About this Policy
J.J.Richards & Sons Pty Ltd and our associated entities (the JJ Richards Group) respect the privacy of
individuals. The JJ Richards Group is committed to protecting the personal data it collects in accordance with
the principles set out in this Privacy Policy (Policy).
This Policy covers:
- the kinds of personal information the JJ Richards Group collects and hold;
- how the JJ Richards Group collects personal information;
- how personal information is secured and stored;
- the purposes for which the JJ Richards Group collects, holds, uses and discloses personal information;
- any direct marketing the JJ Richards Group may engage in, and your right to anonymity;
- utilizing the JJ Richards Group websites;
- how you may access your personal information and how you may seek to correct any errors in
information held; - how you may make a complaint and the process that the JJ Richards Group will take to investigate
and resolve that complaint; and - whether the JJ Richards Group is likely to disclose personal information to overseas recipients, and if
so the countries any such recipient is located.
What is Personal Information?
Personal information is information or an opinion about an identified individual, or an individual who is
reasonably identified, whether the information or opinion is true or not; and whether the information or opinion
is recorded in a material form or not (Personal Information). - THE KIND OF PERSONAL INFORMATION THE JJ RICHARDS GROUP COLLECTS
The JJ Richards Group holds Personal Information such as: full name, address and contact details (i.e.
telephone, email, and postal address), credit card and bank account details; vehicle registration numbers; and
video and photographic images of individuals. - HOW DOES THE JJ RICHARDS GROUP COLLECT PERSONAL INFORMATION?
Personal Information is collected in the following ways:
§ electronic forms submitted via the JJ Richards Group websites or app or your use of the JJ Richards
Group our websites or apps;
§ cookies (small text files which are transferred onto your device when visiting a website);
§ job applications submitted in hard copy, via email, our websites and third party service providers i.e.
Seek;
§ by advertising vacancies online via our website, Seek and through recruitment agencies;
§ service agreements for JJ Richards Group services;
§ face to face interactions;
§ waste collection services;
§ phone calls;
§ emails;
§ financial transactions;
§ third party service providers;
§ photographs and video recordings; and
§ third party business dealings.
Version: 1 Dated: 01/08/2019 Page 2 of 7 - SECURITY AND STORAGE OF INFORMATION
a) Our commitment
The JJ Richards Group places a great importance on the security of all information associated with our clients
and others who deal with us. We have security measures in place to reasonably protect against the loss,
misuse, unauthorised access and alteration of Personal Information and other data under our control.
b) Security and storage methods
All Personal Information and other data held is kept securely and that which is held electronically is held on
secure servers in controlled facilities.
Personal Information is de-identified or destroyed securely when no longer required by us.
Information stored within the JJ Richards Group’s computer systems or by our agents who provide electronic
storage facilities can only be accessed by those entrusted with authority and computer network password
sanctions.
The JJ Richards Group consults with IT service providers to implement reasonable levels of firewall, malware
detection and data security procedures.
c) Electronic transmissions
No data transmission over the internet can be guaranteed to be absolutely secure. As a result, whilst we strive
to protect users’ personal information (including Personal Information), the JJ Richards Group cannot ensure
or warrant the security of any information transmitted to it or from its online products or services, and users do
so at their own risk. Once a company within the JJ Richards Group receives a transmission, we make every
effort to ensure the security of such transmission on our systems.
d) Data breach and response
JJ Richards Group has developed a data breach response plan which ensures compliance with the mandatory
notification requirements of Part IIIC of the Privacy Act 1988 (C’th).
As part of this plan, JJ Richards Group will:
i. carry out an assessment to determine if the breach is a breach in respect of which notification is
required within 30 days of becoming aware or being notified of a data breach; and
ii. take any immediate remedial action as is reasonable to remedy the breach or stop any furtherance of
the breach.
