Management of Personal Information Policy (Privacy Policy)

Similar documents
Privacy Policy. Naval Group

* Unless otherwise indicated, this policy will still apply beyond the review date.

Privacy Policy. Who we are. Definitions

EQUAL ACCESS FUNDING PTY LTD PRIVACY POLICY

All Sorts UK Limited Data Protection Policy 17 th May 2018

Privacy Policy and. Credit Reporting Policy

DATA PRIVACY & FAIR PROCESSING NOTICE

We are bound by the Privacy Act 1988 (Cth) (Act) and the Australian Privacy Principles set out in the Act.

Guide to compliance with the Australian Privacy Principles. APP 1 Open and transparent management of personal information

Arcare Aged Care APP Privacy Policy

Privacy Policy. NESS Super is committed to respecting your right to privacy and protecting your personal information.

ANZ PRIVACY POLICY PROTECTING YOUR PRIVACY _ANZ PRIVACY POLICY_77562.indd 1 29/04/2016 9:37 am

DATA PROTECTION NOTICE

Legal Compliance Education and Awareness. Privacy Act (Commonwealth)

European Union General Data Protection Regulation

Gallagher Benefit Services Pty Ltd - Privacy Policy

What types of personal information is collected and why? Our privacy commitment to you. Personal information. What is personal information?

Our privacy commitment to you. What types of personal information is collected and why? About us. Personal information. What is personal information?

Mobius Life Limited Data Privacy Notice

Newsletter NEW DATA PROTECTION REGIMES IN THE EU AND JAPAN: Similarities and Differences. Atsumi & Sakai

JPMorgan recognises the importance of the personal information we hold about individuals and the trust they place in us.

We are committed to safeguarding your personal information in accordance with the requirements of the Privacy Act 1988.

Appropriate Policy Document

The following guidelines have been developed to assist all staff with the adherence to the Privacy & Data Protection Act (Vic) 2014 (the PDP Act ).

POSITIVE SOLUTIONS FAIR PROCESSING NOTICE

IMPORTANT INFORMATION

IMB s Privacy Policy. imb.com.au ued1018. Contents. Overview. What personal information we collect

Big Web Warehouse Ltd GDPR Data Processor Policy Warehouse and Fulfilment April 2018

Fair Processing Notice

What is a Fair Processing Notice (FPN)? To ensure that we process your personal data fairly and lawfully we are required to inform you:

Privacy Policy A.P. Eagers Limited

Man and Machine - Data Protection Policy

Privacy Policy. Munich Re Australia

PRIVACY AND CREDIT REPORTING POLICY

RAMS Privacy Policy. When you trust us with your personal information, you expect us to protect it and keep it safe.

Privacy Policy Statement

Westpac Privacy Policy.

BWA Financial Group Pty Ltd Privacy Policy

Privacy Notice under the General Data Protection Regulation (GDPR)

PREPARING FOR THE EU GDPR IN RESEARCH SETTINGS

Privacy Statement v 1.1

Privacy Statement. Key Definitions. Data Controller. Processing

ANZ PRIVACY POLICY FEBRUARY 2019

AMIST Super. Privacy Policy

As a result of your visit to our websites, we may collect and store information about your visit to the websites including:

Southern Golden Retriever Rescue Data Protection Policy

STEADFAST UNDERWRITING AGENCIES PRIVACY POLICY

Privacy Policy A.P. Eagers Limited

1.1 This document is the Privacy Policy of Ricoh Australia Pty Ltd (ABN

GLOBAL DATA PROTECTION POLICY URUP

DEAL BY SEA LTD PRIVACY NOTICE

Aboriginal Housing Victoria (AHV) Privacy Policy

DATA PROCESSING TERMS DEFINITIONS

Privacy policy June 2014

ING Privacy Policy. Issued June 2017

Privacy. Policy. Purpose. Coverage. Policy. Code and version control:

We may collect personal information about you such as: Your name, current address, previous address details;

Westpac Banking Corporation Level 16, 275 Kent St Sydney NSW th January Mandatory Data Breach Notification

Privacy fact sheet 17

ASTRAZENECA GLOBAL POLICY DATA PRIVACY

ahm Privacy Policy March 2014

Banks Sheridan Limited Data Protection Privacy Policy 19 May 2018

New legislation brings changes to how data is handled

Voyages Privacy Policy

Draft Privacy Impact Assessment - Amendments to Chapter 4 of the AML/CTF Rules 25 November 2015

Privacy Policy. Brambles Limited. Instituted: 30 April 2014 {EXT }

Aegon Asset Management Europe ICAV ( the Fund ) Data Protection Policy

personal information AML information

GUIDANCE NOTE ON THE DATA PROTECTION ACT Information for clubs & county associations

GROUP PRIVACY POLICY. Adopted June 20th, 2017 by each of the Boards of Carnegie Holding AB and Carnegie Investment Bank AB (publ).

