AMDA FOUNDATION LIMITED (ABN 63 091 147 787) is an Australian not-for-profit corporation established to promote the development of aviation and Australia’s industrial, manufacturing and information/communications technology resources in the fields of aviation, aerospace, maritime, defence and security.
AMDA achieves this goal by delivering Australia’s most prominent and respected world-class biennial industry expositions as platforms for interaction between industry, defence, government and academia.
AMDA FOUNDATION LIMITED respects the privacy of individuals and is committed to its obligations under the Privacy Act 1988 of the Commonwealth of Australia (Privacy Act), the Australian Privacy Principles (APP) and the General Data Protection Regulation of the European Union (GDPR).
In this Privacy Statement, 'us' 'we' or 'our' means the AMDA FOUNDATION LIMITED.
We collect personal information about individuals for the following purposes:
Individuals are not obliged to give us their personal information. However, if they choose not to provide us with all or part of the personal information requested, we may not be able to extend or process invitations to them to attend or participate in our events or activities, admit them to attend or permit them to participate in our events or activities, register them as team members, provide them with a full range of our goods and services, or inform them about the events and activities conducted by us, the goods and services offered by us or the goods and services of other organisations.
We take reasonable steps to ensure that the information we hold about individuals is accurate, complete and up to date and we invite individuals to contact us to correct any inaccurate information. We also provide individuals with access to the information we hold about them in accordance with our Privacy Policy, the APP and the GDPR. We take all reasonable steps to protect the security of the personal information we hold.
Further information can be obtained by contacting us at the address shown below.
The Privacy Officer
AMDA FOUNDATION LIMITED (ABN 63 091 147 787)
PO Box 339
North Geelong Vic 3215
Australia
Telephone: | +61 (0)3 5282 0500 |
Email: | privacy@amda.com.au |
Website: | www.amda.com.au |
AMDA FOUNDATION LIMITED (ABN 63 091 147 787) is an Australian not-for-profit corporation established to promote the development of aviation and Australia’s industrial, manufacturing and information/communications technology resources in the fields of aviation, aerospace, maritime, defence and security.
AMDA achieves this goal by delivering Australia’s most prominent and respected world-class biennial industry expositions as platforms for interaction between industry, defence, government and academia.
AMDA FOUNDATION LIMITED respects the privacy of individuals and is committed to its obligations under the Privacy Act 1988 of the Commonwealth of Australia (Privacy Act), the Australian Privacy Principles (APP) and the General Data Protection Regulation of the European Union (GDPR).
In this Privacy Policy, 'us' 'we' or 'our' means the AMDA FOUNDATION LIMITED.
We are committed to respecting your privacy. We will protect you with regard to the processing of your personal data and we will comply with the rules relating to the free movement of personal data. Our purpose is to protect your fundamental rights and freedoms, and your right to the protection of personal data.
Our Privacy Policy sets out how we collect, use, store and disclose your personal information. By providing personal information to us, you consent to the collection, use and disclosure of your personal information in accordance with this Privacy Policy and any other arrangements that apply between us. We may update our Privacy Policy from time to time when our information handling practices change. Updates will be publicised on our website and through our email lists. We encourage you to check our website periodically to ensure that you are aware of our current Privacy Policy.
Your personal information includes any information or opinion about you, or from you which is reasonably identifiable. For example, this may include your name, age, gender, postcode, contact details, identification number, location data, online identifier or any reference which is specific to your physical, physiological, genetic, mental, economic, cultural or social identity.
We are committed to our obligations under the Australian Privacy Principles (APP) and the General Data Protection Regulation (GDPR) to protect the privacy of individuals.
We may collect the following types of personal information:
We only collect specified and explicit personal data for legitimate purposes to the extent that permits identification of data subjects and is necessary for our purpose. Such personal data will be kept in an appropriate way to ensure security of your privacy.
We will only process your personal data where we have a legal ground to do so, for example when you have given your consent to process it, when it is necessary for the performance of a contract, when required for compliance with a legal obligation, when it is necessary to protect your vital interest, when it is necessary for the performance of a task carried out in the public interest or in the exercise of official authority vested in the Controller and finally, when it is necessary for the purposes of legitimate interests, except where such interests are overridden by the interests or fundamental rights and freedoms of the data subject which require protection of personal data, in particular where the data subject is a child. We will ensure that your personal data is processed lawfully, fairly and in a transparent manner.
We may collect these types of personal information either directly from you, or from third parties. We may collect this information in a number of ways, including:
We may also generate personal information about our customers from information that we have. For example, by analysing our records of the customer’s previous dealings with us.
Finally, personal data has to be accurate and kept up to date, for that reason we will ensure that any inaccurate personal data (to our knowledge) will be erased or rectified without delay.
