PRIVACY POLICY
- Gamuda Berhad and its Australian-based subsidiaries as set out at the end of this policy (“Gamuda”, “our”, “we” or “us”) respect privacy and are committed to complying with the Privacy Act 1988 (Cth) (“Privacy Act”).
- The Privacy Act contains 13 Australian Privacy Principles which relate to how Gamuda may collect, use, disclose and store personal and sensitive information and provides for how an individual may access and correct records containing their personal information.
- This privacy policy (“Policy”) sets out the kinds of personal information we collect, why we collect it, and how we hold, use, and disclose personal information.
- The Privacy Act contains exemptions relating to employee records and related bodies corporate. Where appropriate we make use of relevant exemptions in the Privacy Act.
- Gamuda conducts business operations in Australia and other parts of the world. This Policy applies to all personal information collected by us in relation to our business operations in Australia and sets out how we collect, use, store and disclose this personal information.
- For privacy policies applicable to our operations in other countries, please refer to the terms of our Privacy Notice: gamuda.com.my/privacy-notice/.
- Personal Information is information or an opinion about an identified, or reasonably identifiable, individual and includes some types of services information. It includes sensitive information.
- Sensitive information is information about individuals that, under the Privacy Act, is considered more sensitive than other personal information under the Privacy Act. This includes information or an opinion about someone’s racial or ethnic origin, political opinions, religious beliefs or affiliations, health or medical conditions, genetic information, biometric information, sexual orientation, criminal record, membership of a professional or trade association and membership of a trade union. This type of information is called sensitive information. Gamuda may need to collect sensitive information about you for its legitimate business purposes, but we will only do this with your consent (unless an exception under the Privacy Act applies), or if required or authorised by law.
- The types of personal information Gamuda may collect about you includes some or all of the following information. Please note that this list is not exhaustive:
- your name, date of birth, job title;
- your contact details including telephone number, facsimile, home and office address, email address, emergency contact details, next of kin, beneficiaries and dependents;
- your nationality, ethnic origin, residency / immigration status personnel/employee records including your employment history, education, qualifications, and certificates;
- details or copies of identification documents such as passport, drivers licence and utility bills;
- directorship personal details;
- any personal information included as part of a Contract with us (for example contact details , tender and submission documents;
- litigation records;
- any other information provided to us as part of an application for employment (or your engagement by) us or which we may have obtained as part of your application for employment by us including criminal records history;
- banking details of employees, contractors, clients, suppliers;
- your responses (including to competitions) on our social media platforms;
- government related identifiers including your tax file number or Medicare number;
- your biometric information;
- information regarding employee and staff remuneration assessment, performance review and development plans;
- your medical history and other health information;
- details relating to criminal records;
- drug and alcohol testing data;
- travel information;
- residential and/or tenancy information; and
- any information you provide to us directly or indirectly through use of our website or online presence, through our representatives, your employer, recruitment agencies, government training organisation or otherwise.
- Gamuda only collects personal information which is reasonably necessary for or directly related to it being able to perform its functions and activities. The main functions and activities for which Gamuda collects personal information include the following:
- performing it business operations with clients, suppliers and contractors;
- providing you with services or benefits under any of Gamuda’s businesses or policies;
- where relevant, marketing of goods and services and sending any updates, new products, special offers, advertising, promotional material and/or commercial material to you (including emails, short message services or other means) and/or to be used in, to provide and/or improve the services of Gamuda, processing invoices and payments (including card payments) and providing other services to enhance and support the relationship of Gamuda and you and/or such other persons or companies represented by you;
- recruitment of employees or staff;
- management of employees, staff and workforce in our business operations;
- conducting research on planning, products, goods, services, security and testing;
- carrying out matching procedure in accordance with the law;
- performing statistical analysis for various objectives in Gamuda and providing this information within Gamuda;
- purposes connected with the operation, administration, development, record-keeping or enhancement of Gamuda’s businesses including for the purpose of which is relevant to support and/or assist in any of Gamuda’s businesses or Gamuda’s Websites;
- purposes connected with the administration, management and/or enforcement of the commercial transaction and for contact and communication with you;
- obtaining credit references and conducting due diligence on individuals or representatives of corporate entities;
- maintaining effective access, safety and security controls for our sites and premises;
- where required by law, where Gamuda consider that such use or disclosure is necessary to respond to any claims or legal process, or where Gamuda suspects that fraud or unlawful activity has been, is being or may be engaged in;
- where a third party acquires or wishes to acquire, or makes inquiries in relation to acquiring, an interest in any company within Gamuda;
- where a third party requires us to do so, in order for such third party to perform functions or services as required by Gamuda; and/or
- enabling Gamuda to perform functions or obligations as required under the laws, rules, regulations, by laws and/or guidelines (whether or not having the force of law) or as required by any governmental and/or non-governmental authorities, agencies or departments or to ensure compliance with agreement(s) or document(s);
- where a third party requires us to do so, for purposes of preparation and submission of any claims or payments to any party or for any audit/checks by any party for whatever purpose related to Gamuda’s businesses;
- compilation and maintaining of supplier and contractor databases;
- purposes connected with the enforcement of Gamuda’s rights pursuant to any letters, agreements and/or documents including seeking legal and financial advice, taking any preliminary steps or commencing any legal actions;
- making such disclosures as may be required for any of the above purposes or by law; and/or
- for any other purposes that is incidental or ancillary or in furtherance to Gamuda’s legitimate business purposes.
