Our privacy commitment
Bastion is committed to protecting the privacy of your personal information. We manage your personal information in an open and transparent way.
Bastion will only use your personal information when it is necessary for us to undertake our services or perform other necessary business functions and activities.
Bastion will not use or disclose your personal information for purposes unrelated to our services or business, unless we first obtain your consent.
Who are we and how to contact us
‘We’, ‘us’, ‘our’ and ‘Bastion’ refers to (and this policy applies to) BASTION COLLECTIVE AUSTRALIA PTY LTD (ABN 64 637 830 589) trading as Bastion.
The Privacy Officer
14-18 Cremorne Street
Richmond Vic 3121
If you would like Bastion to send you a hard copy of this policy, please contact us and we will do so.
Our Privacy Obligations
Bastion is bound by the requirements of these laws, which regulates how we may collect, use, disclose and store personal information. These laws also specify how individuals may access and correct personal information held about them.
‘Personal Information’ means information or an opinion (including information or an opinion forming part of a database), whether true or not, and whether recorded in a material form or not, about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion. For example, these types of information could include your name, contact details, age, image and health information.
Clients, employees, suppliers and community members
From whom do we collect personal information?
We collect personal information from clients, employees and suppliers (including prospective ones), employee referees and next of kin, our network, associations and partners with whom we collaborate, the public at large and regulators.
How and why does Bastion collect and hold your personal information?
We will only collect personal information about you by lawful and fair means, and not in an unreasonably intrusive manner.
It is our usual practice to collect personal information directly from you when you:
- seek our services
- participate in one of our research surveys, focus groups, workshops, online communities or questionnaires – in person, online or via an audio-visual link
- apply for or obtain a job with us or participate in alumni events
- quote, tender or provide us with goods or services, or such other means by which we may source goods or services
- request information from us
- subscribe to our email newsletters or communications
- visit or use a Bastion website (including any participation in forums)
- complete an online form on one of our website or social media channels
- enter a trade promotion or competition
- complete a hard copy form
- speak with us, or one of our representatives directly
- contact us directly by telephone, via mail, e-mail or online
We may also collect personal information about you from a third party or a publicly available source (including social media), but only if you have consented to such collection, or would reasonably expect us to collect your personal information in this way, for instance job applicants and employees provide referee and next of kin details to us, clients might provide us with trade references.
Where we can, we will allow you to deal with us anonymously or by using a pseudonym. However, in some circumstances, this may not be possible, and we may need to collect personal information from you to provide you with a delivery or other service. In some cases, if you do not provide the required personal information we will not be able to provide you with a service.
If we receive information about you from a third party and it is not information we need in respect of our business activities, we will destroy or de-identify that information (provided it is lawful to do so).
What kind of personal information does Bastion collect and hold?
Any personal information that you provide via our websites or directly is collected and managed by Bastion.
The types of personal information Bastion Collective may collect includes your:
- date of birth;
- marital status and family details;
- residential, business and postal address;
- email address;
- contact telephone numbers;
- employment and education history
- identification details;
- testimonials or opinions;
- images, audio & videos of you;
- financial information, such as salary bands;
- written or verbal contact with Bastion, including voice recordings of telephone conversations you have had with our employees; and
- activities, including but not limited to lifestyle and other interests.
Whilst you may opt not to provide us with your personal information, you should be aware that without this personal information, we may not be able to do business with you, employ you, seek your input or feedback, provide you with some of the services and/or products you are seeking.
If you provide us with information about any third party, you must obtain that person’s permission to give us the information and inform them that you have given the information to us.
How does Bastion use your personal information?
We use your personal information for a variety of reasons including to:
- contact you
- provide our services
- conduct marketing research and analysis
- to seek your opinion
- answer your inquiries
- deliver customer service or account management
- promote a testimonial from you
- enable us to undertake a credit assessment
- consider receiving goods or services
- meet our legal obligations
- consider making offers for employment purposes
- manage and resolve any legal, consumer or commercial complaints and issues
- carry out internal functions including training
In what circumstances will Bastion disclose your personal information?
In the course of conducting our business we may disclose your personal information.
We only disclose personal information for the purposes for which it was given to us, or for purposes which are directly related to one of our functions or activities. We do not give it to anyone else unless one of the following applies:
- you have consented to the disclosure
- you would reasonably expect, or have been told, that your information is passed to those individuals, businesses or agencies, or
- it is otherwise required or authorised by law.
If we engage third-party agents or contractors, we will take all reasonable steps to ensure that they do not breach privacy requirements in relation to the information, before we share your personal information with them.
