SEC Newgate PTY LTD (ACN 162 366 056) (SEC Newgate, we, our or us), recognises and respects the importance of your privacy and understands your concerns about the security of the personal information which is provided to us.
We are sensitive to privacy issues and take seriously the ongoing trust our business associates have placed in us.
We are committed to compliance with the Privacy Act 1988 (Cth) (Privacy Act), including the Australian Privacy Principles (APPs), which detail how personal information may be collected, used, disclosed, stored and destroyed, and how an individual may gain access to, or make complaints about, the personal information held about them in Australia.
We are also committed to compliance with Regulation (EU) 2016/679 (General Data Protection Regulation) (the GDPR) so far as it affects Australian businesses and the collection, use, disclosure of personal information of EU residents.
SEC Newgate Research, a division of SEC Newgate conducts market and social research activities in accordance at all times with the Privacy Act and more specifically the Privacy (Market and Social Research) Code 2014 (the Code).
Personal information is defined in the Privacy Act as information or an opinion about an identified individual, or about an individual who is reasonably identifiable.
Personal data, as defined in the GDPR, is “any information relating to an identified or identifiable natural person (Data Subject); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.
Sensitive information, a sub-set of personal information, is information or an opinion about an individual’s racial or ethnic origin, political opinions, political association membership, religious beliefs or affiliations, philosophical beliefs, professional or trade association membership, trade union membership, sexual orientation or practices or criminal record, and includes health information and genetic information.
What personal information we collect and hold
We provide strategic solutions for individuals and businesses with communications and marketing (the Business Services).
The kinds of personal information we collect from you or about you depend on your engagement with us, the Business Services you or your organisation have contracted us to provide or any part of them, and the Business Services you or your organisation are interested in and visit our website www.secnewgate.com.au (Website) in relation to.
Generally, we collect and hold the following types of Personal information in the course of providing the Business Services. At all times, we collect and use information that is necessary for the provision of our Business Services.
The Personal information we, for the purposes of the GDPR ‘process’ or otherwise collect includes:
Our aim is not to be intrusive, and we undertake not to ask irrelevant or unnecessary questions. Moreover, the information you provide will be subject to rigorous measures and procedures to minimise the risk of unauthorised access or disclosure.
When you browse our Website, contact us electronically, or engage with us on social media, we may also record geographical tagging, cookies, your IP address and statistical data from your activity. We may use your Personal information to customise and improve your user experience on our Website and other social media platforms. By using our Website, you agree that we can record this information from your device and access them when you visit the site in the future.
If you want to delete any cookies that are already on your computer, please refer to the help and support area on your internet browser for instructions on how to locate the file or directory that stores cookies. Please note that by deleting our cookies or disabling future cookies you may not be able to access certain areas or features of our site.
Third Party Sites
How we collect and hold personal information
We aim to collect personal information only directly from you as a consumer or business customer, unless it is unreasonable or impracticable for us to do so. For example, we may collect Personal information from you through telephone calls and other interactions with our employees, contractors and consultants (Representatives), your emails and other correspondence to us or our Representatives, account set up for the Website, enquiries and contracts for use of our Business Services.
We collect and process Personal information of:
SEC Newgate will generally collect your Personal information directly from you, or from one of our accredited fieldwork companies or group members, in the course of providing Business Services to you or you participating in our qualitative and/or quantitative research.
In some instances, we may also receive information about you from third parties. As a result of this, SEC Newgate Research may from time to time invite you to participate in research based on information collected about you.
If you choose not to provide your personal information, then we may not be able to provide you with our full range of services.
You can be anonymous or use a pseudonym when dealing with us, unless the use of your true identity is a legal requirement, or it is impracticable for us to deal with you on such basis.
Why we collect, hold, use and disclose personal information
We will primarily collect, hold, use and disclose personal information where it is reasonably necessary for us to carry out our Business Services functions and activities and/or where we have a lawful reason for doing so. The lawful basis for processing and/or collecting Personal information by us will be one of the following:
We may also use Personal information for related purposes which you would reasonably expect, such as providing details about other services offered by us or third parties, as well as any promotions, offers or other arrangements or agreements with any third-party suppliers where relevant.
