Privacy Policy

Introduction
The Australian Airports Association (AAA) aims to build and maintain positive relationships with its members, stakeholders, clients, and the general public by maintaining the highest standards of honesty, fairness, proper and ethical dealings, and confidentiality. A significant part of our business involves the collection, storage and transmission of information about people, businesses, and corporate entities, and the Association understands and accepts the requirement to protect the privacy and nature of the information held by it.

Purpose
This document specifies and explains the Association’s privacy policy, and how it collects and manages the information given to and held by it.

Legislation
The over-arching legislation relevant to this policy is the Commonwealth Privacy Act 1988 and the Privacy Amendment (Enhancing Privacy Protection) Act 2012 (Cth). This policy embraces the 13 Australian Privacy Principles (APPs) enunciated in the Act.

Australian Privacy Principles
The AAA will take all reasonable steps to implement practices, procedures and systems to ensure that it complies with the Australian Privacy Principles and to deal with inquiries or complaints from individuals about the AAA’s compliance with those APPs, which are listed below:

  • APP1 – Open and transparent management of personal information
  • APP 2 – Anonymity and Pseudonymity
  • APP 3 – Collection of Personal Information
  • APP 4 – Dealing with Unsolicited Personal Information
  • APP 5 – Notification of the Collection of Personal Information
  • APP 6 – Use or Disclosure of Personal Information
  • APP 7 – Direct Marketing
  • APP 8 – Cross-border Disclosure of Personal Information
  • APP 9 – Adoption, Use or Disclosure of Government Related Identifiers
  • APP 10 – Quality of Personal Information
  • APP 11 – Security of Personal Information
  • APP 12 – Access to Personal Information
  • APP 13 – Correction of Personal Information

Collection
The Association collects information provided by individuals and organisations from correspondence, application forms, and data collection forms such as questionnaires which are raised from time to time. Information from a wide range of areas such as training, business practice, workplace health and safety, employment and industrial relations, and marketing is collected in the normal course of the inter- action between the Association and its members. When collecting information the Association, either through its website or through individual privacy notices on forms and letters, will tell a client:

  • Who is collecting the information
  • How the Association can be contacted
  • The main purpose of collecting the information
  • Whether the information will be disclosed to third parties
  • Any privacy implication relevant to specific information collection activities (surveys etc.)

Use and Disclosure
The AAA will only collect, hold, use and disclose the information it reasonably requires for its usual business functions and activities. Further details of these are set out later in this Policy:

Personal information – information about individuals which is collected  and stored on file generally in relation to applications for employment, applications for training, evaluative information, and information comprising resumes or CVs. It could include: names, mailing address, telephone numbers, email addresses, academic qualifications and so on. More sensitive information such as ethnic origin, religion, political orientation, criminal records or sexual orientation is not generally collected or held by the Association. Irrespective, the Association will not disclose any personal information to third parties without the specific, written consent of the owner of the information. This information is generally held on a paper or electronic file, and is securely destroyed at the end of the mandated holding period. The Association may disclose personal information where it is under a legal obligation to do so, including circumstances where it is under a lawful duty of care to disclose information. The Association will tell the individual about this disclosure, unless doing so is itself unlawful.

Information about businesses and organisations – as a peak industry body, the Association collects, stores, uses, manipulates and shares information about businesses and organisations in the Airport industry. It also collects information to support its database of Airport and corporate members, and industry stakeholders. Although much of this information is on the public record, the information can also include: postal address, telephone contact details, key appointments, and email and website information. This information is generally used for the purposes of conducting the business of the Association, including research, data interpretation, marketing, and statistical and issues analysis. The Association does disclose basic details of its membership information to AAA sponsor organisations, and to AAA Corporate Members, for marketing purposes.

Privacy Statements
Where feasible, and in good faith, the Association will place simple privacy statements on its published material, especially where that material is produced for the purposes of gathering or soliciting information. This includes application and census forms, questionnaires, contract documents, and forms used for the collection of personal information, such as recruitment material. Such statements will be along the lines:  

Privacy Statement:  The Australian Airports Association collects personal or corporate information in the conduct of its normal business activities. Personal information will be protected, and other information will be handled, in accordance with the requirements of the Privacy Act 1988 (Cth), the Privacy Amendment (Enhancing Privacy Protection) Act 2012 (Cth), and the Australian Privacy Principles.

