This Privacy Policy sets out the approach in which The Affinity Partnership Pty. Ltd (Need to Know Research) will take in relation to the treatment of Personal Information. It includes information on how Need to Know Research collects, uses, discloses and keeps secure, individuals’ personal information. It also covers how Need to Know Research makes the personal information it holds available for access to and correction by the individual.
1. COLLECTION
1.1 Need to Know Research will only collect Personal Information where the information is necessary for Need to Know Research to perform one or more of its functions or activities. In this context, “collect” means gather, acquire or obtain by any means, information in circumstances where the individual is identifiable or identified.
1.2 Need to Know Research collects Personal Information primarily on behalf of our customers or uses Personal Information provided by our customers, their employees, contractors and third party suppliers, for the provision of marketing products and services. Need to Know Research also collects and uses Personal Information for secondary purposes, including:
1.3 Need to Know Research will notify individuals of the matters listed below at the time of collecting any Personal Information:
1.4 Where it is not practicable for Need to Know Research to notify individuals of all of the Collection Information before the collection of Personal Information, Need to Know Research will ensure that individuals are notified of the Collection Information as soon as possible after the collection.
1.5 Need to Know Research will not collect Sensitive Information from individuals except with express consent from the individual and only where it is necessary for Need to Know Research to collect such information for an activity or function.
1.6 Need to Know Research will not collect Personal Information secretly or in an underhanded way.
1.7 Need to Know Research will take steps to ensure that individuals on purchased lists are or have been notified of the information as outlined at 1.3.
2. USE
2.1 Need to Know Research will obtain an individual’s consent for Use of non-sensitive Personal Information for Secondary Purposes at the time of collection, unless the Use is a related Secondary Purpose, which would be within the relevant individual’s Reasonable Expectations.
2.2 Need to Know Research Uses Personal Information primarily for the purposes listed in 1.2 above.
2.3 If Need to Know Research relies on the Direct Marketing exception to Direct Market to individuals it will ensure that: individuals are clearly notified of their right to Opt Out from further Direct Marketing; and if the individual Opts Out of all Direct Marketing the Opt Out will be respected by Need to Know Research and implemented free of charge.
2.4 Need to Know Research will not use Sensitive Information for Direct Marketing.
2.5 Need to Know Research may use Personal Information to avoid an imminent threat to a person’s life or to public safety. It may also use Personal Information for reasons related to law enforcement or internal investigations into unlawful activities.
2.6 Need to Know Research will not use Personal Information without taking reasonable steps to ensure that the information is accurate, complete and up to date.
2.7 Need to Know Research will not attempt to match de-identified or anonymous data collected through surveys or such online devices as “cookies”, with information identifying an individual, without the consent of the relevant individual.
3. DISCLOSURE
3.1 Need to Know Research may Disclose Personal Information to related or unrelated third parties if consent has been obtained from the individual.
3.2 Need to Know Research may Disclose Personal Information to unrelated third parties to enable outsourcing of functions where that Disclosure or Use is for a related Secondary Purpose and has been notified to individuals or where such Disclosure is within the individual’s Reasonable Expectations.
3.3 Need to Know Research will take reasonable steps to ensure that its contracts with third parties include requirements for third parties to comply with the Use and Disclosure requirements of the Privacy Act.
3.4 In the rare event that Need to Know Research is required to disclose Personal Information to law enforcement agencies, government agencies or external advisors, Need to Know Research will only do so in accordance with the Privacy Act or any other relevant Australian legislation.
3.5 Need to Know Research may Disclose Personal Information to avoid an imminent threat to a person’s life or to public safety.
3.6 If a Disclosure is not for a Primary Purpose; is not for a related Secondary Purpose; or upfront consent has not been obtained, Need to Know Research will not Disclose Personal Information otherwise than in accordance with the exceptions set out at 3.1 to 3.5 above.
3.7 Need to Know Research does not generally share its customer lists on a commercial basis with third parties but if it did, it would only do so if we had the appropriate consent of the individual involved.
