Policies

In this Policy, “Flagstaff”, “we”, “us” and “our” refer to Flagstaff Partners Pty Ltd (ABN 52 132 820 985 and AFSL No. 348370) and its related bodies corporate. Flagstaff is committed to protecting the privacy of our clients, personnel and all other parties that interact with us. The purpose of this Policy is to explain:

• the kinds of personal information about you that we may collect and hold;
• how we collect and hold personal information;
• the purposes for which we collect, hold, use and disclose personal information;
• how we protect your personal information;
• how you can access personal information we hold about you; and
• who you can contact if you have questions or complaints about our handling of your personal information.

This Policy applies to all personal information collected by us, including via our website or under any agreement or arrangement you have with us. We are subject to the Australian Privacy Principles in the Privacy Act 1988 (Cth).

We will collect and hold personal information:

• if you have provided it to us, for example, in person or by contacting us via ourwebsite or by phone, email or post;
• when that personal information is reasonably necessary to provide services to youor an organisation you work for;
• when that personal information is reasonably necessary to engage in other businessdealings with you or an organisation you work for (for example, if you or youremployer is our supplier or is party (or a potential party) to a transaction with ourclient);
• to the extent reasonable necessary if you work for us, or if you apply to or inquireabout working with us;
• for other purposes connected to the above purposes; and
• where required by or authorised under law.

The types of personal information we will collect about you commonly include your name, address, telephone numbers and email addresses. We may also collect details about your employment, such as which organisation you work for and your title. If you work with us or apply to do so, we may collect certain sensitive information about you, such as memberships of professional or trade associations and police records. We may also collect your tax file number, bank account and superannuation fund details and details of past employment. We will generally collect personal information directly from you, but we may sometimes need to source personal information about you from another person or organisation. For example, if you apply to work with us, we may collect personal information from a past employer, recruitment agency or other service provider. We will take steps that are reasonable in the circumstances to ensure that the personal information about you that we collect is accurate, up-to -date and complete. You may chose to remain anonymous or to use a pseudonym when dealing with us, except if we are required by law to ascertain your identity or where it is not practical for us to deal with you unless you have identified yourself. We do not use cookies on our website for tracking or analytical purposes or to remember user preferences or enhance user experience. The only cookie used on our website is a legacy feature which has no current active purpose and may be disabled without impacting user experience. We do use standard web server log files on our website, which log user activity (including users’ IP addresses, browser types and dates and times of access). This information may be used for website security purposes (for example, security audits or to block malicious users).

We will use and disclose your personal information:

• for the primary purpose for which it was collected;
• for any other purpose you have agreed to;
• for related secondary purposes (for example, in relation to a complaint or dispute about our services); and
• in other circumstances where the Australian Privacy Principles authorise us to do so, such as when it is required by or authorised under law.

We sometimes engage contractors to provide services to us and in some situations these contractors handle personal information we hold. Our contractors are subject to strict requirements of confidentiality and proper use. We may use your personal information for the purpose of personally inviting you to an event. We do not use personal information for direct marketing purposes. Nor do we disclose personal information to other people or organisations for the purpose of allowing them to direct market their products and services to you. We do not disclose your personal information to entities located outside Australia, unless specifically arranged with you. Our website is hosted in the United States and the limited use of cookies and logging technology on our website is described in section 2 of this Policy. We will take reasonable steps to ensure that personal information about you that we use or disclose is accurate, up-to-date, complete and relevant.

Your personal information is generally held in our physical files or on our computer database. Your personal information may also be stored in our on-site computer back-up system or hard copy archives. We take reasonable steps to protect the confidentiality and security of personal information that we hold. Access to this information is limited and we have policies and other measures in place to protect it. For example, our personnel are subject to strict requirements of confidentiality and proper use; we have secure offices and document storage equipment; we use user identifiers and passwords to control access to our computer system; and certain types of documents (electronic and hard copy) are accessible only by certain personnel and protected by locks or restricted access to electronic folders.

If you ask us to, we will:

• provide you with access to personal information we hold about you, unless an exception under Australian Privacy Principle 12 applies (for example, where providing access would have an unreasonable impact on the privacy of others or would breach a confidentiality obligation); or
• take reasonable steps to correct personal information we hold about you that you believe is inaccurate, out-of-date, incomplete, irrelevant or misleading.

Your request will be addressed within a reasonable time after it is received. If we deny your request for access or correction, we will provide you with our written reasons and explain how you can complain if you are not satisfied with our decision.

If you have questions about our handling of your personal information, wish to gain access or request correction, or if you believe we may have breached the Australian Privacy Principles, you can contact us on the details provided in section 8 of this Policy. We will consider the matter and respond to you as soon as we reasonably can. Where you have made a complaint, this may include investigating the matter before responding to you with a suggested resolution. If we do not respond to your complaint within 30 days or if you are not satisfied with our response, you may complain to the Office of the Australian Information Commissioner (OAic). Further information on how to do this can be found by visiting the OAIC’s website at https://www.oaic.gov.au/ or by calling the OAIC on 1300 363 992.

We may review and update this Policy from time to time to ensure it meets our legal obligations and accurately reflects our personal information handling practices. An up-to -date copy of this Policy will be posted on our website at http://www.flagstaffpartners.com/ and is also available free of charge on request.

The Compliance Officer Phone: +61 3 9664 4555 Fax: +61 3 9664 4599 Email: info@flagstaffpartners.com