Privacy policy

Stanwell Corporation Limited

Privacy Policy (APP 5 Statement)

Background to this Privacy Policy

This Privacy Policy sets out how we comply with our obligations under the Privacy Act 1988 (Cth) (Privacy Act), and has been published to provide you with a clear and concise outline of how and when personal information is collected, stored and used by us.

We are bound by the Australian Privacy Principles (APPs) in the Privacy Act which regulate how we may collect, use, disclose and store personal information, and how individuals may access and correct personal information we hold about them.

Accordingly, Stanwell will take reasonable steps to ensure that it complies with the Privacy Act and the associated APPs so that personal information is managed in an open and transparent way. Accordingly, Stanwell has implemented practices, procedures and systems, including a Board approved Privacy Policy and a Privacy Procedure (GOV-PROC-41), which together support this Privacy Policy to ensure that Stanwell complies with its privacy obligations.

This Privacy Policy and Stanwell’s approach to privacy compliance applies to any personal information that may be collected by us or provided by individuals, including (but not limited to) personal information disclosed during or as a result of individuals’ access to our website. In this policy, ‘personal information’ has the same meaning as defined by section 6 of the Privacy Act:

‘information or an opinion (about an individual, or an individual who is reasonably identifiable), whether the information or opinion is true or not and whether the information or opinion is recorded in a material form or not’.

Personal information may include information such as an individual’s name, address, telephone number, date of birth, gender, photos and information about an individual’s opinions and what they like.

The kinds of personal information we collect

We only collect personal information that is necessary for one or more of our functions or activities.

We do not generally collect personal identifying information about individuals except when that information is provided voluntarily and in accordance with our various application forms. This may include individuals’ contact details, educational qualifications, employment history and complaint details.

Once personal information has been provided to us, it will only be used for the purpose for it was collected or for related purposes which would reasonably be expected without the individual’s permission unless:

the individual has consented to the use or disclosure; or
the use or disclosure is authorised by law; or
we reasonably believe the disclosure is necessary to lessen or prevent a serious threat to life, health or safety.

More examples of how we might use personal information and the types of organisations we might disclose personal information to is set out below, and is also detailed in Stanwell’s Privacy Procedure (refer to the ‘APP 6 Use and Disclosure of Personal Information’ section).

The above only relates to your personal information and does not relate to any aggregated or other information that may be developed or created internally by us, provided this other information does not identify individuals in any way whatsoever and therefore maintains our privacy commitment.

Please also note that telephone conversations with Stanwell’s Trading and Financial Risk and Settlements teams may be recorded to evidence transactions with energy counterparties. Our energy counterparties have consented to the recording of telephone conversations in the ISDA Master Agreements between us and them. We confirm that we will only use the information recorded in these telephone conversations for the purposes of evidentiary transactions with energy counterparties and will not disclose the information in the telephone recordings to anyone else, except where authorised by law or where consent has been obtained from the counterparty.

How we collect personal information

We usually collect personal information directly from an individual unless it is unreasonable or impracticable to do so. For example, we may collect information directly from an individual when they complete a form (including an application for employment with us), request to be kept up to date on Stanwell activities, use our website or contact us (including in writing, electronically or via telephone).

How we use and disclose personal information

It is our goal to only use the information provided to us in a manner that better provides our services to you.

In particular, we will not sell, rent or trade your personal information.

The purposes for which we may collect, use or disclose personal information include to:

effectively conduct our business and perform our internal administration operations;
maintain our records and internal reports;
ensure safety/compliance at our sites through Stanwell’s compliance reporting systems;
assess an applicant’s suitability for employment with us;
maintain our relationship with you;
provide updates on Stanwell activities (as requested);
respond to an individual’s enquiry or request for information (please note that a request for information may be limited by the Right to Information Act 2009 (Qld));
resolve a complaint; and
comply with legislative and regulatory requirements and otherwise fulfil our legal obligations, including under the Work Health and Safety Act 2012 (Qld).

We will not disclose personal information other than:

as required by law (for example, to the Australian Tax Office);
as authorised by law (for example, to protect our interests or where we have a duty to make such disclosure);
if consent has been provided by the individual for us to disclose their personal information;
to any company which is a related body corporate or joint venture of Stanwell;
to our employees, agents, and external advisers, such as lawyers, auditors, accountants and financiers; and
to organisations who provide services to us in connection with our business, such as mailing operations, billing and debt recovery functions and information technology services (for example, mail received by Stanwell may be sorted, opened and scanned for electronic delivery to the Stanwell addressee by an external service provider).

