Members of Vicinity Centres, comprising Vicinity Limited ABN 90 114 757 783 and Vicinity Centres Trust ARSN 104 931 928 (VCT) which are stapled and trade together on the Australian Securities Exchange, and their respective controlled entities, may collect personal and other information in circumstances including those set out below. We refer to each of these entities collectively in this policy as “us”, “we” or “Vicinity”. Vicinity Centres RE Ltd ABN 88 149 781 322 is the responsible entity of VCT.
Vicinity Centres is one of Australia’s leading real estate investment trusts, being a significant owner and manager across the full spectrum of Australian retail assets diversified by retail asset type, geographic location and tenant mix.
For more information about Vicinity Centres, please visit our website www.vicinity.com.au
Vicinity maintains a securityholder register through an external service provider, Link Market Services (LMS). Vicinity requires LMS to comply with the Australian Privacy Principles and Privacy Act when performing services for us.
LMS collects information from you including contact details, bank account information, tax file numbers and other securityholder information in order that it can carry out registry functions such as the payment of distributions and dividends, send annual and half yearly reports, notices of meetings and notifications to the Australian Taxation Office. Some of this information is collected pursuant to certain laws including the Income Tax Assessment Act and the Corporations Act, which also requires us to make some securityholder details available to members of the public on request.
What we collect?
We collect information about individuals including in the following ways:
Where we collect information from you, we will generally do so ourselves. However, in some cases we may collect information through your representatives, information service providers and other third parties. We discuss this further in section 3.6.
Types of information?
The information that we collect about you may include:
Vicinity’s shopping centres, including those managed on behalf of third parties, are under video, camera surveillance and CCTV surveillance and may be recorded. When entering Vicinity’s shopping centres, and car parks the personal information and still images of individuals may be collected by Vicinity. This information may be used by Vicinity or third party car park operators in connection with the management and security of the property generally, and may be provided to law enforcement and government bodies, insurers, Vicinity staff and subcontractors, third parties who provide Vicinity with services from time to time and retailers for these purposes.
How we use and disclose the information that we collect?
We may use and disclose personal information that we collect about you for the following purposes:
In relation to mobile applications and other online services, we may also share personal information with other users of one of our online services where you have chosen, through your own use of that service, to share your information with those users. You can control the information that you share through the online service by changing the information sharing settings within the service.
Your personal information will not necessarily be made available to all of our staff. Access to your information will generally be restricted to those staff who require the information for the purposes set out above.
Generally, if you choose not to provide certain information to us, then we may not be able to provide you with certain services and you may not be able to use certain parts of our websites or online services or participate in competitions or promotions that we run.
Cookies and other unique identifiers
Apart from the information mentioned above, we may also collect information about your usage of our websites by using cookie files which are stored on the hard drive of your computer. Cookies, which are small text files that a website may write to your hard drive when you visit the website, may be used for a variety of purposes, for example to manage security and store information about the type of browser being used. We use this information in order to help us recognise you as a unique visitor to the websites and to store your individual preferences, so that we can customise the websites to reflect your particular interests, and also for system administration purposes. You can accept or reject cookies by changing the relevant settings in your browser. However, if you decline cookies, you may be unable to access certain parts of our websites.
What information we collect?
We collect information from you if you lease or apply to lease a property from us (including if you act as a guarantor) during negotiations for leases and throughout the term of a lease or licence for premises, storage space, car park spaces and kiosks at properties we own and manage. This information may include:
Why we collect this information?
This information is collected in order to assess whether a lease, licence or other agreement should be granted or entered into, to help us manage our relationship with tenants, to carry out functions associated with managing properties and to monitor the performance of our properties. We may also share this information with our banks to facilitate banking arrangements and make it available to others in connection with any transactions involving the ownership or management of the property. If tenants provide direct debit details, these details will be disclosed to relevant banks to facilitate the provision of the bank’s service.
If tenants and guarantors do not provide the personal information that is required then the tenants may be unable to enter into, or to maintain, a lease or licence with the relevant centre landlords.
What we collect?
If you apply for, or we consider you for a position with us, we may also collect information about your qualifications, skills, experience and character and conduct screening checks (including reference, background, directorship, financial probity, identity, eligibility to work, vocational suitability and criminal record checks).
Vicinity collects personal information from you and other sources including publicly available information, your representatives, information service providers and the parties with which we engage the information as described in this Policy.
Furthermore, for our staff, Vicinity may collect personal information about you in connection with your employment. This information may include your name, date of birth, contact information, employment activity, use of IT resources, and any other information you provide, or provided on your behalf, as part of our induction and compliance processes. We collect some personal information about employees pursuant to various laws including the Fair Work Act, Superannuation Guarantee (Administration) Act and Income Tax Assessment and other tax laws, Corporations Act, occupational health and safety acts and workers compensation acts.
Why we collect?
For prospective employees:
After you join our staff, this information collected will be used for the purposes related to managing your employment, in accordance with the requirements of the Privacy Act. You need to ensure this information is up to date, in accordance with Vicinity’s policies and procedures. We may disclose this information to other employers seeking a reference about you and our service providers including providers of payroll, superannuation, staff benefits, surveillance and training services. Without your personal information we may not be able to effectively manage your employment or engagement and in some cases we may take appropriate disciplinary action including termination if you refuse to provide certain information.
We may rely on any applicable exemptions under privacy laws in handling personal information, including any exemptions relating to employee records.
What we collect?
We collect information from service providers, including contact and insurance details, ABNs and information as to financial standings and business experience.
Why we collect?
The personal information we collect is required to engage us to perform our obligations under our agreements with service providers and to assist us to manage our relationships with service providers.
