Faircloth McNair & Associates

Faircloth McNair & Associates Privacy Policy

Faircloth McNair & Associates Pty Ltd ABN 39 662 200 866 (referred to as FMA, we, us or our) is committed to safeguarding the privacy of individuals, including our suppliers, customers and website visitors, and to the protection of personal information that relates to them in accordance with the Australian Privacy Principles (APPs) as set out in the Privacy Act 1988 (Cwth).

We have adopted the Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (Cwth) (the Privacy Act). The APPs govern the way in which we collect, use, disclose, store, secure and dispose of your Personal Information.

A copy of the Australian Privacy Principles may be obtained from the website of The Office of theAustralian Information Commissioner at https://www.oaic.gov.au/.

This Privacy Policy describes the way we collect, use, and disclose Personal Information (as defined below). It is not intended to cover categories of information that are not covered by Australian Privacy Principles. If you wish to make any inquiries regarding this Privacy Policy, you should contact us in any of the ways specified in clause 10.

1. What is Personal Information and why do we collect it?

Definition

Personal Information is information or an opinion that identifies an individual. Examples of Personal Information we collect includes names, addresses, email addresses, phone and facsimile numbers. Personal Information does not include information that is aggregated or anonymised.

Personal Information is obtained in many ways including in the course of delivering a project, when we consult with you directly or in a workshop, when you complete a survey, or when you correspond with us; when we otherwise supply you with services; when you request information about us or our products or services, provide feedback, change your content or email preferences, enter into an agreement or contract with us, fill in a form or a request for services, fill in a form on our website, attend an event, become an employee of FMA, or otherwise contact us by telephone, facsimile, email, post or in person;and from third parties. We don’t guarantee website links or policy of authorised third parties.

Consent

When we collect Personal Information we will, where appropriate and where possible, explain to you why we are collecting the information and how we plan to use it. We only collect Personal Information that is adequate, relevant and limited to what is necessary for the purposes set out in this Privacy Policy.

Primary Purpose

We collect Personal Information for the primary purposes of:

• delivering management consultancy services to our clients (in some cases with support from third party providers),

• providing insights into the industries in which we work,

• marketing and selling our products and services,

• improving our products and our marketing and to better understand customer needs,

• providing information and updates

• communicating new and additional services and opportunities, and

• conducting employee related activities.

Secondary purposes

We may also use Personal Information for secondary purposes closely related to the primary purpose, in circumstances where you would reasonably expect such use or disclosure. You may unsubscribe from our mailing/marketing lists at any time by contacting us in writing.

Employee records

Workplace laws require a range of information to be made and kept for each employee. The Privacy Act applies to an employee record if the information is used for a purpose not directly related to the employment relationship.

2. Sensitive Information

Sensitive information is defined in the Privacy Act to include information or opinion about such things as an individual's racial or ethnic origin, political opinions, membership of a political association, religious or philosophical beliefs, membership of a trade union or other professional body, criminal record or health information.

Sensitive information will be used by us only:

• for the primary purpose for which it was obtained, or

• for a secondary purpose that is directly related to the primary purpose, and

• with your consent; or where required or authorised by law.

3. Third Parties

Where reasonable and practicable to do so, we will collect your Personal Information only from you. However, in some circumstances we may be provided with information by third parties. In such a case we will take reasonable steps to ensure that you are made aware of the information provided to us by the third party.

If you provide Personal Information about other individuals to us, you must ensure that you have informed those individuals that you are providing their Personal Information to us and that you have obtained their consent and advised them of our Privacy Policy.

4. Information collected via our Website

Website terms of use

This Privacy Policy governs how we use, collect or disclose Personal Information provided on our Website. By using the Website you agree to the terms and conditions contained in this Privacy Policy.

We will not collect any Personal Information about users of our Website except when they knowingly provide it.

Click Stream Data

When you visit and browse our Website, our Website host may collect Personal Information for statistical, reporting and maintenance purposes. Subject to clause 6.2, the Personal Information collected by our Website host will not be used to identify you. The information may include: the number of users visiting our Website and the number of pages viewed; the date, time and duration of a visit; the IP address of your computer; the path taken through our Website; or the browser type, operating system or website visited immediately before coming to our Website.

Our Website host uses this information to administer and improve the performance of our Website, including to assist with the diagnosis of and to provide support for any issues with our Website or services. This information is used in an aggregated manner to analyse how people use our Website, so that we can improve our service.

Cookies are small text files that are transferred to a user’s computer hard drive by a website for the purpose of storing information about a user’s identity, browser type or website visiting patterns.

If you access our Website, a cookie is downloaded onto your computer’s hard drive when you first log on to our Website. We may use cookies to allow us to personalise your browsing on our Website. Most web browsers automatically accept cookies, but you can choose to reject cookies by changing your browser settings. However, this may prevent you from taking full advantage of our Website. Our Website may from time to time use cookies to analyse website traffic and help us provide a better website visitor experience.