Information and Data Security
The Association will take all reasonable precautions and steps to protect the personal and organisational information it holds from misuse, and from unauthorised access, disclosure, modification, or theft. This will include password protection of electronic records, security of stored information in locked cabinets, filing systems or rooms, and/or the physical protection of its records within locked and secured office spaces. Information of a particularly sensitive nature, including Registered Training Organisation training records, will be secured in a locked and fire-protected safe.

Access to Information Held by the Association
Individuals or organisations whose information is held by the Association will be given access to the information held by the Association upon request. Information or advice in relation to the information held may be obtained by visiting the offices of the Association or by contacting the Association Business Services Manager by telephone, email or in person.  All reasonable requests will be met in a timely manner, unless prevented by a reason as detailed in the Act.

Points of Contact
The officers responsible for the administration of the AAA’s Privacy Policy are:

  • The Chief Executive Officer; and
  • Business Services Manager.

Both of these members are authorised to respond to requests for information or advice relating to this policy.

APP 1 – Open and transparent management of personal information
The AAA will manage personal information in an open and transparent way.
The AAA will at all times maintain this Privacy Policy in relation to the management of personal information by the AAA.

The kinds of personal information that the AAA collects and holds
The AAA may collect and hold information, including sensitive information, required to conduct its usual activities and functions. Such information may include, but is not limited to:

Identity information, including full name and date of birth
Contact information, including residential and postal address, telephone numbers and email address
Employment information, including occupation, employer name and income
Tax File Numbers (TFNs)
Australian Business Numbers (ABNs)
Certain financial information such as credit card and bank account details (used for financial transactions only)

How the AAA collects and holds personal information
Information is generally collected from members when they complete and sign an application to join the AAA. This application forms part of the relevant AAA membership data. Additional information may also be collected from other AAA documentation; for example personal contact details may be required if a member applies for industry training with the AAA. 

All information is stored in secure physical storage facilities and/or in electronic form. Electronic data is only accessible by authorised persons for appropriate purposes and is password protected.

The purposes for which the AAA collects, holds, uses and discloses Personal Information
The AAA will only collect, hold, use and disclose the information it reasonably requires for its usual business functions and activities. Further details of these are set out later in this Policy.

How an individual may access personal information about the individual that is held by the AAA and seek the correction of such information
As noted below, except in certain limited circumstances, individuals may access their personal information and advise the AAA of any corrections to that information.

How an individual may complain about a breach of the Australian Privacy Principles that binds the AAA and how the AAA will deal with such a complaint
An individual may complain about a breach of the Australian Privacy Principles by writing to the AAA seeking such information. Written and email requests are acceptable forms of communication.

Disclosure of personal information to overseas recipients
The AAA may disclose personal information to an overseas recipient where such disclosure is part of the AAA’s normal business activities. Such disclosure will only be made in accordance with the provisions outlined elsewhere in this Policy.

Countries in which recipients of personal information are likely to be located
The AAA does not usually conduct business with any entity or persona located outside of Australia.

Availability of the Policy
The Policy will be available on the AAA’s website and may also be obtained free of charge from the AAA in any reasonable form.

APP 2 – Anonymity and Pseudonymity
When dealing with the AAA in relation to a particular matter, individuals have the option of not identifying themselves, or of using a pseudonym, where it is practical and lawful to do so.

Given the nature of the AAA’s activities and its interactions with members and the wider public, it is generally impractical for the AAA to deal with individuals who have not identified themselves or who have used a pseudonym.

APP 3 – Collection of Personal Information

Personal information other than sensitive information
The AAA will not collect personal information (other than sensitive information) unless the information is reasonably necessary for one or more of the AAA’s functions or activities.

Sensitive Information
The AAA will not collect sensitive information about an individual unless the individual consents to the collection of the information and the information is reasonably necessary for one or more of the AAA’s functions or activities.

