1. Introduction

From 12 March 2014, the Australian Privacy Principles (APP’s) replaced the National Privacy Principles and Information Privacy Principles. These new principles apply to private sector organisations who deal with information relating to individuals. This legislation is designed to protect personal information about individuals and sets in place a framework and guidelines about how to deal with this information. APP 1.3 requires an APP entity to have a clearly expressed and up-to-date APP privacy policy describing how it manages personal information.

An APP privacy policy is a key tool for meeting APP 1’s requirements.

New Generation Power Systems Pty Ltd is dedicated to providing robust privacy policies and procedures for its staff and clients. This includes ensuring that it conforms with all required APP’s including the provision of a clearly expressed and readily available Privacy Policy. This is completed by the provision of this Privacy Policy Manual.

To assist with this compliance, New Generation Power Systems Pty Ltd ensures that all of its staff members adhere to these policies and procedures. Any breaches of these policies and procedures must be reported to the relevant staff members manager or supervisor immediately so that any appropriate measures can be taken to mitigate any issues surrounding an identified breach.

Every staff member of New Generation Power Systems Pty Ltd who handles personal information is required to have an understanding of the Australian Privacy Principles (APP’s) and the objectives of the Privacy Act generally. Where a more detailed knowledge of New Generation Power Systems Pty Ltd’s rights and responsibilities is required, the Privacy Officer will be able to provide assistance.

All staff are encouraged to discuss privacy issues with the nominated Privacy Officer.

Review

Formal review of this privacy policy shall be undertaken on a 2 yearly basis with the details of this review recorded by the Privacy Officer.

2. Australian Privacy Principles (APP’s)

The Privacy Act 1988 and the Credit Reporting Privacy Code 2014 places obligations and responsibilities on employers and employees to ensure that information collected from individuals is collected, retained and used in line with the APP’s. New Generation Power Systems Pty Ltd shall abide by the following APP’s at all times:

Further information regarding the APP’s can be obtained from the office of the Australian Information Commissioner at www.oaic.gov.au.

A copy of the APP’s as produced by the Office of the Australian Information Commissioner is attached as Appendix A.

3. Types Of Personal Information That Is Collected & Held

New Generation Power Systems Pty Ltd collects personal information for a variety of reasons. This personal information will be collected in the normal course of business and will relate to Goods and/or Services that are provided by New Generation Power Systems Pty Ltd to consumers. This information collected will be done so in the course of business where the consumer is a client of New Generation Power Systems Pty Ltd or when the consumer acts as a guarantor for another person or company that is a customer of New Generation Power Systems Pty Ltd. New Generation Power Systems Pty Ltd will not collect information that is not relevant or sensitive in nature unless it is required in the normal course of business.

The personal information that is collected may include, but will not be limited to the following;

  1. Full name
  2. Address
  3. Date of birth
  4. Credit references if applicable
  5. Publically available information which relate to the consumers activities in Australia
  6. Any information recorded in the National Personal Insolvency Index
  7. The consumer acknowledges that provided the correct Privacy Act disclosures have been made that New Generation Power Systems Pty Ltd may conduct a credit report on the consumer for the purposes of evaluating the credit worthiness of the consumer.
  8. Driver’s license details
  9. Medical insurance details (if applicable)
  10. Electronic contact details including email, Facebook and Twitter details
  11. Next of kin and other contact information where applicable

New Generation Power Systems Pty Ltd ensures that all personal information is held in a secure manner. Where applicable and to the best of New Generation Power Systems Pty Ltd’s knowledge all computers or servers have the required security protections in place to safeguard and protect any personal information that is held by New Generation Power Systems Pty Ltd.

New Generation Power Systems Pty Ltd also regularly conducts internal risk management reviews to ensure that its infrastructure (to the best of its knowledge) is secure and any identifiable risks have been mitigated as much as they can be in the normal course of business.

4. Procedures (How New Generation Power Systems Pty Ltd Handles Privacy Issues)

New Generation Power Systems Pty Ltd will collect personal information in the normal course of business. This personal information may be collected (but is not limited to) by any of the following methods;

As a consumer dealing with New Generation Power Systems Pty Ltd you hereby agree and consent to the collection, use and disclosure of your personal information. In the event that you do not wish to agree or consent to any of the above use, collection and disclosure, then New Generation Power Systems Pty Ltd warrants that any request by you to withdraw your consent or agreement shall be deemed as confirmation by you to cease any and/or all collection use and disclosure of your personal information. Request (by telephone and/or by e-mail) can be made by you to New Generation Power Systems Pty Ltd.

New Generation Power Systems Pty Ltd will ensure that any Information that is to be obtained from you is done so using New Generation Power Systems Pty Ltd’s prescribed forms which;

Authorise New Generation Power Systems Pty Ltd:

It is the responsibility of New Generation Power Systems Pty Ltd to ensure that any personal information obtained is as accurate and up to date as possible and information is only collected by lawful means.

5. Purposes For Which Information Is Collected, Held, Used And Disclosed

Personal Information can only be used to:

Relationship with Credit Reporter - In the event that notification of a default has been reported to a Credit Reporter and your credit file has been updated (including any changes to the balance outstanding or contact details), then the Credit Reporter shall be notified as soon as practical of any such changes.

New Generation Power Systems Pty Ltd will only gather information for its particular purpose (primary purpose). New Generation Power Systems Pty Ltd will not disclose this information for any other purpose unless this has been agreed to by both parties.

6. How An Individual May Access Personal Information Held, And How They May Seek Correction Of Such Information

You shall have the right to request from New Generation Power Systems Pty Ltd a copy of all the information about you that is retained by New Generation Power Systems Pty Ltd. You also have the right to request (by telephone and/or by e-mail) that New Generation Power Systems Pty Ltd correct any information that is incorrect, outdated or inaccurate.

