Standards Australia is bound by the Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (Cth) (Privacy Act). The APPs are designed to protect the confidentiality of information and the privacy of individuals by regulating the way personal information is collected, used, disclosed and managed. Personal information is, generally speaking, information or an opinion relating to an identified, or reasonably identifiable, individual.
This policy explains the types of personal information that we may collect and hold, how that information is used and with whom the information is shared. It also sets out how you can contact us if you have any queries or concerns about this information.
Why do we collect personal information?
We collect personal information about our Members, Councillors, stakeholders, nominating organisations and committee members who are involved in standards development, as well as customers, suppliers, contractors, job applicants and other contacts to understand and meet their needs, to conduct our activities and meet legal obligations.
What personal information do we collect?
The types of personal information we may collect include contact information (such as your name, address, email address, fax and telephone number), passport details (if you are a delegate participating in overseas forums), information about your employer or the organisation that nominated you (if you are a committee member), your newsletter preferences, your committee affiliations, comments you submit by way of Public Comment and any feedback that you provide to us about our products and services, our website, or other matters.
Sometimes our activities require us to collect sensitive information. For more details, see the section ‘Sensitive information is subject to greater restrictions’, below.
What other information do we collect?
Personal information may be collected by way of forms filled out by individuals (including via online forms), surveys, emails, telephone conversations, online user-generated content and market research, face-to-face meetings and interviews. Where necessary and with your consent, we supplement the information we receive from you with information from third party sources, such as your employer or nominating organisation (if you are a committee member).
You may in some circumstances have the option of not identifying yourself or using a pseudonym when you deal with us. However, if you choose not to provide the information we need to fulfill your request for a specific product or service or to participate in standards development activities we may not be able to provide you with the requested product or service or we may not be able to allow you to participate in our activities.
In addition, Standards Australia uses the Google AMP Client ID API to consolidate information on each unique visitor to their many interactions with our site. This consolidated information provides a more accurate picture of visitor journeys and use of our services and website. The Google AMP Client ID API assigns a unique randomly generated identifier to each visitor and uses this identifier to link all activity associated with that particular visitor. The unique identifier, web analytics data and Cookies do not contain personally identifiable information such as your name or email address and therefore cannot be used to identify you.
You can find out more information on how Google uses data when you use Standards Australia’s sites or apps at www.google.com/policies/privacy/partners/.
You can find out more information on how Hotjar uses data when you use Standards Australia’s sites at https://www.hotjar.com/legal/policies/privacy. You can opt-out from having your information recorded by Hotjar by visiting Hotjar’s opt-out page and clicking “Disable Hotjar” or enabling a Do Not Track (DNT) in your browser.
How might Standards Australia use and disclose your personal information?
Standards Australia may use and disclose your personal information for the primary purpose of collection, or for reasonably expected secondary purposes which are related to the primary purpose, or for purposes to which you have consented, and in other circumstances authorised by the Privacy Act.
Generally, Standards Australia may use and disclose your personal information for a range of purposes, including to:
- provide you with our products or services that you have requested;
- respond to your queries or feedback;
- analyse and improve all aspects of our business including, but not limited to, our standards development processes, our business systems, processes, outcomes, communication, website, engagement and performance;
- facilitate your participation in standards development in various capacities, including as a committee member or submitting a comment by way of Public Comment;
- enable us and our Councillors and Members to comply with Standard Australia’s functions and requirements;
- enable our standards development work in general, such as evaluating stakeholder proposals, contacting nominating organisations, sending delegates overseas, accrediting standards development bodies and publishing information about some or all committee work to enhance transparency and thus public confidence in our processes;
- provide you with any communications or publications in which we think you might be interested, or which you have requested;
- let you know about developments in our procedures, products, services, activities and programs that might be useful to you;
- facilitate your participation in forums, social events and educational events;
- consider and manage funding applications for delegates to international and interstate committee meetings; and
- consider employment applications.
Disclosure of personal information to other parties
Standards Australia may disclose your personal information to third parties such as our members, our professional advisers, our external service providers that provide services to us (such as training, website hosting or cloud storage, distribution of newsletters, standards and other publications developed by Standards Australia, and market research), other standards development organisations, your employer or nominating organisation, government, statutory or regulatory bodies and other committee members. We may disclose your personal information for the purposes set out above.
We may disclose to the public information concerning the operation of our technical committees, including information about the members of those committees on a trial or other basis where we consider that it is appropriate to do so having regard to our public interest objectives and subject to their consent.
We may also disclose your personal information if it is required or authorised by law, where disclosure is necessary to prevent a threat to life, health or safety, or where we are otherwise permitted by the Privacy Act.
We do not sell or license your personal information to third parties.
Sensitive information is subject to greater restrictions
Some of the information we collect may be ‘sensitive information’, including information or an opinion about an individual's health, racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association or membership of a trade union that is also personal information, among other things.
