1. Policy Introduction
“Personal information” is information or an opinion about an identified individual or an individual who is reasonably identifiable, whether true or not and whether the information or opinion is recorded in a material form or not.
Imunexus is bound by the Privacy Act 1998 (Commonwealth) (Act) and the Australian Privacy Principles that are contained in that Act.
2. Collection of Personal Information
Imunexus may collect personal information about an individual in a variety of ways, including when an individual interacts with Imunexus in person or electronically, for example when an individual accesses our website.
Imunexus will only collect personal information about an individual where the information is reasonably necessary for one or more of our functions or activities. The kinds of personal information collected and held, how that information is collected and held and the purposes for which that information will be collected, held, used and disclosed will depend on the circumstances.
Examples of instances where personal information may be collected by Imunexus include:
- collecting personal information from shareholders for the purposes of enabling proper records to be kept and for reporting purposes; and
- collecting personal information from individuals who enter into service agreements, joint venture agreements or other transactions with Imunexus for the purpose of administering those agreements or transactions or for reporting purposes.
Examples of the kinds of personal information Imunexus may collect and hold include:
- phone number;
- fax number;
- email address;
- information about goods or services ordered, acquired or supplied;
- information from enquiries made;
- communications between Imunexus and an individual; and
- credit card information.
Imunexus will take reasonable steps to ensure that the personal information that is collected, used or disclosed by it is complete and up to date. Imunexus will only collect personal information about an individual from that individual unless it is unreasonable or impractical to do so.
3. Use and Disclosure of Personal Information
At or before, or if that is not practicable, as soon as practicable after, the time that the personal information is collected, Imunexus will take reasonable steps to ensure that the individual is aware of the matters required by the Australian Privacy Principles, including:
- why the personal information is being collected;
- who else the personal information might be given to;
- how to contact Imunexus, including to make a complaint.
If Imunexus collects personal information about an individual from someone else, Imunexus will take reasonable steps to ensure that the individual is aware that Imunexus has collected the information and of the above matters.
Imunexus will only use or disclose this personal information for:
- the purpose for which it was collected;
- any related purpose for which it would reasonably be expected to be used or disclosed;
- a purpose required or permitted by law; or
- a purpose for which the individual has provided consent.
Examples of instances where Imunexus may disclose personal information about individuals to third parties include disclosure to providers of services to Imunexus, government agencies, regulatory authorities, related bodies corporate of Imunexus and professional advisers of Imunexus. Imunexus requires its service providers to keep the personal information confidential and not use it for any purpose other than performing those services.
Imunexus is unlikely to disclose personal information to overseas recipients.
4. Security of Personal Information
Imunexus will take reasonable steps to ensure that the personal information that it holds is protected from misuse, interference and loss and from unauthorised access, modification and disclosure.
Imunexus will also take reasonable steps to ensure that personal information it holds that is no longer necessary for the disclosed purpose is destroyed or permanently de-identified, subject to any legal obligation to keep the personal information for any required period of time.
5. Access to, Updating and Correcting Personal Information
At the request of an individual, Imunexus will, in most circumstances, provide access to an individual to any personal information that is being held by Imunexus about that individual.
There are certain circumstances where Imunexus will not provide an individual access to such personal information in accordance with the Act. These circumstances include where providing access would have an unreasonable impact on the privacy of others, where providing access would reveal commercially sensitive information about the organisation or where providing access would be unlawful.
An individual can seek access to, and update or correct, any personal information that is being held by Imunexus about that individual by contacting us here.
6. Amendment of Policy
Imunexus may amend this Policy from time to time.
7. Intranet and Website
This Policy as amended from time to time is to be placed on the Imunexus intranet and website and is also available upon request.
8. Concerns, Queries and Complaints
If a person has any concern, query or complaint about:
- any personal information that may have been collected, used or disclosed by Imunexus;
- a breach of the Australian Privacy Principles,
they are to be referred to the Company Secretary/Chief Financial Officer.
Imunexus takes complaints very seriously and will respond shortly after receiving written notice of the complaint.
Approved 12 March 2014.