AUSTRALIAN PHOTOGRAPHY AWARDS
PRIVACY POLICY
Version 3.1: 19 February 2020

GENERAL
Australian Photography Awards Pty Ltd (ACN 638 969 043) (“us, we, or the Company“) respect the privacy of the users of our websites (“Sites“), our customers and other individuals who interact with us in some other way. We have created this privacy policy to explain how we collect, store, use and disclose personal information.
Access to our privacy policy is free. If you would like us to post you a copy of our privacy policy, or have any questions about it or its contents, please email us at [email protected]
Personal information is defined in the Privacy Act 1988 (Cth) (“Privacy Act“) as:
“Information or an opinion about an identified individual, or an individual who is reasonably identifiable:
a) Whether the information or opinion is true or not; and
b) Whether the information or opinion is recorded in a material form or not.”
The Privacy Act includes thirteen (13) Australian Privacy Principles (APPs). The APPs regulate the way many companies collect, use, hold and disclose personal information.
“Usage Information” means anonymous aggregate data that is automatically collected through your use of our Sites. This includes information that identifies your device, your operating system, your IP address and dates and times that you access and use the Sites. This information is used for statistical analysis to help us improve our services to the benefit of all users.
Our practices and internal policies are consistent with our obligations under the Privacy Act, as well as the EU General Data Protection Regulation 2016/679 (“GDPR”). The GDPR recognises that Usage Information, whilst for the most part anonymous, can be cumulatively used to directly or indirectly identify you. Usage Information that can be used to identify you in any way, together with your personal information, shall collectively be referred to in this privacy policy as “Personal Data”
From time to time we may update this privacy policy without prior notice. In such cases we will notify you by updating the policy published on our Sites. Your continued use of our Sites, participation in our competitions or correspondence by phone mail or email following the publication of any amended privacy policy shall signify your acceptance of that amended privacy policy, except where we are otherwise obliged by law to seek your direct consent.

HOW AND WHY WE COLLECT PERSONAL INFORMATION
The Company collects personal information in a number of ways. The most common ways we collect personal information include:
a) Via the Australian Photography Awards Competition. We will collect personal information required to conduct the competition.
b) Via our website. We will collect personal information when you lodge an enquiry on our website. We use that personal information to respond to your enquiry.
c) When you speak to us via phone, mail or email. We will use the personal information provided to correspond with you and provide the information or services that you have requested.
Our Sites may collect Usage Information that may or may not be personal information. For each visitor to the Site, our server automatically recognises and stores the individual’s “IP address” (eg. the domain name or Internet protocol address), the type of Internet browser being used, the address of the site that “referred” the individual to our website and clickstream data. If this information cannot be used or combined with other data to identify you, it will not be personal information.
We also collect personal information for the purpose of providing you with any goods or services that you request, to update our Sites, to improve the services or goods that we provide and to develop our business.

WHAT PERSONAL INFORMATION IS COLLECTED?
We aim to only collect personal information that is necessary to fulfil the purpose for which you have disclosed it, or as required by law.
If you ask us to provide you with information, goods or services, sign up to join one of the our clubs or mailing lists, or submit a competition entry form, you will be asked to provide contact information (such as your name, telephone number, postal address and email address). You may also be asked for demographic information (such as your age and gender) and/or profile data (such as entertainment preferences e.g. what type of films you prefer).
In some instances we may need to ask you for additional information necessary to provide you with the goods or services you have requested. When we ask you for further information in addition to that you provide to us initially, we will tell you why we are collecting that information.
We aim to only collect information that is absolutely necessary to provide you with any service you have requested. It is your choice to provide us with Personal Information. If you would prefer to remain anonymous, we are happy to still deal with you provided that we don’t need to know who you are. Please be aware that it may be necessary for us to collect your Personal Information to provide services to you. As such, if you do not wish to provide your Personal Information, we may not be able to provide you with full access to our Sites and services.
Instances where this may be possible include where you are providing us with anonymous feedback that does not require a response.
We do not collect sensitive information except with your consent, and then only if collection of such information is necessary for some activity or function. For the purpose of this policy, “Sensitive Information” means health information or information or an opinion about an individual’s:

racial or ethnic origin;
political opinions;
membership of a political association;
religious beliefs or affiliations;
philosophical beliefs;
membership of a professional or trade association;
membership of a trade union;
sexual preferences or practices; or
criminal record.