Who are we? Our commitment to protect your privacy

Data Protection Policy. Newbury Academy Trust

Privacy Notification and Consent

BDML Connect Ltd Privacy Policy_v1.0_March updated Markerstudy Group 2018 Page 1 of 11

PROTECTION OF PERSONAL INFORMATION POLICY (PoPI)

The General Data Protection Regulation (GDPR): action plan for pension scheme trustees

New Data Regulation, Brexit and the Pensions Industry.

Privacy Policy. IS Industry Fund Pty Ltd ATF Intrust Super. Revision History. The table below sets out the history of this document.

Claims Handling We process Your Personal Data in order to record and handle your insurance claim. This may include sharing your Personal Data with:

henriksen limited This document sets out how Henriksen processes data and your rights as the data subject.

CP is licenced and supervised by the Commission de Surveillance du Secteur Financier (hereinafter CSSF ).

PRIVACY STATEMENT. For further details on PCB s privacy policy contact:

Ark Syndicate Management Limited. Privacy and Transparency Notice. Version 1

DATA PROTECTION POLICY. Little Baddow Parochial Church Council

Fitzwilliam College Data Protection Policy

TEREX CORPORATION DATA PROTECTION POLICY

BOSTON CAPITAL PTY LTD ( BC ) ABN PRIVACY POLICY

This policy is also accessible on the Equestrian Australia (EA) website:

Institutional Investment Advisors Limited

PRIVACY NOTICE LAST UPDATED: SEPT. 2018

Youi s Privacy Policy

PRIVACY NOTICE Use of Information Data Controller and Data Processor

SCCCI Personal Data Protection Policy

Privacy Policy. Amendment History. Trustee Name

DATA PROTECTION STATEMENT

EMPLOYEE NOTICE OF DATA PRIVACY POLICIES AND PROCEDURES

WHAT DECISIONS WILL YOU NEED TO TAKE? GETTING READY FOR THE GDPR PART FOUR LEGAL ISSUES AND TRUSTEE DECISIONS

The Allied Group Privacy Shield Policy

Data Privacy Notice of Sumitomo Mitsui Banking Corporation, Brussels Branch ( SMBC )

Privacy & Data Protection Procedure-Box Hill Institute Group

Transcription:

Management of Personal Information Policy (Privacy Policy) Henkel Australia and New Zealand Prepared by: Reviewed by: Human Resources Henkel Australia ANZ EXCOM Henkel Australia & New Zealand Approved by: Daniel Rudolph President Henkel Australia & New Zealand 1 December 2018

Contents 1. Purpose 2. Commencement of the Policy 3. Application of Policy 4. What is Personal Information? 5. Use of Personal Information? 5.1 For what purposes does Henkel use personal information? 5.2 What kinds of personal information does Henkel collect? 5.3 How does Henkel collect personal information? 6. Direct Marketing 7. Credit Information 8. Employees 8.1 Job applicants 8.2 Access to employment records 9. Consent and withdrawal of consent 10. How long is Personal Information kept? 11. Overseas recipients of Personal Information 12. Integrity of Personal Information 12.1 Right to access and correct 12.2 Right to be forgotten 12.3 Right to object to or restrict use 13. Data breach notification regime 14. Variations 15. Availability of this Policy 16. Contact Details Henkel Australia and New Zealand Management of Personal Information Policy (Privacy Policy) 1 December 2018 Page 2 of 9