The activities that we may use Personal information for are:
SEC Newgate will process Personal data for all the time that it is still lawful and valid to do so. SEC Newgate will store the personal data for varying periods, and this will be reviewed at least annually.
You can opt out of receiving offers or information at any time by notifying us. Opt out procedures are also included on all of our marketing and promotional communications.
In some cases, we disclose personal information to members of our global group with whom we work collaboratively on occasion to provide you the Business Services. We will ensure that any entity to which we disclose your personal information is bound by appropriate confidentiality and non-disclosure agreements, if they are not otherwise required to adhere to the Privacy Act and APPs and/or GDPR.
We may also disclose personal information, collected by us:
(a) where we have sought your specific consent;
(b) in accordance with the Privacy Act or GDPR; or
(c) to third parties where required or permitted by law (including but not limited to government departments and enforcement bodies in any jurisdiction to which we or you are accountable).
How we hold, store and keep secure personal information
Your personal information is stored electronically, in the cloud and is encrypted on a server. We have electronic and procedural safeguards in place and take reasonable steps to ensure that your information is protected at all times from misuse, interference and loss, and from unauthorised access, modification and disclosure.
Please be aware that personal information provided by email may not be secure. If you have any concerns regarding the security of your personal information, please provide it in an alternate form, such as facsimile or post.
Destruction and de-identification
We will retain personal information collected by us whilst it is required for any of our business functions including but not limited to providing the Business Services or any part of them, or for any other lawful purpose. We will take reasonable steps and use secure methods to destroy or de-identify personal information that is no longer required for any purpose for which the personal information may be used under this Policy or otherwise in accordance with the Privacy Act, APPs and GDPR. Any interview recordings will be stored on an offsite server for six months, after which they will be deleted.
We share your personal information with our business associates (where strictly relevant to provide the Business Services) who are situated in the jurisdiction in which you are based, Australia or otherwise outside of the EEA. Any and all overseas disclosure of Personal information will be strictly in accordance with all applicable privacy laws including but not limited to the Privacy Act and GDPR.
Requests for Access and Correction
In most cases, you will be able to gain access to Personal information held about you by us. We may provide you with this information verbally or in writing, as may be appropriate and on reasonable request. In accordance with the Privacy Act and GDPR, under certain circumstances, you have the following rights when we hold Personal information about you:
To exercise such rights (save from marketing emails – as described above) and if you have any questions about how we collect, store and use Personal information, then please contact us using the details as set out in the “How to Contact Us” section below.
Any of the above requests will be forwarded on should there be a third party involved in the processing of your Personal information.
We rely on the Personal information we hold to efficiently provide our services, including but not limited to the Business Services. For this reason, it is very important that the Personal information
we collect is accurate, complete and up-to-date at all times. We will take reasonable steps to amend or correct any Personal information held by us to keep it accurate and up to date provided always that you notify us of any change to Personal information which becomes known to you at any time.
If we suspect we have suffered a data breach, we will undertake an assessment into the circumstances of the suspected breach within the time period as is required by applicable law including the Privacy Act and, where applicable, the GDPR.
Notification to Australian Information Privacy Commissioner
Where it is determined a breach has actually occurred and where we are required by law to do so (due to a loss in, or unauthorised access to Personal information) we will notify the Privacy Commissioner and affected individuals as soon as reasonably practicable after becoming aware that serious harm is likely to be suffered.
We will also notify the Privacy Commissioner at all other times where we are otherwise required to make a disclosure in accordance with the Privacy Act and specifically the Notifiable Data Breach Scheme, a mandatory data breach notification regime in Australia.
We will make all other required disclosures to the necessary authorities in accordance with the GDPR if any Data Breach concerns the loss or other misuse of Personal information of EU residents.
Complaints and Concerns
Our Privacy Officer can be contacted using the details below to discuss or attempt to resolve any complaints relating to the collection, storage and use of your Personal information.
Office of the Australian Information Commissioner
If you are not satisfied after having contacted us in respect to a complaint and concern and having given us a reasonable time to respond, we suggest that you contact the Office of the Australian Information Commissioner: [email protected].
How to Contact Us
Email: [email protected]
Tele: 02 9232 9500