Skip to main content

Privacy Policy

 

1 Introduction

Protecting privacy is a fundamental part of Fremantle Ports’ business. This Privacy Policy (Policy) governs the collection, use, disclosure and handling of personal information collected through Fremantle Ports’ (“we”, “our”, or “us”). The Policy is designed to tell you what will happen to, and how we use the personal information that we collect.

 

As a government trading enterprise, Fremantle Ports (with the exception of the Maritime Security Identification Card [MSIC] Office) is not bound by or required to operate in accordance with the Australian Privacy Principles (APPs) established under the Privacy Act 1988 (Cth) (the Act). Nonetheless, Fremantle Ports aims to comply with best practice to ensure personal information and sensitive information collected, held, disclosed and used by Fremantle Ports is handled in accordance with the privacy principles. We will only collect, use or disclose personal information in accordance with the Act and this Policy.

 

This best practice Policy has been developed in accordance with, or bearing in mind, the operation of and the requirements of the APPs and the Western Australian Ombudsman’s Guidelines for the Management of Personal Information.

1.1     Definitions

1.1.1    Personal information

Personal information means information or an opinion about an identified individual, or an individual who is reasonably identifiable:

a)                  whether the information or opinion is true or not

b)                 whether the information or opinion is recorded in a material form or not.

1.1.2    Sensitive information

Sensitive information means:

(a)                information or an opinion about an individual’s:

                                                        i.            racial or ethnic origin

                                                      ii.            political opinions

                                                    iii.            membership of a political association

                                                     iv.            religious beliefs or affiliations

                                                      v.            philosophical beliefs

                                                     vi.            membership of a professional or trade association

                                                   vii.            membership of a trade union

                                                 viii.            sexual orientation or practices

                                                     ix.            criminal record

(b)               health information about an individual

(c)                genetic information about an individual that is not otherwise health information

(d)               biometric information that is to be used for the purpose of automated biometric verification or biometric identification

(e)                biometric templates.

 

2        Principles

2.1     Collection

Fremantle Ports collects personal and sensitive information to fulfil its responsibilities and activities, provide services and information to stakeholders, engage with the community and comply with the law. As per APP3, Fremantle Ports will collect personal or sensitive information from an individual only if it is necessary for execution of a function or activity and will do so in a lawful, fair and not unreasonably intrusive way. Further, in accordance with APP3.6(b), Fremantle Ports will only collect personal information about an individual from the individual itself, unless it is unreasonable or impracticable to do so.

If an individual chooses not to provide certain personal information to us, we may not be able to action or respond to the request, or undertake the required services or work.

2.1.1    Information collected by Fremantle Ports

Fremantle Ports hold a range of information on individuals that falls within the definition of personal or sensitive information. These types of information include, but are not limited to, the following:

(a)                personal details such as name, address, phone number, email, date of birth, gender, citizenship, driver’s license details or other forms of identification

(b)               account numbers, card details, payment and financial information including superannuation and insurance

(c)                work health safety records including training certificates, licenses, permits and certificates of competency

(d)               health information such as medical certificates, disclosures of pre-existing medical conditions, drug and alcohol tests, medical reports, reports of injuries and health declarations

(e)                working history, academic records, professional associations, opinions from a referee as well as third party checks such as police checks, recruitment tools such as psychometric tests and other background checks

(f)                  compliments, complaints, testimonials and feedback including opinions in a survey, response to an initiative or a project

(g)               photographic likeness, images, audio or voice recording

(h)                information collected from media sites, social media channels and newsletter subscriptions and

(i)                  any other information provided or volunteered by you from time to time.

2.1.2    How we collect this information

We collect personal information directly from you, or someone authorised on your behalf. We may also generate our own records of our interactions, including records relating to Fremantle Ports’ safety functions, and engagement with members of the public to obtain their views, concerns and complaints. Personal information may be collected through the following means:

a)      in person

b)     by phone

c)      by email or post

d)     by radio

e)      CCTV and/or voice recording

f)        our Human Capital Management and Enterprise Resource Planning Systems (Systems)

g)     recruitment agencies

h)      social media pages

i)        search engines

j)        participation in community events

k)      visits to our premises

l)        tender documents

m)    supplier contracts

n)      employment applications

o)      indirectly through police and medical providers and

p)     cookies (see Attachment A: Cookies Policy for further information on how we use cookies).