Standards Australia may use and disclose your sensitive information for the primary purpose of collection, or for reasonably expected secondary purposes which are directly related to the primary purpose, or for purposes to which you have consented and in other circumstances authorised by the Privacy Act (eg where required or authorised by law to be disclosed, or where disclosure is necessary to prevent a threat to life, health or safety).
Personal information may be included in documents that are identified as Committee-in-Confidence such as:
- opinions expressed in committee meetings and recorded in the meeting minutes; and
- comments submitted as part of the standards development process where committee members can be identified.
Documents labelled as Committee-in-Confidence may be circulated within the committee or to the responsible parent committee.
Security and management of personal information
Standards Australia will take reasonable steps to protect the personal information we hold from misuse and loss and from unauthorised access, modification or disclosure. The ways we do this include:
- limiting physical access to our premises;
- limiting access to the information we collect about you (for instance, only those of our personnel who need your information to carry out our business activities are allowed access and committee members only have access to the contact details of members of their own committee and not other committees);
- requiring any third party providers to have acceptable security measures to keep personal information secure; and
- putting in place physical, electronic, and procedural safeguards in line with industry standards.
If we no longer require your personal information and are not legally required to retain it, Standards Australia will take reasonable steps to destroy or permanently de-identify the personal information.
Links from our website to other websites
Our website may contain links to third party websites. We do not operate these websites and therefore are not responsible for the collection or handling of personal information by the operators of these websites.
Accessing the information we hold about you
Under the APPs, you may be able to obtain a copy of the personal information that we hold about you. The APPs provide some exceptions to your rights in this regard. To make a request to access this information, please contact us in writing. We will require you to verify your identity and specify what information you require. We may charge a fee to cover the cost of verifying the application and locating, retrieving, reviewing and copying any material requested.
Updating your personal information
We endeavour to ensure that the personal information we hold about you is accurate, complete and up-to-date. Please contact Standards Australia at the contact address set out below if you believe that the information we hold about you requires correction or is out-of-date.
Sending information overseas
Personal information is sent overseas in limited circumstances, including to:
- Standards New Zealand which has access to committee members' personal information for the purpose of developing joint Australian/New Zealand Standards;
- committee members who reside in New Zealand, who will be provided with the contact details of other members of their committee and comments received from members of public during Public Comment, to enable their participation in standards development; and
- external service providers that assist our organisation such as with internal operations (including training, website hosting or cloud storage), market research and the distribution of our newsletters, standards and other publications by Standards Australia.
Standards Australia will not send your personal information to a recipient outside Australia without obtaining your consent or otherwise complying with the APPs.
The countries in which recipients are likely to be located include New Zealand, Switzerland, Belgium and the United States.
International Organization for Standardization, International Electrotechnical Commission and European Committee for Standardization
Standards Australia is a member of the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) and a Companion Standardization Body with The European Committee for Standardization (CEN). If you are involved in international standardisation activities (including as a delegate to any ISO, IEC or CEN committee) then Standards Australia may also use and disclose to ISO, IEC and CEN your personal information (including a name, company information, email address, physical address, telephone number, role and stakeholder category) for the purposes of the development of standards and related activities.
ISO, IEC and CEN may disclose your personal information to other countries such as those listed at:
- www.iso.org or here (being the full list of countries with an ISO member representative);
- www.iec.ch or here (being the full list of countries with an IEC member representative);
- Countries within and outside the European Union and European Economic Area where CEN members are located.
If your personal information is sent to ISO and you have any questions or concerns, you can also contact the ISO Data Protection Officer at the following email address: DataProtectionOfficer@iso.org.
If your personal information is sent to IEC and you have any questions or concerns, you can also contact the IEC Data Protection Officer at the following email address: email@example.com.
If your personal information is sent to CEN and you have any questions or concerns, you can contact CEN at the following email address: DataPrivacy@cencenelec.eu.
Updates to this Policy
If you are concerned that we have not complied with your legal rights or applicable privacy laws, you may bring a complaint internally through our complaints process or you may decide to make a formal complaint with the Office of the Australian Information Commissioner (www.oaic.gov.au) (which is the regulator responsible for privacy in Australia).
We will deal with complaints as follows:
Step 1: let us know
- If you would like to make a complaint, you should let us know by contacting our Privacy Officer (see below for contact details).
Step 2: investigation of complaint
- Your complaint will be investigated by our Privacy Officer.
- A response to your complaint will be provided in writing within a reasonable period.
Step 3: contact OAIC
- We expect our procedures will deal fairly and promptly with your complaint. However, if you remain dissatisfied, you can also contact the Office of the Australian Information Commissioner as follows:
Office of the Australian Information Commissioner (OAIC)
Complaints must be made in writing.
1300 363 992
Director of Compliance
Office of the Australian
GPO Box 5218
Sydney NSW 2001
Standards Australia Limited
GPO Box 476, Sydney, NSW, 2001
Attention: The Privacy Officer
We will endeavour to respond to all complaints and correspondence promptly.