CDL Australia Privacy Policy

CDL Australia Holdings Pty Ltd and its subsidiaries (‘CDL Australia’, ‘we’ or ‘us’) purchase land for investment or sale, or both, and in particular develop and sell residential and retail properties in Australia.  CDL Australia is committed to ensuring the privacy and security of Australian individuals’ personal information in accordance with the Australian Privacy Principles under the Privacy Act 1988 (Cth).

This Privacy Policy describes how CDL Australia companies collect, process and handle personal information received in Australia.  CDL Australia may from time to time update this Privacy Policy to ensure that it is consistent with our future developments, industry trends and/or any changes in legal or regulatory requirements.

Definitions

Australian Privacy Principles (“APPs”) are part of the Privacy Act 1988 and regulate the way in which organisations may collect, use or disclose an individual’s Personal Information.

Personal information means information or an opinion (whether or not true, and whether nor not recorded) about an identified individual, or about an individual who is reasonably identifiable.

Personal information that relates to an individual’s own characteristics, beliefs or affiliations is known as ‘sensitive information’ and will only be collected with an individual’s consent or when it is required by law.

Collection of Personal Information and how it is used

We collect personal information from individuals only to the extent this is necessary for us to comply with Australian law and perform functions associated with our business activities.  We may share that information within our corporate group and as otherwise disclosed in this Privacy Policy.

Circumstances and purposes of Collection

We obtain personal information about the following categories of individuals and use their information in the following circumstances and for the following purposes:

In general: providing you with the products or services that have been requested; helping us profile, review, develop, manage and enhance our products and services; communicating with you and responding to your queries, requests and complaints; providing ongoing information about our products and services which may be relevant; handling disputes and conducting and facilitating investigations and proceedings; protecting and enforcing our contractual and legal rights and obligations; preventing, detecting and investigating crime, including fraud and money-laundering; managing the infrastructure and business operations of CDL Australia and complying with internal policies and procedures; facilitating any proposed or actual business transactions; facilitating any proposed or actual business assignment involving CDL Australia; transfer, participation or sub-participation of any of our rights and obligations in respect of your relationship with us; complying with any applicable rules, laws and regulations, codes of practice or guidelines or to assist in law enforcement and investigations by relevant authorities.

For prospective tenants or tenants: coordinating viewings of our property; conducting appropriate due diligence checks to ensure suitability of tenant; administering the lease and/or licence including the verification of your identity, preparation of documentation, including letters of offer, other relevant leasing/legal documentation and applications for any relevant licences which may be required; administering the lease and/or licence agreement obligations of the parties; facilitating follow-ups on outstanding payments due where necessary, and to update your bank account details and business records; delivering correspondence or notices as may be required under the lease or licence; setting up new residential office, industry and retail units for tenants.

For prospective purchasers or purchasers: informing you of investment or purchase opportunities in accordance with this Privacy Policy; administering the sale process including the verification of your identity, preparation of documentation as may be required for any purchase or sale or sub-sale of our property; administering and coordinating property and/or show flat viewings; administering and coordinating alteration and addition works on our property; updating your bank account details and business records to facilitate follow-ups on outstanding arrears; administering and tracking the status of any defects rectification; delivering correspondence or notices as may be required under the sales documentation; complying with any relevant legal or regulatory obligations, including maintaining the strata roll of the property development.

For prospective vendors or vendors: managing the outsourcing relationship; conducting background checks and due diligence; contacting you for emergency purposes; processing any payments of invoices and claims including payments to any accounts payable; ensuring the security of our premises.

For contractors and service providers: tendering for jobs or projects with us and contracting with us.

For prospective employees: communication about jobs available with us; checking information in your resume about your qualifications and work history; speaking to recruitment consultants, previous employers and personal referees; checking you have no criminal convictions.  We may keep this information even if we do not employ you so as to contact you in the future if a suitable opportunity arises.

For current and former employees: While we keep personal information about employees, employee records are exempt from the APPs and the Federal Privacy Act.  However, employees may have a right of access to certain employment records under state or Federal employment legislation. In all cases, we are committed to keeping employment information confidential and secure.

For persons who contact us by email: We may collect your email address, your name and (if shown in your email) the name of your employer and its or your postal address.

Compliance records: In relation to any of the above circumstances of collection, we may need to retain relevant personal information for a period or indefinitely if that information forms part of our compliance records (to evidence compliance with our corporate governance or legal obligations).

While some contacts with us such as general enquiries may be made anonymously or by using a pseudonym, if the relationship is to progress any further (by you becoming a client or having a business relationship with us) it will be necessary for us to know who you are.  Similarly, we cannot generally deal with complaints made anonymously or by pseudonym.

