1.1 We are the first choice association for furnishing, kitchens, cabinet making and joinery industries. Run by industry, for industry members including kitchen manufacturers, cabinetmakers, joiners and window furnishers, flooring specialists, lounge and bedding manufacturers, picture framers, suppliers, furniture polishers and upholsterers.
1.2 Our primary role is to promote the viewpoints and interests of the furniture and furnishing related industries and to provide services to members in a broad range of areas including training, workplace relations, codes and standards.
1.3 The ACFA membership base extends from small family businesses to large national manufacturers, retailers, suppliers and professional industry advisers.
1.4 This document details the approach of ACFA to collecting, using, disclosing and protecting personal information as documented in this Privacy Policy.
1.5 We may change, vary or modify all or part of this Privacy Policy at any time in our sole discretion.
1.6 If we adopt a new Privacy Policy:
1.6.1 we will post the new Privacy Policy on the Platform; and
1.6.2 it will thereupon apply through your acceptance of it by subsequent or continued use of the Platform or by other means of disclosure to you.
1.7 It is your responsibility to check this Privacy Policy and the Platform periodically for changes.
1.8 The Privacy Act 1988 (Cth) and the APPs regulates the collection, use and disclosure of personal information.
2. Scope
2.1 This Privacy Policy explains:
2.1.1 the scope of our Privacy Policy;
2.1.2 why we collect personal information;
2.1.3 what personal information we collect;
2.1.4 how we collect personal information;
2.1.5 how we use personal information;
2.1.6 the disclosure of personal information;
2.1.7 your right of access to your personal information;
2.1.8 your right to correct your personal information;
2.1.9 how we protect the integrity of your personal information;
2.1.10your right to have your privacy complaints investigated and resolved; and
2.1.11how you can contact us regarding privacy concerns.
2.2 This Privacy Policy governs all personal information collected by and provided to us and must be adhered to by all persons who access, use, process, control or otherwise deal with personal information on our behalf. This policy applies to independent contractors and job applicants, as well as individuals who provide us with their personal information.
2.3 This Privacy Policy does not apply to our acts and practices which relate directly to the employee records of our current and former employees.
3. Purpose
3.1 We collect your personal information for the following purposes (Primary Purpose):
3.1.1 to lawfully carry out our functions and activities;
3.1.2 to deliver any products and services that you requested;
3.1.3 to provide you with further information about the products and services you requested;
3.1.4 to personalise and customise your experiences with us;
3.1.5 to help us review, manage and enhance our services;
3.1.6 to develop insights used in reports or other content developed by us;
3.1.7 to communicate with you;
3.1.8 for administration purposes, including charging, billing and collecting debts;
3.1.9 to promote and market those of our other products and services (as appropriate) which we consider may be of interest to you;
3.1.10 when considering making offers to job applicants and prospective employees or for employment purposes; and
3.1.11 to receive services from you or the organisation which employs you.
3.2 In addition to the Primary Purpose, we may use the personal information we collect and you consent to us and our Affiliated Entities using your personal information to:
3.2.1 provide you with news about any products and services;
3.2.2 send you marketing and promotional material that you may be interested in;
3.2.3 communicate with you, including by email, telephone and mail;
3.2.4 manage and enhance products or your experience on our Platform and (where relevant) those of our Affiliated Entities;
3.2.5 conduct surveys or promotions;
3.2.6 verify your identity;
3.2.7 investigate any complaints about, or made by you, or if we have reason to suspect you have breached any relevant terms and conditions; and
3.2.8 as required or permitted by any law.
3.3 Unless otherwise provided by law, we will not collect, hold, use or disclose sensitive information without your consent.
4. Collection
4.1 Personal information we collect about you may include your name, date of birth, address, telephone number, email address and other contact details, gender, business or member name, payment information, licensing information, including any information you enter to register on or use our Platform, provide to use or access our products and services (as the case may be) and other information from which your identity is apparent or can be reasonably ascertained.
4.2 We also collect information that is not personal information, such as data relating to your activity on the Platform (Other Information).
4.3 Other Information we collected may include:
4.3.1 (to the extent the same does not constitute or comprise personal information) business or member name, insurer details, licensing information and employee numbers;
4.3.2 the Internet Protocol address and a component of the domain name used (e.g. .com or .net);
4.3.3 the type of browser and operating system you used;
4.3.4 the date and time you visited the Platform;
4.3.5 the web pages or services you accessed at the Platform;
4.3.6 the time spent on individual pages and the Platform overall;
4.3.7 which files you downloaded; and
4.3.8 information about your computer and Internet connections using cookies.
5. Collection methods
5.1 Personal information may be provided by you using the Platform or by telephone, business cards, contracts, applications, competition entries, order forms, mail or email, by attending events or webinars, face-to-face or in writing.
