CDL Holdings Australia Pty Ltd and its subsidiaries (‘CDL Australia’, ‘we’ or ‘us’) purchase land for investment or sale, or both, and in particular develop and sell residential and retail properties in Australia. CDL Australia is committed to ensuring the privacy and security of Australian individuals’ personal information in accordance with the Australian Privacy Principles under the Privacy Act 1988 (Cth).
Australian Privacy Principles (“APPs”) are part of the Privacy Act 1988 and regulate the way in which organisations may collect, use or disclose an individual’s Personal Information.
Personal information means information or an opinion (whether or not true, and whether nor not recorded) about an identified individual, or about an individual who is reasonably identifiable.
Personal information that relates to an individual’s own characteristics, beliefs or affiliations is known as ‘sensitive information’ and will only be collected with an individual’s consent or when it is required by law.
Collection of Personal Information and how it is used
Circumstances and purposes of Collection
We obtain personal information about the following categories of individuals and use their information in the following circumstances and for the following purposes:
In general: providing you with the products or services that have been requested; helping us profile, review, develop, manage and enhance our products and services; communicating with you and responding to your queries, requests and complaints; providing ongoing information about our products and services which may be relevant; handling disputes and conducting and facilitating investigations and proceedings; protecting and enforcing our contractual and legal rights and obligations; preventing, detecting and investigating crime, including fraud and money-laundering; managing the infrastructure and business operations of CDL Australia and complying with internal policies and procedures; facilitating any proposed or actual business transactions; facilitating any proposed or actual business assignment involving CDL Australia; transfer, participation or sub-participation of any of our rights and obligations in respect of your relationship with us; complying with any applicable rules, laws and regulations, codes of practice or guidelines or to assist in law enforcement and investigations by relevant authorities.
For prospective tenants or tenants: coordinating viewings of our property; conducting appropriate due diligence checks to ensure suitability of tenant; administering the lease and/or licence including the verification of your identity, preparation of documentation, including letters of offer, other relevant leasing/legal documentation and applications for any relevant licences which may be required; administering the lease and/or licence agreement obligations of the parties; facilitating follow-ups on outstanding payments due where necessary, and to update your bank account details and business records; delivering correspondence or notices as may be required under the lease or licence; setting up new residential office, industry and retail units for tenants.
For prospective vendors or vendors: managing the outsourcing relationship; conducting background checks and due diligence; contacting you for emergency purposes; processing any payments of invoices and claims including payments to any accounts payable; ensuring the security of our premises.
For contractors and service providers: tendering for jobs or projects with us and contracting with us.
For prospective employees: communication about jobs available with us; checking information in your resume about your qualifications and work history; speaking to recruitment consultants, previous employers and personal referees; checking you have no criminal convictions. We may keep this information even if we do not employ you so as to contact you in the future if a suitable opportunity arises.
For current and former employees: While we keep personal information about employees, employee records are exempt from the APPs and the Federal Privacy Act. However, employees may have a right of access to certain employment records under state or Federal employment legislation. In all cases, we are committed to keeping employment information confidential and secure.
For persons who contact us by email: We may collect your email address, your name and (if shown in your email) the name of your employer and its or your postal address.
Compliance records: In relation to any of the above circumstances of collection, we may need to retain relevant personal information for a period or indefinitely if that information forms part of our compliance records (to evidence compliance with our corporate governance or legal obligations).
While some contacts with us such as general enquiries may be made anonymously or by using a pseudonym, if the relationship is to progress any further (by you becoming a client or having a business relationship with us) it will be necessary for us to know who you are. Similarly, we cannot generally deal with complaints made anonymously or by pseudonym.
What this means for you
How information is collected
We will collect personal information directly from the relevant individual, unless it is unreasonable or impracticable to do so (for example, in checking resume information). We will collect personal information from a variety of sources, including but not limited to:
- information (contact details, IP addresses etc.) collected from users of the CDL Australia website;
- emails and letters sent to us, including resumes;
- information that clients give us
- information that contractors give us as part of the tendering process;
- face to face meetings;
- business cards;
- telephone conversations.
Where a third party gives us information
Should a third party give us unsolicited personal information about an individual, we will within a reasonable period determine whether or not we could have collected the information directly and, if not, we will take reasonable steps to destroy or de-identify that information unless the law otherwise requires.
Individuals have the right to ask us to let them know the source of the personal information we hold about them. So long as a response is not impracticable or unreasonable, we will reply to all queries within a reasonable period without cost to the individual.
What information is collected
We may ask you for the following types of personal information, depending on our relationship with you:
- Your name, gender, phone numbers, postal and residential addresses and email address
- Your bank account details
- If you are acting on behalf of your employer, your job title, employer’s name and contact information
- for contractors, we may also collect additional information such as your ABN, professional and/or public liability insurance details
- For job applicants only: citizenship, any visa details, experience and qualifications and possibly also membership of professional organisations and referee contact details.
Where clients are corporations, they may provide us with personal information about different contact persons within that corporation including name, job title, and contact information.
Where a contractor is a corporation we may also collect additional information about their directors, managers, or contact persons which could include names, job titles, business and personal addresses and phone numbers.
