We understand the importance of protecting the privacy of an individual's personal information. This policy statement sets out how Ranfurlie Asset Management Pty Ltd ACN 603 201 332 and its related entities (we/our/us) aim to protect the privacy of your personal information, your rights in relation to your personal information managed by us and the way we collect, hold, use and disclose your personal information.
In handling your personal information, we are committed to preserving your privacy in accordance with the Privacy Act 1988 (Cth) (Privacy Act) and its 13 Australian Privacy Principles. This policy statement may be updated from time to time.
This policy statement addresses the following:
1.   What kinds of personal information do we collect?
2.   How do we collect your personal information?
3.   Why do we need your personal information?
4.   If you lease, license or apply to lease or license from us
5.   Our shopping centre precincts visits
6.   Customer parking at our centres
7.   To whom do we disclose your personal information?
8.   Overseas disclosures
9.   Direct marketing
10. Security of your personal information
11. Third party links
12. Can you access and correct the personal information that we hold about you?
13. Right to refuse access or correction
14. Web site cookies
15. Wi-Fi services
16. Bluetooth surveillance
17. CCTV surveillance
18. Notifiable data breaches
19. Privacy complaints
20. Changes to this policy
21. How to contact us

1.   What kinds of personal information do we collect?
Personal information is information or an opinion about an identified, or reasonably identifiable, individual. During the provision of our products and services, we may collect your personal information.
Generally, the kinds of personal information we collect include:

• your contact and identification information such as your name, previous names and change of name documentation, address, previous addresses, telephone number, email address and date of birth;
• banking, financial, loan and trading information including information about your assets, tax assessments, rental contracts, occupation, employers and previous employers, income, account balances and activities, and transactions with us or third parties;
• credit information, being credit related personal information lawfully created and accessible within the Australian credit reporting system including:
  • identification information including viewing, or obtaining copies of, your driver’s licence, Medicare card, police check data, passport, birth certificate or extract, citizenship certificate or evidence of permanent residence, marriage certificate or other evidence of your relationship status and ATM cards;
  • consumer credit liability information including:
    • information about existing and previous credit providers and credit accounts;
    • the types of consumer credit provided;
    • the day on which the accounts were entered into, terminated or otherwise ceased to be in force;
    • the terms and conditions of the consumer credit relating to the repayment of the credit or otherwise prescribed by law; and
    • the maximum amount of credit available under the consumer credit
  • repayment history information, being information about whether you have met your monthly payment obligations with respect to consumer credit;
  •  information about defaults;
  • any other information lawfully obtainable within the Australian credit reporting system;
• credit eligibility information which is information about you, including the Information set out above, that we obtain from a credit reporting body together with information we derive from such information based on our own analysis. This may include an internally generated assessment, which reflects your suitability for a loan arrangement;
• insurance information;
• information including your photographic or video image collected via various methods, including by our CCTV surveillance systems;
• if you are prospective employee, your employment history, academic results, personal interests and other information you may provide as part of the recruitment process;
• sensitive information including health information and criminal record information where you are applying for a position with us and it is relevant to the recruitment process through which you must progress or where you have consented to such collection;
• your opinion or preferences regarding our products or services;
• information concerning your online presence and the websites you access as provided to us through your use of our websites and your use of our Wi-Fi services;
• information concerning your location and movement as provided to us through your use of Bluetooth surveillance; and
• other personal information required for our functions and activities and to enable you to deal with us.  

In some circumstances, we may also hold other personal information provided by you or a credit reporting body.

2.   How do we collect your personal information?
Generally, we collect your personal information directly from you, through the completion of a manual or online form, an interaction or exchange in person or by way of telephone, facsimile, email, post or through the use of our website, including but not limited to when you:

• make enquiries about our products or services;
• ask to be placed on our mailing lists;
• complete a form;
• use any of our various websites;
• meet with any of our staff;
• become a client, debtor, lessee or licensee; or
• apply for a job with us.

There may be occasions when we collect your personal information from other sources such as an information services provider or a publicly maintained record including but not limited to:

• the Land Titles Office and other property registers;
• relevant State and Territory Valuers General;
• real estate agents;
• ASIC;
• the Insolvency and Trustee Services of Australia;
• credit reporting bodies including Veda Advantage Information Services and Solutions Limited (Veda Advantage), Level 15, 100 Arthur Street, North Sydney NSW 2060; and
• third party providers which collate information which may otherwise be available through a generally available publication.

We may also collect personal information about you when conducting market research.

Generally, we only collect your personal information from sources other than you if it is unreasonable or impracticable to collect your personal information from you.

