Jacobs Australia
  

   

JA Story Industries We Serve Services Careers Contact Us

Privacy

1. SCOPE AND OBJECTIVES
This Privacy Policy implemented by Jacobs Australia (JA) extends to and covers all operations and functions of the organisation. All directors, management, employees, contractors, subcontractors, vendors, service providers, customers, agents or any other third parties that are involved in the collection, use or disclosure of personal information on behalf of JA must abide by the JA Privacy Policy.

The objective of the JA Privacy Policy is to ensure that a sound privacy foundation and framework is established and maintained by JA in accordance with the National Privacy Principles (NPP’s).

2. OWNERSHIP
All personal information collected, used or disclosed by JA shall be done in accordance with its Privacy Policy. JA retains the right to take reasonable steps to ensure that its Privacy Policy is properly adhered to.

For every operation or function of JA where personal information is collected, an appropriate person or owner shall be appointed to be responsible for ensuring compliance with the JA Privacy Policy.

3. RESPONSIBILITIES
It shall be the responsibility of managers to inform their respective employees and other relevant parties that the JA Privacy Policy is established, maintained and enforced. Management shall ensure that they advise employees and other relevant parties of any changes to this Privacy Policy in a timely manner.

It shall be the responsibility of all employees and other relevant parties involved in the collection, use or disclosure of personal information to ensure that they understand and adhere to the JA Privacy Policy and that they maintain up-to-date knowledge of any amendments to this Privacy Policy.

4. PRIVACY TRAINING
All new employees involved in the collection, use or disclosure of personal information shall be provided with timely and appropriate access to JA’s Privacy Policy. All employees involved in the collection, use or disclosure of personal information shall be provided with opportunities to attend appropriate and periodic privacy awareness training and shall ensure that they understand the privacy related issues that could adversely affect JA’s position if not properly adhered to.

5. NON-COMPLIANCE & DISCIPLINARY ACTIONS
Any JA employee or relevant third party that identifies, knows about or suspects a privacy breach shall immediately report the matter to management. Employees or other relevant parties who do not comply with JA’s Privacy Policy may be subject to disciplinary action.

6. INCIDENTS/COMPLAINTS HANDLING The JA Corrective Action Request (CAR) process (see Standard Operating Procedure 120-2) serves as an effective incidents/complaints handling process to manage privacy risks and issues. The CAR system may be used by all JA employees and relevant third parties to report and address any systematic or discrete Privacy compliance problems.

7. CONTRACTUAL ARRANGEMENTS
JA shall ensure that all contractual arrangements with third parties are compliant with this Privacy Policy.

9. PRIVACY AUDITS
The JA privacy officer who is also the Employee Relations Manager, shall conduct annual privacy audits as a component of the JA Corporate Governance audit in order to ascertain:

  • what personal information is collected and held;
  • how that information is collected;
  • the reasons for collection of that information;
  • where and how that information is stored;
  • how that information is secured;
  • who has access to that information;
  • whether the information is shared with anyone;
  • whether the intended use of collection is communicated, and
  • whether that information is current and necessary.

10. PRIVACY STATEMENTS
Any statements and/or comments that are either required to be or are made about privacy or privacy related issues shall be done so with regard to JA’s Privacy Policy.

11. COLLECTION (NPP 1)
JA shall only collect personal information where the information is necessary for one or more of its functions or activities.

Collection of personal information by JA shall be fair, lawful and not intrusive.

At or before the time of collection (or if not practicable, as soon as practicable after) of personal information from an individual not employed by JA, JA will take reasonable steps to ensure the individual is aware of:

    11.1 JA’s identity and how to contact us;
    11.2 The fact that he or she is able to gain access to the information;
    11.3 The purposes for which the information is collected and the details of any further disclosure to external organisations that may occur; and
If reasonable and practicable JA shall collect personal information about an individual only from that individual. If it is necessary to collect the information from a third party JA shall take reasonable steps to ensure that the individual is or has been made aware of the matter 11.1 to 11.3 inclusive except to the extent that doing so would pose a serious threat to the life or health of any individual.

12. USE AND DISCLOSURE (NPP 2)
JA shall only use or disclose information for the purpose for which it was collected unless the person has consented, or the secondary purpose is related to the primary purpose and a person would reasonably expect such use or disclosure, or in circumstances related to public interest such as law enforcement and public or individual health and safety.

13. DATA QUALITY (NPP 3)
JA shall take reasonable steps to make sure that the personal information it collects, uses or discloses is accurate, complete and up to date.

14. DATA SECURITY (NPP 4)
JA shall take reasonable steps to protect the personal information it holds from misuse and loss and from unauthorised access, modification or disclosure.

15. OPENNESS (NPP 5)
This Privacy Policy outlines JA’s policy for the management of personal information. This policy shall be made available to anyone who asks for it.

On request by an individual, JA shall take reasonable steps to let the individual know, generally, what sort of information it holds, for what purposes, and how it collects, holds and discloses that information.

16. ACCESS AND CORRECTION (NPP 6)
Within the limits of the National Privacy Principles, JA shall give an individual access to personal information it holds about that individual on request.

If an individual is able to establish that information held by JA is not accurate, complete and up to date and notifies JA as such, JA shall take reasonable steps to correct the information so that it is accurate, complete and up to date.

JA shall provide reasons for denial of access or a refusal to correct personal information.

17. IDENTIFIERS (NPP 7)
Within the limitations of the National Privacy Principles JA shall not adopt, use or disclose an identifier that has been assigned by an external agency.

18. ANONYMITY (NPP 8)
Wherever it is lawful and practicable, individuals shall have the option of not identifying themselves when entering transactions with JA.

19. TRANSBORDER DATA FLOWS (NPP 9)
JA shall only transfer personal information to a recipient in a foreign country in circumstances where the information will have appropriate protection in accordance with the requirements of the National Privacy Principles.

20. SENSITIVE INFORMATION (NPP 10)
JA shall not collect sensitive information unless the individual has consented, it is required by law or it is necessary in the interest of any individual’s health, where consent from the individual concerned is not possible due to physical or legal limitations.

Partnership for Innovation Site Map l Disclaimer l Privacy l Contact Us
© 2008 Jacobs. All Rights Reserved.