Privacy Policy

This Privacy Policy sets out how Geoff Craig & Associates Pty Ltd (ACN 086 017 745) or GCA Engineering Solutions (ABN 92 086 017 745) including, but not limited to any related body corporate, any subsidiary or associated entity and as trustee of any trust from time to time (individually and together called “GCA”) (referred to as “we”, “our”, or “us in this policy) handles your personal information (including personal information collected via our website) and how to contact us if you have any questions about our management of personal information.

GCA values and respects the privacy of the people we deal with. GCA is committed to providing quality services to you and this policy outlines our ongoing obligations to you in respect of how we manage your Personal Information.

We have adopted the Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (Cth) (the Privacy Act). The National Privacy Principles (NPPs) govern the way in which we collect, use, disclose, store, secure and dispose of your Personal Information.

A copy of the Australian Privacy Principles may be obtained from the website of The Office of the Australian Information Commissioner at https://www.oaic.gov.au/.

This Privacy Policy (Policy) describes how we collect, hold, use and disclose your personal information, and how we maintain the quality and security of your personal information.

What is Personal Information and why do we collect it?

“Personal information” means any information or opinion, whether true or not, and whether recorded in a material form or not, about an identified individual or an individual who is reasonably identifiable. In general terms, this includes information or an opinion that personally identifies you either directly (e.g. your name) or indirectly. Examples of Personal Information we collect includes names, addresses, email addresses, and phone numbers.

This Personal Information is obtained in many ways including correspondence, by telephone, by email, via our website www.gca.net.au, applying for a position with us as an employee or contractor from media and publications, from other publicly available sources and from third parties. We don’t guarantee website links or policy of authorised third parties.

We collect your Personal Information for the primary purpose of providing our services to you, providing information to our clients and marketing. We may also use your Personal Information for secondary purposes closely related to the primary purpose, in circumstances where you would reasonably expect such use or disclosure.

When we collect Personal Information we will, where appropriate and where possible, explain to you why we are collecting the information and how we plan to use it.

What personal information do we collect?

The personal information we collect about you depends on the nature of your dealings with us or what you choose to share with us.

The personal information we collect about you may include:

  • Your name, title, and residential or business address
  • Your occupation or employer
  • Your qualifications and career history
  • Your date of birth and other forms of identification (such as a driver’s licence)
  • Your telephone number and other contact details, including email addresses
  • Your Internet Protocol (IP) address and online passwords
  • Records of your communications and interactions with us
  • Records of your application to us as a potential employee or contractor
  • Records relating to your engagement, conduct, hours worked, and payment as a contractor
  • Details relating to your use of our products and services
  • Credit card or debit card information
  • Banking details
  • Your ABN and government related identifiers, such as tax file numbers
  • Information about the way you use our website

How do we use your personal information?

We use personal information for many purposes in connection with our business functions and activities, including the following purposes:

  • to provide you with information or services that you require from us;
  • to deliver to you a more personalised experience and service offering;
  • to improve the quality of the services we offer;
  • for internal administrative purposes.

Sensitive Information

Sensitive information is defined in the Privacy Act to include information or opinion about such things as an individual’s racial or ethnic origin, political opinions, membership of a political association, religious or philosophical beliefs, membership of a trade union or other professional body, criminal record or health information. We will not generally collect sensitive information. However you may wish to provide us with sensitive information about you from time-to-time. For example, if you are a contractor you may wish to provide us with information about your health in connection with an incident on one of our work sites.

Sensitive information will be used by us only:

  • for the primary purpose for which it was obtained
  • for a secondary purpose that is directly related to the primary purpose
  • with your consent; or where required or authorised by law.

If we collect your sensitive information, we will do so only with your consent, if it is necessary to prevent a serious and imminent threat to life or health, or as otherwise required or authorised by law, and we take appropriate measures to protect the security of this information.

You do not have to provide us with your personal information. Where possible, we will give you the option to interact with us anonymously or by using a pseudonym. However, if you choose to deal with us in this way or choose not to provide us with your personal information, we may not be able to provide you with our services or otherwise interact with you.

Third parties

Where reasonable and practicable to do so, we will collect your Personal Information only from you. However, in some circumstances we may be provided with information by third parties. In such a case we will take reasonable steps to ensure that you are made aware of the information provided to us by the third party. We may disclose your personal information to third parties in accordance with this Policy in circumstances where you would reasonably expect us to disclose your information.

For example, we may disclose your personal information to:

  • our third party service providers (for example, our IT providers);
  • our marketing providers;
  • our professional services advisors;

Security of Personal Information

Your Personal Information is stored in a manner that reasonably protects it from misuse and loss and from unauthorised access, modification or disclosure.

We have also taken reasonable steps to protect the personal information we hold from misuse and loss and from unauthorised access, modification or disclosure. Staff are required to sign a confidentiality clause as a part of their contracts of employment. They are also required to adhere to and comply with our Privacy Policy.

We also implement physical and electronic procedures to ensure that privacy is safeguarded. However, the internet is not secure and we cannot guarantee the security of any information sent to us via the internet. Sometimes breaches of personal information occur, which can range from non-threatening to serious.

When a data breach is considered serious it is likely to cause harm to the individual that the personal information is about. This is called an eligible data breach. If a circumstance arises that is considered an eligible data breach, we will notify the individual and the Office of the Australia Information Commissioner. In this notification we will make recommendations to the individual on the steps they should take to protect themselves in relation to the breach of information. Generally, such a breach would relate to sensitive information, which we do not usually collect as outlined earlier in this policy.

When your Personal Information is no longer needed for the purpose for which it was obtained, we will take reasonable steps to destroy or permanently de-identify your Personal Information. However, most of the Personal Information is or will be stored in client files which will be kept by us for a minimum of 7 years.

Access to your Personal Information

It is important that the information we hold about you is accurate. Except in certain situations, you have the right to access your personal information and ask us to correct it. We will take reasonable steps to update or correct, as soon as possible, any information in our possession that is inaccurate, incomplete, out-of-date, irrelevant or misleading.

We may refuse to grant you access where this is allowed or required by law, for example, where this would have a negative impact on someone else’s privacy. If we do refuse to grant access, we will give you written reasons.

If you wish to access your Personal Information, please contact us in writing.

We may charge you a small fee for accessing your personal information, as permitted by law.

Maintaining the Quality of your Personal Information

It is an important to us that your Personal Information is up to date. We will take reasonable steps to make sure that your Personal Information is accurate, complete and up to date. If you find that the information we have is not up to date or is inaccurate, please advise us as soon as practicable so we can update our records and ensure we can continue to provide quality services to you.

Policy Updates

This Policy may change from time to time and is available on our website.

Privacy Policy Complaints and Enquiries

For complaints about how GCA handles, processes or manages your personal information, please contact us (see below contact details). Note we may require proof of your identity and full details of your request before we can process your complaint.

Please allow up to 7 days for GCA to respond to your complaint. It will not always be possible to resolve a complaint to everyone’s satisfaction. If you are not satisfied with GCA response to a complaint, you have the right to contact the Office of Australian Information Commissioner (at www.oaic.gov.au/) to lodge a complaint.

How to contact us

If you have a question or concern in relation to our handling of your personal information or this Policy, you can contact us for assistance as follows:

Email: admin@gca.net.au

Telephone: 02 49641 8111

Postal Address: PO Box 3337 Thornton NSW 2322

This Policy was last reviewed and updated on: 19 August 2024