Privacy Policy

Privacy Policy

Castlegate James Australasia Pty Ltd Privacy Policy

Castlegate James Australasia Pty Ltd ACN (098 051 846) (“CJA” or “we”, “our” or “us”) is bound by the Privacy Act 1988 (as amended) (“Privacy Act”), including the Australian Privacy Principles. This Privacy Policy sets out how we treat the personal information that we collect, use and disclose and our procedures regarding the handling of personal and sensitive information, including the collection, use, disclosure and storage of information, as well as the right of individuals to access and correct that information.

From time to time, we may revise or update this Privacy Policy or our information handling practices. If we do so, the revised Privacy Policy will be published on our website www.CastlegateJames.com.au

CJA may collect personal information in order to conduct our business, to provide and market our products and services and to meet our legal obligations. By using our website or our services, or by providing any personal information to us, you consent to the collection, use and disclosure of your personal information as set out in this Privacy Policy.

The types of personal information we collect and hold

The types of personal information we may collect and hold includes (but is not limited to) personal information about:

  • customers, business associates and potential customers and their employees;
  • suppliers and their employees; and
  • prospective employees and contractors.

Personal information that we collect and may hold include:

  • your name, address, contact telephone number and other contact details such as your email address;
  • payment information (such as credit card or bank details);
  • other personal information required to provide our services in specific cases, for example, certain information to complete police checks and property transactions, if relevant; and
  • details of your use of our products or services.

You are not obliged to provide personal information to CJA. However in many cases, if you do not provide your personal information to us, we may not be able to supply the relevant product or service that you have requested from us.

In some circumstances, you may provide to us, and we may collect from you, personal information of a third party. Where you provide the personal information of a third party, you must ensure that the third party is aware of this Privacy Policy, understands it and agrees to accept it.

If it is necessary to provide specific services to you, we may collect sensitive information about you. Under the Privacy Act, “sensitive information” includes but is not limited to information or an opinion about an individual’s racial or ethnic origin, religious belief, or criminal record and also includes health information about an individual. However, we will only collect sensitive information from you if you agree to provide it to us, you authorise us to obtain it from a third party or where the collection of the information is required or authorised by or under an Australian law or a Court/Tribunal order or otherwise where the collection is not prohibited under the Privacy Act. We will only use sensitive information in accordance with the Privacy Act and for the purpose for which it is provided.

How personal information is collected and held by us

We collect personal information in the following ways:

  • when you fill in and return to us a signed credit application form;
  • when you fill in and return to us a signed nww vendor form;
  • when you submit personal information through our website (such as when you send us a message or fill out a form);
  • in person, for example, when you engage with our Key Account Managers;
  • when you submit personal information via email (such as when you communicate with our accounts receivable or payable teams);
  • in the course of providing products and services to you.

We may also collect information about you from third party suppliers and government database services.

We store personal information in computer storage facilities and paper-based files. We take steps to protect your personal information against loss, unauthorised access, use modification or disclosure. Some examples of the steps we take to protect your personal information include:

  • ensuring there are suitable password protection measures and access privileges in place to monitor and control access to our IT systems;
  • imposing restrictions on physical access to paper files;
  • requiring any third parties engaged by CJA to provide appropriate assurances to handle your personal information in a manner consistent with the Privacy Act; and
  • taking reasonable steps to destroy or de-identify personal information after we no longer need it for our business or to comply with the law.

Collection of personal information through website activity

Information that may identify you as a user may be gathered during your access with our website.

Our website includes pages that use ‘cookies’. A cookie is a unique identification number that allows the server to identify and interact more effectively with your computer. The cookie assists us in identifying what our users find interesting on our website.

A cookie will be allocated each time you use our website. The cookie does not identify you as an individual in our data collection process, however it does identify your Internet Service Provider.

You can configure your web browser to refuse cookies. If you do so, you may not be able to use all or part of our website.

Adoption, use and disclosure of government related identifiers

CJA, or its related body corporates in the CJA Group, may collect some personal information that is a government related identifier.

Personal information from identity documents may be provided to the document issuer or official record holder via third party systems for the purpose of confirming your identity, for example, the Australian Government’s Document Verification Service (DVS). Where CJA does collect government related identifiers, they are maintained on a separate database for audit and compliance purposes.

CJA may use or disclose a government related identifier where:

  • it is reasonably necessary for CJA to verify the identity of the individual for the purposes of our business activities or functions; or
  • as required or authorised by law or in accordance with the order of a Court or Tribunal, or where it is otherwise permitted to do so under the Privacy Act.

The purposes for which we collect, use and disclose personal information

We collect, hold, use and disclose personal information for a variety of business purposes including:

  • to provide the products or services you have requested from us;
  • to process payments;
  • to improve our business, products and services;
  • to promote our business to you;
  • to market other CJA services or products to you;
  • to handle and respond to your enquiries, complaints or concerns; and
  • to provide personal information to third parties as set out in this Privacy Policy.

