Privacy Policy

1. Purpose

The purpose of this policy is to assist UQ Res to comply with Commonwealth privacy laws, namely the Privacy Act 1988 (Privacy Act), by communicating UQ Res policies and procedures in relation to privacy. All UQ Res employees and contractors must comply with this document in the collection, use or disclosure of personal information about individuals.

It is important to understand that this policy should be read in conjunction with other applicable policies and procedures which UQ Res has implemented.

This Privacy Policy applies to UQ Residences Limited. We are committed to protecting your privacy and to complying with the Australian Privacy Principles as contained in the Privacy Act 1988 (Cth), and always aim to act in accordance with the highest standards of personal and professional integrity, applicable laws, regulations and UQ Res values and policies, including those outlined within this policy.

To achieve this, we will:

only collect personal information that is necessary to fulfil, or directly related to fulfilling, a lawful purpose directly related to a function or activity of ours
ensure that appropriate notification is provided to (or, where applicable, consent obtained from) an individual when collecting personal information directly from that individual
take all reasonable steps to ensure that personal information in its control is protected against:
- loss
- unauthorised access, use, modification or disclosure ; or
- any other misuse
as appropriate, provide information about the types of documents that contain personalinformation in the form of a personal information register
use and disclose personal information in accordance with the requirements of the Privacy Act; andwe may collect and hold personal information about customers, potential customers, residents, employees, prospective employees, contractors and other people who come into contact with us.This Privacy Policy is intended to provide a clear and concise summary of our approach to the handling of personal information in accordance with the Australian Privacy Principles as contained in the Privacy Act 1988 (Cth).Our Privacy Policy appears on our website (uqres.com) and we will also provide a copy of our Privacy Policy to anyone who makes a request, free of charge.

2. Consent

By using our website in any way or using any of the services that we provide, you will be deemed to have consented to us maintaining, using and disclosing your personal information in the way described in this Privacy Policy.

3. What is personal information?

Under the Privacy Act 1988 (Cth), personal information is defined to mean information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether the information or opinion is true or not, and whether the information or opinion is recorded in a material form or not.
Personal information can include sensitive information. Sensitive information is defined as information or an opinion about an individual’s racial or ethnic origin, political opinions, membership of political, professional or trade associations, religious or philosophical beliefs, sexual orientation or practices or criminal record, health information about an individual, genetic information about an individual that is not otherwise health information, biometric information that is used for the purpose of automated biometric verification or biometric identification and biometric templates.
• Due to the nature of the services that we provide, the personal information which we may collect may include sensitive information.

4. Collecting personal information

We collect personal information:

from you
through our website and by other electronic communication channels
from third parties, such as our payment gateway service provider
from publicly available sources of information
using cookies and similar technologies
when we are required to do so by any applicable law, regulation, legal process orgovernmental request (Law); and
from our own records.In the course of:

your visiting our website
your sending an email or other communication to us; or
our providing services to you,we may collect the following types of personal information from you:

identification information, including your name(es), date of birth, email address(es), facsimilenumber(s), telephone numbers(es), current or previous residential or business address(es),driver’s licence number and other details
such as your next of kin or emergency contact person
order information, including details of all services purchased by you
payment details that you use to complete payment to us, which may include credit card, debitcard or other method of payment details
records of any competitions or promotions you enter with us
employment details
visual images
audio and visual security footage
sensitive information, including:
- health, medical and welfare (physical and mental) information
- emergency contact information
any other information that you provide to us.

Our server automatically records information that your browser sends when it connects to a
website. The information provided may include your Internet Protocol (IP) address and your browser type and language. We may also collect information about your usage (for example, by way of cookies) including when you use our website, other sites that you access from our website, content upload and download, your usage of the services available on our website and the other website users with which you connect through our website.

5. Cookies

We may use cookies. A cookie is a small text file which may be placed on your Internet browser and which we access each time you visit a website. Without limitation, we may use cookies:

to help our website to function correctly or to improve the usability, content or user experience of the website
to monitor the performance of our website
for security
to build up a picture of the services that you prefer, so that we can then provide you with apersonalised experience of our website and provide you with information of interest to you
to place advertisements for our services on other external sites; and
to monitor how our marketing is performing.Most browsers automatically accept cookies, but you can usually modify your browser settings to decline cookies. If you do so, some of the features and services of our website may not function properly. For further guidance, click “Help” in the toolbar of your browser or review the cookie management guide produced by the Interactive Advertising Bureau at www.allaboutcookies.org/.

6. Use of personal information

We use the personal information that we collect to:

provide our services
manage and process your inquiries and requests for contact and support
contact you or communicate with you
maintain your account and recover of any monies owed to us
assess any application you make for a position with us and, if you are successful, for thepurposes of your employment with us
maintain our employment records
promote, market and advertise our business and services
understand more about you, so that we can provide better services or
improve our services
develop existing and new Services
advise you of information which may be of interest to you
provide your contact details to our partners who have agreed to provide you with any offers,goods or services
maintain and update our business infrastructure and systems
meet our contractual obligations
maintain internal records and general administration; and
comply with any applicable Law.

If we do not collect the personal information, or the information provided to us is incomplete or inaccurate, we may not be able to provide you with the services that you have requested or any other services including assistance.If you provide us with endorsements, we use these (including any visual images that you provide) to promote and advertise our business and services.

7. Disclosure of and access to personal information

We never sell any personal information.
We may disclose your personal information to:
- our affiliates, including employees, agents, consultants, insurers, lawyers and professional advisers
- our related entities
- personnel involved with the operation of our website including IT, administration, sales,marketing and system administration staff
- any person or entity to which we deem it necessary (in our sole discretion) for complying with any applicable Law.
Subject to any Law, upon receipt of a written request from you, we will inform you of the personal information that we hold about you. If your request is particularly complex or requires detailed searching of our records, there may be a cost to you in order for us to provide this information.
If you believe that there are errors in our records about you, please let us know and we will investigate and correct any inaccuracies.