Who do we disclose your personal information to?
We may disclose your personal information to:
- a related business or entity
- to companies that provide us with goods or services or perform services on our behalf
- professional advisers (such as lawyers or auditors)
- payment systems operators, financial institutions, superannuation funds
- organisations authorised by us to conduct promotional, research or marketing activities
- upon lawful request from law enforcement agencies or government authorities
- any persons acting on your behalf including those persons nominated by you, including executors, trustees and legal representatives.
In all circumstances where your personal information is disclosed, we will take all steps reasonable to ensure that these third parties undertake to protect your privacy.
We are committed to compliance with all laws and requirements relating to the use of your personal information. We will only use or disclose your personal information for direct marketing purposes if you have provided your information for that purpose (and you would expect us to use the information for that purpose), or if you have provided consent for your information to be used in this way.
From time to time, we may contact you with information about opportunities, products and services offered by us, our related entities, our clients and our business partners, which we think may be of interest to you. When we contact you it may be by mail, telephone, email, SMS/text message or social media message.
Where we use or disclose your personal information for the purpose of direct marketing, we will:
- allow you to request not to receive direct marketing communications (also known as ‘opting-out’); and
- comply with your request to ‘opt-out’ of receiving further communications within a reasonable timeframe.
Bastion will only ever contact you if you have consented to this, and you can ask to be removed from our marketing lists at any time by contacting us directly.
If you do not wish to be contacted by Bastion please email us at firstname.lastname@example.org
Does Bastion disclose your personal information to overseas recipients?
Your personal information may be disclosed to our related entities, clients, business partners and service providers in Australia and overseas.
The countries this information may be disclosed to will vary from time to time, but may include Australia, the United States of America, the European Economic Area.
Sometimes we use third party platforms and services, including cloud services, to store, backup and process data (including financial data), provide support, account manage, send marketing messages, facilitate our services, customer relationship management. These services are hosted and managed by organisations other than ourselves, and some of these services are hosted overseas. We use products and services maintained in Australia, the United States of America and European Economic Area.
Your personal information may be stored in a secure and encrypted form overseas (e.g. in data storage and cloud computing facilities operated by us (or by third parties on our behalf).
Use of Government Identifiers
We will not use Government Identifiers, such as a driver’s licence number as its own identifier of individuals.
Data quality and Security
We will take all reasonable steps to ensure that your personal information is stored securely and is protected from misuse and loss and from unauthorised access, modification or disclosure.
The personal information that we collect about you is stored on our internal and third-party database servers & filing systems managed by us in Australia.
Our websites are professionally hosted and operate in a secure environment. You should however be aware that there is always an inherent risk in transmitting your personal information via the Internet.
To make sure you are accessing a secure server, check for the unbroken key or closed lock symbol located generally near a corner of your browser window or the address bar. If it appears, then SSL is active. You can double check this by looking at the URL as well. If SSL is active, then the first characters of that line will read ‘https’ rather than just ‘http’. It is important for you to protect against unauthorised access to your password and to your computer.
Ensure you logout when you have finished visiting our websites especially if you accessed them from a shared computer.
Cookies are pieces of information that a website transfers to your computer for record-keeping purposes. The information collected may be used by us to improve your experience on our website.
If you visit an area of the website where you are not required to log on, to read, browse or download information, our system will record the date and time of your visit to our site, the pages viewed and any information downloaded.
Our websites use Google Analytics Services, for more information about cookies used, see Google Cookies Policy.
Links to third party sites
Whilst links to third party websites may be provided on our website, we are not responsible for the content or practices of these third party websites.
These links are provided for your convenience and do not represent our endorsement of any linked third party website. We recommend that you check the privacy policies of these third parties prior to providing them with your personal information.
No links may be made to this website without our prior written consent.
How you can access or correct your personal information
You can request access to the personal information we hold about you at any time, and we will provide you with that information unless we are prevented by law from giving it to you.
If we are unable to give you access to the information you have requested, we will give you reasons for this decision when we respond to your request.
You will not be charged for accessing your information, although we might have to charge the reasonable cost of processing your request, including photocopying, administration and postage. We will advise you of any fee payable before we process your request.
If you believe that your personal information is not accurate, complete or up to date or you have any other privacy concerns then please contact us (refer to details above)
If you consider your privacy concerns have not been resolved satisfactorily by us, or you wish to obtain more information on privacy requirements, you can contact the Office of the Australian Information Commissioner on 1300 363 992 or visit their website at www.oaic.gov.au.