Privacy Policy

1. Introduction

Ridley Corporation Limited (ACN 006 708 765) and its related bodies corporate (as defined in the Corporations Act 2001 (Cth)) (Ridley, we, our or us) recognise that your privacy is important.

We respect your rights to privacy and seek to comply with the Australian Privacy Principles and the protection of personal privacy in accordance with the Privacy Act 1988 (Cth) (the Act).

The Act establishes a national scheme for the lawful collection, holding, use, correction, disclosure and transfer of Personal Information. It provides individuals with the right to request access to information that an organisation holds about them, and a right to request correction of information if the individual considers it is inaccurate, out-of-date, incomplete, irrelevant or misleading.

This Policy sets out how we collect, use, disclose, manage and store Personal Information.

Ridley has a separate Credit Reporting Policy, which explains how we collect, manage, use and disclose credit information and credit eligibility information.

 

2. Scope

This Policy applies to Ridley and all employees of Ridley.

Ridley will also take reasonable steps, in accordance with the Act, to ensure that Ridley’s contractors comply with this Policy when handling Personal Information on Ridley’s behalf.

 

3. What is Personal Information?

Personal Information is any information or an opinion about an identified individual or an individual who is reasonably identifiable. Information or an opinion may be Personal Information regardless of whether it is true and regardless of whether it is recorded in a material form or not.

The types of Personal Information we may collect will vary depending on the circumstances, but may include the following:

• name
• gender
• date of birth
• contact details (including email address and telephone number)
• residential address
• tax file number
• driver’s licence number
• bank account or credit card details
• insurance details
• product preferences
• information about your use of our websites
• details of your attendance at our worksites or other premises
• your skills and expertise
• employment history
• medical information
• security information from Police and other governmental departments
• superannuation account information
• education and qualification information
• emergency contact details; and
• records of your employment or position with us (e.g. employment training participation or certifications).

We may also collect Personal Information about you when we generate new information based on the personal information we hold about you (e.g. reports or analysis).

 

4. What is Sensitive Information?

Sensitive Information has the meaning given in the Act, and includes certain types of Personal Information such as health information (e.g. information about a person’s disabilities, medical history, and details of any health conditions or allergies), biometric information (including fingerprint records), and information about a person’s racial or ethnic origin, sexual orientation, religious beliefs or affiliations and criminal record.

Sensitive Information is afforded a higher level of privacy protection than other Personal Information.

 

5. What Personal Information do we collect and why do we need it?

We collect Personal Information to enable us to conduct various aspects of our business – this includes running our operations. For example, we may need to collect contact information and other Personal Information about customers and prospective customers, users of our products, shareholders, suppliers, third party advisers, contractors, potential employees, employees and other persons who deal with us.

The kinds of Personal Information that we may collect and hold about you, and the purposes for which we may use your Personal Information, will depend on the circumstances and purposes of collection. For example, we use:

• customer information to provide products and services, for payment and credit control and to facilitate competitions and promotions. (For more information about how we collect and use credit information and credit eligibility information as part of our credit control processes, please refer to our Credit Reporting Policy)
• supplier information to initiate and facilitate transactions and reconcile accounts
• shareholder/investor information to administer our share register and comply with our legal obligations
• information concerning potential employees to assess their applications for employment; and
• information concerning employees to manage their employment with us.

 

Generally, we collect, hold and use your Personal Information so that we can:

• provide, offer or communicate with you about products and services, and manage our relationship with you
• contact you, for example, to respond to your queries, feedback or complaints, or if we need to tell you something important
• fulfil administrative functions associated with our business, such as order processing, billing, debt recovery, entering into contracts, managing relationships, planning, managing and monitoring our activities, products and services, training staff, contractors and other workers, risk management and management of legal liabilities and claims, obtaining advice from consultants and other professional advisers
• comply with our legal obligations and assist government and law enforcement agencies or regulators
• develop, improve and market our products and services
• conduct recruiting activities and workforce planning
• comply with our safety obligations
• conduct business processing functions including providing personal information to contractors, service providers and other third parties; and
• fulfil any purposes for which it was requested and any secondary purposes to which you have consented, or for which we are lawfully allowed to use your information.