5.2 If you provide personal information about another person to us, we require that you:
5.2.1 inform that person you have done so and provide them with a copy of this Privacy Policy; and
5.2.2 confirm to us in writing that you have that person’s consent to provide such information for the purpose specified.
5.3 If we receive unsolicited personal information about you that we could not have collected in accordance with this Privacy Policy and the Privacy Act, we will within a reasonable period, destroy or de-identify such information received.
5.4 You are not obliged to give us your personal information. If you would like to access any of our services or features of our Platform on an anonymous basis we will take reasonable steps to comply with your request. However, we will require you to identify yourself if:
5.4.1 we are required by law to deal with individuals who have identified themselves; or
5.4.2 it is impracticable for us to deal with you if you do not identify yourself or elect to use a pseudonym.
5.5 We use Google Analytic and their potential needs. We do not collect personal information by such methods; only aggregate data is used for planning purposes.
6. Use
6.1 We will only use and disclose your personal information:
6.1.1 for purposes which are related to the Primary Purpose and as contemplated by clause 3.2; or
6.1.2 if we otherwise get your consent to do so, in accordance with this Privacy Policy and the Privacy Act.
6.2 We will not use your personal information for any purpose for which you would not reasonably expect us to use your personal information. Additionally, we will not disclose your sensitive information without your consent, unless there is a need to disclose such information in accordance with the Privacy Act or to comply with any other regulatory requirement.
6.3 We will only use or disclose your personal information for the purposes of direct marketing if:
6.3.1 we collected the information from you;
6.3.2 it is reasonable in the circumstances to expect that we would use or disclose the information for direct marketing purposes;
6.3.3 we provide you with a simple means to ‘opt-out’ of direct marketing communications from us; and
6.3.4 you have not elected to ‘opt-out’ from receiving such direct marketing communications from us.
6.4 you may opt out of receiving such communications by:
6.4.1 clicking a link on the email communications sent to you; or
6.4.2 contacting our Privacy Officer in accordance with clause 11.
7. Disclosure
7.1 We may disclose personal information and you consent to us disclosing such personal information to:
7.1.1 third parties engaged by us to perform functions or provide products or services on our or their behalf such as mail outs, marketing or advertising;
7.1.2 third parties that sponsor or promote us;
7.1.3 persons authorised by you to receive information held by us;
7.1.4 your referees and former employers;
7.1.5 credit agencies;
7.1.6 our professional advisors, including our accountants, auditors and lawyers;
7.1.7 persons authorised by you to receive information held by us; and
7.1.8 any persons as required or permitted by any law.
7.2 We may in some circumstances as necessary send personal information to overseas recipients (including recipients which may or may not be affiliated with us).
7.3 If we send personal information to overseas recipients, we will take reasonable measures to protect your personal information such as ensuring all information is de-identified where appropriate before being transmitted. However, you acknowledge and agree that if we disclose personal information to overseas recipients, we are not obliged to take reasonable steps to ensure overseas recipients of your personal information comply with the Privacy Act and the APPs.
8. Access + Correction
8.1 Access. You have a right to access your personal information, subject to certain exceptions provided for in the Privacy Act.
8.2 If you require access to your personal information, please contact our Privacy Officer by one of the methods detailed in clause 11.
8.3 you are required to put your request in writing and provide proof of identity.
8.4 we are not obliged to allow access to your personal information if:
8.4.1 we reasonably believe that giving access would pose a serious threat to the life, health or safety of any individual, or to public health or public safety;
8.4.2 giving access would have an unreasonable impact on the privacy of other individuals;
8.4.3 the request for access is frivolous or vexatious;
8.4.4 the information relates to existing or anticipated legal proceedings between you and us and would not ordinarily be accessible by the discovery process in such proceedings;
8.4.5 giving access would reveal our intentions in relation to negotiations with you in a way that would prejudice those negotiations;
8.4.6 giving access would be unlawful;
8.4.7 denying access is required or authorised by or under an Australian law or a court/tribunal order;
8.4.8 we have reason to suspect that unlawful activity, or misconduct of a serious nature relating to our functions or activities has been, is being or may be engaged in and giving access would be likely to prejudice the taking of appropriate action in relation to the matter;
8.4.9 giving access would be likely to prejudice one or more enforcement related activities conducted by, or on behalf of, an enforcement body; or
8.4.10 giving access would reveal internal evaluative information in connection with a commercially sensitive decision-making process.
8.5 If you make a request for access to personal information, we will:
8.5.1 respond to your request within a reasonable period; and
8.5.2 if reasonable and practicable, give access to the information in the manner requested.
8.6 If we refuse to give access to the personal information because of an exception or in the manner requested by you, we will give you a written notice that sets out at a minimum:
8.6.1 our reasons for the refusal (to the extent it is reasonable to do so); and
8.6.2 the mechanisms available to complain about the refusal.
8.7 We reserve the right to charge you reasonable expenses for providing access to personal information, for example, a fee for photocopying any information requested by you.