Consent is the basis of data processing. For lawful processing of personal data, you have to give us your consent to allow us to process your personal data. For that reason the consent has to be given before we make use of your personal information. When the consent is given in writing, the consent has to be granted in a clear, intelligible and easily accessible form.
Your consent has to be freely given. You have the right to withdraw your consent at any time.
The processing of the personal data of a child will be lawful where the child is at least 16 years old. Where the child is below the age of 16 years, such processing will be lawful only if and to the extent that consent is given or authorised by a person with parental responsibility over the child.
We may hold, use and disclose your personal information for the following purposes:
Individuals are not obliged to give us their personal information. However, if they choose not to provide us with all or part of the personal information requested, we may not be able to extend or process invitations to them to attend or participate in our events or activities, admit them to attend or permit them to participate in our events or activities, register them as team members, provide them with a full range of our goods and services, or inform them about the events and activities conducted by us, the goods and services offered by us or the goods and services of other organisations.
We may send you direct marketing communications and information about our events. This may take the form of phone calls, emails, SMS, mail or other forms of communication. You may opt-out of receiving marketing materials from us by contacting us using the details set out below or by using the opt-out facilities provided (e.g. an “unsubscribe” link).
We may disclose personal information for the purposes described in this Privacy Policy to:
We require our service providers to keep personal information confidential and not to use or disclose it for any purpose other than performing services for us or on our behalf. You should be aware that some information that you upload to parts of our websites or to our social media pages may be available to be viewed by the public. You should use discretion in deciding what information to upload to such sites.
As we are an international business, some information (including personal information) may be transferred to countries outside of Australia in the ordinary course of our business including but not limited to our overseas related bodies corporate and/ or other parties located in:
Austria, Belgium, Canada, China, Czech Republic, Denmark, Estonia, European Union, Finland, France, Germany, Greece, Hungary, Iceland, Italy, Latvia, Liechtenstein, Lithuania, Luxembourg, India, Indo-Asia Pacific, Malta, Netherlands, Norway, Poland, Portugal, Slovakia, Slovenia, Spain, Sweden, Switzerland, Singapore, South America. Turkey, Africa, Pakistan, United Arab Emirates, United Kingdom and United States of America.
We may also disclose personal information outside of Australia to cloud and service providers located outside of Australia. The countries where these disclosures occur are primarily Austria, Belgium, Canada, China, Czech Republic, Denmark, Estonia, European Union, Finland, France, Germany, Greece, Hungary, Iceland, Italy, Latvia, Liechtenstein, Lithuania, Luxembourg, India, Indo-Asia Pacific, Malta, Netherlands, Norway, Poland, Portugal, Slovakia, Slovenia, Spain, Sweden, Switzerland, Singapore, South America. Turkey, Africa, Pakistan, United Arab Emirates, United Kingdom and United States of America.
This list is not exhaustive and may change from time to time depending on who we partner with. We will endeavour to update this list on a periodic basis.
When you provide your personal information to us, you consent to the disclosure of your information outside of Australia and acknowledge that we are not required to ensure that overseas recipients handle that personal information in compliance with the APP and GDPR. We will, however, take reasonable steps to ensure that any overseas recipient will deal with such personal information in a way that is consistent with the APP and GDPR.
Any transfer of personal data which are undergoing processing or are intended for processing after transfer to a third country or to an international organisation shall take place only if, subject to the other provisions of the GDPR, the conditions of Chapter 5 of the GDPR are complied with by the Controller and Processor, including for onward transfers of personal data from the third country or an international organisation to another third country or to another international organisation. This is to ensure that the guaranteed level of protection of natural persons is not undermined. ‘Controller’ means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of processing of personal data; where the purposes and means of such processing are determined by Union or Member State law, the controller or the specific criteria for its nomination may be provided for by Union or Member State law. ‘Processor’ means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the Controller. Union means European Union. Member State means a state that is a member of the Union
a) | Transfer on the basis of an adequacy decision. We will transfer personal data to a third country or an international organisation when the Commission has decided that the third country, territory or one or more specified sectors within that third country, or the international organisation in question ensures an adequate level of protection. | ||
b) | We will transfer personal data to a third country or an international organisation only if the Controller or Processor has provided appropriate safeguards, and on the condition that enforceable data subject rights and effective legal remedies for data subjects are available. | ||
c) | Specific situations to transfer personal data when one of the following conditions applies:
|
With the use of cookies, we may collect personal information about you when you use and access our website.
While we do not use browsing information to identify you personally, we may record certain information about your use of our website, such as which pages you visit, the time and date of your visit, the type of browser software used, the internet protocol address assigned to your computer and the previous website from which you linked to our website.