COOKIES
We utilise “cookies” to monitor traffic patterns and to serve you more efficiently if you revisit the Website. A cookie does not identify you personally, but it does identify your computer. You can set your browser to notify you when you receive a cookie and this will provide you with an opportunity to either accept or reject it in each instance. If you disable cookies, the Website may not function properly.

THIRD PARTY SITES
The Sites contain plugins and links to third party sites to enhance your user experience. Please note that this privacy policy does not cover the privacy practices of third party sites which may be integrated or otherwise linked to the Sites. Please refer directly to the privacy policies and statements of any third party site to obtain information regarding their information collection, use, and disclosure policies. To the maximum extent permitted by law, we disclaim all liability in connection with any loss or damage that may arise from the collection, use, and disclosure of your information by any third party site. If you have any concerns about a third party site featured on our Sites, we encourage you to reach out to them directly.

STORAGE OF PERSONAL INFORMATION
Any information we collect about you will be kept securely by us unless an event beyond our control disrupts the measures we have in place. We use up-to-date security, firewall, anti-virus and encryption software to secure the data we keep and to prevent unauthorised access, destruction, use, modification or disclosure. We have procedures in place with regards to staff access to personal information and ensure that only those staff who need to know have access to your information.
We will only store personal information for so long as it is required either to fulfil the purpose for which it was collected or to fulfil our obligations at law. We will conduct regular reviews of the personal information we hold and destroy or de-identify information no longer required.

DISCLOSURE OF PERSONAL INFORMATION
Generally, personal information will not be disclosed to individuals or organisations outside of the Company without your prior consent. However, in the circumstances described below, personal information may be disclosed to:
Essential service providers: There may be other companies that we rely on to provide goods or services to you. We may be required to provide your personal information to these companies to ensure that we can deliver goods or services to you.
Law enforcement or government bodies: There are exceptions under the Privacy Act with regards to the provision of personal information to law enforcement or government bodies. When a legitimate request is sent to us by a law enforcement or government body we will comply with that request and may provide personal information about you without your consent.
Entities related to us or who take control of part or all of our business: In providing personal information to us you will need to be aware of the possibility that, in future, another entity may take control of part or all of our business. In that case, your personal information will be provided to that entity.
If we disclose personal information to a third party under outsourcing or contracting arrangements (a service provider), we will take steps to ensure that they have:
Signed a binding agreement (reviewed by our legal advisors);
Handle the personal information in a manner consistent with the APPs (regardless of whether they are a small business, or would otherwise be exempt from the Privacy Act);
Only use the personal information in order to provide specific services or to perform the specific functions required; and
Store the personal information securely, and only for as long as is necessary to provide the required services to perform the required functions.
We will not sell or otherwise provide your Personal Data to a third party, or make any other use of your Personal Data, for any purpose which is not incidental to your use of our services (including our Sites). For the avoidance of doubt, Personal Data will not be used for any purpose which a reasonable person in your position would not expect.
We recognise your right under the Spam Act 2003 (Cth) and the GDPR to opt out from direct marketing communications, and as such these consents can be modified at any time by emailing us at [[email protected]], or by clicking ‘unsubscribe’ on any direct marketing communications.
Please note certain non-marketing related correspondence from us, including messages relating to payment, will be automatically sent to you by virtue of your use of the Sites and associated services and you may not have the option to unsubscribe from receiving this correspondence.

