Privacy Policy
1. Background
The Privacy Act 1988 (Cth) (the Act) requires relevant organisations to observe the Australian Privacy Principles (APP) and the importance in protecting the privacy of individuals while balancing the interests of the organisation in carrying out their commercial activities. The APPs set out several principles under which organisations must abide by.
At BRI, we understand the sensitivity in maintaining personal information confidential, including communicating what our collection, storage and disclosure of personal information that is provided to us.
There are minimum standards that are set out as 13 APPs under the Act which govern the standards, rights and obligations in terms of:
□ how an organisation collects, uses, stores and discloses personal information
□ integrity and correction of personal information
□ rights of individuals to access their personal information
The APPs can be found in Schedule 1 to the Act – a summary can also be found in the Appendix to this Privacy Policy.
2. What is BRi's Privacy Policy
This Privacy Policy communicates BRI’s collection and handling of personal information and to ensure parties their provide personal information are confident that it is done only as necessary for its business requirements under relevant Australian legal obligations and all information provided is securely managed.
The Privacy Policy also allows for relevant individuals to understand what information is collected, how it is stored and how they may request to access the information.
The Privacy Policy is available on BRI’s website, or upon request, a copy may be emailed. The version on the website is most up to date and can be found at BR International Logistics Pty Ltd.
3. Application of BRi's Privacy Policy
This Privacy Policy applies to all individuals such as employees, clients, suppliers and business partners, who provide information to BRI and the information falls within the legal definition of personal information.
The relevant employees that are required to handle or access relevant personal information are trained and periodically reviewed to ensure compliance with BRI’s Privacy Policy and overarching confidentiality practices.
4. What Personal Information is collected and why
4.1 What is personal information
The types of personal information includes information that can personally and reasonable identify you. This does not include sensitive information as defined under the Act, which is information or an opinion such as an individual’s racial or ethnic origin, political or religious beliefs.
Under the Act, personal information has been listed to include:
□ name, signature, address, phone number, date of birth
□ credit information,
□ tax file number, or
□ photographs.
4.2 What personal information does BRI collect?
BRI collects personal information in relation to suppliers and clients applying for credit terms and what is necessary to comply with its customs licence requirements from the Australian Border Force.
Possible types of personal information that BRI may collect, and hold include:
□ name;
□ address;
□ email address and phone and fax numbers;
□ birth date;
□ government issued photo identity documents such as a passport or driver’s license;
□ bank account information;
□ tax file number
□ services that you have requested or received from BRI;
□ if providing services to or requested from BRI, information such as trading history, including references from sources that you provide to BRI; and
□ CCTV images and visit information for visitors to BRI sites.
BRI directly collects this information through its application process for credit terms, use of our website, requests for services or applications for employment, through either by phone, email, online forms or gathered by BRI representatives while communicating with you. Where direct collection is not feasible or confirmation of the data is required, we may also gather information through trade references that you have provided to us. This information may be added to our records as required, after you have notified us, or through our own enquiries.
Publicly available or registered information may also be gathered to confirm credit worthiness and suitability whether security registration is appropriate under the Personal Properties Securities Act 2009 (Cth) (PPSA).
4.3 Why is BRI collecting personal information?
As with most organisations, personal information is collected for several reasons.
When applying for credit terms with BRI, we ensure that any information is collected only as reasonably necessary so that a balanced assessment may be made for appropriate credit terms.
Furthermore, as BRI is a licensed customs broker, it is required under Australian customs laws and the Australian Border Force to collect a minimum amount of information to accurately identify its clients.
Finally, personal information may be required when negotiating and performing commercial agreements with suppliers and clients, or where an individual is applying for roles within the BRI organisation.
In accordance with APP3: Collection of Personal information, BRI only collects information that is relevant and reasonably necessary so that we can reliably and accurately provide our services to you.
While APP2: Anonymity allows the opportunity for individuals an option to not identify themselves when dealing with a corporation, this does not apply to BRI’s collection of personal information as BRI is reasonably required to assess credit worthiness, debt management, and to comply with its legal obligations issued by the Australian Border Force.
4.4 Disclosure to overseas parties
No disclosure of personal information is made to overseas unrelated entities, unless consented to or otherwise legally required. If required, BRI ensures that any required overseas disclosures do not contravene the Privacy Act. Personal information may be sent to offshore BRI related entities for administrative purposes, however, BRI maintains its protective measures required under the Privacy Act.