We may also use 'cookies' or other similar tracking technologies on our website that help us track your website usage and remember your preferences. Cookies are small files that store information on your computer, TV, mobile phone or other device. They enable the entity that put the cookie on your device to recognise you across different websites, services, devices and/or browsing sessions. You can disable cookies through your internet browser. However certain aspects of our website may require the information collected by cookies to function and may not be available or perform optimally if the cookies function is disabled.
We may also use cookies to enable us to collect data that may include personal information. For example, where a cookie is linked to your account, it will be considered personal information under the Privacy Act. We will handle any personal information collected by cookies in the same way that we handle all other personal information as described in this Privacy Policy.
We may hold your personal data and information in either electronic or hard copy form in storage facilities owned and operated by us, or those owned and operated by our service providers, including cloud based storage facilities. We have implemented appropriate technical and organisational controls to protect your personal data against unauthorised processing, misuse, interference and loss, as well as unauthorised access, modification or disclosure and against accidental loss, damage or destruction.
The security measures we take include:
We also use several physical, administrative, personnel and technical measures to protect your personal information. However, we cannot guarantee the security of your personal information. Except to the extent liability cannot be excluded due to the operation of statute, we exclude all liability (including in negligence) for any and all consequences of any unauthorised access to your personal information. Please notify us immediately if you become aware of any breach of security.
In the case of a personal data breach, without undue delay and, where feasible, no later than 72 hours after having become aware of it, we will notify the personal data breach to the competent supervisory authority, unless the personal data breach is unlikely to result in a risk to the rights and freedoms of natural persons.
When the personal data breach is likely to result in a high risk to the rights and freedoms of natural persons we will communicate in clear and plain language, the personal data breach to you without undue delay, the nature of the personal data breach and will contain at least the information and security measures taken.
When your personal data is no longer needed for the purpose for which it was obtained, we will take reasonable steps to destroy or permanently de-identify your personal data. However, most of the personal data is or will be stored in files which will be kept by us for a minimum of 7 years.
Our website may contain links to websites operated by third parties. Those links are provided for convenience and may not remain current or be maintained. Unless expressly stated otherwise, we are not responsible for the privacy practices of, or any content in those linked websites, and have no control over or rights in those linked websites. The privacy policies that apply to those other websites may differ substantially from our Privacy Policy, so we encourage individuals to read them before using those websites.
We do not generally collect sensitive information about individuals. If you provide sensitive information to us for any reason, you consent to us collecting, using and disclosing that information for the purpose for which you disclosed it. We will always need your express consent or have a legal ground to process that type of personal data.
Sensitive information includes personal information about a person’s racial or ethnic origin, political opinions or memberships, religious or philosophical beliefs or affiliations, professional or trade association or union memberships, sexual orientation or practices, criminal record or health record.
We have set out below all your rights as a data subject concerning your personal data:
a) | Information relating to personal data irrespective whether it was obtained directly from the data subject or from a third party. As we collect and hold your personal data, we have an obligation to you to provide our identity and contact details, contact details of the protection office, our purposes and legitimate interests and recipients or categories of recipients of the personal data which are set out in this Privacy Policy. | ||
b) | Access to your personal information. You have the right to seek access to the personal information we hold about you and we will provide a copy of the personal data undergoing processing. Sometimes, we may not be able to provide you with full access to all your personal information and, where this is the case, we will tell you why. We may also need to verify your identity when you request your personal information. | ||
c) | Rectification of your personal information. You have the right to request for us to correct without undue delay any personal information we hold about you which is inaccurate or incomplete. We will take reasonable steps to ensure that it is corrected. You can ask for access to or correction of your personal information by contacting us using our details under the ‘Contact Us’ section below. | ||
d) | Erasure of your personal information ("Right to be forgotten"). You have the right to submit a request to us, for us to erase your personal data without undue delay. | ||
e) | Restriction of processing. You have the right to obtain a restriction with respect to the processing of your personal data in the event the processing is unlawful and you oppose the erasure of your personal data and request the restriction of its use instead. | ||
f) | Data portability. You have the right to receive the personal data, which you have provided to us, in a structured, commonly used and machine-readable format and have the right to transmit those data to another Controller without hindrance from us. | ||
g) | Object. You have the right to object at any time to the processing of your personal data on grounds relating to your particular situation. | ||
h) | Automated individual decision-making. You have the right not to be subject to a decision based solely on automated processing, including profiling, which produces legal effects concerning you. | ||
i) | Lodge a complaint. If you are of the opinion that our data processing is not in compliance with GDPR regulation, you have the right to lodge a complaint with a supervisory authority and the right to seek judicial remedy. | ||
j) | Compensation and liability. You have the right to receive compensation for any material or non-material damage you have suffered as a result of an infringement of the GDPR. |
If you wish to make a complaint about the way we have handled your personal information, you can contact us using the details set out below.