1 Purpose Henkel Australia Pty Ltd and Henkel New Zealand Limited (both, Henkel, we, us) are committed to respecting the privacy of all employees, customers and vendors, and complying with all applicable privacy laws. These are set out in: the Privacy Act 1988, which contains the Australian Privacy Principles (APPs) and in relevant privacy codes. See http://www.oaic.gov.au/privacy/privacyresources/privacy-fact-sheets/other/privacy-fact-sheet-17-australian-privacyprinciples; the Privacy Act 1993, which contains the New Zealand Information Privacy Principles (IPPs). See https://privacy.org.nz/the-privacy-act-and-codes/ (both, Privacy Acts); and where Personal Information is controlled or processed on our behalf by our parent company, Henkel AG & Co. KgaA, or another Henkel company in the European Union, the EU s General Data Protection Regulation (GDPR). See https://gdpr-info.eu/. This Policy is intended to adopt the highest applicable privacy laws in Australia and New Zealand, and incorporates the GDPR to the extent applicable. To the extent of any inconsistency with local laws (Australia and New Zealand), this Policy imposes whichever is the higher standard. Where the Acts and the GDPR use different terms with the same or a similar meaning, this Policy uses the term from the Acts. For example, the term Personal Information in the Acts has a similar definition to the term Personal Data in the GDPR in this policy Personal Information is used to apply to both terms. This Policy outlines the circumstances surrounding the management of personal information in accordance with privacy laws. 2 Commencement of Policy This Policy will commence from 1 December 2018. It replaces all other privacy and personal information management policies of Henkel. 3 Application of Policy This Policy applies to all Henkel s dealings with individuals, including employees (past and present) and prospective employees of Henkel. This Policy does not form part of any employee s contract of employment. 4 What is Personal Information? Personal information is information or an opinion about an identified individual, or an individual who is identifiable: Henkel Australia and New Zealand Management of Personal Information Policy (Privacy Policy) 1 December 2018 Page 3 of 9

(a) whether the information or opinion is true or not; and (b) whether the information or opinion is recorded in a material form or not (i.e. digitally or hard copy). Sensitive information is a special category of personal information includes information or an opinion about a person s health, race or ethnic origin, political, religious or philosophical beliefs, membership of a trade union or association, criminal record, sex life, sexual orientation and genetic and biometric information. Henkel also treats credit card or bank account information as sensitive. We will only collect a person s sensitive information where it is reasonably necessary for our business activities and with the person s consent. 5 Use of Personal Information 5.1 For what purposes does Henkel use personal information? Henkel only uses personal information which is reasonably necessary for our dealings with the relevant individual in the course of our business. In general, we use personal information for the following purposes: providing products or services that have been requested; communicating with the individual; assessing the creditworthiness of prospective customers; helping us manage and enhance our products and services, including conducting market research, analysing customer feedback and future customer needs; providing ongoing information about our products and services to individuals that we believe may be interested; complying with regulatory and legal obligations; or recruiting and managing employees and engaging contractors. In addition to the above purposes, we may also use personal information where an individual has consented to one or more specific purposes, or as necessary for compliance with our legal obligations, or otherwise for a legitimate purpose that is not overridden by the individual s fundamental rights and freedoms. 5.2 What kinds of personal information does Henkel collect? The kinds of personal information that Henkel collects will depend upon the dealings the relevant individual may have with us. We may collect information about: purchasers or potential purchasers of our products (for example, in the ordinary course of dealings, in relation to credit applications and sales and marketing and promotional activities); Henkel Australia and New Zealand Management of Personal Information Policy (Privacy Policy) 1 December 2018 Page 4 of 9

suppliers (for example, when establishing records and systems to enable payment for goods or services); job applicants (for the purposes of employment); employees (employee records); individuals as contractors (for example, when establishing records and systems to enable payment for services); or other individuals who may come into contact with us. The kinds of personal information may include, but are not limited to: information that identifies a person (for example, name, address, contact details); information about a person s financial position (creditworthiness); information about a person that is required or authorised by law; where a person is an employee or prospective employee or contractor, their date of birth, tax file number, employment history, references, educational qualifications, dependants, driver s licence, passport details, residency or visa status etc; a person s opinion about Henkel s products, services or staff. 5.3 How does Henkel collect personal information? Henkel primarily collects information directly from individuals. However, in some cases, we may receive that information from other sources, such as a third party who discloses the information to us in connection with providing a product or service requested by the individual. If Henkel collects personal information directly from an individual, we will notify the individual, at the time of collection, of the following information: Henkel s identity and the contact details of our representative who handles privacy related enquiries and requests (see 14 below); the facts and circumstances of the collection; whether and how the collection is required or authorised by law; the purposes of collection; the length of time we will keep the information; the consequences if personal information is not collected; how and to whom else we may disclose that personal information; information about our Privacy Policy, including an individual s right to access and seek correction of personal information we have about them; and Henkel Australia and New Zealand Management of Personal Information Policy (Privacy Policy) 1 December 2018 Page 5 of 9

