Bentleys Australia Pty Ltd ACN 097 734 462 (in this document referred to as ‘Bentleys’, ‘we’, ‘us’ and ‘our’) is committed to protecting the privacy of the personal information we collect from you and handling your personal information in a responsible manner. The Privacy Act 1988 (Cth) (Privacy Act), Australian Privacy Principles and registered privacy codes govern the way in which we must manage your personal information.
You have a choice regarding your use of Bentleys’ website. In general, you are not required to provide personal information when you visit our website. However if you apply to receive information about our services, events and industry updates or wish to apply for a job, we may require you to provide certain personal information. You do have the right to remain anonymous or use a pseudonym, but this may restrict the provision of our services.
Types of information collected
We collect and hold personal information about you, that is information that can identify you and is necessary and relevant to providing you with the professional services that are seeking. The kinds of information we typically collect include your name, address, date of birth, gender, job titles and any other information that may be relevant to the provision of accounting services, such as bank account details, credit card details, shareholdings, details of investments and tax file numbers. It may occasionally be necessary to collect sensitive information about you, for example, your professional memberships, criminal record or health information. Except as otherwise permitted by law, we only collect, use and disclose sensitive information about you if you consent to the collection, use and disclosure of the information and if the information is reasonably necessary for the performance of our functions and activities.
How we collect personal information
There may, however, be some instances where personal information about you will be collected indirectly because it is unreasonable or impractical to collect personal information directly from you. We will usually notify you about these instances in advance, or where that is not possible, as soon as reasonably practicable after the information has been collected.
Purpose of disclosure
The personal information we collect and hold about you, depends on your interaction with us. Generally, we collect, use and hold your personal information for a number of purposes, including:
to provide professional services to you or someone else you know;
to process transactions;
to provide accounting services and solutions through technology;
to provide you with information and marketing material about other services that we offer that may be of interest to you;
to respond to requests;
to maintain contact with you;
to provide you with information relevant to your type of business or other area of expertise or interest;
to keep you informed of our services and industry developments;
to provide you with the opportunity to meet other people and attend seminars, conferences or other events in your type of business, or other area of expertise or interest;
to facilitate our internal business operations, including the fulfilment of any legal or regulatory requirements;
for administrative purposes;
for recruitment purposes;
to analyse our services and client needs with a view to improving those services;
for engagement of service providers, contractors or suppliers relating to the operation of our business; and
for other purposes related to the performance of our business functions and activities as Accountants, Auditors and Business Advisors.
Generally, personal information is submitted through the website is used and disclosed for:
the purpose for which it is submitted (primary purpose); any secondary purpose related to the provision of our services;
purposes where it can be reasonably inferred from the circumstances that you consent to your personal information being used (implied consent). For example, if you provide us with your personal information to subscribe to our newsletters, your consent will be implied for us to use and disclose your information to inform you of products and services that we believe may interest you. However, your implied consent for us to do this can be withdrawn at any time by telling us; and
Failure to provide information
If the personal information you provide to us is incomplete or inaccurate, we may be unable to provide you, or someone else you know, with the services you, or they, are seeking.
Use and disclosure
Generally, we only use personal information about you for the purpose for which it was collected (as set out above). We disclose personal information about you to:
experts of other third parties contracted as part of an engagement with us;
our professional advisors;
other Bentleys firms to facilitate our and their internal business operations;
a client, if you are a contractor or a supplier of services to a client;
our related entities and other organisations with whom we have affiliations with so that those organisations may provide you with information about services and various promotions.
In some circumstances, the law may permit or require us to use or disclose personal information for other purposes (for instance, where you would reasonably expect us to and the purpose is related to the purpose of collection).
We are not likely to disclose your personal information overseas. However there may be situations where your work may be completed in part overseas. For instance, other Bentleys firms, our infrastructure, and that of our service providers, or other recipients, may be based outside Australia, including New Zealand. We currently send some work (not all offices) to Vietnam and India for processing. The Bentleys office dealing with your file, will confirm if any of your personal information will be sent overseas.
We store your personal information in different ways, including in paper and electronic format. The security of your personal information is important to us. We take reasonable measures to ensure that your personal information is stored safely to protect it from misuse, loss, interference, unauthorised access, modification or disclosure. These measures include electronic and physical security measures, such as:
securing our premises, by requiring security passes to enter our offices;
placing passwords and varying access levels on databases to limit access and protect electronic information;
the use of firewalls, encryption, passwords and digital certificates;
providing locked cabinets and rooms for the storage of physical records; and
requiring our staff to undertake privacy and data protection training.
If you access our website, we may collect additional information about you in the form of your IP address or domain name.
Access and correction
You can request access to your personal information we hold about you by making a request to us in writing. We will endeavour to respond to your request within a reasonable period. We may charge you a reasonable fee for processing your request (but not for making a request for access).
We may decline a request for access to personal information in circumstances prescribed by the Privacy Act, including when:
the request is considered frivolous or vexatious;
giving access would reveal information related to a commercially sensitive decision making process;
giving access would be unlawful; or
giving access would likely prejudice enforcement related activities relating to criminal activities and other breaches of law.
If we decline a request for access to personal information, we will provide you with a written notice that sets out the reasons for the refusal (unless it would be unreasonable to provide those reasons) and the mechanisms available to you to make a complaint.
If, upon receiving access to your personal information, or at any other time, you believe the personal information we hold about you is inaccurate, incomplete or out of date, please notify us immediately in writing. We take reasonable steps to correct the information so that it is accurate, complete and up to date. For this purpose our staff may ask you to confirm that your contact details are correct when you attend an appointment or interact with us at any other time.
If we refuse to correct your personal information, we will provide you with a written notice that sets out the reasons for our refusal (unless it would be unreasonable to provide those reasons) and the mechanisms available to you to make a complaint.
Complaints and feedback
If you have a complaint about a breach of the Privacy Act, Australian Privacy Principles or a privacy code that applies to us, we ask that you contact us in writing using the details set out below (see ‘How to contact us’). Upon receipt of a written complaint we take reasonable steps to investigate the complaint and respond to you in accordance with our complaints handling procedures. If you are dissatisfied with our response you may complain directly to the Australian Information Commissioner. If you have a complaint about the privacy of your personal information, we ask that you contact us in writing (see ‘How to contact us’).
How to contact us
Executive Officer (National Privacy Officer)
Level 9, 123 Albert Street
Brisbane QLD 4000
T +61 7 3222 9777
F +61 7 3221 9250
For more information about privacy in general, you can visit the Australian Information Commissioner’s website at www.oaic.gov.au.