We recognise and value the importance of protecting your privacy. This policy has been produced by Building Communities VIC Limited (Building Communities) to provide you with information about how we manage your personal information.
Building Communities complies with the Australian Privacy Principles established under the Privacy Act 1988 (Cth) and the Privacy Amendment (Enhancing Privacy Protection) Act 2012 and with relevant state-based privacy laws (as applicable).
Building Communities is committed to managing personal information in an open and transparent way. Building Communities will provide this policy free of charge and in an appropriate format.
Whenever it is lawful and practicable, individuals will have the option of not identifying themselves by dealing with us anonymously or by using a pseudonym. This principle does not apply in relation to a particular matter if:
Information Collection
We will usually only collect your personal information directly from you, unless you have authorised a third party to provide that information to us. We will only collect, maintain and use personal information about you if it is necessary for us to adequately provide the services you have requested. Usually we will collect information through an application, enquiry or as we provide you with services throughout the course of our relationship with you.
You are not required to provide your personal information, however, without your personal information, we may be unable to provide you with products or services.
‘Personal information’ is defined as any ‘information or an opinion about an identified individual, or an individual who is reasonably identifiable:
We may collect the following types of personal information from you:
Sensitive information may also be collected about an individual:
Permitted general situations include the collection of sensitive information where Building Communities:
Unsolicited Information
Unsolicited personal information will be afforded the same privacy protection as solicited personal information. Where Building Communities receives unsolicited personal information, it must determine whether it would have been permitted to collect the information under Australian Privacy Principles. If so, our Privacy Policy will apply to that information. If the information could not have been collected under Australian Privacy Principles, Building Communities will destroy or de-identify that information as soon as practicable, but only if it is lawful and reasonable to do so
Information use
We may collect your personal information, where it is necessary for us to do so, for the following purposes:
Information disclosure
We may disclose your personal information as necessary to provide you with products or services, and to meet our regulatory obligations. The parties to whom we may disclose your personal information may include our agents, service providers who assist in banking, insurance, marketing, advertising authentication, document management, technology and data processing services; government bodies including courts and tribunals; your executor, administrator, trustee, guardian or attorney; your agents, such as financial or legal advisers.
We may disclose personal information to other entities within the Building Communities group of companies, for any of the purposes for which we may collect, use or disclose information that is set out in this policy. It is a condition of our agreement with each of our representatives and staff that they adopt and adhere to this privacy policy. If you have any concerns in this regard, you should contact us.
We may also disclose such information as required or permitted by any law, for example in response to a subpoena or to the Australian Taxation Office (ATO), following a direction issued under taxation laws, or as required for reporting purposes to other regulators.
We are unlikely to disclose personal information offshore.
In the event that any part of our business or its assets is ever sold, acquired, merged, liquidated, reorganised or otherwise transferred, we reserve the right to transfer to the extent permissible at law our user databases, together with any personal information and non-personal information contained therein to a third party acquiring the assets. While any transaction of this sort is being considered, we may also make limited relevant personal information available to prospective purchasers and legal and financial advisors and other relevant parties on a confidential basis.
Direct marketing
Subject to having your consent (which may be withdrawn) we may use the personal information collected from you for the purpose of providing you with direct marketing material or updates, such as articles that we think may be of interest to you, however you may request not to receive such information and we will give effect to that request. Please allow two weeks for your request to be actioned.
Links to third-party websites
Our website may contain links to other third-party websites. You should not assume that any linked website is operated or controlled by us. We are not responsible for the privacy practices of such other sites. We encourage you to read the privacy policies of every website that collects personal information.
Collection of non-personal information
We may collect non-personal information about users of our website, including information on which areas of the website are most often accessed and how long visitors visit those areas, and other information such as browser type, operating system, to help us manage and improve the Website.
We may store information that we collect through cookies, log files, and/or third-party site traffic software to create profiles of users generally.
“Cookies” are packets of information that enable our servers to identify and interact more effectively with users’ computers. We may utilise cookies which enable us to monitor such traffic patterns and to improve users’ future experiences of the website. A cookie does not identify the user personally, but it does identify their computer. Users can set their browser to notify them when they receive a cookie, and this will provide them with an opportunity to either accept or reject it in each instance. Rejecting cookies may have the effect of limiting access to or functionality of parts of our website.