Exceptions may apply where the collection of the information is required or authorised by or under an Australian law or a court/tribunal order.

Functions and activities of the AAA
Functions and activities that the AAA engages in in relation to a particular individual may include:

Setting up one or more membership accounts
Collecting Tax File Numbers as required by superannuation legislation
Receiving and posting information on behalf of AAA members, either by the member themselves, their employer or their spouse
Obtaining salary and income information in relation to industrial relations advice or in support of job applications
Collecting personal contact information related to applications for industry training

Means of collection
The AAA will only collect personal information by lawful and fair means. Wherever it is reasonable and practical to do so, the AAA will only collect personal information about an individual from that individual. In practice, some information is usually provided to the AAA by an individual’s employer in the normal course of business.

APP 4 - Dealing with Unsolicited Personal Information
If the AAA receives personal information and the AAA did not request that information (unsolicited information) the AAA will, within a reasonable period after receiving the information, determine whether or not AAA could have collected the information under Australian Privacy Principle 3, if the AAA had solicited the information.

If the unsolicited information could not have been collected under APP3, the AAA will, as soon as practicable but only if it is lawful and reasonable to do so, destroy the information or ensure that the information is de-identified.

APP 5 - Notification of the Collection of Personal Information
At or before the time or, if that is not practicable, as soon as practicable after, the AAA collects personal information about an individual, the AAA will take such steps as are reasonable in the circumstances to advise the individual:

  • The identity and contact details of the AAA
  • The fact that the AAA has collected the personal information and the circumstances of that collection
  • The purposes for which the AAA collects the personal information
  • The main consequences (if any) for the individual if all or some of the personal information is not collected by the AAA
  • The name of any other entity subject to the Privacy Act, body or person, or the types of any other such entities, bodies or persons, to which the AAA usually discloses personal information of the kind collected by the AAA
  • That the AAA’s Privacy Policy contains information about how the individual may access the personal information about the individual that is held by the AAA and seek the correction of such information
  • That the AAA’s Privacy Policy contains information about how the individual may complain about a breach of the Australian Privacy Principles and how the AAA will deal with such a complaint
  • Whether the AAA is likely to disclose the personal information to overseas recipients and if this is so, the countries in which such recipients are likely to be located if it is practicable to specify those countries in the notification or to otherwise make the individual aware of them
  • If the collection of the personal information is required or authorised by or under an Australian law or a court/tribunal order, the fact that the collection  is  so required or authorised (including the name of the Australian law, or details of the court/ tribunal order, that requires or authorises the collection).

APP 6 – Use or Disclosure of Personal Information
Information about an individual that the AAA collects for a particular purpose (the primary purpose), will not be used or disclosed for another purpose (the secondary purpose) unless the individual has consented to the use or disclosure of the information. The primary purpose in relation to the AAA is to obtain membership and industry training information.

The consent of the individual to the use or disclosure of information other than for the primary purpose may not be required where:

  • The  individual  would  reasonably  expect  the  AAA  to  use  or  disclose  the information for the secondary purpose and the secondary purpose is:
    • if  the  information  is  sensitive  information—directly  related  to  the  primary purpose; or
    • If the information is not sensitive information—related to the primary purpose.

  • The use or disclosure of the information is required or authorised by or under an Australian law or a court/tribunal order
  • A permitted general situation (as defined in section 16A of the Act) exists in relation to the use or disclosure of the information by the AAA
  • A  permitted health situation  (as  defined in  section 16B  of  the  Act)  exists in relation to the use or disclosure of the information by the AAA
  • The AAA reasonably believes that the use or disclosure of the information is reasonably necessary for one or more enforcement related activities conducted by, or on behalf of, an enforcement body. In such cases, the AAA will make a written note of the use or disclosure.

APP 7 – Direct Marketing
The AAA will not use or disclose personal information for the purpose of direct marketing except where:

  • The AAA collected the information from the individual, and
  • The  individual  would  reasonably  expect  the  AAA  to  use  or  disclose  the information for the purpose of direct marketing, and
  • The information is not sensitive information.
  • Unless  the  individual  requests  otherwise,  the  AAA  may  from  time  to  time  use personal information to:
  • Conduct member research to find out views on existing and proposed products and services; or
  • Provide information about AAA products and services, industry seminars or any other AAA related products.

