The Chamber of Commerce & Industry Queensland (CCIQ) respects and values the privacy and protects the personal information of others who we engage with including members, customers, employees, contractors and other individuals including visitors to our website. This privacy statement outlines how we collect, use, disclose, store and otherwise manage your personal information and comply with our obligations under the Privacy Act 1988 (Act).
How we collect your information
The main purposes for which we collect personal information are:
• to maintain contact with members;
• to grant members access to exclusive online information;
• to assess the eligibility of members and facilitate their access to the QAssure and Registermybusiness services;
• to provide a subscription service to members that have elected to take part in our e-newsletter service;
• to notify and keep members and contacts informed of the events, services and service offers we provide and of current developments;
• where it is necessary for us to provide our service and to enable others to provide services which we have informed you about and which you have requested we facilitate for you;
• to register members to attend events;
• for recruitment and employment (including expressions of interest in working for us);
• to enable us to make submissions to legislative bodies about policy development;
• to advertise or promote your business;
• for administration and management purposes.
We may also collect personal information about you from your use of our website and information you provide to us such as, for example, if you use the website to contact us to register for one of our services.
CCIQ will not collect personal information unless the information is reasonably necessary to enable us to undertake one or more of our activities.
Unless it is unreasonable or impractical to do so, CCIQ will collect personal information directly from you. Sometimes it may be necessary for us to collect your personal information from a third party, or from a publicly available source. We will only collect personal information in that way where we are permitted to do so under the Act. Where personal information is collected from another party, CCIQ will take reasonable steps to inform you of the collection, at or before that time or, if that is not practicable, as soon as possible after collection.
The type of personal information which we will ordinarily collect includes your name, contact details, email, your IP address, payment details or account information (including your credit card details) if that is necessary and insurance details (and claims history). Where relevant, we may ask you for other information. In particular, in order to confirm your membership and to perform our services, it may be necessary for us to collect details of your occupation, your organisation and details of directorships, shareholding, and other professional memberships.
We will not usually seek to collect sensitive information (e.g data relating to race or ethnic origin, religious beliefs, political preference, criminal record, physical or mental health, or sexual orientation from you. However, you acknowledge that such information may be collected (including inadvertently such as via photographs or other records) by us. You acknowledge that information may be contained in documents or other records which you have provided to us.
If it is necessary for us to collect sensitive information, although you again acknowledge that we may collect such information inadvertently, we will obtain your explicit consent to collect and use such information.
You do not have to provide us with any personal information if you are a visitor to our website and you may choose to remain anonymous or to provide us with a pseudonym if you do not wish to reveal your identity. However, you should be aware that by remaining anonymous or in providing a pseudonym, we may be unable to properly provide services and advice to you, or the nature and extent of that advice may be limited. We may also be unable to properly respond to any request, particularly in the event that we may have a conflict of interest or concern in relation to the dissemination of information to an unknown party.
How we use the Information
We use the personal information collected for various activities including:
• to perform services or provide products to you, including where we provide a service for you or on your behalf to a third party;
• to assess your eligibility and facilitate your access to our publically available services, (such as, QAssure and Registermybusiness);
• to respond to your requests;
• to provide you with further information about CCIQ;
• to promote or market our products and services to you;
• to facilitate the provision of products or services to you by others at your request;
• to promote your services to other members and to the community;
• to assist in making submissions to legislative bodies about policy development;
• to organise conferences, functions, or seminars; and
• to comply with our legal obligations.
We may use your information to market our services, including by email, or to provide you with information from other providers which we think may be of interest to you. You will have the opportunity to elect not to receive further marketing information from us by writing to the privacy officer, whose details are provided at the end of this policy. We will endeavour to process your request within 21 days of contacting us. Alternatively, if we have contacted you by email, you may use the unsubscribe function in that email to notify us that you do not want to receive further marketing information from us.
We will hold your personal information for only as long as is required to fulfil the purposes for which it was collected or as required by law.
We may share your personal information with third parties who we contract to assist us to provide the services requested by you. Those third parties may include service providers who assist us in performing our services such as our accountants and auditors, mailing houses, other professional advisers, experts who are contracted to us and other CCIQ members. If we provide your personal information to those persons, we will require that they protect your information in accordance with the standards contained in the Australian Privacy Principles and other applicable privacy laws. We will never sell your personal information.
CCIQ may transfer your personal information to our related entities or it may be accessible to other entities to fulfil the purposes identified above or for some other related purpose which you have consented to or for which you would reasonably expect us to use the personal information.
At present we do not provide your information to entities outside of Australia and do not store, process or back-up your personal information on computer servers or networks which are located overseas or in “the cloud”, including where services are performed by service providers who are located overseas. In the event that your personal information is provided to overseas entities, we will take all necessary steps to notify you and to ensure that the security of the information is maintained and that it is used consistent with this policy and our obligations under the Privacy Act.
In the event that CCIQ, a related asset or an aspect of our business is acquired, transferred or merged with another company, we may disclose your personal information to the prospective or actual purchasers. If we do so, we will require that they hold your personal information in a manner which is at least as secure as we have previously.
Most of this information is aggregated and used for statistical purposes so that you are not personally identifiable from it. The aggregated information and cookies will usually include, for example Internet provider, date and time, search phrases, or referring websites.
Most browsers are set up to accept cookies. However, if you do not wish to receive any cookies, you may be able to change the settings of your browser to give you greater control over this.
Blogs, Forums, and other Social Media
Our website may host various blogs, forums, and other social media applications or services that allow you to share personal information and content with other users (“Social Media Applications”). Any personal information or content that you contribute to our website or to any Social Media Applications can be read, collected, downloaded and used by other users over whom we may have no control. We are not responsible for any use, misuse or misappropriation by other users of any personal information or content that you contribute to our website or to any Social Media Applications.
