This Privacy Policy (Policy) stipulates how our company, Pit Patrol Pty Ltd, Pit Patrol Hire Pty Ltd, Pit Patrol Labour Pty Ltd, Pit Glass Pty Ltd and Hunter Vehicle Services Pty Ltd (“we”, “us” and “our”) handles the personal information provided and is bound by the Privacy Act 1988 (the Act) and the Australian Privacy Principles (APP). Our business is an APP entity as defined in s 6(1) of the Act.
We collect and hold personal information relating to our clients/customers (you) and to other people and entities associated with you as may be provided or disclosed to us during our business (including via access to any system maintained by us or your conduct on any website maintained by us or through third parties).
Such personal information may include, but is not limited to,
- unique usernames and names.
- residential addresses, telephone numbers, social media details, email addresses, and other contact information.
- health and medical information (physical and mental) including emergency contact information and Medicare and health fund information.
- video and audio recordings of individuals.
- surveillance and security footage and material.
- occupations, employer details and/or place of business,
And other sensitive medical information. Sensitive information can include details or opinions concerning health and associated matters, which encompass an individual’s physical and mental well-being, specific conditions and illnesses, general condition, considerations of safety and personal management, as well as aspects like a person’s racial and ethnic background, religious beliefs that relate to their well-being, sexual orientation, criminal history, genetic data unrelated to health, and biometric data.
From time to time, we may enlist the services of external firms to perform tasks for us. These tasks may encompass various activities such as addressing customer inquiries or managing transactions. These external entities will be authorised to access just the necessary personal information required to fulfill the designated service.
Personal information is collected from you in the following ways:
- by providing it to us directly.
- by authorising third parties to provide it to us;
- by other parties providing it to us either voluntarily or pursuant to compulsory processes we conduct on our client’s behalf.
How is personal information received and held?
Personal information may be received and held either as electronic data or in hard copy and paper form. We take the security of personal information very seriously.
We secure hard-copy documents carefully in and out of our office. We use cyber-security systems to protect soft-copy documents.
We never ask for bank details, card details or any other sensitive information by email.
Further, we greatly value the privacy of all our clients, customers, contractors, staff members and related parties. We have taken all reasonable measures to ensure the protection of your sensitive data during its storage and transmission. Our chosen cloud providers maintain industry-standard security protocols and complies with relevant data protection regulations to safeguard your information.
For what purpose is personal information collected, held, used and disclosed?
All data processed by the business is done on a lawful basis. The purposes for which we collect, hold, use and disclose personal information are:
- to offer our products and services to you. Unless compelled by law, we will never disclose your personal information without your knowledge and consent.
- marketing purposes such as sending you promotional emails or other communications. We will only send marketing information if you have opted to receive such information.
- to facilitate our internal and external administrative processes including financial and business operations and reporting requirements.
- to obtain, maintain and comply with our insurance policies; and
- to comply with applicable laws.
Please note that these specifics are exclusively shared with a third-party supplier under
circumstances mandated by law, for the procurement of goods or services you’ve acquired, or to safeguard our copyrights, trademarks, and other legal rights. We shall not intentionally disclose any of your personal information to any external party, except for our designated service providers who aid us in furnishing the information and/or services that we offer to you. If we do share your personal information with a service provider, we would only proceed if the said party has consented to adhere to our Policy.
How can personal information be accessed or corrected?
You may access your personal information and seek correction of it at any time by applying to our office in person or in writing. Please forward all enquiries to info@pitpatrol.com.au (attention Privacy Officer). Or to Pit Patrol PO BOX 100 Singleton, NSW 2330. Should you desire to discontinue receiving such information, you can communicate your preference through email or opt-out mechanisms at any time, and your request will be promptly acted upon.
It’s important to note that individual profiles and company details serve no purpose beyond their original intent.
If you require any updating or change to your personal information, you will be formally identified before releasing or amending any personal information.
What is the complaints process relating to personal information?
Our commitment lies in upholding the security, integrity, and confidentiality of the personal information provided through our website. We consistently enhance our security protocols to align with advancements in technology.
If you have any questions or concerns or believe that there may be a breach of this Policy, you can contact our Privacy Officer at info@pitpatrol.com.au or Pit Patrol, PO BOX 100, Singleton NSW 2330.