If notification of the breach is required, JJ Richards Group will:
i. provide a statement in relation to the breach to the Office of the Australian Information Commissioner
(OAIC); and
ii. if it is practical for us to notify affected individuals directly, we will notify any individuals the information
of which was subject to the breach and provide them a copy of our statement; or
iii. if it is impractical for us to notify affected individuals directly, we will publicise the statement on our
websites and otherwise act in accordance with the requirements of the Act. - THE PURPOSE FOR WHICH WE COLLECT, HOLD, USE AND DISCLOSE
PERSONAL INFORMATION
To enable us to fulfil our responsibilities as an integrated provider of transport, disposal, treatment, storage
and related services and, we collect Personal Information about you to enable us to effectively conduct our
business.
a) Collection and use of Personal Information
The Personal Information we collect may be used:
§ when you are a customer or the personnel of one of our customers, or are a recipient or consignor of
services provided by us, create an account or use or receive the benefit of our services, we may collect
Version: 1 Dated: 01/08/2019 Page 3 of 7
the following types of information: your name, address, phone, email, full bank account details and/or
credit card numbers that you link to your account or input when you use our services. We will use this
information to communicate with you regarding the services;
§ when you supply services to us, we may request the following information: your name, address, phone,
email, full bank account details and/or credit card numbers that you link to your account or input when
you use our services. We will use this information to communicate with you regarding the services or
products you supply us;
§ when you are a customer or a supplier, we will use your financial information to process transactions
related to our business relationship;
§ whenever you contact us or respond to our communications (e.g., letters, email, telephone), we
receive your contact information and any other personal information you choose to provide us. We will
use such information to fulfil your requests or if you are our customer or the personnel of customers,
or our supplier or personnel of suppliers, we will use this information in connection with the services
or supply;
§ to consider you for a position within our business, if you apply for an advertised role or send us your
resume or Personal Information in connection with a request for prospective employment. We may
collect personal information directly from job applicants through the interview process. In addition, we
may request personal information from your previous employers, recruitment agencies, educational
institutions and referees as provided by you in the application process. We may also ask you for
personal and/or health information for use in recruitment related medicals. We will use such
information for the purposes of considering you for a position of employment;
§ via cookies to maintain your login session on the customer portal and collect information through the
use of Google Analytics and Piwik. Cookies are used to improve our website and meet customer
needs;
§ in connection with legal and/or insurance proceedings if you were involved in or a witness to an incident
involving us and you exchange emails, telephone conversations or other communications with our
employees and, we may record details of any related conversations;
§ some of our premises have closed circuit TV systems or other video monitoring devices which may
record you if you visit our premises, for security and safety purposes;
§ Our websites and customer portal utilise Google Analytics and Piwik to collect basic data in order to
assist us in designing and improving our website to meet the needs of our customers. The types of
data collected are as follows; website traffic assessment, time spent on site, pages viewed, geographic
– location and language, date and time of access, demographic of visitors – age and gender, number
of repeat visits, device type, operating system, device screen size and resolution, pathways through
the site; and entry and exit points;
§ To process payment. Payments made via our websites and/or the customer portal are managed by a
third party payments provider, eWay. When entering credit card details, our websites and customer
portal provide the option of saving your credit card details for ease of use. If you chose to save your
credit card details, the card number is masked to everyone with access to your account, including you.
§ All credit card information held and stored is encrypted by our third party payments provided to prevent
unauthorised access. Unsaved credit card details are encrypted and transmitted via secure connection
from our website handler. Saved credit card details are stored securely on eWay servers.
We will only collect Personal Information to the extent that it is required for the specific purposes set out in this
policy or notified to you at the time of collection.
We will only collect personal data to the extent that it is required for the specific purposes set out in this policy
or notified to you at the time of collection.
b) Disclosure of Personal Information
We utilise various third party service providers to whom we provide your personal information to, including:
§ our financial institution and your financial institution;
§ debt collection agencies;
§ insurance companies;
§ legal, financial and other advisors;
Version: 1 Dated: 01/08/2019 Page 4 of 7
§ web hosting providers and designers; and
§ payment processors.
