ConsolesKing

  • 0

    • ConsolesKing

  • 0

    • Data Protection Policy

    1. Purpose

    This Data Protection Policy outlines the principles and procedures in place to ensure the protection of personal data. It is designed to comply with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). The policy governs how personal information is collected, used, disclosed, stored, and disposed of responsibly and ethically.

    2. Scope

    This policy applies to all individuals who handle personal data, including staff, contractors, service providers, and any third parties involved in managing or processing such information within the Australian jurisdiction.

    3. Definitions

    • Personal Information: Information or an opinion about an identified individual, or an individual who is reasonably identifiable.
    • Sensitive Information: A subset of personal information, including information about health, race, religion, political opinions, or criminal record.
    • Data Subject: The individual to whom the personal data relates.
    • Data Breach: A situation where personal information is lost or accessed, disclosed, or modified without authorisation.

    4. Data Collection

    Only personal information that is reasonably necessary for operational functions will be collected. Information must be collected lawfully, fairly, and where possible, directly from the individual. At the time of collection, individuals will be informed about the purpose of the data collection and their rights.

    5. Use and Disclosure

    Personal information will only be used for the purposes for which it was collected, unless:

    • The individual has consented to a secondary use,
    • It is required or authorised by law, or
    • It is reasonably expected in relation to the original purpose.

    Disclosure to third parties will be done in accordance with the Australian Privacy Principles and with appropriate security measures in place.

    6. Data Security

    Reasonable steps will be taken to protect personal information from misuse, interference, loss, unauthorised access, modification, or disclosure. Security measures include physical, administrative, and technical safeguards.

    7. Data Retention and Disposal

    Personal information will not be kept longer than necessary. Once it is no longer needed for any lawful purpose, it will be securely destroyed or de-identified in accordance with best practices and regulatory requirements.

    8. Access and Correction

    Individuals have the right to request access to their personal information and to request correction if it is inaccurate, out of date, or incomplete. Requests will be handled promptly and in line with applicable laws.

    9. Data Breaches

    In the event of a data breach, prompt action will be taken to assess the impact and notify affected individuals and the Office of the Australian Information Commissioner (OAIC) if required, in accordance with the Notifiable Data Breaches (NDB) scheme.

    10. Responsibilities

    All personnel handling personal information are expected to comply with this policy and complete training as required. A designated Privacy Officer may be appointed to oversee compliance and respond to inquiries.

    11. Complaints

    Individuals may lodge complaints regarding the handling of their personal information. All complaints will be taken seriously and responded to in a timely manner. If the matter cannot be resolved internally, individuals may contact the OAIC.

    12. Review

    This policy is subject to periodic review to ensure continued compliance with laws and alignment with evolving best practices in data protection.

    Scroll to top