8. Marketing and advertising

We will never use or disclose any sensitive information for marketing or advertising purposes.
We may use and disclose your personal information (other than sensitive information) toprovide you with information about services offered by us or other companies or entities. Youconsent to receipt of direct marketing information including by email or SMS.
If at any time you do not wish to receive marketing or advertising communications from us oryou do not want your personal information disclosed for marketing or advertising purposes, please contact us at [email protected] and we will remove your details from our marketing database.

9. Data integrity

We endeavour to ensure that all personal information that we hold is accurate, complete and up-to-date. To assist us with this, you should contact us if any of your personal information changes, or if you believe that the personal information that we have is not accurate or complete.
When personal information that we collect is no longer required by us, we will destroy or de- identify that personal information unless we are required by a court, tribunal or any Law to retain the personal information.
We may retain personal information for so long as it is required for any of our business purposes, for the prevention of fraud, for insurance and governance purposes and in our IT back-up.

10. Security

We take reasonable steps to protect your personal information from misuse, loss, unauthorised access, modification or disclosure.
However, no system is completely secure against cyber attack and the open nature of the Internet is such that information exchanged via the Internet may be accessed and used by people other than those for whom the information is intended. Any personal information is therefore sent at your own risk.
You should contact us immediately if you believe that there has been unauthorised access or disclosure with respect to any personal information that we hold about you.

11. Disclosure overseas

We are unlikely to disclose your personal information overseas to persons. However, if we do so, it will be in accordance with the Australian Privacy Principles.
Our payment system and servers are located in Australia.
You consent to any disclosure of your personal information by us overseas on theunderstanding that if the overseas recipient handles the personal information in breach of the Australian Privacy Principles, the entity will not be accountable under the Privacy Act 1988 (Cth), and you will not be able to seek redress under the Privacy Act 1988 (Cth). The overseas recipient may not be subject to privacy obligations or to any principles similar to the Australian Privacy Principles. Individuals may not be able to seek redress in some overseas jurisdictions, and overseas recipients may be subject to a foreign law that could compel the disclosure of personal information to a third party, such as an overseas authority.

12. GDPR

We may at times be a “data controller”, “joint controller” or “data processor” for the purposes of the European Union’s General Data Protection Regulation (GDPR).
In limited circumstances we may have obligations under the GDPR to the extent that we process personal data in relation to various “GDPR activities”. “Personal data” as defined under the GDPR may include a broader range of information than “personal information” as defined under the Privacy Act 1988 (Cth).
We are not subject to the GDPR in circumstances where the processing of personal data is not related to a “GDPR activity”, or where we do not otherwise have contractual obligations to a data controller with respect to compliance with the GDPR.

13. De-identified data

You consent to us using and disclosing your de-identified data (data that no longer identifies you) for any purpose, including without limitation research, statistical analysis, product development, marketing and business planning and any other commercial purpose. We undertake technical measures to make sure that this data cannot be associated back to you.

14. Notifiable data breaches

We will notify you and the Office of the Australian Information Commissioner about any data breach that is likely to result in serious harm to you unless an exception applies, for example, where we have already taken appropriate remedial action that removes the risk of serious harm to any individuals.

15. Limitation of liability

We are not liable for any direct, indirect, incidental, special, punitive or consequential liability, loss (including but not limited to loss of data, income, profit or opportunity, loss of or damage to property and claims of third parties, death, personal injury or any loss, damage or expense) that you incur or suffer that arises out of your access to, use of or reliance on our website or our services or any of the content of the website or your inability to use it. This applies even if we have been informed that the liability, loss, damage or expense will or may result.
To the extent permissible by Law, we will not be liable to you or to any third party for any loss or damage or claim arising from our collection and use of personal information in accordance with this Privacy Policy.
Where liability is not able to be excluded by Law, our liability to you in any circumstances will be limited, at our choice, to re-performance of any Services that we have provided to you, payment for those services to be provided by a third party or payment of the sum of AUD $10.00 (Ten Australian Dollars).
Nothing in this Privacy Policy affects your statutory rights, including those under the Competition and Consumer Act 2010 (Cth) and Privacy Act 1988 (Cth). To the extent of any inconsistency between this Privacy Policy and your statutory rights under the Competition and Consumer Act 2010 (Cth) or Privacy Act 1988 (Cth), your statutory rights under the Competition and Consumer Act 2010 (Cth) or Privacy Act 1988 (Cth) (as the case may be) will apply.

16. Changes to this Privacy Policy

This Privacy Policy may be amended from time to time.
We will publish any updated versions of this Privacy on our website. You should review ourPrivacy Policy each time you visit our website or provide us with personal information. By continuing to use our website or order any product from us, you will be deemed to have consented to any amended versions of this Privacy Policy that are published on our website.

17. Effect of this Privacy Policy

This Privacy Policy does not create any rights or obligations that you can legally enforce beyond the rights and obligations provided by the Australian Privacy Principles.

18. Enquiries and complaints

If you would like further information on our Privacy Policy, have any concerns over the protection of the information that you have given to us or that we have collected from others, or wish to make a complaint relating to privacy, please contact us by email at [email protected].

If you make a complaint relating to privacy, we will do our best to ensure that an investigation is completed and a decision about your complaint is communicated to you within 30 days of our being advised of the complaint. We will inform you if we need more time.

If you are dissatisfied with our response to any complaint you make, you can take your complaint to the Office of the Australian Information Commissioner:

Post GPO Box 5288, Sydney NSW 2001
Fax +61 2 9284 9666
Email [email protected]