Information we collect from others
We collect information about you from others, such as agents, advisers and brokers. We may collect information about you that is publicly available, for example from public registers or made publicly available by third parties. We may collect information from your account with a third party service (such as your social network profile) when you use that account to login to one of our online services.
The Privacy Act also protects your sensitive information (as that term is used in the Privacy Act). If we need to obtain this type of information, we will ask for your consent, except where we are permitted by law.
Gathering and combining data to get insights
Improvements in technology enable organisations like ours to collect and use information to get a more integrated view of customers and provide better services and offers (see section 3.2.3).
Vicinity may combine customer information it has with information available from external sources (for example census or Australian Bureau of Statistics data). Vicinity members are able to analyse the data in order to gain useful insights which may be used for the purposes mentioned earlier in this section 3.
Anonymity and pseudonymity
If possible, we will usually give you the option of dealing with us anonymously and pseudonymously. However, where legislation or practical considerations require us to collect personal information, we will not be able to allow for anonymity or pseudonymity.
We may disclose to, or receive and rely on rely on information about you from third parties where this is permitted by law including for any of the purposes mentioned in section 3. These third parties include:
From time to time we may send your information overseas, including to service providers or other third parties who operate or hold data outside Australia relevant to our business and activities.
Where we do this, we take reasonable steps to make sure that appropriate data handling and security arrangements are in place.
We may also send information overseas to complete a particular transaction, such as an international money transfer, or where this is required by laws and regulations of Australia or another country.
Generally, we use systems and services located in Australia, however some of our investment activity and products are located overseas, such as debt instruments and convertible notes issues.
When your information is sent overseas, it is typically being sent to one of the following countries:
If you are a securityholder located outside Australia, we may also provide your information to local authorities such as taxation authorities, banks and other permitted bodies in order to make distribution or dividend payments, comply with local laws and communicate with you or your representatives.
We keep your records on our premises and systems or offsite using third parties. We regard the security of personal information as a priority and use a number of security safeguards to protect it. We review our security safeguards on a regular basis and implement improvements where necessary to protect from misuse, interference and loss and from unauthorised access modification or disclosure.
However, no data transmission over the internet can be guaranteed as completely secure. So while we strive to protect such information, we cannot ensure or warrant the security of any information transmitted to us and individuals do so at their own risk.
Depending on the circumstances and information, our security safeguards can include:
You can ask for access to your information by contacting our Privacy Officer, going online to LMS if you are an investor/securityholder or contacting your relationship manager if you are a tenant. For all other investors, please contact your fund manager or other relevant contact.
There is no fee charged by Vicinity for accessing your information.
We try to respond to your access request within 30 days of the request. Before we give you the information, we’ll need to confirm you are appropriately authorised to access the information, which may include an identity verification process.
In certain circumstances we’re allowed to deny your request, or limit the access we provide. For example we might not provide you access to commercially sensitive information. Whatever the outcome, we’ll contact you explaining our decision.
It’s important that we have your correct details, such as your current address and telephone number. You can check or update your information by contacting our Privacy Officer, contacting LMS if you are a securityholder, or by contacting your relationship manager if you are a tenant. For all other investors, please contact your fund manager or other relevant contact.
You can ask us to correct any inaccurate information we hold or have provided to others by contacting us. If the information that is corrected is information we have provided to others, you can ask us to notify them of the correction. We don’t charge a fee for these requests.
If we’re able to correct your information, we’ll inform you when the process is complete.
If we disagree with you that information should be corrected, we’ll let you know in writing our reasons. You can ask us to include a statement with the relevant information, indicating your view that the information is inaccurate, misleading, incomplete, irrelevant or out-of-date.
We will take reasonable steps to comply with such a request.
We accept that sometimes we can get things wrong. If you have a concern about your privacy, you have a right to make a complaint. We take all privacy matters seriously and will consider your complaint carefully.
To lodge a complaint, please contact our Privacy Officer. We’ll review your situation within a reasonable timeframe (usually 30 days) and try to resolve it.
We acknowledge every complaint we receive and provide contact details of the investigating officer. We keep you updated on the progress we’re making towards fixing the problem.
Usually, it takes only a few days to resolve a complaint. However, if we’re unable to provide a final response within 7 business days we’ll contact you to explain why and discuss a timeframe to resolve the complaint.
If you’re not satisfied with our handling of your matter, you can refer your complaint for external dispute resolution. We suggest you do this only once you’ve first followed our internal complaint processes set out above.
If you are still not satisfied with the response, you may contact the Office of the Australian Information Commissioner by calling them at 1300 363 992, online at www.oaic.gov.au or writing to the Office of the Australian Information Commissioner, GPO Box 5218 Sydney NSW 2001.
Vicinity Privacy Officer
For privacy related queries, access or correction requests, or complaints, please contact our Privacy Officer at:
Level 4, Chadstone Tower One
1341 Dandenong Road
Chadstone VIC 3148
Phone: +61 3 7001 4000, Monday to Friday between 9am to 5pm Melbourne time.
Link Market Services Privacy Officer (if you are a securityholder only)
If you are a securityholder, please contact Link Market Services directly at the following:
Locked Bag A14
Sydney NSW 1235
Phone: +61 1800 502 355, Monday to Friday between 9am to 5pm Melbourne time
You can access additional information about our privacy practices through our website http://www.vicinity.com.au.
More information about the Australian Privacy Principles and the Privacy Act can be found directly from the Office of the Australian Information Commissioner at the website www.oaic.gov.au or through the following contacts:
Phone: 1300 363 992 (or outside Australia +61 2 9284 9749)
GPO Box 5218,
Sydney NSW 2001
Last updated: December 2016