In addition to the uses above, where you have consented or we are otherwise permitted by law, we may use your Personal Information for marketing purposes, to identify and tell you about other products or services that we think may be of interest to you. That may include marketing activities run in collaboration with other relevant businesses.

We will not use your Personal Information for marketing purposes if you ask us not to and if, at any time, you no longer wish to receive marketing material from us, please let us know. You can tell us using the opt out process described in the marketing material you receive or the contact details at the bottom of this Policy, and your details will be removed from our marketing database.

Please note that there are certain types of communications that you may not be able to opt-out from, such as communications that we are required or permitted by law to send you.

We may use your Personal Information for any other purposes required or authorised by or under law, including purposes for which you have provided your consent. That consent may be written, verbal or implied from your conduct.

If you do not provide (or authorise us to collect) Personal Information about you that we request, we may not be able to provide you with the services or assistance you have requested or do business with you or the organisation with which you are connected to the extent that such services, assistance or business reasonably require your Personal Information.

We will only collect your Sensitive Information if you have consented to the collection and the information is reasonably necessary for, or directly related to, one of our functions or activities, or we are otherwise legally permitted to collect the information (for example, where we are required or authorised by law to collect the information, or another applicable permission applies). Where you provide Sensitive Information to us voluntarily, you also provide consent for us to collect, hold, use and disclose such information for the purpose for which you provided it (and otherwise in accordance with this Policy, unless you advise us otherwise).

We also collect certain technical information each time a person visits our website. Unless we suspect misuse of the website or illegal activity, this information is kept in a de-identified form and is not used to trace any individual.

 

6. How do we collect Personal Information?

We may collect your Personal Information in person, in writing, by telephone, through our website and by other electronic communication channels, and from publicly available sources of information. We collect this Personal Information through our staff and through our contracted agents.

Where reasonable and practicable, we will ask you for your Personal Information directly. However, we may need to collect Personal Information about you from others such as employers, business associates, bankers, credit reference agencies, credit reporting bodies, and referees, as well as (in some circumstances) from our service providers, suppliers and customers (for example, when running a promotion, we may collect personal information from a wholesale customer who submits an application on behalf of an end user of our products). We will take reasonable steps in accordance with the Act to notify you (or otherwise ensure that you are aware) if this is the case.

If you provide us with Personal Information about another person, please make sure that you tell them about this Policy.

We use various technologies on our websites which automatically collect certain data about your use of our websites (which may, in some circumstances, include personal information).  See the section “Collection of our information via our website” for more information.

We also use technologies at our worksites and premises which may collect and record data (which may include personal information), such as CCTV and other surveillance technologies.  We also use in-vehicle management systems (IVMS) on selected vehicles at some of our work sites to monitor vehicle safety to reduce the risk of workplace incidents and accidents.  The IVMS can make video and sound recordings within the vehicle cabin and video recordings of the internal and external environment including other vehicles, as well as recording data about driving behaviour.

 

7. Who will see or have access to your Personal Information?

Unless we are required to provide your Personal Information to others by law, by court order, to investigate suspected fraud or other unlawful activity, or to manage our relationships with regulators, government agencies and law enforcement bodies that are relevant to our business, your Personal Information will generally only be seen or used by persons working in or for the Ridley corporate group. These people will include our staff and contracted agents and service providers engaged to help us carry out our operations.

Some Personal Information may be stored and processed by service providers on servers located in countries outside Australia (including in Australia, New Zealand and the USA]). Where this occurs, we will take reasonable steps to protect your information in accordance with our obligations under the Act.  However, the local laws in these countries may not offer an equivalent level of protection of your personal information as the Act.

We may also disclose your Personal Information to third parties for purposes authorised by or under law, including purposes for which you have provided your consent. That consent may be written, verbal or may be reasonably implied from your conduct or the circumstances.

Where you have ordered goods or services from us that reasonably require us to involve a third party contractor, such as a delivery contractor, we may provide your Personal Information to the relevant third party and that third party may hold and use your information in accordance with its own privacy policy.

