Privacy Policy

Introduction

Purpose

This Privacy Policy (Policy) outlines CWP Renewables’ (CWPR) commitment to you in respect of the collection, management and use of your personal information in accordance with the Australian Privacy Act 1988 and the Australian Privacy Principles, collectively referred to in this document as Privacy Laws.

We will review this Policy from time to time. We encourage you to check our website regularly as any updated policy will be available on our website.

Scope

The Policy applies to Grassroots Renewable Energy Pty Ltd as trustee for the Grassroots Renewable Energy Trust and its subsidiaries including CWP Renewables Pty Ltd (CWPR).

This policy applies to all employees and all persons performing work at the direction of, or on behalf of, CWPR (for example, contractors, consultants, temporary staff and ‘workers’ as otherwise defined under the Work Health and Safety Act 2011), collectively referred to as ‘Employees’.

This Policy does not form part of any Employee’s contract of employment or any contract for services between CWPR and any Employee who does not have a contract of employment with CWPR.

Types of information that we collect and purpose of collection

‘Personal information’ is information or an opinion, in any form (whether true or not), about an identified individual or an individual who is reasonably identifiable.

The kinds of personal information we collect and hold about you will depend on the circumstances of collection, including whether we collect the information from you as a supplier, contractor, adviser, stakeholder, job applicant or in some other capacity.

For example, if you are a supplier or potential supplier to us, we may collect and hold your contact details including your name, address, phone number and email address, details about your professional capability, experience and industry reputation, information about your insurances and registrations and information about your financial capacity.

For recruitment purposes, we may collect and hold personal information about prospective employees, including your qualifications and employment history. Unless the collection of sensitive information is permitted under Privacy Laws, we will only collect sensitive information with your consent where that information is reasonably necessary for our functions.

If you deal with us in some other capacity (for example, as a community representative or other stakeholder), we may collect your name, contact details and any other information you choose to provide to us.

How we collect your personal information

Collecting personal information from you

We may collect your personal information when you interact with us directly in person, in writing, over the telephone, and via our website www.cwprenewables.com

Collecting personal information from other sources

Sometimes we collect personal information about you from other sources where you have consented to the collection of the information from someone else, we are authorised by law to collect the information from someone else, or it is unreasonable or impracticable to collect the information from you personally.

If you apply for a position with us, we may collect your personal information from third parties such as recruitment service providers, referees, former employers and educational institutions.

At all times this information is collected by lawful means and in a manner that respects your privacy.

If we receive unsolicited personal information about you from a third party and it is clear to us that we should not have received that information, we will destroy or securely delete that information (if it is lawful and reasonable for us to do so).

Notification of collection of personal information

If we collect your personal information from third parties in circumstances where you may not be aware that we have collected your personal information, and that information can be used to identify you, we will take reasonable steps to notify you of the collection and the circumstances that surround the collection.

Use and disclosure

Use and disclosure of personal information

We use personal information for a variety of purposes to effectively conduct our business, projects and engage with the community concerning our business and projects including:

  • to contact and communicate with you;
  • for internal record keeping;
  • to address community concerns concerning our business or projects;
  • to consider applications for current and future employment; and
  • to comply with legal and regulatory requirements.

We will not use or disclose personal information we hold about you that was collected for a particular purpose for another unrelated purpose, unless:

  • you have consented to the use or disclosure of the information for another purpose; or
  • the use or disclosure is otherwise permitted under the Privacy Laws.

Disclosure to third parties

To help us carry out our business functions, we may disclose personal information about you to third parties, including:

  • our related entities;
  • our contractors, suppliers and agents;
  • our professional advisers, such as auditors and lawyers;
  • government and regulatory authorities (as required or authorised by law or a court/tribunal order); and
  • any other person where you have given your consent.

We will not sell, gift, rent or trade your Personal Information to anyone.

Disclosure overseas

We may disclose your personal information to our related entities, contractors or suppliers overseas, predominantly as a result of our password protected cloud based storage systems being located in Asia.

Where your personal information is disclosed overseas, we will seek to ensure that information is used, held and disclosed consistently with the Privacy Laws and any other applicable laws and that the overseas recipient does not breach the Privacy Laws.

Protecting personal information

Storing personal information

We store your personal information in different ways, including in physical and electronic form on site and with third party storage providers.

We maintain physical, electronic and procedural security measures to safeguard your personal information and to secure and protect it from misuse and unauthorised access, disclosure or interference.

What happens if we no longer need your personal information?

If we no longer need your personal information for any purpose, we will take reasonable steps to destroy or permanently de‐identify the information, unless the information is contained in a Commonwealth record or we are required by law, or a court/tribunal order, to retain the information.

Access to, and correction of, personal information

Access to personal information

You may request access to personal information we hold about you by contacting our Privacy Officer in accordance with paragraph 7.1 of this policy.

We will respond to a request for access within a reasonable time, and give you access in the manner you request, if it is reasonable and practicable to do so, unless an exception in the Privacy Laws applies. For example, if providing this access may disclose information about another person we may need to refuse to grant you access.

We may need to verify your identity before we give you access to your personal information. Depending on the nature of the request, we may charge you a small fee to access that information.

Requesting correction

You may request us to correct any information about you which you think is inaccurate, incomplete or out of date. We will respond to a correction request within a reasonable time.

If we correct your personal information that we have previously disclosed to another entity, and you ask us to tell the other entity about the correction, we will take reasonable steps to tell the other entity about the correction, unless it is impractical or unlawful to do so.

Refusal to allow access to, or correction of, personal information

If we refuse to allow you access to your personal information or to correct that information, then we will provide you with the reasons for our decision and will inform you of mechanisms available to complain about the refusal.

Complaints about personal information

Complaints

If you have any complaints about our privacy practices or would like further information, please contact our Privacy Officer:

Privacy Officer: Kate Sykes

Telephone: +61 400 823 914

Mail: PO Box 1858, Canberra ACT 2601

Email:privacy@cwprenewables.com

External complaint mechanism

If you are not happy with the outcome of the Privacy Officer’s investigation or we have not replied to you within a reasonable time, then you can raise your concern with:

The Office of the Australian Information Commissioner

Telephone: 1300 363 992

Email: enquiries@oaic.com.au

Mail: Office of the Australian Information Commissioner GPO Box 5218 Sydney NSW 2001

Online: www.oaic.gov.au/privacy/makingaprivacycomplaint

Variation

CWPR reserves the right to vary, replace or terminate this Policy from time to time. CWPR undertakes to regularly review this policy to take account of changes in relevant legislation. All Employees are required to comply with this Policy as varied or replaced.