Direct Marketing

We also collect, hold, use and disclose your personal information to:

  • notify you about the details of new services and products offered by us;
  • notify you of the details of meetings, events and seminars that may be of interest to CJA customers and customers;
  • send you our newsletters and other marketing publications;
  • administer our databases for client service, marketing and financial accounting purposes; and
  • to comply with our legal requirements regarding the collection and retention of information concerning the products and services that we provide.

If you do not wish to disclose your personal information for the purpose of direct marketing or you would like to opt-out of receiving direct marketing communications, you can do so by contacting the CJA Privacy Officer using the contact details set out below, or by following the instructions to unsubscribe which are contained in a communication that you receive from us.

Who do we disclose personal information to?

The CJA Group and Related Companies

The CJA Group includes our parent company Castlegate James Australasia Pty Ltd, Mi-Feed Pty Ltd and James & Son (NZ) Pty Ltd

Third Party Service Providers

We may disclose your personal information to third party service providers who assist us in providing the services you request, including public authorities and providers of information services.

We may also disclose your personal information to third parties who work with us in our business to promote, market or improve the services that we provide, including:

  • providers of customer relations management database services and marketing database services;
  • marketing consultants, promotion companies and website hosts; and
  • consultants and professional advisers.

We may also combine your personal information with information available from other sources, including the entities mentioned above, to help us provide better services to you.

Where we do share information with third parties, we require that there are contracts in place that only allow use and disclosure of personal information to provide the service and that protect your personal information in accordance with the Privacy Act. Otherwise, we will disclose personal information to others if you’ve given us permission, or if the disclosure relates to the main purpose for which we collected the information and you would reasonably expect us to do so.

Disclosure of consumer credit information

As a credit reporting agency, we may share your credit information in accordance with industry consumer credit reporting standards including:

  • Part IIIA of the Privacy Act 1988;
  • the Privacy (Credit Reporting) Code 2014, and;
  • Privacy Regulation 2013.

These standards ensure that your personal information in relation to your consumer credit is managed regarding:

  • the types of personal information that credit providers can disclose to a credit reporting body (CRB), for the purpose of that information being included in an individual’s credit report;
  • what entities can handle that information, and;
  • the purposes for which that information may be handled.

Disclosure of personal information to overseas recipients

We do not presently disclose personal information to any organisations located overseas; however, we do disclose information in Australia, for the purposes described above, to some multinational organisations that are located both in Australia and overseas, including the United Kingdom, the United States and New Zealand.

European Union – General Data Protection Regulation (GDPR)

If you are a resident of the European Union for the purposes of the GDPR, then in addition to what is set out above, the following applies to you.

CJA is a data controller and processor for the purposes of the GDPR and by your consenting to this Privacy Policy, CJA is able to process your Personal Information in accordance with this Privacy Policy.

In providing services to you, CJA may make use of a number of automated processes using your Personal Information and your activity on our site as tracked by us, in order to provide more tailored and relevant services to you.

In addition to your rights set out above, you may update or rectify any of your Personal Information that we hold about you, in the manner described in the “How you can access your personal information” paragraph above.

How we handle requests to access your personal information

You have a right to request access to your personal information which we hold about you and to request its correction. You can make such a request by contacting the CJA Privacy Officer using the contact details set out in this policy.

We will respond to any such request for access as soon as reasonably practicable. Where access is to be given, we will provide you with a copy or details of your personal information in the manner requested by you where it is reasonable and practicable to do so.

We will not charge you a fee for making a request to access your personal information. However, we may charge you a reasonable fee for giving you access to your personal information.

In some cases, we may refuse to give you access to the information you have requested or only give you access to certain information. If we do this, we will provide you with a written statement setting out our reasons for refusal, except where it would be unreasonable to do so.

How we handle requests to correct your personal information

We will take such steps (if any) as are reasonable in the circumstances to make sure that the personal information we collect, use or disclose is accurate, complete, up to date and relevant.

If you believe the personal information we hold about you is inaccurate, irrelevant, out of date or incomplete, you can ask us to update or correct it. To do so, please contact us using the contact details listed below.

If we refuse your request to correct your personal information, we will let you know why. You also have the right to request that a statement be associated with your personal information that says you believe it is inaccurate, incomplete, irrelevant, misleading or out of date.

How to contact us or make a complaint

If you have any questions about this Privacy Policy, if you wish to correct or update information we hold about you or if you wish to request access or correction of your personal information or make a complaint about a breach by CJA of the Australian Privacy Principles (including the way we have collected, disclosed or used your personal information), please contact:

CJA Privacy Officer
PO Box 1261 Robinson VIC 3019
privacy@castlegatejames.com.au
We will acknowledge and investigate any complaint about the way we manage personal information as soon as practicable. We will take reasonable steps to remedy any failure to comply with our privacy obligations. If you are unhappy with our handling of the complaint, you may contact the Australian Information Commissioner.

Last update: 30 August 2019