What this means for you

By contacting us (whether through our websites or otherwise), you enable our (including our respective agents’) collection, use and disclosure of any personal information you give us and related information in the manner described in this Privacy Policy.  In particular, we may contact third parties where this is appropriate (for example if you are a jobseeker) to check information that you give us about yourself in your resume or that you give us about individuals in your business in your contract tender.  We may collect information about you without your knowledge or consent where we believe it appropriate to do so.

How information is collected

We will collect personal information directly from the relevant individual, unless it is unreasonable or impracticable to do so (for example, in checking resume information).  We will collect personal information from a variety of sources, including but not limited to:

  • information (contact details, IP addresses etc.) collected from users of the CDL Australia website;
  • emails and letters sent to us, including resumes;
  • information that clients give us
  • information that contractors give us as part of the tendering process;
  • face to face meetings;
  • interviews;
  • business cards;
  • telephone conversations.

Where a third party gives us information

Should a third party give us unsolicited personal information about an individual, we will within a reasonable period determine whether or not we could have collected the information directly and, if not, we will take reasonable steps to destroy or de-identify that information unless the law otherwise requires.

Individuals have the right to ask us to let them know the source of the personal information we hold about them.  So long as a response is not impracticable or unreasonable, we will reply to all queries within a reasonable period without cost to the individual.

What information is collected

We may ask you for the following types of personal information, depending on our relationship with you:

  • Your name, gender, phone numbers, postal and residential addresses and email address
  • Your bank account details
  • If you are acting on behalf of your employer, your job title, employer’s name and contact information
  • for contractors, we may also collect additional information such as your ABN, professional and/or public liability insurance details
  • For job applicants only: citizenship, any visa details, experience and qualifications and possibly also membership of professional organisations and referee contact details.

Where clients are corporations, they may provide us with personal information about different contact persons within that corporation including name, job title, and contact information.

Where a contractor is a corporation we may also collect additional information about their directors, managers, or contact persons which could include names, job titles, business and personal addresses and phone numbers.

We may also receive personal information (which may be sensitive information) from you in job interviews or telephone conversations and from your referees or from our own researches, including to verify your citizenship, visa details, qualifications, references and other information that you give us.

We do not adopt Commonwealth Government identifiers, such as a tax file number or a Medicare number, as a means of identifying individuals.

Use and Disclosure of Personal Information

We will not make personal information about an individual that we have collected for business purposes available to anyone outside CDL Australia except to our authorised service providers and relevant third parties in the manner set forth in this Privacy Policy, where instructed by that individual or to the extent required by or permitted by law.

Where we use third party service providers, these authorised service providers may have access to an individual’s personal information to perform contractually specified services.  We contractually require that all personal information accessed by such authorised service providers be kept confidential and in accordance with the APPs.

Our Website

We do not currently collect personal information about you when you view our website, except where you send us an email through our website.  Our website does not use cookies to monitor usage of our website or to create a record of when individuals visit our website and what pages they view.  If this changes in the future, it is possible that our website cookies might collect your personal information in the form of your IP address or domain name.  That information could be shared within CDL Australia, with overseas parent companies and with third party contractors to the extent necessary for them to assist with our website and marketing services.

Our website may contain links to other websites for you to access.  You should be aware that the privacy policies of the operators of those other sites may not be the same as ours and you should refer to their own privacy policies.

Collection Notices

When we collect personal information from an individual, or obtain personal information about them, we will give the individual a collection notice, specific to that collection.

Contacting You

From time to time, we may use your personal information to tell you as a current or potential client about investment opportunities or about residential property for sale in Australia.  Where we do this electronically, we will comply with the Spam Act 2003 (that is, send communications only with the express consent of the recipient, or consent inferred from an existing relationship, which identifies the sender, and which includes an ‘unsubscribe’ mechanism).

If you do not want to receive electronic or other marketing messages you may ask us not to send you direct marketing by following the unsubscribe instructions on our communications or by contacting us using the details set out in the communication and we will comply as soon as reasonably practicable.

Overseas Individuals and Recipients

Overseas individuals

Customers located overseas may have additional privacy rights that apply under local law, such as the European Union General Data Protection Regulation.

Overseas recipients

Our ultimate parent company is City Developments Limited of Singapore, which is listed on the Singapore Stock Exchange. Where necessary for business purposes, personal information held by CDL Australia could be shared with the ultimate parent company in Singapore or other related overseas companies. Our parent company is subject to the privacy laws of Singapore and has its own privacy statement and policy governing the handling of any personal information, which is not covered by this Privacy Policy.

Our Australian website will sit on server(s) operated through an Australian hosting provider. Personal information may be held on cloud servers located in Australia or in the data centres of CDL Australia’s outsourced data processors with cloud data centres in Australia, the United States of America, Europe and Asia.