Any requests to receive your personal information or to correct personal information should be directed to the following contact details;

The Privacy Officer
New Generation Power Systems Pty Ltd
Unit 1
12 Action Place
Wangara WA 6065
reception@newgenps.com.au
(08) 9303 2466

New Generation Power Systems Pty Ltd will destroy personal information upon your request (by telephone and/or by e-mail) or when the personal information is no longer required. The exception to this is if the personal information is required in order to fulfil the purpose of New Generation Power Systems Pty Ltd or is required to be maintained and/or stored in accordance with the law

7. How An Individual May Complain About A Breach Of The APP, And How The Complaint Will Be Dealt With

You can make a complaint to New Generation Power Systems Pty Ltd’s internal dispute resolution team (‘IDR’) regarding an interference with and/or misuse of your personal information by contacting New Generation Power Systems Pty Ltd via telephone or e-mail.

Any complaints should be directed to the following contact details in the first instance;

The Privacy Officer
New Generation Power Systems Pty Ltd
Unit 1
12 Action Place
Wangara WA 6065
reception@newgenps.com.au
(08) 9303 2466

In your communication you should detail to New Generation Power Systems Pty Ltd the nature of your complaint and how you would like New Generation Power Systems Pty Ltd to rectify your complaint.

We will respond to that complaint within 7 days of receipt and will take all reasonable steps to make a decision as to the complaint within 30 days of receipt of the complaint.

We will disclose information in relation to the complaint to any relevant credit provider and or CRB that holds the personal information the subject of the complaint.

In the event that you are not satisfied with the resolution provided, then you can make a complaint to the Information Commissioner on the OAIC website at www.oaic.gov.au

8. Will Personal Information Be Disclosed To Overseas Recipients

New Generation Power Systems Pty Ltd does not disclose information about the consumer to third party overseas recipients unless specifically agreed to by both parties in writing. New Generation Power Systems Pty Ltd will notify you if circumstances change regarding overseas disclosure and will comply with the Act in all respects

Unless otherwise agreed, New Generation Power Systems Pty Ltd agrees not to disclose any personal information about the Buyer for the purpose of direct marketing. You have the right to request (by telephone and/or by e-mail) that New Generation Power Systems Pty Ltd does not disclose any personal information about you for the purpose of direct marketing

9. Availability Of This Privacy Policy Manual

This Privacy Policy manual is available to all customers of New Generation Power Systems Pty Ltd. It will be made available (where applicable) on New Generation Power Systems Pty Ltd’s website.

This manual will also be available upon request at New Generation Power Systems Pty Ltd’s business premises and is available to be sent to you if required.

If you require a copy of this Privacy Policy please make a request utilising the following contact information in the first instance;

10. Privacy Officer (Responsibilities)

New Generation Power Systems Pty Ltd has appointed an internal Privacy Officer to manage its privacy matters. The name of this officer is available by making contact with New Generation Power Systems Pty Ltd. The privacy officers duties include (but are not limited to) the following;

The Privacy Officer needs to be familiar with the APP’s. Educational material is available from the office of the Privacy Commissioner which explains what New Generation Power Systems Pty Ltd needs to know in order to comply with the Privacy Act.

If a person complains to the Privacy Commissioner that New Generation Power Systems Pty Ltd has breached their privacy, the Information Commissioner may contact the Privacy Officer to discuss the complaint, and to see whether there is any means of settling the matter. The Privacy Officer shall provide whatever assistance is necessary. The Privacy Officer may be asked to provide background information or identify the staff members who can do so.

APPENDIX A - INFORMATION PRIVACY PRINCIPLES

Part 1 – Consideration Of Personal Information Privacy

Australian Privacy Principle 1 – open and transparent management of personal information



APP Privacy policy Availability of APP privacy policy etc.

Australian Privacy Principle 2 – anonymity and pseudonymity

Part 2 – Collection Of Personal Information

Australian Privacy Principle 3 – collection of solicited personal information

Personal information other than sensitive information Sensitive information Means of collection Solicited personal information

Australian Privacy Principle 4 – dealing with unsolicited personal information

Australian Privacy Principle 5 – notification of the collection of personal information

Part 3 – Dealing With Personal Information

Australian Privacy Principle 6 – use or disclosure of personal information
Use or disclosure

Written note of use or disclosure Related bodies corporate Exceptions

Australian Privacy Principle 7 – direct marketing

Direct marketing

Exceptions – personal information other than sensitive information Exception – sensitive information Exception – contracted service providers Individual may request not to receive direct marketing communications etc. Interaction with other legislation

Australian Privacy Principle 8 – cross-border disclosure of personal information

Note: For permitted general situation, see section 16A.

Australian Privacy Principle 9 – adoption, use or disclosure of government related identifiers

Adoption of government related identifiers Use or disclosure of government related identifiers Note 1: An act or practice of an agency may be treated as an act or practice of an organisation, see section 7A. Note 2: For permitted general situation, see section 16A. Regulations about adoption, use or disclosure

Part 4 – Integrity Of Personal Information

Australian Privacy Principle 10 – quality of personal information

Australian Privacy Principle 11 – security of personal information

Part 5 – Access To, And Correction Of, Personal Information

Australian Privacy Principle 12 – access to personal information

Access Exception to access – agency Exception to access – organisation Dealing with requests for access

Australian Privacy Principle 13 – correction of personal information

Correction

The information provided in this fact sheet is of a general nature. It is not a substitute for legal advice.

© Copyright EC Credit Control 1999 2014