3.   Why do we need your personal information?
We collect, hold, use and disclose your personal information where it is reasonably necessary for the purposes of:

• providing our products and services to you including:
  • easing and property management;
  • operation of retail centres;
  • property sales;
  • assessing your suitability for a loan arrangement;
  • facilitating financial advice and suitable loan arrangements;

• enabling our contractors to provide products and services to you including:
  • property sales;
  • assessing your suitability for a loan arrangement;
  • facilitating financial advice and suitable loan arrangements;

• enabling our contractors’ subcontractors to assist our contractors to provide products and services to you;
• enabling our contractors to engage in direct marketing with you;
• complying with our legal obligations:
  • as a corporate credit representative of an Australian Credit Licence holder;
  • under the Anti-Money Laundering and Counter Terrorism Finance Act 2006; and
  • under the National Consumer Credit Protection Act 2009 including the responsible lending guidelines; and
• carrying out our business functions including:
  • recruitment processes for potential employment;
  • personalizing and customizing your customer experience;
  • engaging you as a contractor or consultant;
  • responding to complaints, queries, feedback and disputes;
  • tracking when you visit our offices and retail centres;
  • tracking your customer sales experience; distributing promotional materials;
  • market research;
  • accounting, billing and other internal administrative purposes;
  • identifying and informing you of products and services that may be of interest to you;
  • managing and enhancing our services, including managing security and safety requirements at all our sites;
  • providing, as part of our business, data to third parties;
  • protecting the security of our property, buildings, and assets, including building perimeters, entrances, exits, reception and corridors;
  • verifying alarm and access control system conditions;
  • investigating any complaints about or made by you, or if there is any reason to suspect that you are in breach of any of our terms and conditions or that you have engaged in any unlawful activity;
  • to assist law enforcement agencies, for example, in connection with the detection, investigation or prosecution of an offence; and
  • any other legal requirements.

Where personal information is used or disclosed, we take reasonable steps to ensure it is relevant to the purpose for which it is to be used or disclosed.

You are under no obligation to provide your personal information to us. However, without certain information from you, we may not be able to provide our products and services to you.

4.   If you lease, license, or apply to lease or license from us
The personal information we collect from you (whether actual or prospective tenant of premises or kiosks, licensee, or assignee) includes:

• Retailers and licensees: names, addresses, dates of birth, contacts and insurance details, job descriptions, business details, trading history, financial capacity and private and business assets and liabilities. For retailer or licensee personnel / staff, it includes name, job position, contact details and any other information required for registering retailer personnel for centre services, such as retailer carparking, entry passes and keys, for which we collect number plate details.
• Guarantors: name, job position, contact details and all other information on your business experience, trading history, financial capacity, as well as personal and business assets and liabilities.

The information collected will be used to:

• Determine whether to grant a lease, license or other rights to use our facilities or services.
• Manage and operate our relationship, agreements, payment systems and processes and communications with you (this includes notices issued under leases and licenses).
• Manage and operate the centres and its facilities in which you lease or license space from us.
• Manage and monitor the performance of our centres.
• Observe all emergency procedures and contact you in the event of an emergency.
• Understand your interests, preferences and activities as a retailer or licensee at our centres.
• Conduct market research surveys and interviews how to improve the retailer experiences at our shopping centres.

5.  Our shopping centre precincts visits

During your visit to any of our locations, we and our service providers collect:

• • CCTV and video camera footage to ensure the safety and security of those visiting and working at our locations;
  • Contact details or social media ID where public Wi-Fi services are offered, if you choose to register;
  • Conduct consumer profiling, device tracking and traffic management; and
  • Offer mobility equipment for hire within our shopping centre.

At some of our centres, we collect your vehicle’s number plate details, images of your parked vehicle and CCTV footage from within our car parks in order to:

• • Monitor car park usage and maintain centre security; and
  • Help you to locate your vehicle.

We disclose your personal information for the purpose for which we collect it. That is, generally, we will only disclose your personal information for a purpose related to the provision of commercial or retail property services including property management services with respect to retail and commercial spaces and shopping centres.

This may include disclosing your personal information to third parties engaged by us to perform administrative or other services including, without limitation: contractors, lenders or other credit providers, development, technology, marketing, communications, research and analytics services, mortgage insurers, business advisory services, including, recruitment, legal, accounting and audit, carpark operators, utilities, cleaning, sanitary and security services, call centre, contract management and administrative services such as mailing, delivery and archives, related bodies corporate, stationery printing houses, mailing houses, professional advisors or people or entities considering acquiring an interest in our business or assets, social media channels and apps, brokers, agents, shopping centre owners, related entities and regulators and enforcement agencies.