You may also volunteer personal information which we do not request. We will inform you at the time of collecting your personal information of the purpose for collecting it or otherwise as soon as practicable after the collection. This will either be in writing or orally. 

2.1.3    Sensitive information

Fremantle Ports will not collect, use or disclose sensitive information (for example, information about the health of an individual, their racial or ethnic origins, or their political or religious beliefs) except with the individual’s specific consent.

2.2 Use and disclosure

As per APP6, Fremantle Ports will use or disclose personal or sensitive information collected from an individual to:

a)      permit you access to applications and platforms of Fremantle Ports, including our Systems

b)     inform, review, assess or consider proposals and delivery of our projects as part of a tender or procurement process

c)      process and account for expenditure, revenue and billing of customers, tenants and vendors

d)     provide a service or supply information which has been requested (for example marine surveys and changes to shipping movement)

e)      respond to and investigate your enquiry/feedback/complaint

f)        manage a person’s employment or business relationship with us

g)     identify individuals for the purposes of processing applications, including, but not limited to, MSIC applications and employment applications

h)      process your employment application and obtain references and police checks

i)        contact you about and administer our events, workshops and seminars we think may be of interest to you

j)        contact you about business development opportunities and Fremantle Ports projects that we think may be of interest to you

k)      communicate with the community, government and other stakeholders about Fremantle Ports’ activities

l)        respond to and investigate incidents that have occurred in the Fremantle Ports premises

m)    manage and ensure personal and transport safety within the Fremantle Ports premises and other maritime security zones

n)      maintain, construct and/or remediate land and marine infrastructure

o)      create aggregate data about Fremantle Ports customers

p)     run competitions and

q)     comply with our legal obligations and reporting requirements.

Fremantle Ports will only use your personal or sensitive information to the extent that it is deemed necessary to fulfil the above purposes. We may use your personal information for a secondary purpose related to the purposes above (directly related if it is sensitive information), but only if we believe you would reasonably expect us to use or disclose the information for that secondary purpose.

2.2.1    Disclosure to third parties

Fremantle Ports will only disclose your personal or sensitive information to other third parties to the extent necessary to carry out the purposes outlined at section 2.2 of this policy.

Fremantle Ports may be required to disclose personal or sensitive information to government agencies and local government authorities. These include:

a)      Department of Finance

b)     Australia Taxation Office

c)      Police, Corruption and Crime Commission

d)     Public Sector Commission

e)      Department of Transport and

f)        Regional Security and GESB

for taxation, superannuation, security or legal reasons. Fremantle Ports does not provide personal information to other parties, although aggregate de-identified data (such as a parliamentary inquiry) may be provided on request.

2.3     Disclosure to overseas recipients

As per APP8, Fremantle Ports will, unless it is necessary to facilitate the provision of a particular product or service, attempt to avoid the disclosure of any of the personal information to overseas recipients.

2.4     Exceptions to general use and disclosure of personal and sensitive information

Personal information may be used for limited purposes other than for which it was collected, including:

a)                  with the consent of the person concerned

b)                 to contact individuals in the event of an emergency or crisis situation

c)                  to prevent a serious threat to a person’s health or life

d)                 as required or authorised by law

e)                  where reasonably necessary for the enforcement of criminal or revenue law.

Any individual in doubt as to whether they are able to use or disclose a given type or piece of personal or sensitive information should contact us (see below at section 2.5.1 of this Policy).

2.5     Access

As per APP12, Fremantle Ports will facilitate an individual’s access to, and the correction of personal information provided to us.

2.5.1 Access to personal and sensitive information

Individuals are able to make an enquiry about the status of the personal information Fremantle Ports have collected via mail@fremantleports.com.au and through Freedom of Information. The Freedom of Information Act 1992 (WA) provides members of the public with the right to apply for access to or to make changes to personal information held by Fremantle Ports in accordance with the Fremantle Ports Information Statement.

