1.1 The policy sets out guidelines to assist O’Maras and its employees to comply with the requirements of the Privacy Act 1998 (Cth) (“Privacy Act”) and the Australian Privacy Principles (“APPs”) in relation to the collection, storage, use and disclosure of records containing personal information. O’Maras Valuers and Auctioneers (“O’Maras”) is committed to protecting the privacy of the personally identifiable information that it collects from individuals.
2.1 This policy applies to the collection, storage, use and disclosure by O’Maras (or a person acting on behalf of O’Maras) of records containing an individual’s Personal Information in Australia.
2.2 This policy does not apply to an Employee Record or information related to O’Maras’ employment relationship with the employee.
3.1 Employee Record means a record of Personal Information relating to the employment of an O’Maras employee.
3.2 Personal Information includes information or an opinion about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion.
3.3 Sensitive information includes health information, genetic information or personal information about an individual’s racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual preferences or practices or criminal record.
4.1 Open and Transparent Management of Personal Information
4.1.1 The purpose of this Policy is to provide information about the management of Personal Information by O’Maras in an open and transparent manner.
4.1.2 O’Maras will make this Policy available to anyone who asks for it. It is also displayed on our website and other prominent locations.
4.1.3 O’Maras may review this Policy from time to time. Accordingly, we recommend you review this Policy for changes at regular intervals.
4.2 Anonymity and Pseudonymity
4.2.1 Where it is lawful and practicable, individuals will have the option of not identifying themselves or using a pseudonym when entering into transactions with O’Maras, although there are few circumstances in which anonymity would be appropriate.
4.3 Collection of Solicited Personal Information
4.3.1 How does O’Maras collect Personal Information?
126.96.36.199 When individuals use the O’Maras website and/or when individuals transact with O’Maras online or otherwise, individuals may provide O’Maras with Personal Information. Some information is required as a prerequisite to an individual being able to participate in an online auction.
188.8.131.52 Individuals are not required to provide O’Maras with Personal Information however, in some cases if Personal Information is not provided, O’Maras may not be able to provide you with our products and services or respond to your enquiry. If an individual provides Personal Information, then the individual agrees to the Personal Information being collected, held, used and disclosed in accordance with this Policy.
184.108.40.206 O’Maras may collect Personal Information in various ways, including via telephone, our website, our online programs or social media platforms, registration to O’Maras subscription services, hard copy forms or email. Where possible, O’Maras will collect this information directly from the individual.
220.127.116.11 There may be limited occasions when O’Maras collects Personal Information from someone else. This may include collection from anyone you have authorised to deal with O’Maras on your behalf, agents or related entities in which case, O’Maras will take reasonable steps to contact you if it is unclear whether you have consented to the disclosure of the information.
4.3.2 What information does O’Maras collect?
18.104.22.168 Personal information must not be collected unless the information is necessary for one or more of O’Maras’ functions or activities. Personal information will only be collected by lawful and fair means, unless it is unreasonably or impracticable to do so.
22.214.171.124 The types of information O’Maras collects includes information necessary for O’Maras to provide individuals with products and services or to respond to queries the individual has requested.
126.96.36.199 O’Maras generally collects and holds Personal Information including an individual’s name, address, date of birth, contact details (such as phone number, fax number and/or email address), country, preferred language, credit/debit information, purchasing history, purchase preferences, interests, employer name, licences (as required under any health and safety legislation), feedback/opinions about our services.
188.8.131.52 O’Maras will only collect Sensitive Information where an individual has provided consent to do so.
184.108.40.206 O’Maras may collect and hold Sensitive Information from an individual subject to paragraph 220.127.116.11 of this Policy.
18.104.22.168 O’Maras will not collect Sensitive Information about an individual unless:
- a) The individual has consented; and
- b) The information is reasonably necessary for one or more of O’Maras’ functions or activities; and
- c) The collection is required by law; or
- d) The collection is necessary for a permitted general situation or a permitted health situation as prescribed by the Privacy Act.