In the event that we undergo (or consider undertaking) a merger, divestiture, restructure, reorganisation or other sale or transfer of some or all of our assets to a third party (whether as a going concern or as part of bankruptcy, liquidation, or similar proceeding), we may disclose your personal information to third parties and their advisors as reasonably necessary to allow for the consideration, structuring and implementation of the relevant transaction.

 

8. How do we hold your Personal Information?

We may store your Personal Information in hard copy and/or in electronic form (including in cloud storage, and in some cases, on third party servers which may be located outside of Australia). We will take reasonable steps to ensure that the Personal Information we collect, use or disclose is accurate, complete and up to date.

We will take reasonable steps to protect the Personal Information we hold from misuse, interference and loss, and from unauthorised access, modification or disclosure, including by endeavouring to select reputable software and IT service providers and ensuring that our staff who have access to records containing personal information have an appropriate understanding of their privacy and information security obligations.

We will take reasonable steps (such as implementing policies and procedures) to de-identify or destroy Personal Information when it is no longer required for one of our business functions or activities or for legal requirements.

 

9. Collection of information via our website

On our website we provide a form for visitors to provide their Personal Information if they wish to contact us or to facilitate a purchase of our products and, on occasion, we may collect Personal Information in relation to promotional competitions and similar activities.

As you navigate through and interact with our website, we may also use automatic data collection technologies, or other innovative technologies as they come out, to collect certain information about your equipment, browsing actions, and patterns, including:

• details of your visits to our website, including traffic data, location data, logs, and other communication data and the resources that you access and use on the website; or
• information about your computer and internet connection, including your IP address, operating system, and browser type.

The information we automatically collect is statistical data and may include personal information. It helps us to improve our website and to deliver a better and more personalized service, including by enabling us to:

• estimate our audience size and usage patterns;
• store information about your preferences, allowing us to customize our website according to your individual interests; or
• recognise you through your IP address when you return to our website.

The technologies we use for this automated data collection may include:

Cookies (or browser cookies): Like most companies, our website does use “cookie” technology. When you visit our website a small packet of files, known as cookies, are written to your hard drive. A cookie is a small file placed on the hard drive of your computer. You may refuse to accept browser cookies by activating the appropriate setting on your browser. However, if you select this setting, you may be unable to access certain parts of our website. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you direct your browser to our website.

Flash Cookies: Certain features of our website may use local stored objects (or Flash Cookies) to collect and store information about your preferences and navigation to, from, and on our website. Flash Cookies are not managed by the same browser settings as are used for browser cookies.

Web Beacons: Pages of our website may contain small electronic files known as web beacons (also referred to as clear gifs, pixel tags, and single-pixel gifs) that permit us, for example, to count users who have visited those pages or for other related website statistics (for example, recording the popularity of certain website content and verifying system and server integrity).

We may also use automated tracking technologies to assign your device a user ID.

We also use tools, such as Google Analytics (view the Google Analytics privacy policy). We may use cookies and data from analytics tools to log information about the use of our website. The type of information logged may include technical information, such as the type of browser, language, device and operating system used, and the date and time of the visit. We may also log the site from which you came to our site, the documents downloaded, the pages visited and the subsequent site visited.

Neither the cookies, the other automated data collection technologies nor the analytical tools used are able to read information from your hard drive. Although these tools do not personally identify website users, they do identify a user’s Internet Service Provider (ISP). You can configure your browser to reject some or all cookies, to notify you when a cookie is sent or to limit the information available to analytics tools. Please refer to your browser instructions to learn more about those functions. For information on how to use these settings in some of the more common browsers, please use the links below:

• Mozilla Firefox: https://support.mozilla.org/en-US/kb/cookies-information-websites-store-on-your-computer
• Google Chrome: https://support.google.com/chrome/answer/95647
• Microsoft Edge: https://support.microsoft.com/en-us/help/4027947/microsoft-edge-delete-cookies
• Apple Safari: https://support.apple.com/guide/safari/manage-cookies-and-website-data-sfri11471/mac

We may use persistent cookies (which remain on your computer even after you close your browser) to store information that may speed up your use of our website for any of your future visits. We may also use session cookies (which no longer remain after you end your browsing session) to help manage the display and presentation of information on the website. Please note that if you do configure your browser to reject our cookies, you may not be able to use the full functionality of our website.