Please include your name, email address and/or telephone number and include as much detail as possible in relation to your complaint. We will acknowledge your complaint and respond to you regarding your complaint within a reasonable period of time. If you think that we have failed to resolve the complaint satisfactorily, you may refer the issue to the Office of the Australian Information Commissioner (at enquiries@oaic.gov.au) or your national Data Protection Authority.
We take reasonable steps to ensure that the information we hold about individuals is accurate, complete and up to date and we invite individuals to contact us to correct inaccurate information. We also provide individuals with access to the information we hold about them in accordance with the Privacy Policy. We also take all reasonable steps to protect the security of the personal information that we hold.
For further information about our Privacy Policy or practices, or to access or correct your personal information, or make a complaint, please contact us using the details set out below:
The Privacy Officer
AMDA FOUNDATION LIMITED (ABN 63 091 147 787)
PO Box 339
North Geelong Vic 3215
Australia
Telephone: | +61 (0)3 5282 0500 |
Email: | privacy@amda.com.au |
Website: | www.amda.com.au |
AMDA FOUNDATION LIMITED (ABN 63 091 147 787) is an Australian not-for-profit corporation established to promote the development of aviation and Australia’s industrial, manufacturing and information/communications technology resources in the fields of aviation, aerospace, maritime, defence and security.
AMDA achieves this goal by delivering Australia’s most prominent and respected world-class biennial industry expositions as platforms for interaction between industry, defence, government and academia.
1. | General AMDA FOUNDATION LIMITED may provide business or commercial credit to our customers in connection with our goods and services. As a result, we may collect credit information and credit eligibility information about you as referred to in the Privacy Act. This Credit Information Policy sets out how we manage such information. This Credit Information Policy relates to AMDA FOUNDATION LIMITED as far as it is deemed to be a credit provider for the purposes of the Privacy Act. |
|
2. | Collection and holding of credit information and credit eligibility information “Credit information” relates primarily to your credit related dealings with a credit provider (including us), and covers various types of information that may be collected by credit reporting bodies (CRBs) that compile and provide credit reports to authorised credit providers for the purpose of assessing your credit worthiness.
We may collect credit information about you in any of the circumstances relating to other personal information described in our Privacy Policy under the heading “How do we collect personal information”. “Credit eligibility information” is information we generally collect from CRBs that is equivalent to the kinds of information listed above. This information relates primarily to your credit related dealings with other credit providers (e.g. banks, other financial institutions, or other organisations that may provide you with credit in connection with their products or services). It may also include certain credit worthiness information that we derive from the data that we receive from a CRB. Sometimes we may also collect credit eligibility information about you from other credit providers which is permitted under privacy laws. Since we only provide business or commercial credit (rather than consumer credit) as part of our business, we do not hold an Australian Credit Licence (ACL) under the National Consumer Credit Protection Act 2009 (Cth). As such, we will only collect credit information and credit eligibility information about you from third parties if such collection is permitted under the Privacy Act. We store and safeguard your credit information and credit eligibility information in the ways described in our Privacy Policy under the heading “How we store and secure personal data”. |
|
3. | Use and disclosure of credit information and credit eligibility information As a provider of business or commercial credit only and a non-holder of an ACL, we will not disclose any of your credit information to CRBs unless otherwise permitted by law. We may, however, use and disclose your credit information for other purposes and in other circumstances as described in our Privacy Policy under the heading “How do we use and disclose personal information”, when permitted to do so by the Privacy Act. Our use and disclosure of credit information and credit eligibility information is regulated by Part IIIA of the Privacy Act and the Credit Reporting Privacy Code. We will only use or disclose such information for purposes permitted by these laws, such as:
|
|
4. | Access and correction of credit information and credit eligibility information If you wish to access or correct errors in any of your credit information or credit eligibility information that we hold, please contact us using the contact details set out in our Privacy Policy under the headings “Contact us”. We may apply an administrative charge for providing access to your credit information or credit eligibility information, depending on the request. |
|
5. | How to make a complaint regarding our compliance with Part IIIA of the Privacy Act and the Credit Reporting Privacy Code If you think that we have not complied with Part IIIA of the Privacy Act or with the Credit Reporting Privacy Code (which regulates credit reporting), you can make a complaint by using the contact details set out in our Privacy Policy under the heading “Contact us”. We will acknowledge your complaint in writing as soon as practicable within 7 days. We will aim to investigate and resolve your complaint within 30 days of receiving it. If we need more time, we will notify you about the reasons for the delay and ask for your agreement to extend this 30-day period (if you do not agree, we may not be able to resolve your complaint). While we hope that we will be able to resolve any complaint without the need to involve third parties, if you are not satisfied with the outcome of your complaint you can make a complaint to the Australian Information Commissioner (www.oaic.gov.au). |
Days
Hours
Minutes
Seconds