All information provided to any of the abovementioned service providers is provided on a confidential basis
and for the purpose of conducting and performing the required services only. - DIRECT MARKETING
a) We may carry out direct marketing
As part of the JJ Richards Group’s functions and business activities and to promote the services we can provide
to our customers, including in respect of a company within the JJ Richards Group credit-related activities, a
company within the JJ Richards Group may be permitted to use personal information about individuals that
individuals have provided to the JJ Richards Group for the purposes of direct marketing. Direct marketing
includes, but is not limited to, sending information to and/or contacting individuals in relation to promotions
relating to a company within the JJ Richards Group.
b) Opting out of Direct Marketing
All recipients, including individuals, can opt out of receiving direct marketing communications by sending an
email to the JJ Richards Group’s Privacy Officer, at the email address shown in the ‘Contacting us’ section of
this Policy.
In any direct marketing communication we remind recipients of their right to opt out of receiving direct marketing
communications. Moreover, as a general rule, a credit provider such as a company within the JJ Richards
Group is not permitted to disclose to others Personal Information about individuals for the purposes of direct
marketing.
c) Anonymity and Pseudonymity
Individuals would generally have the option of dealing with a company within the JJ Richards Group
anonymously. However, this only applies where it is not impracticable for a company within the JJ Richards
Group to deal with individuals acting anonymously or under a pseudonym. For example, individuals making
general enquiries of a company within the JJ Richards Group may do so anonymously or under a pseudonym.
However, if the dealing with a company within the JJ Richards Group is for a company within the JJ Richards
Group to supply goods and services and/or to enter into contractual relations (such as a commercial credit
account) with a customer that is the individual or is associated with the individual or in a company with the JJ
Richards Group capacity as an agent for other credit providers, then it is impractical for such individuals to
deal with a company within the JJ Richards Group on an anonymous basis or under a pseudonym. - WEBSITE AND LINKS
a) JJ Richards Group websites
The JJ Richards Group advertises and carries on business through a number of websites pertaining to each
company within the JJ Richards Group, including:
www.jjrichards.com.au
www.jjrichards.co.nz
www.jjswaste.com.au
www.pulpmaster.com.au
www.pacifichygienesystems.com
www.southburnettwaste.com.au
www.phoenixpower.com.au
www.skiptech.com.au
www.asbestosskipbinsbrisbane.com.au
www.aztechservices.com.au
www.goldcoastskips.com
www.jjswaste.com
www.pulpmasterusa.com
Version: 1 Dated: 01/08/2019 Page 5 of 7
and any other website that contains a link to this policy.
b) Website terms and conditions
Each website of the JJ Richards Group collects personal and Personal Information pursuant to this policy
except as otherwise stated on the website.
A website may display additional terms and conditions for access and use of the website which apply in addition
to this policy.
c) Cookies
The JJ Richards Group may collect information from its websites using IP files or “cookies”. When a user visits
the JJ Richards Group’s websites to read, browse or download information, our system may record/log the
user’s IP address (the address which identifies the user’s computer on the internet and which is automatically
recognised by our web server), date and time of the visit to our website, the pages viewed and any information
downloaded.
Cookie information collected will only be used for the purpose of site analysis and to help us offer improved
online services. We may automatically collect non-personal information about users such as the type of
Internet browsers used or the website from which the user linked to our websites. Individuals cannot be
identified from this information and it is only used to assist us in providing an effective service on our websites.
You can stop your browser receiving or accepting cookies at any time, however the use of cookies is necessary
for certain functions on our websites to work properly and therefore we cannot assure you that you will be able
to access and enjoy all functions of our website.
d) Third party links
Our websites may contain links to other websites and those third party websites may collect personal
information about individuals. We are not responsible for the privacy practices of other businesses or the
content of websites that are linked to our websites. The JJ Richards Group encourage users to be aware
when they leave our website and to read the privacy statements of each and every website they frequent. - ACCESS TO, AND CORRECTION OF PERSONAL INFORMATION
a) Our commitment
The JJ Richards Group is committed to and takes all reasonable steps in respect of maintaining accurate,
timely, relevant, complete and appropriate information about our customers, clients and website users.
b) Access to information
Any individual may request access to personal information (including Personal Information) about them held
by the JJ Richards Group. Such a request for access to personal information is to be made to the JJ Richards
Group’s Privacy Officer, whose details are set out below.