The AAA will at all times provide a simple means by which an individual may easily request not to receive direct marketing communications from the AAA. Where such a request has been received, the AAA will cease to use or disclose personal information for the purpose of direct marketing.

Individuals that do not wish to receive direct marketing communications should advise the AAA via one of the following means:

Telephone:
02 6230 1110
Fax:
02 6230 1367
In writing:
9/23 Brindabella Circuit, Canberra Airport ACT 2609
Email:
info@airports.asn.au

The AAA will never disclose an individual’s personal information to a third party for the purposes of direct marketing unless that individual has given their express consent for such disclosure and use.

APP 8 – Cross-border Disclosure of Personal Information
The AAA will not disclose personal information about an individual to a person or organisation that is not in Australia (or one of its territories) without taking reasonable steps to ensure that the overseas recipient does not breach the Australian Privacy Principles in relation to the information.

The AAA may disclose personal information to an overseas recipient in one or more of the following circumstances:

  • The overseas recipient of the information is subject to conditions that have the effect of protecting the information in a way that, overall, is at least substantially similar to the way in which the Australian Privacy Principles protect the information and there are mechanisms that the individual can access to take action to enforce that protection
  • The individual is informed that, in the normal course of business, information may be disclosed to an overseas recipient and consents to the disclosure
  • The disclosure of the information is required or authorised by or under an Australian law or a court/tribunal order.
  • A permitted general situation (as defined in section 16A of the Act) exists in relation to the disclosure of the information.

APP 9 – Adoption, Use or Disclosure of Government-related Identifiers Adoption of government related identifiers
The AAA will not use a government-related identifier of an individual as its own identifier of the individual.

Use or disclosure of government-related identifiers

  • The AAA will not use or disclose a Government-related identifier of an individual unless:
  • The use or disclosure of the identifier is reasonably necessary for the AAA to verify the identity of the individual for the purposes of the AAA’s activities or functions, or
  • The use or disclosure of the identifier is reasonably necessary for the AAA to fulfil its obligations to a Government agency or a State or Territory authority, or
  • The use or disclosure of the identifier is required or authorised by or under an Australian law or a court/tribunal order, or
  • A permitted general situation (other than the situation referred to in item 4 or 5 of the table in subsection 16A(1) of the Act) exists in relation to the use or disclosure of the identifier, or
  • The AAA reasonably believes that the use or disclosure of the identifier is reasonably necessary for one or more enforcement related activities conducted by, or on behalf of, an enforcement body.

APP 10 – Quality of Personal Information
The AAA will take such steps as are reasonable in the circumstances to ensure that the personal information that the AAA collects is accurate, up to date and complete.

The AAA will also take such steps as are reasonable in the circumstances to ensure that the personal information that the AAA uses or discloses is, having regard to the purpose of the use or disclosure, accurate, up to date, complete and relevant.

APP 11 – Security of Personal Information
The AAA will take such steps as are reasonable in the circumstances to protect the personal information it collects from misuse, interference and loss, and from unauthorised access, modification or disclosure. AAA records are kept either in the secured office of the AAA or in an electronic form which is password protected.

Where the AAA holds personal information about an individual and:

  • The AAA no longer needs the information for any purpose for which the information may be used or disclosed by the AAA, and
  • The information is not contained in a Commonwealth Government record, and
  • The AAA is not required by or under an Australian law, or a court/tribunal order, to retain the information,
  • the AAA will take such steps as are reasonable in the circumstances to destroy the information or to ensure that the information is de-identified.

APP 12 – Access to Personal Information
Where the AAA holds personal information about an individual, the AAA will, on request by the individual, give the individual access to that information. Such a request can be made by the means set out above. The AAA will take reasonable steps to confirm the identity of the individual before providing access to personal information.

