Your Privacy is Important
We recognise that maintaining the privacy of personal information matters to our employees, clients and contractors, and we are committed to protecting all personal information and dealing with it in accordance with the Australian Privacy Principles.
The Group’s main business activities are the management of construction projects, property development and from time to time the management of wholesale real property funds. These activities are carried out by:
- St Hilliers Contracting Pty Ltd ABN 66 082 729 039
- St Hilliers Funds Management Limited ABN 24 106 527 833
- St Hilliers Property Investments Pty Ltd ABN 54 064 561 495
Australian Privacy Principles (“APPs”) are part of the Privacy Act 1988 and regulate the way in which organisations may collect, use or disclose an individual’s Personal Information.
Personal information means information or an opinion (whether or not true, and whether nor not recorded) about an identified individual, or about an individual who is reasonably identifiable.
Personal information that relates to an individual’s own characteristics, beliefs or affiliations is known as ‘sensitive information’ and will only be collected with an individual’s consent or when it is required by law.
Collection of Personal Information
We collect personal information from individuals only to the extent this is necessary for us to perform functions associated with our business activities. These functions include:
For unitholders in any wholesale funds we operate from time to time: maintaining the unit register, making calls on units, making payments of distributions or capital sums, maintaining records required by relevant anti-money laundering legislation.
For our construction clients: undertaking our contractual obligations to our clients, including regular communication about current projects.
For consultants and subcontractors: regular communication about construction work on current projects, payment of amounts owing by us.
For jobseekers: communication about jobs available with us, checking information in your resume, speaking to referees.
For website viewers: administering our website at https://sthilliers.com.au, including receiving comments and checking most popular web pages and peak usage times.
While some contacts with us such as general enquiries may be made anonymously or by using a pseudonym, if the relationship is to progress any further (by you becoming a client or having a business relationship with us) it will be necessary for us to know who you are. Similarly, we cannot deal with complaints made anonymously or by pseudonym.
How Information is Collected
When you look at our website, including when you leave comments and when you register/ log in, we may collect information about your device and your website use (your Website Use Information) from cookies. A cookie is a block of data created by a web server while a user is browsing a website and placed on the user’s device by the user’s web browser. Tracking cookies let us recognise your device and gather basic tracking information. This information allows us to review the way in which our website is used and presented.
We may also use analytical cookies, which allow us to recognize and count the number of users on our website and how users move around the site when they are using it. This also helps us improve how our website works. If you do not want us to collect such Information, you may set your browser to block cookies. However, some of our services may not function properly if your cookies are disabled.
When visitors leave comments on our website we collect the data shown in the comments form, and also the visitor’s IP address and browser user agent string to help spam detection.
If you leave a comment on our site you may opt-in to saving your name, email address and website in cookies. These are for your convenience so that you do not have to fill in your details again when you leave another comment. These cookies will last for one year.
For users that register on our website (if any), we also store the personal information they provide in their user profile. All users can see, edit, or delete their personal information at any time (except they cannot change their username). Website administrators can also see and edit that information.
If you visit our login page, we will set a temporary cookie to determine if your browser accepts cookies. This cookie contains no personal data and is discarded when you close your browser.
When you log in, we will also set up several cookies to save your login information and your screen display choices. Login cookies last for two days, and screen options cookies last for a year. If you select “Remember Me”, your login will persist for two weeks. If you log out of your account, the login cookies will be removed.
If you edit or publish an article, an additional cookie will be saved in your browser. This cookie includes no personal data and simply indicates the post ID of the article you just edited. It expires after 1 day.
Otherwise, we will collect personal information directly from the relevant individual, unless it is unreasonable or impracticable to do so (for example, in checking resume information). Collection of personal information includes from:
- Emails and letters sent to us, including resumes;
- information that clients or subcontractors give us as part of the tendering process;
- face to face meetings;
- business cards;
- telephone conversations.
What Information is Collected
We may ask you for the following information, depending on our relationship with you:
- Your name, phone number, street and email address
- Your bank account details
- If you are acting on behalf of your employer, your job title, employer’s name and contact information
- for consultants or subcontractors, we may also collect additional information such as your ABN, professional and/or public liability insurance details
- For job applicants only: citizenship, any visa details, and possibly also membership of professional organisations and referee contact details.
Where clients are corporations, they may provide us with personal information about different contact persons within that corporation including name, job title, and contact information.
Where a consultant or subcontractor is a corporation we may also collect additional information about their directors, managers, or contact persons which could include names, job titles, business and personal addresses and phone numbers.
We may also receive personal information (which may be sensitive information) from you in job interviews or telephone conversations and from your referees or from our own researches, including to verify your citizenship, visa details, qualifications, references and other information that you give us.
In addition, we may obtain Website Use Information about you and your devices.Where a third party gives us information
Should a third party give us unsolicited personal information about an individual, we will within a reasonable period determine whether or not we could have collected the information directly and, if not, we will take reasonable steps to destroy or de-identify that information unless the law otherwise requires.
Individuals have the right to ask us to let them know the source of the personal information we hold about them. So long as a response is not impracticable or unreasonable, we will reply to all queries within a reasonable period without cost to the individual.
Use and Disclosure of Personal Information
We will not make personal information about an individual that we have collected for business purposes available to anyone outside the St Hilliers Group except as instructed by that individual or where required by or permitted by law.