We may also receive personal information (which may be sensitive information) from you in job interviews or telephone conversations and from your referees or from our own researches, including to verify your citizenship, visa details, qualifications, references and other information that you give us.
We do not adopt Commonwealth Government identifiers, such as a tax file number or a Medicare number, as a means of identifying individuals.
Use and Disclosure of Personal Information
Where we use third party service providers, these authorised service providers may have access to an individual’s personal information to perform contractually specified services. We contractually require that all personal information accessed by such authorised service providers be kept confidential and in accordance with the APPs.
Our website may contain links to other websites for you to access. You should be aware that the privacy policies of the operators of those other sites may not be the same as ours and you should refer to their own privacy policies.
When we collect personal information from an individual, or obtain personal information about them, we will give the individual a collection notice, specific to that collection.
From time to time, we may use your personal information to tell you as a current or potential client about investment opportunities or about residential property for sale in Australia. Where we do this electronically, we will comply with the Spam Act 2003 (that is, send communications only with the express consent of the recipient, or consent inferred from an existing relationship, which identifies the sender, and which includes an ‘unsubscribe’ mechanism).
If you do not want to receive electronic or other marketing messages you may ask us not to send you direct marketing by following the unsubscribe instructions on our communications or by contacting us using the details set out in the communication and we will comply as soon as reasonably practicable.
Overseas Individuals and Recipients
Customers located overseas may have additional privacy rights that apply under local law, such as the European Union General Data Protection Regulation.
Our Australian website will sit on server(s) operated through an Australian hosting provider. Personal information may be held on cloud servers located in Australia or in the data centres of CDL Australia’s outsourced data processors with cloud data centres in Australia, the United States of America, Europe and Asia.
That is, personal information held by us could be shared with our related bodies corporate, data hosting or other authorised service providers outside Australia. Where your personal information is transmitted out of Australia, we will take reasonable steps to ensure that your personal information is adequately protected. We contractually require that all personal information accessed by such authorised service providers be kept confidential and in accordance with the APPs.
Security and Quality of Personal Information:
We will take all reasonable steps to ensure that any personal information about you which we hold is:
- secure: protected from misuse, interference and loss and from unauthorised access, modification or disclosure; and
- appropriate: accurate, complete, up to date, relevant and not misleading having regard to the purpose for which it is held.
Your personal information may be kept and accessible in both hard and soft copy at any of our offices in Australia and may be shared within CDL Australia, and with our ultimate parent company in Singapore.
CDL Australia operates secure data networks protected by industry standard firewall with password protected systems. Our security and privacy policies are periodically reviewed and enhanced as necessary.
While we take reasonable steps to protect all the personal information in our possession that we obtain electronically (which may in the future include through our website), we cannot guarantee the security of all data submitted to us over the internet.
We restrict access to personal information to our employees, and authorised service providers who need to know that information in order to process it for us and who are subject to contractual confidentiality obligations, as well as relevant third parties to whom we required by law or regulation to disclose your personal information. Within CDL Australia, our access to your personal information is limited to the following departments for their respective purposes: Finance, IT, Property Management, Construction, and Compliance (including the Privacy Officer).
We will take reasonable steps to destroy or de-identify personal information if we no longer need it for any authorised purpose and are not required by law to retain it.
Access to Personal Information
To request access to your personal information please contact our Privacy Officer – contact details are below.
Correction of Personal Information
We appreciate any assistance to keep any personal information that we hold up to date, complete and accurate. If you want to update any personal information, you may do so by contacting the Privacy Officer.
We will, on request, amend any of your personal information which is inaccurate, incomplete, out of date, irrelevant or misleading (without cost to you) where:
- we are satisfied that the information needs to be corrected; and/or
- we agree with your request that the information be corrected.
If we disagree with your request, we will write to inform you of our concerns about making the change you have requested, giving reasons for our refusal and notifying you of available complaint mechanisms. If you wish, we will then (at no cost to you and within a reasonable period), take reasonable steps to associate with the appropriate records of your personal information a statement that you claim the information is inaccurate, incomplete or out of date (whichever is relevant) and that you have requested a particular change.
Data Breach Obligations
To the extent required by law, CDL maintains systems to respond to internal or external data breaches in accordance with the guides and resources at:
A breach will be reported to the regulator and to persons involved when:
- there is unauthorized access to, or disclosure of, personal information held by CDL, or where personal information is lost in a situation where unauthorized access or disclosure is likely to occur, and
- there is a risk of serious harm to the individuals to whom the information relates (for example, access to their bank details), and
- CDL has not been able to prevent the likely risk of serious harm to the individuals to whom the information relates by remedial action.
If you have a complaint about how we handle your personal information, please contact our Privacy Officer.
The Privacy Officer will acknowledge your complaint within three business days of receipt and will seek to resolve your complaint within 20 days of receipt.
CDL Privacy Officer Contact Details
M: 0418 789 407
If you are not satisfied with the outcome of your contact, you can contact:
Office of the Australian Information Commissioner
GPO Box 5218
Sydney NSW 2001
Phone: 1300 363 992
Facsimile: +61 2 9284 9666
More information on privacy legislation and guidance material is available from the Office of the Australian Information Commissioner at http://www.oaic.gov.au