- Gamuda will generally collect personal information directly from you.
- In some instances, Gamuda may collect personal information regarding you via a third party or publicly available records, where:
- you have consented to the personal information being provided to Gamuda; or
- we are authorised or required by law to collect the personal information from a third party; or
- it is unreasonable or impracticable for us to collect the personal information directly from you and the information is not sensitive information.
- As you navigate through our website/s or otherwise use our equipment, systems, and technology, we may collect and store information about your use of our website/s, such as which pages you visit, the time and date of your visit and the IP (internet protocol) or MAC (media access control) address assigned to your device. This is statistical data about users’ browsing actions and patterns and does not identify any individual.
- We may use ‘cookies’ on several of our website/s. Cookies are small text files placed on your computer by a web page server which may later be retrieved. A cookie enables us to recognise your computer without the need for a fresh request for you to register. The cookies do not allow us to collect personally identifiable information about you. Most internet browsers are set up to accept cookies. If you do not wish to enable cookies, you may be able to change the settings of your browser to refuse all cookies or to notify you each time a cookie is sent to your computer.
- Gamuda stores all personal information securely and restricts access to those employees who need access in order to mitigate who accesses such information and to limit access to persons required to have access in order to perform their duties and functions for Gamuda.
- Personal information is stored electronically through either a database, tools with database functionality, hard drives, emails or it is stored in hard copy of documents.
- Gamuda uses third-party providers to store personal information. This may result in personal information being stored in further jurisdictions other than those where it was collected.
- Gamuda takes security of personal information seriously and takes reasonable steps, including physical and electronic security measures, to protect the personal information we hold from misuse, loss, unauthorised access, disclosure or interference.
- However, Gamuda cannot guarantee the security of your personal information. The internet is not a secure environment. If you do use the internet to send us any information, including your email address, please be aware that it will be sent at your own risk.
- Our websites and electronic communications may contain links to other websites operated by third parties. Unless expressly stated otherwise, Gamuda is not responsible for the privacy practices of those linked websites. The privacy policies that apply to those other websites may differ from the Policy, so we encourage individuals to read them before using those websites.
- Gamuda only uses personal information for the purpose for which it was collected (its “primary purpose”) unless the individual has provided consent to another use or if required or authorised to do so by law.
- The primary purpose could be any one of the following:
- managing our relationship with you;
- recruitment or employment related purposes;
- as a means to managing access, safety and security risks;
- management of sites in relation to projects taking place;
- management of employees and contractors in relation to Gamuda’s business operations;
- managing all elements of business-related purposes with suppliers, clients and contractors;
- conducting any investigations and complaints relevant to the business;
- in order to comply with any legal obligations;
- marketing and public relation purposes;
- dealing with aspects related to the website administration and internal operations administration
- analytics for aspects to allow for business improvement; and
- for any other purpose required or permitted by law or authorised by you.
- Where Gamuda uses or discloses personal information for a purpose other than what it was originally collected for (“secondary purpose”) – Gamuda will keep record of such use or disclosure where required by applicable law.
- Gamuda will only use or disclose personal information for a secondary purpose as authorised or required by law.
- Gamuda may also use de-identified data for statistical and business purposes, such as reporting on gender, diversity, and inclusion.
- Due to the global nature of the Gamuda business, Gamuda may disclose your personal information to recipients who are outside of the country where it was collected. This may include transfer of personal information to our related bodies corporate, including those located in Malaysia or our cloud storage or data storage providers that are located outside of Australia.
- While an overseas recipient of information may not be subject to the same privacy standards as those in Australia, Gamuda takes reasonable steps to ensure that persons and organisations to whom we disclose personal information are bound to protect the privacy of your personal information and do not breach the privacy obligations relating to your personal information. Gamuda also ensure that any third-party providers who have access to your personal information adhere to applicable privacy laws and take appropriate measures to protect, limit, and use of that information.
- You may request access to the personal information Gamuda holds about you by contacting our Privacy Officer using the contact details provided below. Your entitlement to access your personal information is subject to applicable laws.