A company within the JJ Richards Group will respond to any requests for access or correction within a
reasonable time of receipt of the request, but by no later than 30 days of the request being received.
Please note that the JJ Richards Group do require that, as part of any request by an individual for access to
personal information (including Personal Information), the individual verify their identity so that a company
within the JJ Richards Group may be satisfied that the request for access is being made by the individual
concerned.
Please note that the JJ Richards Group is not required to give an individual access to Personal Information
about them in circumstances where:
i. giving access would be unlawful; or
ii. denying access is required or authorised by or under an Australian law or a court/ tribunal order; or
iii. giving access would be likely to prejudice one or more enforcement related activities conducted by, or
on behalf of, an enforcement body.
If we refuse to provide an individual with access to their Personal Information or to correct the Personal
Information held by us about them, then we will provide reasons for such refusal. Such reasons will set out
Version: 1 Dated: 01/08/2019 Page 6 of 7
the grounds for refusal, the mechanisms available to complain about the refusal and any other matters that
are required by the Act.
c) Correction of Information
Inaccurate information will be corrected upon receiving advice to this effect. To ensure confidentiality, details
of an individual’s personal information (including Personal Information) will only be passed on to the individual
if we are satisfied that the information relates to the individual.
From time to time, and having regard to the purpose of the collection and use of personal information (including
Personal Information) about individuals, we may contact individuals to seek confirmation that the personal
information provided to us by the individual is accurate, up-to-date and complete. - COMPLAINTS
a) Making a complaint
If an individual has a complaint about this policy or/or the JJ Richards Group’s collection, use or safe disposal
or destruction of Personal Information about the individual, any complaint should be directed in the first
instance to the JJ Richards Group’s Privacy Officer at the contact details set out in the ‘Contacting us’ section
of this policy.
b) Investigation and Resolution Procedure
Upon receiving a complaint we will, within 7 days, give the complainant written notice acknowledging receipt
of the complaint and setting out the process of how we will deal with it.
We aim to resolve all complaints within 30 days of receipt. If we cannot resolve a complaint within 30 days we
will notify the complainant of the reasons and specify a date when we expect a decision or resolution will be
made and seek the complainant’s agreement to extend the 30 period – if the complainant does not agree then
we may not be able to resolve the complaint
It may be necessary (and it may be required by the Act), in order to deal with a complaint, to consult with a
CRB or another credit provider. Further, if, while a complaint remains unresolved, we are disclosing information
subject to the complaint to a third party, we may be required to advise the third party about the complaint.
If we find a complaint is justified we will resolve it and do what is required to rectify any breach. The JJ Richards
Group are committed to fulfilling its obligations as an APP entity and a credit provider under the Act.
The complainant may refer their complaint to the Office of the Australian Information Commissioner. The
website for the OAIC is: www.oaic.gov.au - TRANSFER OF INFORMATION OVERSEAS
a) Use of cloud services
The JJ Richards Group may utilise local and overseas cloud services for the purpose of storing information.
Your Personal Information may be disclosed to the JJ Richards Group’s cloud service provider for that purpose.
While the JJ Richards Group’s cloud service providers are located in Australia, the country location of our
cloud service providers may periodically change.
b) Other disclosures
Except as provided in clause 9, the JJ Richards Group are unlikely to disclose Personal Information of an
individual to overseas recipients. Personal information will only be disclosed by a company within the JJ
Richards Group to overseas recipients in accordance with Australian Privacy Principle 8, such as if the
disclosure is required by Australian law.
10.CHANGES TO POLICY
If the JJ Richards Group decide to or are required to change this policy, we will notify you of such amendments
on our websites and post changes on this policy webpage so that users may always be aware of what
information is collected by us, how it is used and the way in which information may be disclosed. As a result,
please refer back to this policy regularly to review any amendments.
Version: 1 Dated: 01/08/2019 Page 7 of 7
11.CONTACT
For concerns, complaints or further information regarding this policy and our policies and procedures regarding
privacy and data security, please contact us at the following address:
Position General Counsel & JJ Richards Group Privacy Officer
Email: [email protected]
Telephone: 07 3488 9600
Post: PO Box 235
Cleveland QLD 4163