How you can access and/or amend your personal information
You may contact the Privacy Officer in writing at the address identified at the end of this policy at any time to request access or to amend your personal information. Requests will be dealt with as quickly as possible and we will endeavour to respond within 21 days.
CCIQ will provide access by allowing you to inspect, take notes or receive copies or printouts of the personal information that CCIQ holds about you. To obtain access you will have to provide your identity. This is necessary to ensure that personal information is provided only to correct individuals and that the privacy of others is not undermined.
If you believe that any personal information which CCIQ has collected about you is inaccurate, incomplete or not up-to-date, please contact us and we will take reasonable steps to correct it in accordance with the requirements of the Privacy Act. In the event that we correct personal information that we have previously disclosed to a third party, you may request that we notify that third party of the correction. We will take steps as are reasonable in the circumstances to notify that third party of the correction where it is not impractical or unlawful to do so.
In some circumstances (which are outlined below) we may refuse to give you access to personal information and in these circumstances we will explain why. You may complain about our refusal to grant you access to your personal information directly with the Office of the Australian Information Commissioner.
Credit Related Information
Where we provide services to you on credit (that is, where you will pay for those services after we start providing them to you), we may be a credit provider for the purposes of the Privacy Act.
We may collect, hold and use certain credit related information about you. We will generally only obtain this information from you. We do not collect or exchange information with credit reporting bodies and other credit providers. We use credit related information to assist us in determining whether we will provide or continue to provide services to you on credit and to manage our relationship with you. Credit related information includes your name and contact details, your credit history, (including any repayments or late repayments you have made), any credit rating or credit assessment score that we calculate and details of any credit related court proceedings or insolvency applications that relate to you.
We will securely store all credit related information that we collect or hold about you in accordance with the procedures described below.
Unless otherwise required by law, we only disclose your credit related information to third parties in limited circumstances as permitted by the Privacy Act. We may disclose your credit related information to parties that provide credit related services to us such as debt collectors, credit management agencies, advisers and our agents. We may also disclose your credit related information to a third party that you or we request act as a guarantor in relation to any credit provided to you. Other circumstances where we may disclose your credit related information include using and disclosing credit related information that we hold about you in relation to any access or correction requests that you make to us, any complaint that you make, as required by law or the order of a court or tribunal and where you otherwise expressly consent to the use or disclosure.
How you can access and/or amend your credit related information
If you request that we correct any credit related information that we hold about you, we will endeavour to respond to that request within 21 days (or such longer period as you may agree) and correct any credit related information that we hold about you that we are satisfied is inaccurate, out-of-date, incomplete, irrelevant or misleading.
If we correct credit related information that we hold about you without you first making a correction request, we will take reasonable steps to notify that correction to you.
When will access to your personal and/or credit related information be denied?
Access will be denied if:
• CCIQ reasonably believes that giving the information would pose a serious threat to the life, health or safety of an individual or to public health and safety;
• providing access would create an unreasonable impact on the privacy of others;
• the request is frivolous or vexatious;
• the request relates to existing or anticipated legal proceedings and is not available by the process of discovery;
• providing access would prejudice negotiations with the individual making the request by revealing the intention of CCIQ;
• access would be unlawful;
• denial of access is authorised or required by law;
• access would prejudice enforcement related activities of an enforcement body;
• access would reveal evaluative information of “a commercially sensitive”, decision making process, or information; or
• any other reason that is provided for in the Australian Privacy Principles (APPs) set out under the Privacy Act.
Where possible, CCIQ will favour providing you with access to your personal information.
Costs and Charges for accessing personal and/or credit related information
CCIQ may impost the following charges for providing access to your personal information:
• photocopying - $2 per page;
• delivery cost of information stored off-site – where information is stored off-site, the cost of obtaining access to the information $35 per hour;
• access to electronic databases - $35 per hour.
Security of your information
We will take reasonable commercial measurers to ensure the security of your personal information, whether kept in electronic form or hard copy.
CCIQ has implemented technology and operational security in order to protect personal information from loss, misuse, alteration or destruction. We use a range of physical and electronic procedures to ensure the privacy of your personal information is safeguarded. These include operational policies and procedures (such as restricting physical access to our offices and the use of key management verification protocols), and maintaining a secure database system through the use of passwords, encryption, intrusion prevention/detection and firewalls. We limit the persons (including employees) or entities that have access to your personal information, and ensure that those persons are required to treat the information in accordance with the Australian Privacy Principles and other applicable privacy laws.
We have also adopted other security measures including, for example, the use of a Security Socket Layer (SSL) protocol, which provides a secure environment for individuals to transmit personal information to a CCIQ hosted website or server. This information is encrypted during transmission and, in doing so, prevents unauthorised persons access to it. All information obtained and collected via CCIQ’s website is stored on a secure server in Australia, to prevent personal information from being accessed by unauthorised persons.
CCIQ is also dedicated to providing secure online environments including for the protection of the financial and credit card details of its customers and members. The Payment Card Industry Data Security Standard (PCI DSS) is a set of security standards which CCIQ and CCIQ payment providers adhere to in order to maintain the highest level of security and protection for client information. CCIQ’s payment provider has the highest level of PCI DSS compliance and is audited regularly to ensure that it (and CCIQ maintains its high level security and customer protection.
How to Contact Us
You may request further information, express concerns and/or queries about the way we manage your personal information by contacting our Privacy Officer:
Chamber of Commerce and Industry Queensland
300 Queen Street
Brisbane QLD 4000
Telephone: 1300 731 988