2.5.2    Complaints

Individuals who have any questions or concerns about our collection, use or disclosure of personal information, or if you believe that we have not complied with this Policy or the Act, can make an enquiry or complaint via mail@fremantleports.com.au.

 

We expect our procedures will deal fairly and promptly with your complaint. However, if you remain dissatisfied, you can also make a formal complaint with the Office of the Australian Information Commissioner (which is the regulator responsible for privacy in Australia):

 

 

Office of the Australian Information Commissioner (OAIC)

Complaints must be made in writing

(

1300 363 992

*

Director of Compliance 

Office of the Australian Information Commissioner

GPO Box 5218

Sydney NSW 2001

8

www.oaic.gov.au

 

2.6     Dealing with individuals anonymously or via a pseudonym

As per APP2, Fremantle Ports cannot deal with requests to deal with individuals anonymously or by pseudonym because it would be impracticable for it to do so due to the nature of Fremantle Ports’ business, and because in some instances it would be unlawful for Fremantle Ports to do so.

2.7     Storage and security of Information

As per APP11, Fremantle Ports has an obligation to ensure that information is only used for authorised purposes and is protected from theft, unauthorised disclosure or inappropriate use. Such information must also not be used for personal benefit.

Fremantle Ports employs a number of different strategies to protect personal or sensitive information.  Depending on the service and the nature of the personal information, these include:

a)      encryption technologies

b)     firewalls and instruction detection systems

c)      virus protection

d)     restricted access

e)      regular vulnerability and penetration testing

f)        security policies and staff training

g)     access controlled electronic storage on and off-site

h)      access controlled physical storage on and off site.

Fremantle Ports adopts a risk-based approach in assessing the risk and sensitivity of various categories of information when making Information Technology and Communication (ICT) decisions about where Information is to be stored. Fremantle Ports attempts to hold personal and sensitive information on Australian-based servers. Hard copy personal and sensitive information is stored both in Fremantle Ports’ office and in a locally based external archiving facility.

 

Fremantle Ports strives to protect personal and sensitive information from misuse, interference, loss and from unauthorised access, modification or disclosure. However, data transmission over the Internet cannot be guaranteed to be absolutely secure because risks do change over time.

2.7.1    Destruction, de-identification and deletion of personal and sensitive information

All information collected by Fremantle Ports, whether or not it is personal information, will be stored in accordance with our records policies which comply with the General Disposal Authority for State Government which is approved by the State Records Commission. Personal information is to be kept for 75 years after date of birth or 7 years after cessation of employment whichever is the latter, or 7 years after death.

Fremantle Ports will only use scrambled data to de-identify Production-copied data when developing and testing new and upgraded systems and as required.

2.7.2    Notifiable data breaches scheme

In the event of any loss, or unauthorized access or disclosure of an individual’s personal information that is likely to result in serious harm to an individual, Fremantle Ports will:

a)      investigate the data breach

b)     attempt to remedy the breach and

c)      notify you and the Australian Information Commissioner

 

as soon as reasonably practicable, in accordance with the Act.

2.8     Unsolicited information

As per APP4, Fremantle Ports takes reasonable steps to manage unsolicited personal information appropriately for the purpose in which it was provided.

2.9     Accuracy and security

As per APP10, Fremantle Ports will take reasonable steps to ensure that any personal or sensitive information provided by an individual is accurate, complete and up-to-date, and is protected from misuse, loss, and unauthorised access, modification and disclosure.

2.10     Website visit data

Fremantle Ports’ website records visits and logs the following information for statistical purposes:

a)                  user’s IP address (internally only)

b)                 the date and time of the visit to the website

c)                  pages accessed and documents downloaded

d)                 the previous website visited

e)                  the type and version of browser used.

No attempt is made to identify users or their browsing activities except, in the unlikely event of an investigation, where a law enforcement agency may exercise a warrant to inspect the service provider’s logs. This website does not use cookies.

3        Changes to this Policy

This Policy may change from time to time as updated on our website. Before providing us with personal information, please check this Policy on our website for any changes.

 

This Policy was last updated 9 May 2022.

Find out how you can explore the port or get ferry and cruise info...