ACCESS TO PERSONAL INFORMATION
Under the Privacy Act, you have the right to seek access and to update or correct the personal information that we hold about you. If you wish to exercise your right under the Privacy Act to seek access to the personal information held for you, you should make the request in writing (to the address specified below).
Ordinarily we will not charge for providing access/copies of personal information we hold about you, and will generally respond to access requests of this type within 30 days. If we anticipate there being a fee (for the time we spend locating and compiling the information you have asked for) we will provide you with an estimate before proceeding. If a fee is payable it will be based on an hourly rate plus the cost of photocopying or other out of pocket expenses. For legal and administrative reasons we may also store records containing personal information in archives. Access to these historical records may result in a charge being incurred (an estimate will be provided to you prior). Due to the nature of archive, requests for access to historical records may take longer to process than with current records.
You may correct the personal information we hold about you at any time, you should make the request in writing (to the address specified below). We do not charge a fee to correct personal information held. You acknowledge and agree that you remain solely responsible for maintaining the truth, accuracy, and completeness of your information at all times, and we shall have no liability to you or any third party arising from your failure to do the same.
On review of your request, if we agree that the personal information held is not accurate, complete and up to date, it will be corrected by the appropriate person. If we do not agree, you will be provided with the reason(s) for the views and the opportunity to make a statement of your view and have it included with the information held.
In accordance with the GDPR, we additionally acknowledge the specific rights of EU subjects to:
have their data erased that is no longer being used for a legitimate purpose;
request a copy of all Personal Data held about them by us in a readable format; and
request restricted processing of their Personal Data whilst any complaints or concerns are being resolved.
To erase, request or restrict processing of your Personal Data, please email us at [[email protected]].

SECURING YOUR INFORMATION
We employ appropriate electronic and procedural measures to protect Personal Data from unauthorised access or modification. Access to your personal information is limited to employees we believe reasonably need to use that information in order to perform their roles in providing the services, and who are trained and educated about this privacy policy and our obligations under the Privacy Act, the APPs, and GDPR.
No security measures are, however, 100% secure and we cannot guarantee the security of your information or data at any time. To the extent permitted by law, we accept no liability for any breach of security, or direct hacking of our security measures, or any unintentional disclosure, loss, or misuse of any information or data, or for the actions of any third parties that may obtain any information or data.
Notwithstanding the above, we acknowledge their obligation to report any data breach that is likely to risk the rights and freedoms of natural persons to the Australian Information Commissioner and, where such data breach involves the information of EU subjects, report to the European Data Protection Supervisor. We will also inform you, where possible, if any Personal Data has been breached in circumstances that pose a serious risk of harm to your rights and freedoms.

OVERSEAS DISCLOSURE
We may, in the course of providing the Sites to you, disclose Personal Data to overseas countries that are deemed by the EU Commission as having an ‘adequate’ level of Personal Data protection. Where we transfer data to a third party in a country where no adequacy decision has been made, we warrant that such third parties in those countries are bound under contract to meet the requirements of the GDPR.

COMPLAINTS
You have a right to complain to us if you are concerned about your privacy, how we have dealt with your personal information or in relation to the Privacy Act.
If you are concerned about how we have dealt with your personal information you should first contact us (using the details set out below). We will endeavour to send you a written response within 10 business days.
If you are not satisfied with the way we have managed or attempted to resolve your complaint you may complain to the Office of the Australian Information Commissioner by calling them on 1300 363 992, via their website at oaic.gov.au or by mail to the Office of the Australian Information Commissioner, GPO Box 5218 Sydney NSW 2001.
Our Sites contain links to third party websites for individual’s convenience and information. Individuals should be aware that when they access a third-party website, we are not responsible for the privacy practices or policies of that third party and will not be liable for any use or disclosure your personal information by any third party to whom your information is sent. We suggest that you review the privacy policy of each website you visit.

ACCEPTANCE OF THESE TERMS
By using the Sites, you signify your acceptance of this privacy policy. If you do not agree to this policy, please do not use our Sites or provide us with your personal information. The Company reserves the right to modify, alter or otherwise update this policy at any time. Should the Company modify, alter or otherwise update this policy, it will prominently post notice(s) of the changes on the Sites covered by this privacy policy.

CONTACT DETAILS
Thank you for taking the time to read our privacy policy. If you have any questions regarding our privacy policy, you can reach our privacy officer at [email protected] or at:

If you are not satisfied with our handling of your Personal Data, or have any other concern about this privacy policy, then you may lodge a formal complaint with the Office of the Australian Information Commissioner (for more information, please see www.oaic.gov.au) or with the European Data Protection Supervisor (for more information, please see https://edps.europa.eu).