4.4 Dealing with Unsolicited Personal Information
4.4.1 Where O’Maras receives unsolicited Personal Information, O’Maras will determine whether the information may have been obtained if the Personal Information had been solicited. Where O’Maras could not have otherwise solicited the information and the information is not contained in a Commonwealth record, O’Maras will take reasonable steps to destroy or de-identify Personal Information.
4.5 Notification of the Collection of Personal Information
4.5.1 At or before the time, or as soon as practicable thereafter, O’Maras collects Personal Information, it will notify the individual in accordance with the APPs taking such steps as are reasonable in the circumstances.
4.6 Use and Disclosure of Personal Information
4.6.1 O’Maras may use your information for the purpose for which it was provided, any related purpose (the secondary purpose) in accordance with the below and as permitted by law.
4.6.2 O’Maras collects Personal Information for purposes including:
- a) To carry out O’Maras functions and activities;
- b) Responding to enquiries;
- c) Provision, or promotion of O’Maras’ goods and services (i.e. upcoming auction details);
- d) To enable individuals to bid on auction items;
- e) Maintaining/administering accounts and processing authorised payments;
- f) Health and safety, for example, contractor engagements;
- g) For market research;
- h) Customer service;
- i) To consider employment applications;
- j) To participate in competitions or other marketing initiatives;
- k) Quality assurance and training purposes;
- l) Any other purposes identified at the time of collecting the information
4.6.3 O’Maras will not use or disclose Personal Information about an individual for a purpose (the secondary purpose) other than the primary purpose of collection unless:
a) both of the following apply:
the secondary purpose is related to the primary purpose of collection and, if the personal information is Sensitive Information, directly related to the primary purpose of collection; and the individual would reasonably expect O’Maras to use or disclose the information for the secondary purpose;
- b) The individual has consented to the use or disclosure;
- c) The use or disclosure is necessary for a permitted general situation or a permitted health situation as prescribed by the Privacy Act;
- d) O’Maras has reason to suspect that unlawful activity has been, is being or may be engaged in, and uses or discloses the Personal Information as a necessary part of its investigation of the matter or in reporting its concerns to relevant persons or authorities;
- e) The use or disclosure is required or authorised by or under law;
- f) The use or disclosure is not inconsistent with the requirements of the Privacy Act.
4.6.4 O’Maras may disclose Personal Information to others in order to carry out its activities and functions including disclosure to:
- a) External IT providers, online bidding provider, Proxibid and other third party service providers (i.e. lawyers, accountants, other professionals);
- b) Mailing houses and marketing companies;
- c) Contractors and service providers who perform services on behalf of O’Maras;
- d) Government bodies, regulators, authorities or any other party where required by law;
- e) Related body corporate of O’Maras where in compliance with the APPs and this Policy.
4.6.5 O’Maras will only use and disclose your Sensitive Information for the purpose(s) for which it was initially collected, other directly related purposes or purposes to which you otherwise consent.
4.7 Direct Marketing
4.7.1 O’Maras will only use Personal Information about an individual for the purpose of direct marketing in permitted circumstances set out in the APPs.
4.7.2 An individual may request not to receive direct marketing communications in accordance with the APPs. Where an individual does not elect to opt out of receiving marketing and promotional information then O’Maras will assume an individual has implied consent to receive information and communications in the future.
4.7.3 If an individual does not wish to receive direct marketing communications from us, please contact O’Maras on the contact details provided in this Policy.
4.8 Cross Border Disclosure of Personal Information
4.8.1 O’Maras will transfer Personal Information about an individual to someone or an organisation (including a related body corporate) who is in a foreign country only if:
- a) O’Maras reasonably believes that the recipient of the information is subject to a law, binding scheme or contract which effectively upholds principals for fair handling of the information that are substantially similar to the APPs; or
- b) The individual consents to the transfer; or
- c) O’Maras has taken reasonable steps prior to the transfer of the Personal Information to ensure that the information that it has transferred will not be held, used or disclosed by the recipient of the information inconsistently with the APPs;
- d) The disclosure is necessary for a permitted general situation as prescribed by the Privacy Act; or
- e) The disclosure of the information is required or authorised by or under an Australian law.
