- our suppliers, partners, contractors, subcontractors and agents including business support service providers (for example, software suppliers and data back up providers) we engage from time to time;
- employers of individuals;
- government bodies (such as the Australian Taxation Office and the Australian Securities and Investment Commission);
- our external auditors;
- advisors; and
- insurance providers and brokers,
however, no Personal Information will be sold or disclosed to companies not engaged by us to assist us to perform our services.
Depending on the circumstances, Okeland may be under a legal obligation to disclose Personal Information to third parties, such as a law enforcement agency. Okeland will endeavour to disclose this information in accordance with the relevant law and will inform you of any such disclosure and the content of the information disclosed (unless prohibited to do so by law).
In relation to financial products issued by Okeland, Okeland may disclose information obtained in the application form attached to the prospectus or product disclosure statement of the financial product to the advisor, financial services licensee or dealer listed on the application form.
Otherwise, we will only disclose Personal Information to third parties if permitted by the Privacy Act.
By providing your Personal Information to us, you agree and consent to any disclosures by us of your information to an individual or organisation for any of our purposes listed above.
OKELAND’S MARKETING ACTIVITIES
It is important for Okeland to maintain contact with its customers and potential customers. That contact may involve the sending of advertising material through the post or by email to existing and potential customers. In these circumstances, it is Okeland’s policy to comply with the stated purpose for which Personal Information was collected and consequently we will only ever contact you if you give your permission. Okeland’s existing and potential customers will always have the opportunity to decline to receive further marketing material and can ask to be removed from our marketing lists at any time. If Okeland receives such a request, Okeland will update its records appropriately, within a reasonable time.
DISTRIBUTION OF PERSONAL INFORMATION
Organisations or individuals outside Okeland are required to respect customers’ rights to privacy and also to use the information in accordance with Okeland’s purposes and directions.
It is Okeland’s policy not to sell Personal Information about existing or potential customers to any organisation.
SECURITY OF PERSONAL INFORMATION
Okeland takes reasonable steps to protect and secure Personal Information that it collects from misuse, interferences, loss, unauthorised access, modification or disclosure. Our usual approach to holding Personal Information is to hold that Personal Information electronically on secure servers. We secure the Personal Information we hold in numerous ways, including by requiring unique passwords and security access IDs to restrict access to environments storing Personal Information.
Okeland will take reasonable steps to destroy or permanently de-identify Personal Information if it is no longer needed for any purpose for which the information may be used or disclosed, unless prohibited by law.
A data breach occurs when Personal Information is lost or subjected to unauthorised access, use, modification or disclosure or other misuse or interference.
We have implemented a data breach response plan to assist us to effectively contain, evaluate and respond to data breaches in order to mitigate potential harm to any persons affected by a data breach.
In summary, our data breach response plan:
- directs our staff as to the steps they should take in the event of an actual or suspected data breach;
- appoints a team to handle data breaches;
- specifies a strategy for assessing and responding to data breaches;
- sets out the process for notifying any affected persons, the Privacy Commissioner and other relevant parties; and
- outlines our review process to help prevent data breaches in the future.
We will generally notify you if we reasonably believe that your Personal Information has been subjected to a data breach if:
- there is a risk of serious harm to you;
- notification could enable you to avoid or mitigate serious harm;
- the compromised Personal Information is sensitive or likely to cause humiliation or embarrassment to you; or
- we are required to notify you by law.
We will also notify the Privacy Commissioner if we reasonably believe that your Personal Information has been subjected to a data breach that is likely to result in serious harm to you. Where appropriate, we may also notify other third parties of a data breach.
ACCESS TO AND CHANGING PERSONAL INFORMATION
Okeland will, if requested to do so, give individuals copies of the Personal Information that Okeland holds about them, unless prevented by law from giving this information to you. Before such information is released, Okeland will require reasonable proof of identity from the enquiring person. Any requests for copies of Personal Information should be directed to Okeland’s Privacy Officer. We will grant a person access to their Personal Information as soon as possible, subject to the circumstances of the request.
A request to access Personal Information may be rejected if:
- the request is unreasonable;
- providing access would have an unreasonable impact on the privacy of another person;
- providing access would pose a serious and imminent threat to the life or health of any person; or
- there are other legal grounds to deny the request.
Okeland may charge you a reasonable fee for access to your Personal Information, but we will advise you of the fee before we process your request.
If access to information is to be denied (e.g. if required by law), Okeland will provide reasons for the denial.
If any individual wishes to update or correct Personal Information held by Okeland about them, Okeland will do so on receipt of a written request addressed to Okeland’s Privacy Officer. This is in keeping with Okeland’s policy to maintain accurate records.
We do our best to make sure that the Personal Information we hold about you is accurate, up to date and complete. If you believe we need to update your Personal Information just let us know. We will promptly update it and confirm to you when we have done so.
OVERSEAS USE OF INFORMATION
We do not generally disclose your personal information to overseas recipients.
When Okeland’s website is visited, the website may send “cookies” to the visitors’ computer. Cookies are used in transactions over the internet for various reasons including the maintenance of security. Cookies can also be used to monitor the areas of a website that are visited. Visitors to Okeland’s website who do not wish to receive cookies should select the appropriate settings in their web browser.
PRIVACY COMPLAINTS OR QUESTIONS
If you have a privacy complaint or question, would like to know what Personal Information we hold about you, or would like to update your Personal Information please contact our Privacy Officer:
T: (08) 9217 3600
A: Okeland Pty Ltd ACN 102 195 737
PO Box 1629
SUBIACO WA 6904
Our Privacy Officer will endeavour to respond to your privacy questions, or resolve any privacy concerns you have in a timely manner. Our Privacy Officer will respond in writing to you regarding the outcome of any investigation.