You can choose to deal with us anonymously. We will do our best to action any request or complaint that you supply to us anonymously. However, without providing your identity, we may be limited in the action that we can take in relation to your query or complaint.
If you believe that we have not adequately addressed your complaint, you may complain to the Office of the Australian Information Commissioner.
Data breaches
All staff are responsible for protecting the confidentiality of client information and business information. In accordance with this Policy our staff will refer any data breaches, or suspected data breaches, to the Privacy Officer as soon as possible.
What is an eligible data breach?
An eligible data breach, defined in s 26WE(2) of the Act, is when:
- both of the following conditions are satisfied:
- there is unauthorised access to, or unauthorised disclosure of, the information.
- a reasonable person would conclude that the access or disclosure would be likely to result in serious harm to any of the individuals to whom the information relates; or
- the information is lost in circumstances where:
- unauthorised access to, or unauthorised disclosure of, the information is likely to occur; and
- assuming that unauthorised access to, or unauthorised disclosure of, the information was to occur, a reasonable person would conclude that the access or disclosure would be likely to result in serious harm to any of the individuals to whom the information relates.
If there is a suspicion of a breach
If we suspect that there has been an eligible data breach, a reasonable and expeditious assessment will be conducted within 30 days.
If we believe or have reasonable grounds to believe there has been a breach, then a statement will be prepared setting out:
- the business’s details.
- a description of the breach.
- the kind or kinds of information concerned; and
- recommendations about the steps that we will take in response to it.
If practicable, we will advise the contents of the statement to each of the affected clients and customers who may be at risk from the breach. If this is not practicable, we will publish the statement on our website and take other reasonable steps to publicise its contents. Communications with individuals will be via their preferred communication method.
We will also submit a statement to the Privacy Commissioner.
Exception to reporting
Mandatory notification requirements are waived if remedial action can be taken that results in a reasonable person concluding that the access or disclosure is not likely to result in serious harm to any of those individuals.
Transborder data flows
Where necessary we will disclose personal information to overseas recipients, including a related body corporate.
There may be other occasions when personal information is transferred outside of Australia within our network, or such as when we engage a third party to provide services or an element of the services to you. Generally, this will occur in the provision of services to you and the transfer of this information outside of Australia will have been disclosed to, and authorised by, you as part of the terms of our engagement. When transferring personal information outside Australia within our network, we will comply with the requirements of the Act that relate to transborder data flows. Where the international transfer of personal information is to countries whose privacy laws may be considered not to provide the same level of protection as Australia, our commitment to safeguard your privacy will not change and remains subject to existing obligations and this Policy.
As part of provision of the services to you we may store your personal information using online or cloud software. The personal information that you provide to us may be transferred to the servers of our software providers as a function of transmission across the internet. By providing your personal information you are consenting to that personal information being transferred to and stored on the servers as set out in this Policy. However, as the third parties who host our servers do not control and are not permitted to access or use your personal information (except for the limited purpose of storing the information), we do not “disclose” personal information to those server hosts, whether they are located overseas.
Notwithstanding the above, for the purpose of transparency we advise that the servers of our software providers are currently located in Australia. However, this location may change without prior notice to you. Your personal information may be routed through, and stored on, those servers. If the location of those servers’ changes in the future, we will update this Policy. We recommend that you familiarise yourself with our Policy regularly.
We will use reasonable endeavours to ensure that our server hosts do not have access to, and use the necessary level of protection to safeguard, your personal information and otherwise comply with the APPs. If you do not want your personal information to be transferred to a server in the location listed in the previous paragraph or to any other international locations, you should not provide us with your personal information or use our services.
Updating our policy
We may review our Policy from time to time to ensure that it is in line with best practices and remains current with any legislative requirements. Any changes to our Policy will be incorporated into a new version of this Policy stating the date from which it will operate and can be obtained on our website or by contacting our office. Our commitment to the protection of your personal information will be governed by the most recent and up-to-date Policy in place.
Contacting us
We welcome your comments and feedback regarding this Policy and/or our treatment of your personal information. If you have any questions about this Policy and would like further information, please contact our Privacy Officer at or by calling our office during business hours.
Email: info@pitpatrol.com.au (attention Privacy Officer)
Mail: Pit Patrol Pty Ltd, PO BOX 100, Singleton NSW 2330
Phone: (02) 6575 2800 (option 2)