That is, personal information held by us could be shared with our related bodies corporate, data hosting or other authorised service providers outside Australia. Where your personal information is transmitted out of Australia, we will take reasonable steps to ensure that your personal information is adequately protected. We contractually require that all personal information accessed by such authorised service providers be kept confidential and in accordance with the APPs.

Security and Quality of Personal Information:

We will take all reasonable steps to ensure that any personal information about you which we hold is:

  1. secure: protected from misuse, interference and loss and from unauthorised access, modification or disclosure; and
  2. appropriate: accurate, complete, up to date, relevant and not misleading having regard to the purpose for which it is held.

Your personal information may be kept and accessible in both hard and soft copy at any of our offices in Australia and may be shared within CDL Australia, and with our ultimate parent company in Singapore.

CDL Australia operates secure data networks protected by industry standard firewall with password protected systems.  Our security and privacy policies are periodically reviewed and enhanced as necessary.

While we take reasonable steps to protect all the personal information in our possession that we obtain electronically (which may in the future include through our website), we cannot guarantee the security of all data submitted to us over the internet.

We restrict access to personal information to our employees, and  authorised service providers who need to know that information in order to process it for us and who are subject to contractual confidentiality obligations, as well as relevant third parties to whom we required by law or regulation to disclose your personal information.   Within CDL Australia, our access to your personal information is limited to the following departments for their respective purposes: Finance, IT, Property Management, Construction, and Compliance (including the Privacy Officer).

We will take reasonable steps to destroy or de-identify personal information if we no longer need it for any authorised purpose and are not required by law to retain it.

Access to Personal Information

We will handle all requests for access in accordance with the APPs and this Privacy Policy. In most cases, we will give an individual access to any personal information that we hold about them within a reasonable period and in the manner requested, if that is reasonable. In some cases, we may refuse access where refusal is required or permitted by law.   We may reject requests that are unreasonably repetitive, require disproportionate technical effort (for example, information that is only available on older back up tapes, or would involve developing a new system or significantly changing an existing practice), or which risk the privacy of others.  We will provide the individual with reasons for any refusal.  We may charge a reasonable fee for giving an individual access to their personal information, however at present we do not propose to make any charge.

To request access to your personal information please contact our Privacy Officer – contact details are below.

Correction of Personal Information

We appreciate any assistance to keep any personal information that we hold up to date, complete and accurate. If you want to update any personal information, you may do so by contacting the Privacy Officer.

We will, on request, amend any of your personal information which is inaccurate, incomplete, out of date, irrelevant or misleading (without cost to you) where:

  1. we are satisfied that the information needs to be corrected; and/or
  2. we agree with your request that the information be corrected.

If we disagree with your request, we will write to inform you of our concerns about making the change you have requested, giving reasons for our refusal and notifying you of available complaint mechanisms.  If you wish, we will then (at no cost to you and within a reasonable period), take reasonable steps to associate with the appropriate records of your personal information a statement that you claim the information is inaccurate, incomplete or out of date (whichever is relevant) and that you have requested a particular change.

Data Breach Obligations

To the extent required by law, CDL maintains systems to respond to internal or external data breaches in accordance with the guides and resources at:

https://www.oaic.gov.au/agencies-and-organisations/guides/data-breach-preparation-and-response

A breach will be reported to the regulator and to persons involved when:

  • there is unauthorized access to, or disclosure of, personal information held by CDL, or where personal information is lost in a situation where unauthorized access or disclosure is likely to occur, and
  • there is a risk of serious harm to the individuals to whom the information relates (for example, access to their bank details), and
  • CDL has not been able to prevent the likely risk of serious harm to the individuals to whom the information relates by remedial action.

Complaints Process

If you have a complaint about how we handle your personal information, please contact our Privacy Officer.

The Privacy Officer will acknowledge your complaint within three business days of receipt and will seek to resolve your complaint within 20 days of receipt.

CDL Privacy Officer Contact Details

Privacy Officer:

John Bush

M: 0418 789 407

E: johnbush@cdl.com.sg

If you are not satisfied with the outcome of your contact, you can contact:

Office of the Australian Information Commissioner

GPO Box 5218

Sydney NSW 2001

Phone: 1300 363 992

Email:   enquiries@oaic.gov.au

Facsimile: +61 2 9284 9666

Copies of this Privacy Policy and further information

If you wish to obtain a free copy of this Privacy Policy (by post or email) and/or more information about the way that we handle your personal information, contact our Privacy Officer.

Interpretation

Should there be any inconsistency between this Privacy Policy and applicable privacy legislation, this Privacy Policy shall be interpreted to give effect to, and comply with, such legislation.

Further Information

More information on privacy legislation and guidance material is available from the Office of the Australian Information Commissioner at http://www.oaic.gov.au

Enquire Now