Stair Lock Pty Ltd (ABN 98 611 507 254) (“we”, “us”, “our”) is committed to protecting the privacy of individuals whose personal information we collect and handle. This Privacy Policy sets out how we collect, use, disclose and protect personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).
We handle personal information in an open and transparent manner and are committed to ensuring your personal information is managed in accordance with the law.
What Personal Information Is Collected
The types of personal information we may collect include:
- Identity information (e.g. name, date of birth)
- Contact details (e.g. email address, phone number, postal address)
- Identification documents (e.g. driver’s licence)
- Payment and financial information
- Employment-related medical or fitness-for-work information where reasonably necessary
- Customer enquiry and communication records
- CCTV surveillance footage captured at our premises
- Biometric Data used by factory employee clocking system for ID and attendance verification.
Sensitive information (as defined in the Privacy Act 1988 (Cth)) is not collected unless it is reasonably necessary for our business functions or required by law, and where required, consent is obtained.
How Personal Information Is Collected
We may collect personal information in a variety of ways, including:
- Directly from individuals (e.g. in person, over the phone, via email or forms)
- Through our website and online enquiry forms which may use cookies, analytics tools and similar technologies to improve website functionality. Users may adjust browser settings to refuse cookies, although some website functionality may be affected.
- Through contracts, employment applications and onboarding processes
- From third parties (e.g. agents, referral partners or service providers)
Where personal information is collected from third parties, we take reasonable steps to ensure the collection is lawful and complies with the APPs.
Purpose of Collection and Use
We collect, hold and use personal information for purposes including:
- Providing our products and services
- Verifying identity
- Processing payments and transactions
- Managing customer and supplier relationships
- Responding to enquiries and communications
- Sending marketing communications (where permitted by law)
- Internal administration and record keeping
- Complying with legal and regulatory obligations
Personal information will only be used for the primary purpose for which it was collected, or for a related secondary purpose where permitted or required by the Privacy Act 1988 (Cth) (APP 6).
Disclosure of Personal Information
We may disclose personal information to:
- IT and cloud service providers
- Payment processors and financial institutions
- Professional advisers (e.g. lawyers, accountants)
- Contractors and subcontractors
- Marketing and communications platforms
- Government and regulatory authorities, where required by law
We take reasonable steps to ensure that third parties handle personal information in accordance with applicable privacy laws. Where we disclose personal information to third parties, we seek to ensure that appropriate data handling and confidentiality obligations are in place.
Overseas Disclosure
Some of our third-party service providers may be located overseas or store data outside Australia. As a result, personal information may be disclosed to recipients in countries other than Australia.
Before disclosing personal information to an overseas recipient, we take reasonable steps (as required under APP 8) to ensure the overseas recipient does not breach the Australian Privacy Principles in relation to that information.
Direct Marketing
We may use personal information to send marketing communications about our products and services where permitted by law, including under the Spam Act 2003 (Cth) and the Privacy Act 1988 (Cth).
You may opt out of receiving marketing communications at any time by:
- Using the unsubscribe link included in our email communications; or
- Contacting us using the details set out in Section 12 of this Policy.
We will action opt-out requests promptly and in accordance with our obligations under the Spam Act 2003 (Cth).
Data Quality and Security
Personal information may be stored in electronic systems (including cloud-based systems) and in physical records.
We take reasonable steps to ensure that the personal information we hold is accurate, up to date, complete, relevant and not misleading (APP 10).
We take reasonable steps to protect personal information from misuse, interference, loss, and unauthorised access, modification or disclosure (APP 11). These steps include:
- Secure IT systems and access controls
- Password protection and multi-factor authentication measures
- Staff training and confidentiality obligations
- Secure storage of physical records
- Use of reputable and vetted third-party service providers
- Access to personal information is limited to personnel who require it to perform their duties
Where a data breach is likely to result in serious harm, Stair Lock Pty Ltd will comply with its obligations under the Notifiable Data Breaches (NDB) scheme under the Privacy Act 1988 (Cth), including notification to affected individuals and the Office of the Australian Information Commissioner where required.
Data Retention
Personal information is retained:
- Where required by law (e.g. financial and tax records must be kept for a minimum of 5 years under the Corporations Act 2001 (Cth); employment records must be kept for 7 years under the Fair Work Act 2009 (Cth) and relevant industrial instruments)
- While a customer or supplier relationship remains active
- For as long as reasonably necessary to fulfil the purposes outlined in this Policy
Specific retention arrangements for certain categories of personal information are as follows:
- CCTV footage used for workplace safety, site security, asset protection and incident investigation purposes is retained for a rolling period of 25 to 30 days on a local hard drive system, after which footage is automatically overwritten. Footage may be retained for longer where required in connection with an incident, investigation or legal matter.
- Biometric data is retained for the duration of employment or engagement. On cessation of employment or engagement, biometric data is securely deleted or de-identified in a timely manner.
When personal information is no longer required, we take reasonable steps to destroy or permanently de-identify it in a secure manner.
Access and Correction
Under APP 12 and APP 13, individuals have the right to request access to the personal information we hold about them and to request correction where information is inaccurate, out of date, incomplete, irrelevant or misleading.
To make an access or correction request, please contact us using the details in Section 12. We will respond to requests within a reasonable time (generally within 30 days).
There is no charge for making a request. A reasonable administrative fee may apply for the cost of providing access in certain circumstances (e.g. large volume requests), which will be notified to you in advance.
If we decline to provide access or make a correction, we will provide written reasons and inform you of the mechanisms available to complain about the decision.
Complaints
If you have a complaint about how we have handled your personal information, please contact us using the details in Section 12 below. We take all privacy complaints seriously.
We will acknowledge receipt of your complaint and aim to investigate and respond within 30 days. If we require additional time, we will notify you.
If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC):
- Website: www.oaic.gov.au
- Phone: 1300 363 992
- Post: GPO Box 5218, Sydney NSW 2001
Contact Details
For questions, access or correction requests, opt-out requests, or privacy complaints, please contact:
| Organisation: | Stair Lock Pty Ltd |
| Role: | HR & WHS Coordinator |
| Email: | HR@stairlock.com.au |
| Phone: | 08 8255 6188 |
| Post: | 180 Philip Highway, Elizabeth South SA 5112 |
Updates to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements or other factors. The current version of this Policy will be made available on our website at www.stairlock.com.au.