Civium Property Group (‘the Group’) is subject to the Privacy Act 1988 (‘the Act’). The Act regulates how the Group collects, uses, stores and discloses Personal Information. In this regard, the Group is committed to protecting the privacy of its clients, maintaining the confidentiality of their Personal Information and applying the Australian Privacy Principles (‘APP’).
The Group may at times collect personal and sometimes sensitive information e.g. financial records and tax file numbers about its clients in order to provide its services. The Group is committed to only collecting Personal Information which is necessary for the provision of its services and the operation of the Group.
The provision of Personal Information by our clients is optional. However, the Group’s ability to provide its services may be limited should the client choose not to provide the required Personal Information. If that occurs, the Group may end its engagement with the client.
The Group will only collect Personal Information by lawful and fair means, and which is relevant to the scope of services required. If the need arises, further Personal Information may need to be collected from the client in the future. The Group will not collect Personal Information unless the information is reasonably necessary for the Group to conduct the client’s matter.
When the Group collects Personal Information about a client, the Group will take reasonable steps at or before the time of collection to ensure that the client is aware of certain key matters, such as:
The Group will not collect Sensitive Information unless:
Clients agree the Group can disclose Personal Information to third party’s e.g. other agents, lawyers, accountants, banks, witnesses and government agencies if it is required as part of the Group providing its services. The client will, if it requests the Group in writing, be provided with details of the recipient. The Group will use its best efforts to provide its services without the need to disclose Personal Information and will obtain consent from the client should the need for disclosure other than in the ordinary course of the provision of its services arise, except where the information must be provided by the Group under:
The Group will not use or disclose Personal Information for a secondary purpose unless:
Where the Group has used or disclosed information under (b) – (f) above, the Group will take steps as are reasonable to ensure the information is de-identified before being used or disclosed.
If the Group is required to transfer any Personal Information outside Australia, the Group will comply with the provisions of the Act which apply to cross border data flows. The Group will only transfer Personal Information overseas where the context of the matter requires it. The Group will first take reasonable steps to ensure the recipient does not breach the APPs in relation to the information, except where:
Where possible, and if directed by a client, the client will not be required to identify themselves when dealing with the Group in relation to a particular matter. The client will be required to identify themselves however where:
Generally, a client will be required to identify themselves when they are a client of the Group. However, the Group will not disclose a client’s identity to a third party unless the matter necessitates it, or as directed by the client. The Group will not adopt a government related identifier of a client (including those assigned by a state or territory) as its own.
If the Group receives unsolicited Personal Information, the Group will determine as soon as possible, whether the information is required for the client’s purposes with the Group. If the information is not required, provided it is lawful and reasonable to do so, the Group will either destroy the information, or ensure that it is made known to the client.
The Group will use all prudent methods to keep all Personal Information safe and secure from unauthorised access through the use of firewalls, anti-virus software and secure filing systems. Where the Personal Information is no longer required for the purpose for which it was disclosed, and the Group is not required by law to retain it, the Group will take reasonable steps to destroy the information.
The Group will continue to comply with its ongoing obligations under the Act to take reasonable steps to protect Personal Information from misuse, interference and loss and from unauthored access, modification and disclosure. In the event that a data breach is detected and is determined to likely result in serious harm to a client, the Group will take all reasonable steps to contain the suspected or actual breach and will notify the Office of the Australian Information Commissioner as well as the client in accordance with the Act. A formal review will be conducted by the Group following any data breach in order to investigate the cause and develop an action plan.
Clients are entitled to access their Personal Information held by the Group, provided that one of the following exceptions does not apply:
Upon request by a client for access to Personal Information, the Group will respond and provide access within a reasonable time, if it is reasonable and practical to do so. If the Group refuses to give the client access to the Personal Information for a reason detailed above, the Group must:
The Group may charge a reasonable fee to the client for costs incurred in providing the information to the client.
The Group wishes to maintain the integrity of the Personal Information that it holds by updating its databases as required. Clients are encouraged to notify the Group immediately if there is a change to their Personal Information by contacting the Group’s Privacy Officer on (02) 6162 0681.
If the Group is satisfied that Personal Information about a client held by the Group, having regard to the reason the Personal Information is held, is inaccurate, out of date, incomplete, irrelevant or misleading, or the client requests the Group to update or correct the Personal Information, then the Group will take all reasonable steps to correct the information. The client may request that the Group update the Personal Information provided by the Group to any other entity on behalf of the client.
Even if requested to do so, the Group may refuse to correct Personal Information, in which case the Group will give the client a written notice setting out:
Where the Group has refused to correct the Personal Information of a client, the client may request that the Group associate a statement with the Personal Information that the Personal Information is inaccurate, out of date, incomplete, irrelevant or misleading. The statement will be made apparent to users of the Personal Information.
Where a request is made by a client to update or attach a statement to the information, the Group will respond within a reasonable period after the request is made.
Credit card information may be obtained for payment processing only. Credit card information is not stored on the Group’s database, however receipts will be kept on file or with our accounts department.
The Group values its clients greatly. It does keep a record of clients’ names and addresses for ensuring that there is no conflict in acting for certain clients. The Group also uses this list for its own marketing and distribution of material, and as a client, unless you tell us, the Group assumes you agree to receive material from us. However, this information is not and will not be divulged outside the Group, and a client can, of course, at any time, request to be removed from any list or mail or email material, and the Group will happily do so.
The Group will promptly correct any error about a client’s Personal Information as soon as it is brought to the Group’s attention. Information on accessing Personal Information records may be obtained by contacting the Group’s Privacy Officer on (02) 6162 0681
Clients may contact the Group’s Privacy Officer on (02) 6162 0681 if a client has any concerns or complaints about the manner in which Personal Information has been collected or handled by the Group.
1 Sensitive Information means1 Personal Information means information or an opinion about an identified individual, or an individual who is reasonably identifiable: whether the information or opinion is true or not; and whether the information or opinion is recorded in a material form or not.
that is also Personal Information; or
1 Permitted General Situation means
1 Permitted Health Situation means a situation described in paragraph 16B of the APPs.