold, use and disclose your personal information for the following purposes:
11. How does the Harbour Trust use your personal information
We will only use your personal information for the primary purpose for which it was collected. Before using your personal information for any other purposes, we will ensure that:
DISCLOSURE OF PERSONAL INFORMATION
12. Disclosure of your personal information to third parties
We may disclose your personal information to:
13. Do we disclose your personal information to anyone overseas?
The Harbour Trust does not generally disclose personal information to anyone overseas.
When you communicate with us through a social network service such as Facebook or Twitter, the social network provider and its partners may collect and hold your personal information overseas.
STORAGE AND ACCESS TO PERSONAL INFORMATION
14. How is your personal information stored and secured?
We take reasonable steps to ensure your personal information is protected from misuse and loss and from unauthorised access, modification or disclosure. We may hold your information in either electronic or hard copy form. Where reasonable and practicable to do so, personal information is destroyed or de-identified when no longer needed.
Personal information that is contained in hard copy is secured in accordance with our Records Processes. However, as our website is linked to the internet, and the internet is inherently insecure, we cannot provide any assurance regarding the security of transmission of information you communicate to us. We also cannot guarantee that the information you supply will not be intercepted while being transmitted over the internet. Accordingly, any personal information or other information, which you transmit to us, is transmitted at your own risk.
15. Who has access to your personal information?
We take reasonable steps to ensure that access to your personal information is permitted only for legitimate purposes and on a need to know basis.
16. Personal information no longer required
We take reasonable steps to ensure that we delete or de-identify personal information that is no longer required for the purpose for which the information was originally collected.
ACCESSING AND CORRECTING YOUR PERSONAL INFORMATION
17. How can you access and correct your personal information?
You may request access to any personal information we hold about you at any time by contacting us (details below). Where we hold information that you are entitled to access, we will try to provide you with suitable means of accessing it (for example, by mailing or emailing it to you). We will not charge you for providing your personal information to you, or for the costs of making any corrections to your personal information.
There may be instances where we cannot grant you access to your personal information. For example, we may need to refuse access if we are required or authorised to refuse access under an Australian law. If that happens, we will give you written notice of the reasons for the refusal within 30 days of receipt of your request, together with information about how you can complain about our refusal, if you wish to do so.
If you believe that your personal information is incorrect, incomplete or inaccurate, then you may request us to amend it. We will consider whether the information requires amendment. If we do not agree that there are grounds for amendment, we will give you written notice of the reasons for the refusal within 30 days of receipt of your request, together with information about how you can complain about our refusal, if you wish to do so.
Current and former employees can make arrangements to access their personal information with our Human Resources Manager.
18. What is the process for complaining about a breach of privacy?
We will treat your requests or complaints confidentially and if you choose to respond anonymously, we will respect your right to do so. One of our representatives will contact you within a reasonable time after receipt of your complaint to discuss your concerns and outline options regarding how they may be resolved. We will aim to ensure that your complaint is resolved in a timely and appropriate manner.
At the conclusion of the investigation, we will provide a written response to you regarding your complaint. If you are not satisfied with our response, you may refer your complaint to the Privacy Commissioner at the Office of the Australian Information Commissioner. Details of the procedure to make a complaint are available at: https://www.oaic.gov.au/individuals/how-do-i-make-a-privacy-complaint
19. Privacy Contact Officer
Contact details for our Privacy Officer are:
Mail: Privacy Contact Officer
Sydney Harbour Federation Trust
PO Box 607
Mosman NSW 2088
Phone: 02 89692100
21. Meaning of commonly used privacy terms
|Personal Information||Is defined in the Privacy Act and means information or an opinion about an identified individual, or an individual who is reasonably identifiable:
|Consent||Includes any consent that is implied or expressed by an individual. In providing consent:
|Commonwealth records||A record that is the property of the Commonwealth or a Commonwealth institution.|
|Collect||We collect personal information when we acquire it for inclusion in a record or generally available publication.|
|Disclosure||A release from effective control is generally a disclosure irrespective of our reason for releasing the information. It includes proactive release, release in response to a specific request and accidental release.|
|Use||We use personal information when we handle and manage that information within the Harbour Trust.|
|Holds||We hold personal information when we have possession or control of a record that contains personal information.|
PRIVACY IMPACT ASSESSMENT REGISTER
This register includes any Privacy Impact Assessments (PIA) in accordance with the Privacy (Australian Government Agencies — Governance) APP Code 2017.
Contact our Privacy Officer if you have questions about privacy.
Last reviewed 24 August 2022.