5. How the Personal Information is Collected and Held
5.1 Private information provided to BRI
We request personal information through questions in our Credit Applications, employment applications and commercial negotiations.
BRI maintains stringent internal protective measures so that personal information is not shared unless legally required by government authorities or under court direction. BRI has further put into place internal protective measures so that only authorised employees handle personal information and are restricted from unauthorised access, use, modification or disclosure.
Any personal information that is gathered is only used as is relevant and not excessive for the purposes from which it was required.
Personal information will only be stored as long as required for business purposes, and not for longer than necessary. Any hard or electronic copies that are made are destroyed once the information is no longer required.
Otherwise, BRI utilises professional external specialist service providers for data protection of all information. Our service providers are equally bound by the Privacy Act and its principles, including, where applicable, information to be treated as confidential under relevant agreements or otherwise in accordance with general law principles.
Any personal information that is gathered by BRI other than directly from you will be initially determined whether it is relevant to our services for you. If it is not relevant, this information will be destroyed as soon as reasonably practicable.
5.2 BRi’s Website
BRI uses cookies on its website. These cookies are to help you navigate efficiently and perform certain functions. You will find detailed information about all the cookies under separate consent categories on selecting the following icon on the landing page.
Cookies that are categorised as “Necessary” are stored on your browser as they are essential for enabling the basic functionalities of the site. Third party cookies are also used to help analyse how you use the website, store your preferences and provide content and advertisements that a relevant to you.
These cookies will only be stored in your browser with your prior consent. You can also choose to enable or disable some or all these cookies.
6. Direct Marketing
On becoming our client, BRI offers to share updates and general industry knowledge through newsletters and emails. This form of direct marketing is only offered if you have consented and may be easily unsubscribed any time.
7. If you wish to access your Personal Information
If you wish to access what personal information is held by BRI, or to correct any information held, a request may be emailed to us via the contact form here.
BRI will use best endeavours to respond within a reasonable time of the request.
If you still are unsatisfied, you also may email the Office of the Australian Information Commissioner.
8. Appendix: Summary of the APPs
The Office of the Australian Information Commissioner has provided a quick reference summary of the 13 APPs1:
Principle | Title | Purpose |
---|---|---|
APP 1 | Open and transparent management of personal information | Ensure that APP entities manage personal information in an open and transparent way. This includes having a clearly expressed and up to date APP privacy policy. |
APP 2 | Anonymity and pseudonymity | Requires APP entities to give individuals the option of not identifying themselves, or of using a pseudonym. Limited exceptions apply. |
APP 3 | Collection of solicited personal information | Outlines when an APP entity can collect personal information that is solicited. It applies higher standards to the collection of sensitive information. |
APP 4 | Dealing with unsolicited personal information | Outlines how APP entities must deal with unsolicited personal information. |
APP 5 | Notification of the collection of personal information | Outlines when and in what circumstances an APP entity that collects personal information must tell an individual about certain matters. |
APP 6 | Use or disclosure of personal information | Outlines the circumstances in which an APP entity may use or disclose personal information that it holds. |
APP 7 | Direct marketing | An organisation may only use or disclose personal information for direct marketing purposes if certain conditions are met. |
APP 8 | Cross-border disclosure of personal information | Outlines the steps an APP entity must take to protect personal information before it is disclosed overseas. |
APP 9 | Adoption, disclosure or use of government related identifiers | Outlines the limited circumstances when an organisation may adopt a government related identifier of an individual as its own identifier, or use or disclose a government related identifier of an individual. |
APP 10 | Quality of personal information | An APP entity must take reasonable steps to ensure to personal information it collects is accurate, up to date and complete. An entity must also take reasonable steps to ensure the personal information it uses or discloses is accurate, up to date, complete and relevant, having regard to the purpose of the use or disclosure. |
APP 11 | Security of personal information | An APP entity must take reasonable steps to protect personal information it holds from misuse, interference and loss, and from unauthorised access, modification or disclosure. An entity has obligations to destroy or di-identify personal information in certain circumstances. |
APP 12 | Access to personal information | Outlines an APP entity's obligations when an individual requests to be given access to personal information held about them by the entity. This includes a requirement to provide access unless a specific exception applies. |
APP 13 | Correction of personal information | Outlines an APP entity's obligations in relation to correcting the personal information it holds about individuals. |