whether we are likely to disclose personal information to overseas recipients, and if practicable, the countries where they are located (see 11. Overseas recipients of Personal Information). Where personal information has been collected indirectly (i.e. from a third party), Henkel will notify the individual of the above matters as soon as reasonably practicable, unless doing so would be impossible or involve a disproportionate effort. In addition, we will inform the individual of the source from which we obtained the information. To the extent practicable, we will also provide individuals with the option of deidentifying themselves or of using a pseudonym when dealing with us. 6 Direct marketing Henkel will provide a simple means by which individuals may opt-out of direct marketing communications. 7 Credit information Credit information may include information that has a bearing on an individual s eligibility to be provided with credit, their history in relation to credit or their capacity to repay credit. Henkel may obtain credit information directly from an individual or from a credit reporting body in connection with an application for commercial credit or provision of a guarantee relating to such an application. We will only do so where an individual has consented to the disclosure of that information. Where we obtain credit information, we will only use that information for a credit guarantee purpose, or internal management purposes that are directly related to the provision or management of any credit by it or for debt collection purposes. 8 Employees 8.1 Job applicants Henkel may collect personal information from job applicants in the course of the recruitment process. If a job applicant is unsuccessful but they would like Henkel to hold onto their application to consider them for other positions which may arise from time to time, Henkel will obtain the applicant s written consent to do so. 8.2 Access to employment records In addition to the Privacy Acts, Australia and New Zealand each have separate Acts giving employees the right to access certain statutory employment records, including: their employment agreement their time and wages records Henkel Australia and New Zealand Management of Personal Information Policy (Privacy Policy) 1 December 2018 Page 6 of 9

their leave records 9 Consent and withdrawal of consent Where Henkel relies on an individual s consent to lawfully collect and use their personal information, that consent must be explicit (i.e. not implied), freely given, informed and specific (i.e. distinguishable from consent for other matters or purposes). Individuals may withdraw their consent at any time by notifying us. We will then delete the individual s Personal Information unless we have another legitimate basis to use that information. Withdrawal of consent may mean that we will no longer be able to offer the same products and services to the individual. 10 How long is Personal Information kept? Henkel keeps personal information only as long as necessary to fulfill the purpose for which it was collected. When we no longer need it for that purpose, Henkel will destroy the information or ensure that the information is de-identified (i.e. it will no longer be possible to connect the information to the individual). Generally speaking, we keep employee records for seven years or as required by law. 11 Overseas recipients of Personal Information In some circumstances, Henkel may disclose personal information to entities or organisations in other countries (Overseas Recipients). For example, we may utilise shared service centres in Slovakia, India, Philippines, Egypt and Mexico where personal information is stored and processed. We may also disclose personal information, particularly of employees, as part of personnel management and reporting to regional operations in New Zealand, Malaysia, China, India and our head office in Germany. Henkel will take reasonable steps to ensure that Overseas Recipients comply with the laws and the GDPR in relation to that information. 12 Integrity of Personal Information 12.1 Right to access and correct Henkel takes reasonable steps to ensure that the personal information it uses is accurate, up-to-date and complete. However, where this is not the case, individuals have a number of rights they may exercise: (a) Individuals have the right to: access their personal information held by Henkel; access information about where and for what purpose we have used their information; Henkel Australia and New Zealand Management of Personal Information Policy (Privacy Policy) 1 December 2018 Page 7 of 9

correct any incorrect information; (b) If an individual makes a request for access to or correction of their personal information, Henkel will respond within a reasonable period and, if reasonable and practicable to do so, we will: provide the information, unless we consider that there is a sound and lawful reason to withhold it; correct the information, if we are satisfied the information we hold is incorrect. (c) If Henkel refuses to give access to or correct personal information as requested by an individual, we will explain our decision to the individual and advise them of mechanisms available to them to complain about that refusal. 12.2 Right to be forgotten Individuals have the right to have their personal information erased in certain circumstances, including where the information is no longer relevant to the original purpose for which it was collected or where the individual withdraws their consent. 12.3 Right to object to or restrict use Where Henkel uses personal information without the individual s consent (but pursuant to another legitimate purpose), the individual has the right to object to or restrict such use of their personal information. 13 Data breach notification regime In the event of a data breach that is likely to result in serious harm to the individual, Henkel will comply with mandatory data breach notification laws. This includes notification to the affected individual and, if the breach is in Australia, also to the Australian Information Commissioner. 14 Variations Henkel reserves the right to vary, replace or terminate this policy from time to time. 15 Availability of this policy An up-to-date version of this policy is available at www.henkel.com.au/privacy. 16 Contact details Individuals who wish to exercise any of these rights or have questions about this Policy may contact our privacy policy representative: Henkel Australia and New Zealand Management of Personal Information Policy (Privacy Policy) 1 December 2018 Page 8 of 9

Name: Nicole Trosky Telephone: +61 403 226 137 Email: nicole.t.trosky@henkel.com Henkel Australia and New Zealand Management of Personal Information Policy (Privacy Policy) 1 December 2018 Page 9 of 9

2024 © financedocbox.com Privacy Policy | Terms of Service | Feedback