Cookies used may be “session cookies”, which terminate once a user closes their browser. We also may use “persistent cookies” which is a small piece of text stored on a user’s computer for a defined period of time, after which the cookie is erased.
In some cases, third parties may use cookies and other technologies such as web beacons and JavaScript on our website in connection with online services like (as applicable) advertising, website analytics and surveys. This may allow them to collect information about your use of our website (including your computer’s IP address) which they may store in the United States or other countries. The use of these technologies allows them to deliver customised advertising content, measure the effectiveness of their advertising, evaluate users use of the website and other websites and provide other services relating to website activity and internet usage. Those third parties may also transfer the information they collect to others where required to do so by law, or where those others process the information on their behalf. The services we may use from time to time include Google Analytics, Google AdSense, DoubleClick, Yahoo, Adobe and Microsoft. You can find more details in the privacy policies for those services, including information on how to opt-out of certain conduct.
Like most standard website services, we use log files. This includes internal protocol (IP) addresses, browser type, internet service provider (ISP), referring/exit pages, platform type, date/time stamp, and number of clicks to analyse trends, administer the site, track users’ movement in the aggregate, and gather broad demographic information for aggregate use. IP addresses, etc. are not linked to personal information.
Holding personal information
Your personal information is generally held in a computer database, or on an Australian-only cloud hosting service. Information may also be held in your client files.
We will at all times take reasonable steps to ensure that the personal information collected and held by us is protected from misuse, loss, unauthorised access, modification or disclosure. At all times your personal information is treated as confidential and any sensitive information is treated as highly confidential. All computer-based information is protected through the use of access passwords on each computer, and through other security controls. Data is backed up each evening and stored securely off site.
In the event you cease to be a client of this organisation, any personal information we hold about you will be held securely for a period of up to seven years to comply with legislative and professional requirements. After that time the information will be destroyed.
Accessing your personal information
You may request access to your personal information at any time by contacting us on our details below, or through our website. We will require you to provide evidence of your identity, prior to providing access in accordance with this policy. We will provide you with access to information by either providing you with copies of the information requested, allowing you to inspect the information requested or providing you with an accurate summary of the information held.
We may on some cases decline to provide access, such as when the provision of access would have an unreasonable impact on the privacy of others that the request for access is frivolous or vexatious or the provision of access is unlawful. In the event we refuse you access to your personal information we will provide you with an explanation for that refusal.
Access and correction
We will try to ensure that, at all times, the personal information we hold about you is accurate and up to date. If you can provide us with evidence that any personal information we hold about you is inaccurate, incomplete or outdated and we agree that the information requires correcting, we will take all reasonable steps to correct it.
If we do not agree that your personal information requires correcting, we must, if you request, take reasonable steps to ensure that whenever your personal information is accessed or handled in the future, it is apparent that you are not satisfied as to the accuracy or completeness of the information.
How a privacy complaint may be made
We are committed to providing you with a fair and responsible system for handling complaints. If at any time you have any complaints in relation to privacy, please contact our Client Relations Officer at the contact point referred to below. We will try to resolve any concerns you may have to your satisfaction within seven days, however, if you are unhappy with our response you may ask us to conduct an internal review, lodge a complaint or you are entitled to contact the Office of the Australian Information Commissioner who may investigate your complaint further.
Our contact details
If you wish to contact us to ask a question, seek access or correction, make a complaint or request a copy of this policy in another form (which will be made free to you), you may contact us using the webform available on the contact us page.
Additional information about privacy in Australia may be obtained by visiting the web site of the Office of the Australian Information Commissioner at www.oaic.gov.au
Changes to this policy
We may update this policy from time to time. Any updates will be posted on our website, and we will publish the effective date when the policy is updated.
If you have bookmarked this policy (or our website) you will need to ensure that the bookmarked version has been updated so that you are aware of the most recent version of this policy.
Last update: 3 April 2023