The Australian Privacy Act 1988 (Privacy Act) regulates how Personally Identifiable Information (PII) is handled, including Tax File Number (TFN) information. This policy defines how PII is handled by PMC Direct.
This policy applies to all staff, employees, contractors, and service providers.
PMC Direct collects, holds, uses, processes, and discloses PII for the purpose of providing logistics and warehousing services to PMC Direct customers. PII collected may include, but is not limited to: name, address, date of birth, phone number, and TFN.
• PII collected and held by PMC Direct may be provided by PMC Direct customers, or directly collected by PMC Direct through providing logistics and warehousing services to its customers.
• An individual may access their own PMC Direct-held PII by contacting PMC Direct in writing. PMC Direct must provide access to the PII to the individual, and correct information as requested by the individual. If applicable, PMC Direct must also inform relevant PMC Direct customers about the access request and correction.
• PMC Direct may use PII for direct marketing purposes. PMC Direct must provide a way for an individual to request not to receive direct marketing communications from PMC Direct (also known as “opting out”). If an individual has “opted out”, PMC Direct must not use or disclose their PII for direct marketing in accordance with the individual’s request. If applicable, PMC Direct must also inform relevant PMC Direct customers about the “opt out” request.
• If requested by an individual, PMC Direct must disclose to the individual the source where PII was obtained.
• An individual may complain about a breach of Australian Privacy Principle by contacting PMC Direct and providing the complaint in writing. Alternatively, the individual may provide the complaint through the Office of the Australian Information Commissioner (OAIC). PMC Direct must respond to the complaint by contacting the individual. If applicable, PMC Direct must also inform relevant PMC Direct customers about the complaint and response.
• PMC Direct must inform an individual whether PII is likely to be disclosed to overseas recipients. Should it be likely PII is to be disclosed to overseas recipients, the countries of the recipients should be specified.
• PMC Direct must not collect PII unless the information is reasonably necessary for PMC Direct functions or activities. Access to PII within PMC Direct must be controlled on a need-to-know basis.
• PII must not be shared with third parties, unless an explicit consent has been provided by the individual, or if required by law.
PMC Direct employee records are exempt from this policy. This policy is used as a guideline to handle PMC Direct employee records.
Non-compliance to this policy may be requested through risk acceptance or variance process. Risk acceptance means appropriate management has reviewed the size, scope, and complexity of the non-compliance and deemed the risk is not sufficient to warrant mitigation. Variance means appropriate management has reviewed the size, scope, and complexity of complying and determined the risk is acceptable for a specified temporary period of time and choose to allow additional time to comply. In both cases, appropriate management must review, document approve, and manage the request and corresponding result.
Articles on this site may include embedded content (e.g. videos, images, articles, etc.). Embedded content from other websites behaves in the exact same way as if the visitor has visited the other website.
These websites may collect data about you, use cookies, embed additional third-party tracking, and monitor your interaction with that embedded content, including tracking your interaction with the embedded content if you have an account and are logged in to that website.