8.8 Correction. We request that you keep your personal information as current as possible. If you feel that information about you is not accurate or your details have or are about to change, you can:
8.8.1 contact our Privacy Officer by one of the methods detailed in clause 11 and we will correct or update your personal information; or
8.8.2 if you have a login to our Website then you can click on Update My Details to change your details, when you are logged in.
8.9 If you make a request to correct your personal information, we will:
8.9.1 respond to your request within a reasonable period; and
8.9.2 if reasonable and practicable, correct the information in the manner requested.
8.10 If we refuse a request to correct personal information, we will:
8.10.1 give you a written notice setting out the reasons for the refusal and how you may make a complaint; and
8.10.2 take reasonable steps to include a statement with your personal information which we refuse to correct.
8.11 We reserve the right to charge you reasonable expenses for making a correction to your personal information; for example, a fee for photocopying relevant information.
9. Security + Protection
9.1 We will take all reasonable steps to:
9.1.1 ensure that the personal information that we collect is accurate, up-to-date and complete;
9.1.2 ensure that the personal information that we hold, use or disclose is, with regard to the relevant purpose, accurate, up-to-date, complete and relevant; and
9.1.3 protect personal information from misuse, loss or unauthorised access and disclosure including by means of password access (where applicable) and secure servers. Electronic information is protected by various security measures (including encryption and password protection) and physical paper files are stored in a secure location. Personal information is de-identified where appropriate. Data protection includes the use of password access areas and secure servers.
9.2 You acknowledge that the security of communications sent by electronic means or by post cannot be guaranteed. We cannot accept responsibility for misuse, loss or unauthorised access to your personal information where the security of information is not within our control.
9.3 If you suspect any misuse or loss of your personal information please contact us immediately.
10. Complaints
10.1 If you have a complaint about how we collect, use, disclose, manage or protect your personal information please contact us in writing.
10.2 We will respond to any written complaint within 14 days of receiving the complaint.
10.3 Once the complaint has been received, we will try to resolve the matter in a number of ways:
10.3.1 Request for further information: We may request further information from you. You should be prepared to provide us with as much information as possible, including details of any relevant dates and documentation. This will enable us to investigate the complaint and determine an appropriate solution. All details provided will be kept confidential.
10.3.2 Discuss options: We will discuss options for resolution with you and if you have suggestions about how the matter might be resolved you should raise these with our Privacy Contact Officer.
10.3.3 Investigation: Where necessary, the complaint will be investigated. We will try to do so within a reasonable time frame. It may be necessary to contact others in order to proceed with the investigation. This may be necessary in order to progress your complaint.
10.3.4 Conduct of our employees: If your complaint involves the conduct of our employees we will raise the matter with the employees concerned and seek their comment and input in the resolution of the complaint.
10.4 You are free to lodge a complaint directly with the Office of the Australian Information Commissioner (OAIC) online, by mail, fax or email. For more information please visit the OAIC website at: http://www.oaic.gov.au/privacy/making-a-privacy-complaint.
11. Contact
If you would like to contact our Privacy Officer, you may do so by one of the methods below:
11.1.1 by telephone on 02 4340 2000;
11.1.2 by email at [email protected]; or
11.1.3 by post at FIAA, PO Box 157, Gosford, NSW 2250.
Interpretation + Definitions
11.2 Personal pronouns: Except where the context otherwise provides or requires:
11.2.1 the terms we, us or our refers to ACFA; and
11.2.2 the terms you or your refers to a user of the Platform or a person in respect of whom we may collect, use or disclose personal information as documented in this Privacy Policy.
11.3 Terms italicised and defined in the Privacy Act have the meaning given to them in the Privacy Act.
11.4 Defined terms: In this Privacy Policy unless otherwise provided, the following terms shall have their meaning as specified:
Affiliated Entities means ACFA's subsidiaries, affiliates, associated entities and relevant partners as the case may be or the context requires from time to time and includes: PSC Insurance Brokers 12/189-197 Kent St, Sydney NSW 2000, First Super, Level 1/165 Bouverie St, Carlton VIC 3053, Australian Business Lawyers and Advisors, NSW Business Chamber and Australian Business Energy, Level 15, 140 Arthur Street, North Sydney, NSW 2060, Timber Trade Industrial Association 4/160 Goulburn St, Surry Hills NSW 2010, SJV Administration Pty Ltd 17 Hanover Ave, North Epping NSW 2121, Lincoln Sentry 76 Postle Street, Coopers Plains QLD 4108.
APPs means any of the Australian Privacy Principles set out in Schedule 3 of the Privacy Act.
ACFA means Australian Cabinet and Furniture Association (ACN 008656148), PO Box 157, Gosford, NSW 2250.
Platform means the ACFA website at http://www.acfa.net.au including its sub-domains.
Privacy Act means the Privacy Act 1988 (Cth) as amended from time to time.
Privacy Policy means this privacy policy of ACFA as amended from time to time.