The cookies, the other automated data collection technologies and the analytical tools that operate on our websites may be provided by third party service providers (such as Google).  We may use analytics service providers to identify generic behavioural patterns on our website (such as Google Analytics).  It may be possible to prevent such analytics service providers from collecting data, for example, by downloading the Google Analytics Opt-out browser add on. To learn more about how Google Analytics collects and processes data you may visit http://www.google.com/policies/privacy/partners.

 

10. Links to other websites

Our websites may contain links to other websites that are not owned or operated by us.

We are not responsible for the privacy practices of those websites, or for the content, products, or services provided by, or contained on, those websites. We recommend you review the privacy notices of other third party websites, applications, and/or services applications before authorising a third-party access to your information.

 

11. What if you want to check or correct the Personal Information we hold about you?

Subject to some exceptions permitted by law, we will provide you with access to the Personal Information we hold about you upon request.  We generally request that you submit your request in writing.

Generally, there is no charge for accessing your Personal Information, but if your request is particularly complex or requires detailed searching of our records, we may require that you pay our reasonable costs of providing access (such as photocopying costs or costs for time spent on collating large amounts of material). Any request for access should be made via the contact details provided below.

We may need to verify your identity before we can process your request.  If you are making a request in relation to another person’s personal information (for example, your child or someone who is under your care) we may also need to confirm that you are authorised to access or correct that person’s information.

In some circumstances the law may require or permit us to refuse your request.  If this happens, we will provide you with a written notice that explains our reasons for refusing your request.  The law may also permit us to provide you with access or correction in a manner that is different from the one that you initially requested.  In such cases we will usually discuss this with you when we respond to your request.

If you believe there are errors in our records about you, please let us know (using the contact details below) and we will investigate and take reasonable steps to correct any inaccuracies.

We are not obliged to make a correction to your personal information if we don’t agree that it requires correction.  If this happens, we will provide you with a written notice stating our reasons for refusing.  We will not charge you for any actions that we take in response to a correction request.

We will respond to requests for access to or correction of personal information within a reasonable time.

 

12. Employee Records Exemption

Notwithstanding this Policy, we may rely on the “employee records exemption” in the Act and any other applicable exemptions in the Act or other relevant legislation. The employee records exemption means that in many cases, we are not bound by the requirements of the Act in relation to Personal Information we hold about current or former employees (relating to their employment with us).

This exemption does not apply to applicants who are unsuccessful in securing a role with us. In these cases, we will take all necessary steps to ensure the proper collection, use, storage, disclosure of and access to information in accordance with the Act and other applicable laws.

 

13. Further information and complaints

If you would like further information on our privacy policy, if you have any concerns over the protection of the Personal Information you have given to us or that we have collected from others, if you would like to request access to, or correction of, personal information that we hold about you, or if you have a complaint about the way we have handled a privacy issue, please contact our Privacy Officer:

Address:        Privacy Officer, Ridley Corporation Limited, Level 9, 525 Collins Street, VIC 3000

Email:          

We take privacy complaints seriously.  We will respond within a reasonable period of receiving your complaint (and in accordance with any timeframes required by law).  We ask that you cooperate with us during this process and provide us with any relevant information that we may need to help us investigate and respond to your complaint.

Once we have completed our investigation we will contact you in writing to inform you of our decision. If you are not satisfied with our response, you can contact us to discuss your concerns further or contact the Office of the Australian Information Commissioner (OAIC) (www.oaic.gov.au) for guidance on alternative courses of action which may be available.

 

14. Changes to this Policy

From time to time, we may update this privacy policy (for example, if there are changes in how we handle Personal Information or the types of Personal Information which we hold). Any changes to our policy will be published on our website.

You may obtain a copy of our current policy from our website or by contacting us at the contact details above.

VERSION CONTROL

Last approved by the Board: 2022

Last reviewed by Management (Legal): 2025