Denying access to information
The AAA may deny access to personal information where:

  • The AAA reasonably believes that giving access would pose a serious threat to the life, health or safety of any individual, or to public health or public safety; or
  • Giving access would have an unreasonable impact on the privacy of other individuals; or
  • The request for access is frivolous or vexatious; or
  • The information relates to existing or anticipated legal proceedings between the AAA and the individual, and would not be accessible by the process of discovery in those proceedings; or
  • Giving access would reveal the intentions of the AAA in relation to negotiations with the individual in such a way as to prejudice those negotiations; or
  • Giving access would be unlawful; or
  • Denying access is required or authorised by or under an Australian law or a court/ tribunal order; or
  • Both of the following apply:
  • the AAA has reason to suspect that unlawful activity, or misconduct of a serious nature, that relates to the AAA’s functions or activities has been, is being or may be engaged in; and
  • Giving access would be likely to prejudice the taking of appropriate action in relation to the matter; or
  • Giving access would be likely to prejudice one or more enforcement related activities conducted by, or on behalf of, an enforcement body; or
  • Giving access would reveal evaluative information generated within the AAA in connection with a commercially sensitive decision-making process.

Providing access to information
The AAA will respond to a request for access within a reasonable period after the request is made and will give access to the information in the manner requested by the individual if it is reasonable and practicable to do so.

If the AAA declines to give access to personal information because of one of the conditions outlined in this policy, or declines to give access in the manner requested by the individual, it will take such steps as are reasonable in the circumstances to give access in a way that meets the needs of the entity and the individual. This may include providing access through the use of a mutually agreed intermediary. The AAA will also provide:

  • The  reasons  for  the refusal  except  to the  extent  that,  having  regard to the grounds for the refusal, it would be unreasonable to do so; and
  • The mechanisms available to complain about the refusal; and
  • Any other information required to be given by law.
  • Where the AAA imposes a charge for an individual to access personal information, such charge will be reasonable and will not apply to the making of the request.

APP 13 – Correction of Personal Information
Where the AAA holds personal information about an individual and it is found that, having regard to a purpose for which the information is held, the information is inaccurate, out of date, incomplete, irrelevant or misleading, or the individual requests that the AAA correct the information, the AAA will take such steps as are reasonable in the circumstances to correct that information to ensure that it is accurate, up to date, complete, relevant and not misleading.

If the AAA corrects personal information about an individual that the AAA has previously disclosed to another party and the individual requests that the AAA notify the other party of the correction, the AAA will take such steps as are reasonable in the circumstances to give that notification unless it is impracticable or unlawful to do so.

Where appropriate, the AAA may request that the individual provides suitable evidence that the information subject to correction is inaccurate, out of date, incomplete, irrelevant or misleading.

If the AAA refuses to correct the personal information as requested by the individual, the AAA will give the individual a written notice that sets out:

  • The reasons for the refusal except to the extent that it would be unreasonable to do so; and
  • The mechanisms available to complain about the refusal; and
  • Any other matter prescribed by law.

If the AAA refuses to correct the personal information as requested by the individual and the individual requests the AAA associates with the information a statement that the information is inaccurate, out of date, incomplete, irrelevant or misleading, the AAA will take such steps as are reasonable in the circumstances to associate the statement in such a way that will make the statement apparent to users of the information.

The AAA will deal with a request to correct personal information within a reasonable period after the request is made and will not charge the individual for the making of the request, for correcting the personal information or for associating the statement with the personal information (as the case may be).

Review of the Policy
This Policy will be reviewed annually or earlier if required by changes to relevant legislation or by the lawful direction of an appropriate regulatory authority.

Conclusion
The personal, commercial and general information of its members and clients is important to the Australian Airports Association, and the Association will take all reasonable measures to ensure that such information is protected and guarded, and not disclosed to those who are not authorised to access it. The Association will abide by the requirements of the Privacy Act 1988, the Privacy Amendment (Enhancing Privacy Protection) Act 2012 (Cth), and the Australian Privacy Principles, and will review this policy from time to time to ensure its continued relevance and accuracy.

Login
Forgot Password?
x

Back to Top