If we use third – party service providers, these service providers may have access to an individual’s personal information to perform contractually specified services – for example, the maintenance of the unit registers of the Funds through our Accountants in Victoria, or the checking of visitor comments through an automated spam detection service. We contractually require that all personal information accessed by such providers be kept confidential and in accordance with the Australian Privacy Principles.
Links to Other Websites
Our website may contain links to other websites for you to access. You should be aware that the privacy policies of the operators of those other sites may not be the same as ours and you should refer to their own privacy policies.
Articles on our site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
Security and Quality of Personal Information
We will take all reasonable steps to ensure that any personal information about you which we hold is:
- secure: protected from misuse, interference and loss and from unauthorised access, modification or disclosure;
- appropriate: accurate, complete, up to date, relevant and not misleading having regard to the purpose for which it is held.
Your personal information may be kept and accessible in both hard and soft copy at any of our offices in Australia. Visitor comments may be checked through an automated spam detection service. Your Website Use Information is retained on our Server Logs and information backup system in Australia. However from time to time our server may be backed up through the cloud in other locations.
The Group operates secure data networks protected by industry standard firewall with password protected systems. Our Group security and privacy policies are periodically reviewed and enhanced as necessary.
We restrict access to personal information to our employees, and contracted third party providers who need to know that information in order to process it for us and who are subject to strict contractual confidentiality obligations. They may be disciplined or their contract terminated if they fail to meet these obligations. Our access to your personal information is limited to the following departments for their respective purposes: Finance, IT, Property Management, Construction, and Compliance (including the Privacy Officer).
How Long We Retain Your Data
If you leave a comment on our website, the comment and its metadata are retained indefinitely. This is so we can recognize and approve any follow-up comments automatically instead of holding them in a moderation queue.
We will take reasonable steps to destroy or de-identify personal information if we no longer need it for any authorised purpose and are not required by law to retain it.
Access to Personal Information
We will handle all requests for access in accordance with the APPs. In most cases, we will give an individual access to any personal information that we hold about them within a reasonable period and in the manner requested, if that is reasonable. In some cases, we may refuse access where refusal is required or permitted by law. We may reject requests that are unreasonably repetitive, require disproportionate technical effort (for example, information that is only available on older back up tapes, or would involve developing a new system or significantly changing an existing practice), or which risk the privacy of others. We will provide the individual with reasons for any refusal. We may charge a reasonable fee for giving an individual access to their personal information, however at present we do not propose to make any charge.
To request access to your personal information please contact the St Hilliers Privacy Officer – contact details are below.
If you have an account on our website, or have left comments, you can request to receive an exported file of the personal data we hold about you, including any data you have provided to us. You can also request that we erase any personal data we hold about you. This does not include any data we are obliged to keep for administrative, legal, or security purposes.
Correction of Personal Information
We appreciate any assistance to keep any personal information that we hold up to date, complete and accurate. If you want to update any personal information, you may do so by contacting the Privacy Officer.
We will, on request, normally amend any of your personal information which is inaccurate, incomplete, out of date, irrelevant or misleading (without cost to you) where:
- we are satisfied that the information needs to be corrected; and/or
- we agree with your request that the information be corrected.
If we disagree with your request, we will write to inform you of our concerns about making the change you have requested, giving reasons for our refusal and notifying you of available complaint mechanisms. If you wish, we will then (at no cost to you and within a reasonable period), take reasonable steps to associate with the appropriate records of your personal information a statement that you claim the information is inaccurate, incomplete or out of date (whichever is relevant) and that you have requested a particular change.
Data Breach Obligations
St Hilliers maintains systems to respond to internal or external data breaches in accordance with the guides and resources at:
A breach will need to be reported to the regulator and to persons involved when:
- there is unauthorized access to, or disclosure of, personal information held by St Hilliers, or where personal information is lost in a situation where unauthorized access or disclosure is likely to occur, and
- there is a risk of serious harm to the individuals to whom the information relates (for example, access to their bank details), and
- St Hiliers has not been able to prevent the likely risk of serious harm to the individuals to whom the information relates by remedial action.
The steps for dealing with a possible data breach are set out in the chart at the end of this document.
If you have a complaint about how we handle your personal information, please contact our Privacy Officer.
The Privacy Officer will acknowledge your complaint within three business days of receipt and will seek to resolve your complaint within 20 days of receipt.
St Hilliers Privacy Officer Contact Details
St Hilliers Group
8 Windmill Street
Millers Point, Sydney, NSW 2000, Australia
Phone: +61 2 9259 5274
Facsimile +61 2 9259 5208
or by email at VLim@sthilliers.com.au
Wholesale Real Property Funds
If your complaint is not resolved to your satisfaction and relates to St Hilliers wholesale real property fund business you have the right to contact the Australian Financial Complaints Authority (AFCA). AFCA is an external dispute resolution scheme authorised to deal with complaints in relation to the financial services industry including privacy.
Australian Financial Complaints Authority
GPO Box 3
Melbourne VIC 3001
Phone: 1800 931 678
All other St Hilliers Business
In all other cases, or if you are still not satisfied with the outcome of your contact with the AFCA, you can contact:
Office of the Australian Information Commissioner
GPO Box 5218
Sydney NSW 2001
Phone: 1300 363 992
Facsimile: +61 2 9284 9666
Copies of this Policy and Further Information
As the Federal Government introduces new privacy legislation, this Policy will be reviewed and updated accordingly. We will also regularly review this Policy and may change it from time to time. The date at which this Policy was most recently updated is given above.
More information on privacy legislation and guidance material is available from the Office of the Australian Information Commissioner at http://www.oaic.gov.au