4. INFORMATION QUALITY
4.1 Need to Know Research will review, on a regular and ongoing basis, its collection and storage practices to ascertain how improvements to accuracy can be achieved.
4.2 Need to Know Research will take steps to destroy or de-identify Personal Information after as short a time as possible and after a maximum of seven years, unless the law requires otherwise.
5. INFORMATION SECURITY
5.1 Need to Know Research requires employees and contractors to perform their duties in a manner that is consistent with Need to Know Research’s legal responsibilities in relation to privacy.
5.2 Need to Know Research will take all reasonable steps to ensure that paper and electronic records containing Personal Information are stored in facilities that are only accessible by people within Need to Know Research who have a genuine “need to know” as well as “right to know”.
5.3 Need to Know Research will review, on a regular and ongoing basis, its information security practices to ascertain how ongoing responsibilities can be achieved and maintained.
6. ACCESS AND CORRECTION
6.1 Need to Know Research will allow its records containing Personal Information to be accessed by the individual concerned in accordance with the Privacy Act.
6.2 Need to Know Research will correct its records containing Personal Information as soon as practically possible, at the request of the individual concerned in accordance with the Privacy Act.
6.3 Individuals wishing to lodge a request to access and/or correct their Personal Information should do so by contacting Need to Know Research.
6.4 Need to Know Research may charge a fee for processing an access request.
7. OPENNESS
7.1 Contact with Need to Know Research via phone or web inquiry will be the first point of contact for inquiries about privacy issues.
7.2 Any formal privacy related complaints should be directed in writing to the Need to Know Research Privacy Officer, 212 Flood Street, Leichhardt, NSW 2040.
7.3 Need to Know Research will endeavor to manage any privacy related complaints efficiently and in a timely manner.
7.4 Need to Know Research websites will contain a prominently displayed privacy statement and will include a copy of this Need to Know Research Privacy Policy.
8. ANONYMOUS TRANSACTIONS
8.1 Need to Know Research will not make it mandatory for visitors to its websites to provide Personal Information unless such Personal Information is required to answer an inquiry or provide a service.
8.2 Need to Know Research will allow its customers to transact with it anonymously wherever that is reasonable and practicable.
9. TRANSFERRING PERSONAL INFORMATION OVERSEAS
9.1 Need to Know Research generally does not send information overseas.
9.2 If Personal Information must be sent by Need to Know Research overseas for sound business reasons, Need to Know Research will require the overseas organisation receiving the information to provide a binding undertaking that it will handle that information in accordance with the National Privacy Principles, preferably as part of the services contract.
10. GLOSSARY
Collection of Information means the information outlined in 1.3 notified to individuals prior to, or as soon as practical after, the collection of their Personal Information.
Direct Marketing means the marketing of goods or services through means of communication including written, verbal or electronic means. The goods or services that are marketed may be those of Need to Know Research or a Related Body Corporate or those of an independent third party organisation.
Disclosure generally means the release of information outside Need to Know Research, including under a contract to carry out an “outsourced function”.
Opt Out means an individual’s expressed request not to receive further Direct Marketing. Personal Information means information or an opinion (including information or an opinion forming part of a database), whether true or not and whether recorded in a material form or not, about an individual whose identity is apparent, or can reasonably be ascertained from the information or opinion.
Primary Purpose is the dominant or fundamental reason for information being collected in a particular transaction.
Reasonable Expectation means a reasonable individual’s expectation that their personal information might be Used or Disclosed for a particular purpose.
Sensitive Information means:
1. Information or an opinion about an Individual’s:
2. Health Information about an individual; or information or an opinion about: the health or a disability (at any time) of an individual; or
Use means the handling of Personal Information within Need to Know Research.
CONTACTING Need to Know Research
If you require further information regarding Need to Know Research’s Privacy Policy,
Telephone: 02 8354 4400
Email: hello@needtoknowresearch.com.au
Visit: Level 3, 50 Stanley Street, Darlinghurst NSW 2010