4.9 Adoption, Use or Disclosure of Government Related Identifiers
4.9.1 O’Maras will not adopt a government related identifier as its own identifier except as permitted or required by law.
4.9.2 O’Maras will not use or disclose a government related identifier of an individual unless the use or disclosure is reasonably necessary for O’Maras to verify the identity of the individual for the purposes of O’Maras’ activities or functions or as permitted by law or in circumstances of a permitted general situation as prescribed by the Privacy Act.
4.9.3 An identifier may include a number or reference that has been assigned by a third party i.e. TFN.
4.10 Quality of Personal Information
4.10.1 O’Maras will take reasonable steps to make sure that the Personal Information it collects, uses or discloses is accurate, complete and up-to-date. However, O’Maras relies on individuals to advise it of any changes to their information or corrections to the information that it holds.
4.10.2 Please let us know as soon as possible if there are any changes to your Personal Information or if you believe the information we hold about you is not accurate, complete or up-to-date. You can do this by contacting O’Maras as set out in this Policy.
4.11 Security of Personal Information
4.11.1 O’Maras will take reasonable steps to protect the Personal Information it holds from misuse, interference and loss and from unauthorised access, modification or disclosure other than in accordance with this Policy.
4.11.2 O’Maras will take reasonable steps to destroy or permanently de-identify Personal Information if it is no longer needed for any purpose and it is not required by law to be retained.
4.11.3 However, no data protection and security measures are completely secure. Despite all the measures O’Maras has put in place, we cannot guarantee the security of information particularly in relation to transactions over the internet.
4.11.4 Accordingly, any information transmitted to O’Maras is transmitted at an individual’s own risk. Individuals must take care to ensure protection of their information (i.e. by protecting usernames and passwords etc) and notify O’Maras as soon as possible after an individual becomes aware of any potential or actual security breaches.
4.12 Access to Personal Information
4.12.1 If O’Maras holds Personal Information about an individual, it will provide the individual with access to the information on request by the individual, except where this impinges on the rights owed to a body corporate or individual or where O’Maras considers that there are other reasonable grounds not to provide access in accordance with the APPs.
4.12.2 Where O’Maras declines a request to provide such information, it will provide the reasons for this to the individual unless it would be unreasonable to do so. An individual may lodge a complaint in respect of any refusal in accordance with this Policy.
4.12.3 Upon request from an individual, O’Maras will give access to the information in the manner requested by the individual if it is reasonable and practicable to do so within a reasonable period after the request is made.
4.12.4 O’Maras may impose a reasonable charge for the provision of access to the Personal Information although no charge will apply to the making of the request.
4.13 Correction of Personal Information
4.13.1 Where O’Maras holds Personal Information and it is satisfied that the information is inaccurate, out-of-date, incomplete, irrelevant or misleading or the individual requests O’Maras to correct the information, then O’Maras will take reasonable steps to correct that information.
4.13.2 Where O’Maras declines a request to correct such information, it will provide the reasons for this to the individual unless it would be unreasonable to do so. An individual may lodge a complaint in respect of any refusal in accordance with this Policy.
4.14 Complaint Handling
4.14.2 You will need to provide us with sufficient details regarding your complaint, as well as, any supporting evidence and/or information.
4.14.3 O’Maras will investigate your complaint and will notify you in writing of the determination. If you are not satisfied with O’Maras determination, you can contact us to discuss your concerns or complain to the Australian Privacy Commissioner.
Phone: 02 9555 7000
Privacy Act 1988 (Cth)
Australian Privacy Principles
Office of the Australian Information Commissioner – Overview of the Reforms