We may also disclose to the credit reporting body, Veda Advantage (the contact details of which are set out in paragraph 2), information about you having applied for credit. This enables us to collect from Veda Advantage credit related personal information about you for the purposes of assessing your suitability for a lease, loan or guarantee agreement.

This disclosure is always on a confidential basis or otherwise in accordance with law. We may also disclose your personal information with your consent or if disclosure is required or authorised by law.

We do not disclose personal information to overseas recipients.  However, in the event we need to do so:

• we will only do so in order to provide our services and products and manage our business functions; and
• before disclosing any personal information to an overseas recipient, we will take reasonable steps to ensure the overseas recipient complies with the Australian Privacy. Principles or is bound by a substantially similar privacy scheme, unless you consent to the overseas disclosure or it is otherwise required or permitted by law.

9.    Direct marketing

We may use and disclose your personal information in order to inform you of our products, services, offers and promotions that may be of interest to you and the products, services, offers and promotions of our contractors and third party service providers. 

In order to inform you of such products, services, offers and promotions, such communications may be sent to you by email, SMS or other form of electronic communication. 

In the event you do not wish to receive such communications from us or our third party service providers, you can opt-out by contacting us via the contact details set out in paragraph 19 or through any opt-out mechanism contained in a marketing communication to you.

We take reasonable steps to ensure that the personal information we hold is protected from misuse, interference and loss and from unauthorised access, modification or disclosure. We hold personal information in both hard copy and electronic forms in secure databases on secure premises, accessible only by those who have a legitimate business purpose and reason for accessing it.  The secure databases are operated either by us or by our external service providers and we have implemented a range of security measures, including strict confidentiality agreements, passwords, firewalls and encryption to restrict access. 

We will destroy or de-identify personal information in circumstances where it is no longer required, unless we are otherwise required or authorised by law to retain the personal information.

You should be aware that the Internet is not a secure environment. Although we will use reasonable endeavours to protect your personal information, we cannot guarantee the security of personal information that is being transferred via the Internet.  If you use the Internet to send us personal information, including your email address, it is sent at your own risk.  Once we have received your personal information, we will use strict processes and security measures to prevent unauthorized access. 

If we engage external service providers to assist us to fulfil our functions and activities, we generally require them to implement appropriate measures to protect any personal information that is provided to them. 

In the event that our website contains links to websites that are operated by third parties, such links are provided as a convenience to you and should not in any way be interpreted as an endorsement of any company, content or product that may be linked.  Any access to a third party website that is linked to our website is at your own risk and we have no control over and are not responsible for the accuracy, validity or ownership of any content of a linked site and the privacy practices of those linked websites. 

We take reasonable steps to ensure personal information we collect, hold, use and disclose is accurate, up-to-date and complete.

Under the Privacy Act, you have a right to access and seek correction of your personal information that is collected and held by us.

If at any time you would like to access or seek correction of the personal information that we hold about you, or you would like more information on our approach to privacy, please contact our Privacy Compliance Officer via the contact details set out in paragraph 19.

We will grant access to your personal information to the extent required or authorised by the Privacy Act or other law and take reasonable steps to correct personal information where necessary and appropriate.  In the event that access to your personal information is denied, we will provide you with reasons for doing so. 
To obtain access to your personal information:

• you will need to provide proof of identity.  This is necessary to ensure that personal information is provided only to the correct individuals and that the privacy of others is protected;
• we request that you be reasonably specific about the information you require; and
• we may charge you a reasonable administration fee, which reflects the cost to us, for providing access in accordance with your request.

In the event we correct personal information that we have previously disclosed to another entity, you may request us to notify that other entity of the correction.  In these circumstances, we will take reasonable steps to notify the other entity of the correction unless it would be impracticable or unlawful to do so.

We will endeavour to respond to your request to access or correct your personal information within 30 days from your request.  You may also seek to access and correct personal information we have obtained about you from Veda Advantage by contacting them on the details set out in paragraph 2.

We reserve our right to refuse your request to access or correct your personal information if we consider your request to be frivolous or vexatious or if we are otherwise legally entitled to do so.

If we refuse your request to access or correct your personal information, we will provide you with written reasons for the refusal and details of complaint mechanisms.  We will nevertheless take reasonable steps to provide you with access in a manner that meets both your, and our, needs.

If we refuse your request to correct your personal information that we hold and you provide us with a statement that the information is inaccurate, out-of-date, incomplete, irrelevant or misleading, we will take reasonable steps to associate the statement in such a way that will make the statement apparent to users of your personal information.