Where an individual has subscribed to be kept up to date on Stanwell activities, they can opt out of those communications at any time via the unsubscribe link included in each email they receive.

We take reasonable steps to ensure the organisations above are bound by confidentiality and privacy obligations in relation to the protection of individuals’ personal information.

How we protect the security of personal information

We may store personal information in hardcopy and/or electronic form. We take reasonable steps to protect the personal information that we hold free from misuse, loss, unauthorised access, modification or disclosure. We also take reasonable steps to securely destroy or de-identify personal information where we no longer need it for the purpose for which we collected it.

How personal information can be accessed and corrected

An individual may access, or request that we correct, the personal information that we hold about them.

It is our goal to ensure that the personal information that we hold is accurate, complete, relevant, not misleading, timely and secure, and we take reasonable steps to ensure that the personal information we collect remains accurate, up-to-date, complete, relevant and not misleading. In order for us to meet this goal, individuals should ensure that they promptly advise us:

if there is any change to any of the details they have provided to us; or
if it comes to their attention that we possess certain information about them that is not correct, accurate, complete, up-to-date or relevant,
so that we can continue to provide the services that we have agreed.

Individuals can contact us on the details below (please see the ‘How to contact us about privacy’ section) to obtain further information on how to:

request access to the personal information that we hold about them; or
request that we correct the personal information that we hold about them where the individual considers that the information that we hold is not accurate, complete or up-to-date.

We will allow access or use all reasonable efforts to correct the information that we hold about an individual unless we consider that the Privacy Act or another relevant law permits or requires us to withhold the information or not make the correction.

If an individual requests us to provide them with access to personal information that we hold about them, we will provide such information within a reasonable time. We may require proof of the individual’s identity before permitting access to or changing their personal records.

There is no charge for requesting access to, or correction of, personal information.

If we cannot provide an individual with access to their personal information, or cannot correct it if requested, we will provide a written notice of our reasons for refusal.

Overseas transfer and storage of personal information

We consider data sovereignty implications to be particularly important. All of our software and cloud-based solutions (with the exception of one system, which is hosted in the United States) are located in Australia. Other than storing information (which is unlikely to contain personal information) in the United States, we will not transfer the personal information we collect to recipients located overseas.

Complaints

An individual can make a privacy related complaint by contacting us on the details below (please see the ‘How to contact us about privacy’ section). We will usually respond within 30 days unless it is unreasonable in the circumstances for us to do so. Individuals may also lodge a complaint with the Office of the Australian Privacy Commissioner.

Cookies

A cookie is a small packet of information that could allow our internet server to identify and interact more effectively with other computers. At this point in time, we use both WordPress and Google Analytics (which use cookies) on our website. We may also review this policy and implement the use of further cookies. If this is to occur, we will promptly update this statement so that individuals can understand when and how we will be using cookies.

Changes to this policy

We reserve the right to make changes to this Privacy Policy, Stanwell’s Board approved Privacy Policy and Stanwell’s Privacy Procedure from time to time for any reason. Any changes to our policy will be displayed on our website. It is your responsibility to check the website from time to time, and before providing further personal information to us, in order to determine whether there have been any changes.

This privacy policy was last amended on 6 November 2020.

You may obtain a copy of our current Board approved Privacy Policy from our website or by contacting us on the details below (please see the ‘How to contact us about privacy’ section). You may also obtain a copy of our current supporting Privacy Procedure by contacting us.

How to contact us about privacy

If you would like to contact us in relation to anything concerning this privacy statement, our Board approved Privacy Policy or our Privacy Procedure, or if you think that we have breached any aspect of this Privacy Policy, then please contact us at privacy@stanwell.com.

You can also phone us on (07) 3228 4333 between 9.00am and 4.00 pm Monday to Friday, or write to us at:

The Privacy Officer
Stanwell Corporation Limited
Level 2
180 Ann Street
BRISBANE QLD 4000

Disclaimer

This Privacy Policy is subject to our disclaimer and liability limitation outlined on our website. You should read that disclaimer before providing personal information to us. It can be accessed at Stanwell Corporation Limited Site Rules.

Last updated 6 November 2020