Stanwell Corporation Limited
(Cth) (Privacy Act), and has been published to provide you with a clear and concise outline of how and when personal information is collected, stored and used by us.
We are bound by the Australian Privacy Principles (APPs) in the Privacy Act
which regulate how we may collect, use, disclose and store personal information, and how individuals may access and correct personal information we hold about them.
Accordingly, Stanwell will take reasonable steps to ensure that it complies with the Privacy Act
:'information or an opinion (about an individual, or an individual who is reasonably identifiable), whether the information or opinion is true or not and whether the information or opinion is recorded in a material form or not'.
Personal information may include information such as an individual's name, address, telephone number, date of birth, gender, photos and information about an individual's opinions and what they like.
The kinds of personal information we collect
We only collect personal information that is necessary for one or more of our functions or activities.
We do not generally collect personal identifying information about individuals except when that information is provided voluntarily and in accordance with our various application forms. This may include individuals' contact details, educational qualifications, employment history and complaint details.
Once personal information has been provided to us, it will only be used for the purpose for it was collected or for related purposes which would reasonably be expected without the individuals permission unless:
- the individual has consented to the use or disclosure; or
- the use or disclosure is authorised by law; or
- we reasonably believe the disclosure is necessary to lessen or prevent a serious threat to life, health or safety.
More examples of how we might use personal information and the types of organisations we might disclose personal information to is set out below, and is also detailed in Stanwell's Privacy Procedure (refer to the 'APP 6 Use and Disclosure of Personal Information' section).
The above only relates to your personal information and does not relate to any aggregated or other information that may be developed or created internally by us, provided this other information does not identify individuals in any way whatsoever and therefore maintains our privacy commitment.
Please also note that telephone conversations with Stanwell's Trading and Financial Risk and Settlements teams may be recorded to evidence transactions with energy counterparties. Our energy counterparties have consented to the recording of telephone conversations in the ISDA Master Agreements between us and them. We confirm that we will only use the information recorded in these telephone conversations for the purposes of evidentiary transactions with energy counterparties and will not disclose the information in the telephone recordings to anyone else, except where authorised by law or where consent has been obtained from the counterparty.
How we collect personal information
We usually collect personal information directly from an individual unless it is unreasonable or impracticable to do so. For example, we may collect information directly from an individual when they complete a form (including an application for employment with us), use our website or contact us (including in writing, electronically or via telephone).
How we use and disclose personal information
It is our goal to only use the information provided to us in a manner that better provides our services to you.
In particular, we will not sell, rent or trade your personal information.
The purposes for which we may collect, use or disclose personal information include to:
- effectively conduct our business and perform our internal administration operations;
- maintain our records and internal reports;
- ensure safety / compliance at our sites through Stanwell's compliance reporting systems;
- assess an applicant's suitability for employment with us;
- maintain our relationship with you;
- respond to an individual's enquiry or request for information (please note that a request for information may be limited by the Right to Information Act 2009 (Qld));
- resolve a complaint; and
- comply with legislative and regulatory requirements and otherwise fulfil our legal obligations, including under the Work Health and Safety Act 2012 (Qld).
We will not disclose personal information other than:
- as required by law (for example, to the Australian Tax Office);
- as authorised by law (for example, to protect our interests or where we have a duty to make such disclosure);
- if consent has been provided by the individual for us to disclose their personal information;
- to any company which is a related body corporate or joint venture of Stanwell;
- to our employees, agents, and external advisers, such as lawyers, auditors, accountants and financiers; and
- to organisations who provide services to us in connection with our business, such as mailing operations, billing and debt recovery functions and information technology services (for example, mail received by Stanwell may be sorted, opened and scanned for electronic delivery to the Stanwell addressee by an external service provider).
We take reasonable steps to ensure the organisations above are bound by confidentiality and privacy obligations in relation to the protection of individuals' personal information.
How we protect the security of personal information
We may store personal information in hardcopy and/or electronic form. We take reasonable steps to protect the personal information that we hold free from misuse, loss, unauthorised access, modification or disclosure. We also take reasonable steps to securely destroy or de-identify personal information where we no longer need it for the purpose for which we collected it.
How personal information can be accessed and corrected
An individual may access, or request that we correct, the personal information that we hold about them.
It is our goal to ensure that the personal information that we hold is accurate, complete, relevant, not misleading, timely and secure, and we take reasonable steps to ensure that the personal information we collect remains accurate, up-to-date, complete, relevant and not misleading. In order for us to meet this goal, individuals should ensure that they promptly advise us:
- if there is any change to any of the details they have provided to us; or
- if it comes to their attention that we possess certain information about them that is not correct, accurate, complete, up-to-date or relevant,
so that we can continue to provide the services that we have agreed.
Individuals can contact us on the details below (please see the 'How to contact us about privacy' section) to obtain further information on how to:
- request access to the personal information that we hold about them; or
- request that we correct the personal information that we hold about them where the individual considers that the information that we hold is not accurate, complete or up-to-date.
We will allow access or use all reasonable efforts to correct the information that we hold about an individual unless we consider that the Privacy Act
or another relevant law permits or requires us to withhold the information or not make the correction.
If an individual requests us to provide them with access to personal information that we hold about them, we will provide such information within a reasonable time. We may require proof of the individual's identity before permitting access to or changing their personal records.
There is no charge for requesting access to, or correction of, personal information.
If we cannot provide an individual with access to their personal information, or cannot correct it if requested, we will provide a written notice of our reasons for refusal.
Overseas transfer and storage of personal information
We consider data sovereignty implications to be particularly important. All of our software and cloud based solutions (with the exception of one system, which is hosted in the United States) are located in Australia. Other than storing information (which is unlikely to contain personal information) in the United States, we will not transfer the personal information we collect to recipients located overseas.
An individual can make a privacy related complaint by contacting us on the details below (please see the 'How to contact us about privacy' section). We will usually respond within 30 days unless it is unreasonable in the circumstances for us to do so. Individuals may also complain to the Office of the Australian Privacy Commissioner.
Changes to this Policy
You can also phone us on (07) 3228 4333 between 9.00am and 4.00 pm Monday to Friday, or write to us at:
The Privacy Officer
Stanwell Corporation Limited
42 Albert Street
BRISBANE QLD 4000
Last updated 12 March 2014