We make limited use of ‘cookies’ technology on our website.  We use cookies which can record information about your visit to our website, to improve the functionality of our website and enable us to better understand your needs.

Cookies cannot determine the identity of individual users. Cookies are a feature of your Internet browser that you can disable at any time, but this may mean that you are not able to use the full functionality of our website.

We also make use of third party cookies, for example, those that are sent by advertisers on websites that you visit.  Third party cookies are used on our website to enable remarketing and reporting of user demographics and user interests.

 

We offer Wi-Fi services to customers and prospective customers at certain sites, including our offices, buildings and retail centres.

If you are in possession of a device that is enabled for Wi-Fi and you are within range of one of our networks, we will automatically collect your location information and other information about your device while you are within the range of our Wi-Fi network, for example, the type of device you hold, MAC address, signal strength, information specific to the handset and operating system and its movement patterns.  Such information is unlikely to personally identify you, unless you connect to our Wi-Fi network. 

In addition to the information referred to above, if you connect to our Wi-Fi network, we may collect information from you, including your name, phone number, email address and details of the websites you access while you are connected to our network.  We may use your personal information in aggregate form to improve our services and make them more responsive to your needs.

If you prefer that the above information is not collected via our Wi-Fi services, simply opt-out by turning off your phone’s Wi-Fi when entering our buildings. 

If you are within range of one of our networks and have Bluetooth capability on your smartphone switched on and are in possession of a device that is enabled for Wi-Fi, we will automatically collect your location information and other information about your device while you are within the range of our Wi-Fi network for example, the type of device you hold, MAC address, signal strength, information specific to the handset and operating system and its movement patterns.  Through the use of this Bluetooth surveillance, we will also be provided with your mobile number. 

One of the ways we will collect this information is through the use of Skyfii through Bluetooth capabilities available in our carparks, offices, buildings and retail centres for the purpose of tracking visitor flows, tracking customer sales experiences and marketing to customers. For further details, please refer to Skyfii’s Privacy Policy: https://guestwifi.skyfii.com/test+account/privacy?portal_id=1728&draft=true and Terms and Conditions: https://guestwifi.skyfii.com/test+account/terms?portal_id=1728&draft=true

For customers already on our database, we use the information gathered via Bluetooth surveillance for promotional marketing purposes.  For those individuals not already on our database, we will not use the information gathered through Bluetooth surveillance for promotional marketing purposes.   

If you prefer that the above information is not collected via our Bluetooth surveillance, simply opt-out by turning off your phone’s Wi-Fi and Bluetooth capabilities when entering our buildings and associated car parks. 

We use CCTV surveillance systems to record activity at our sites, including offices and car parks.  We collect, hold, use and disclose your personal information, including your visual image, gathered via CCTV surveillance systems for one or more of our legitimate purposes related to our operations, including:

• ensuring the safety and security of staff and our premises and facilities;
• protecting the security of our property, buildings, and assets, including building perimeters, entrances, exits, reception and corridors;
• verifying alarm and access control system conditions;
• training security staff under appropriate supervision; and
• to assist law enforcement agencies, for example, in connection with the detection, investigation or prosecution of an offence.

18.   Notifiable data breaches

We will protect the information we hold about you and comply with the notifiable data breaches scheme set out in the Privacy Act. 

Where we become aware that a suspected data breach is likely to result in serious harm to you (in the event we hold information about you), we will investigate the suspected breach and notify you and the Office of the Australian Information Commissioner of that breach. 

Please direct all privacy complaints to our Privacy Compliance Officer.
At all times, privacy complaints:

• will be treated seriously;
• will be dealt with promptly;
• will be dealt with in a confidential manner; and
• will not affect your existing obligations to us or affect the commercial arrangements you have with us.

In the event you have a complaint with respect to privacy, the Privacy Compliance Officer will commence an investigation and inform you of the outcome of the investigation. If you are dissatisfied with the outcome of the investigation, you may refer the complaint to the Federal Office of the Australian Information Commissioner or, if you would like to participate in an external dispute resolution process, to Credit Ombudsman Services Ltd, Phone 1800 138 422 or PO Box A252, Sydney South NSW 1235.

If we decide to change this privacy policy, we will publish those changes on our website so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we disclose it.

For further information or enquiries regarding your personal information, please contact our Privacy Compliance Officer at:

Email: privacy@denniscorp.com.au

Address:  The Privacy Officer, Dennis Family Corporation, 863 High Street, Armadale VIC 3143
Ph: 03 9573 1208