- Your request for access will be handled as soon as reasonably practicable. If we refuse your request to access your personal information, we will provide you with the reasons for the refusal where we are required by law to give those reasons.
- For security reasons and to protect individuals’ privacy, we will ask for proof of identification with any request that is made.
- There will be no charge for requesting access to your personal information, but we may ask that you to cover our reasonable costs to actually provide you with access.
- Please include your contact details in the written request as well as proof of identification.
- Gamuda takes reasonable steps to ensure that all personal information collected and held by it, is accurate, complete and up-to-date.
- You may request that we correct any of the personal information that we hold about you, to ensure that having regard to the purpose for which we hold it, the information is correct, accurate, complete, it is not out-of-date, irrelevant and not misleading. This request must be made in writing to the Privacy Officer Gamuda using the contact details below. The request must clearly set out the errors or inaccuracies and outline what must be changed or corrected.
- There is no charge associated with the making of a request. In some circumstances, there may be a valid reason for us to deny your request to correct your information. If we do this, we will tell you why.
- If you think we have breached the Privacy Act, or you wish to make a complaint about the way we have handled your personal information or a request from you to access or correct your personal information. Please include your name, email address and telephone number and clearly describe your complaint. Complaints may be submitted to the Privacy Officer at Gamuda in writing and should clearly set out the issues and concerns to be investigated by Gamuda. Complaints will be investigated by the General Counsel of Gamuda (Australia) Branch and the outcome of the investigation will be communicated to you as soon as we can do so.
- If you are not satisfied with the outcome of any internal investigation we conduct, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at enquiries@oaic.gov.au or on 1300 363 992. More information is available on the OAIC’s website at https://www.oaic.gov.au/.
- If you would like more information about how we handle your information or our approach to privacy, or to exercise any of your rights outlined above, please contact our Privacy Officer by emailing or writing to respective companies Privacy Officer as set out below.
- Gamuda may amend and alter the contents of this policy from time to time by publishing updates to it on our website. Kindly check our website to ensure you are always accessing the latest version of this policy.
GAMUDA ENTITIES & PRIVACY OFFICER CONTACT DETAILS
| ENTITY NAME | PRIVACY OFFICER CONTACT DETAILS |
|---|---|
| DT Infrastructure | Attention: Legal Department Level 2, 135 Coronation Drive Milton Brisbane Queensland 4604 Australia Email: Legal@dtinfrastructure.com.au |
| Gamuda Engineering Pty Limited | Attention: Privacy Officer Gamuda (Australia) Branch Suite 26.01 100 Miller Street North Sydney NSW 2060 Australia Email: Privacy.officer@gamuda.com.au |
| Gamuda Holdings Pty Limited | Attention: Privacy Officer Gamuda (Australia) Branch Suite 26.01 100 Miller Street North Sydney NSW 2060 Australia Email: Privacy.officer@gamuda.com.au |
| Tunnelling Solutions Pty Limited | Attention: Privacy Officer Gamuda (Australia) Branch Suite 26.01 100 Miller Street North Sydney NSW 2060 Australia Email: Privacy.officer@gamuda.com.au |
| Gamuda Berhad | Attention: Privacy Officer Gamuda (Australia) Branch Suite 26.01 100 Miller Street North Sydney NSW 2060 Australia Email: Privacy.officer@gamuda.com.au |
Updated 2 May 2024
GAMUDA ENTITIES & PRIVACY OFFICER CONTACT DETAILS
| ENTITY NAME | PRIVACY OFFICER CONTACT DETAILS |
|---|---|
| DT Infrastructure | Attention: Legal Department Level 2, 135 Coronation Drive Milton Brisbane Queensland 4604 Australia Email: Legal@dtinfrastructure.com.au |
| Gamuda Engineering Pty Limited | Attention: Privacy Officer Gamuda (Australia) Branch New South Wales Level 23, 100 Mount Street North Sydney NSW 2060 Australia Email: Privacy.officer@gamuda.com.au |
| Gamuda Holdings Pty Limited | Attention: Privacy Officer Gamuda (Australia) Branch New South Wales Level 23, 100 Mount Street North Sydney NSW 2060 Australia Email: Privacy.officer@gamuda.com.au |
| Tunnelling Solutions Pty Limited | Attention: Privacy Officer Gamuda (Australia) Branch New South Wales Level 23, 100 Mount Street North Sydney NSW 2060 Australia Email: Privacy.officer@gamuda.com.au |
| Gamuda Berhad | Attention: Privacy Officer Gamuda (Australia) Branch New South Wales Level 23, 100 Mount Street North Sydney NSW 2060 Australia Email: Privacy.officer@gamuda.com.au |
Updated 2 May 2024