Links to external websites

If you follow any links to third party external websites from our Website, the Privacy Policy will not apply to those websites which may have their own policies relating to privacy and data collection and website usage. Links to third party websites do not constitute sponsorship or endorsement or approval of these websites. If you choose to access any linked website or to provide any Personal Information on such websites you should review their policies and terms of use to learn more about how they may use your Personal Information. We are not responsible for and will not be liable for the operations or policies of any third-party external website.

5. Disclosure of Personal Information

Your Personal Information may be disclosed in a number of circumstances including the following:

• third parties where you consent to the use or disclosure, and

• where required or authorised by law.

Transfer of business

If there is an actual or prospective change of control in our business or a sale or transfer of business assets, we reserve the right to transfer to the extent permissible at law our user databases, together with any Personal Information and non-personal information contained in those databases. This information may be disclosed to a potential purchaser under an agreement to maintain confidentiality.

Service providers

We may also disclose your Personal Information to our service providers in certain limited circumstances, for example when our Website experiences a technical problem or to ensure that it operates in an effective and secure manner.

Personal information is only disclosed to a third party when it is required for the delivery of our services. To the extent that we do share your Personal Information with a service provider, we would only do so if that party has agreed to a confidentiality regime in relation to their services and access to your Personal Information.

We may also share non-personal, de-identified and aggregated information for research or promotional purposes in connection with providing requested information or services to you, or for the purpose of improving our services. We will not sell your Personal Information to third parties for their own purposes, including for marketing purposes.

Unless otherwise specified in this Privacy Policy, we will not disclose any of your Personal Information to any other organisation unless the disclosure is required by law, is otherwise permitted by the Privacy Act 1988, or is with your consent.

6. Security of Personal Information

Storage

Your Personal Information is stored in a manner that reasonably protects it from misuse and loss and from unauthorised access, modification or disclosure.

Destruction and de-identification

When your Personal Information is no longer needed for the purpose for which it was obtained, we will take reasonable steps to destroy or permanently de-identify your Personal Information. However, most of the Personal Information is or will be stored in client files which will be kept by us for a minimum of 7 years.

Data breaches

The Notifiable Data Breaches Scheme (NDB scheme) in Part IIIC of the Privacy Act 1988 sets out obligations for notifying affected individuals, and the Australian Information Commissioner, about an “eligible data breach” (as defined in the Privacy Act 1988) which is likely to result in serious harm.

To the extent required by law, where a data or privacy breach occurs and serious harm to affected individuals has occurred or is likely, we will notify those individuals and the relevant supervisory authority in accordance with our obligations under the Privacy Act 1988.

You may contact our Privacy Officer via the contact details in clause 10 should you require additionalinformation.

7. Access to your Personal Information

You may access the Personal Information we hold about you and to update and/or correct it, subject to certain exceptions. If you wish to access your Personal Information, please contact us in writing.

FMA will not charge any fee for your access request, but may charge an administrative fee for providing a copy of your Personal Information.

In order to protect your Personal Information we may require identification from you before releasing the requested information.

8. Maintaining the Quality of your Personal Information

It is important to us that your Personal Information is up to date. We will take reasonable steps to make sure that your Personal Information is accurate, complete and up-to-date. If you find that the information we have is not up to date or is inaccurate, please advise us as soon as practicable so we can update our records and ensure we can continue to provide quality services to you.

9. Policy Updates

This Policy may change from time to time and is available on our website www.fairclothmcnair.com.au (Website). Our most recent Privacy Policy will apply to our collection, use and disclosure of Personal Information. At any time, you may withdraw consent to the continued use of your Personal Information, subject to legal and contractual restrictions.

10. Privacy Policy Complaints and Enquiries

If you feel that your privacy has not been respected or that we have conducted ourselves inconsistently with this Privacy Policy, or the Australian Privacy Principles in respect of your Personal Information, or for any other queries, problems, complaints or communication in relation to this Privacy Policy, please contact us in any of the following ways:

Att: Privacy Officer

Post: PO Box 8110, Croydon Vic 3136

Email: hello@fairclothmcnair.com.au

When contacting us please provide as much detail as possible in relation to your query, problem or complaint. We take all complaints seriously and will respond to your complaint in accordance with any applicable timeframes imposed by law and otherwise within a reasonable period. We request that you cooperate with us during this process and provide us with any relevant information that we may need.

Approved: 080323

For review: 080326

Faircloth McNair & Associates acknowledge the traditional custodians of the land on which we live and work, the Wurundjeri people of the Kulin Nation, and pay our respects to their Elders past, present and emerging.

We recognise that Indigenous Australians never ceded sovereignty of this country and remain strong and enduring in their connection to land and culture.

Acknowledgement

of Country