Kapitol Group acknowledges and respects the privacy of individuals. This policy explains how we deal with your personal information as you interact with us.
As a national organisation Kapitol regularly handles and transfers “personal data” (being information which is capable of identifying an individual) between Kapitol companies, including between Kapitol companies operating in other States and under other brands.
From time to time, we may change our policy on how we deal with personal data or the types of personal data which we hold.
WHAT SORT OF PERSONAL DATA DO WE COLLECT?
The personal data that we collect will vary depending on the reason for collecting the data. In all cases, we will collect personal data about an individual that is relevant to our business relationship with them. This data may include, without limitation, the individual’s name, physical address, e-mail address, telephone number, fax number, and preferences.
In some cases, we may be required to collect certain types of personal data by law.
While you are not obligated to provide any personal data to us, if you do not provide us with personal data we may not be able to provide our products and services to you or process your request.
HOW DO WE COLLECT PERSONAL DATA?
We usually collect personal data directly from the individual to whom it relates, including over the telephone, by correspondence (e.g., forms, letter, or email), electronically or in person. However, we may also collect personal data from third parties with whom we do business.
Our IT systems provide and store a variety of Sensitive Personal Information (SPI), such as information that can combine to identify an individual and which contains related “information” on the identification.
This includes information gathered on any business-related device and software, website data: including cookies, history, and favourites.
WHAT IS OUR PURPOSE FOR HANDLING PERSONAL DATA?
We use personal data to enable us to provide and improve our products and services, our use of, and methods of, communication, to undertake research and analysis, and for administrative, business-related and marketing purposes (including marketing by electronic means). Where you receive electronic marketing communications from us, you may opt out of receiving further marketing communications by following the opt out instructions provided in the communication.
We will take reasonable steps to ensure that you are aware of the purposes for which we handle that personal data, except where our collection or disclosure of the personal data is required by law.
Personal data should only be handled for purposes notified to you, any purpose that you consent to or as otherwise required by law.
DO WE DISCLOSE PERSONAL DATA TO OTHERS?
We may transfer or disclose personal data to the following parties:
- other companies in Kapitol and their employees, including companies operating in different countries;
- external service providers, such as contractors, consultants or suppliers who assist us in providing our products and services (e.g., banking, mailhouse, recruitment, call centre and technology service provider) and those that act as data processors, auditors, taxation and legal advisors;
- regulatory bodies, government agencies and law enforcement bodies; and
- other parties as permitted by law.
We may disclose, use, aggregate, anonymous, pseudonymised or de-identified information about users for marketing, advertising, research, compliance, or other purposes.
WHAT DO WE DO TO HELP PROTECT PERSONAL DATA?
We take reasonable steps protect personal data from misuse, interference or loss and unauthorised access, modification and disclosure with appropriate safeguards and security measures and restrict access to those who have a legitimate business purpose and reason for accessing it. We store most data about you in computer systems and databases operated by either us or our external service providers.
However, safeguards and security measures apply to personal data in both electronic and hard copy form we also ensure information is secured with limited access.
Personal data is only retained for as long as it is necessary for the identified purposes, to the extent necessary for purposes reasonably related to those identified purposes (for example, resolving disputes) or as required by law. Electronic data may be stored indefinitely.
HOW CAN YOU ACCESS AND UPDATE YOUR PERSONAL DATA?
Personal data should be accurate, complete and kept up to date. If you wish to request access to, correction of, an update to or erasure of your personal data, you can contact us using the contact details set out below. In most circumstances we will allow you access to your personal data (including where you wish to verify your personal data). However, access may be refused where we are permitted or required by law to refuse access to such data. If we refuse your request to access your personal data, we will provide reasons for the refusal.
You may also contact us to object to our handling of your personal data on legitimate grounds relating to your situation. We request that you provide us with as much detail as you can about the particular personal data concerned in order to help us consider and, if appropriate, action your request.
In some countries, you may be entitled to request a copy of the personal data relating to you which we hold. If you wish to exercise this right, please contact us on the details set out below.
There is no fee for requesting that your personal data be corrected or for us to make corrections. We reserve the right to charge a fee (where permissible) to cover the reasonable costs incurred by us in processing your request to access your personal data, such as photocopying, administration and postage costs.
HAVE A PRIVACY ENQUIRY?
Att: Group General Counsel
G01, 737 Bourke Street,
Docklands VIC 3008
Email: [email protected]