Collecting Personal Information
We collect Personal Information that is reasonably necessary for us to conduct our business, including to provide products and services to our customers, to improve our products and services, and when customers access our sites, including the Perth Mint. We may also collect information to fulfil administrative functions associated with the provision of our services and products, for example entering into contracts with you or third parties, managing our relationship with customers, suppliers and employees, responding to requests for information and other general enquiries, processing customer transactions, as well as to maintain and grow our customer base and market our products and services. We also may need to collect personal information to meet certain contractual, legal or regulatory obligations. Sensitive Information may be collected where you have given express consent for us to do so and the information is reasonably necessary for us to provide our services, functions or activities, or where otherwise permitted under Privacy Law.
The types of Personal Information we collect and store depends on the nature of your interaction with us and may include the following:
- your name;
- current address;
- telephone number;
- email addresses;
- other forms of identification, i.e. driver’s license, passport;
- your member login details to The Perth Mint website, i.e. log in credentials;
- purchase records;
- financial and transactional information; and
- other information that you may provide.
If we are unable to collect Personal Information we reasonably require, we may not be able to provide you with our products or services. We may collect Personal Information directly from you in a number of ways, including, but not limited to, by email, over the telephone, through written correspondence, in person (i.e. when you make purchases at The Perth Mint shop), on-line by use of tracking software, through our website (i.e. subscriptions to our newsletter, member login and registration, and online purchase) and product and service offerings.
Storage and security
We hold Personal Information in several ways, including in electronic databases or files, emails, and in paper files held in secured drawers and cabinets. Paper files may also be archived in boxes and stored offsite in secure facilities. Our policy is to take reasonable steps to:
- make sure that the Personal Information that we collect, use and disclose is accurate, up to date, complete (and in the case of use and disclosure) relevant; and
- protect the information that we hold from misuse, interference and loss and from unauthorised access, modification or disclosure.
The steps we take to secure the Personal Information we hold include security (such as encryption, firewalls, anti-virus software, login and password protection), secure office access, personnel security, and training and workplace policies.
If we no longer need your Personal Information, and unless required to be retained by law, we will take reasonable steps to destroy or de-identify your Personal Information. Notwithstanding the reasonable steps we will take to secure your Personal Information, there is a risk that breaches may occur. We have established procedures in place to investigate whether a data breach has occurred and if notification or other action is required under Privacy Law requirements.
If you reasonably believe that there has been unauthorised use or disclosure of your Personal Information, please contact our Privacy Officer.
Websites, applications, IP addresses and cookies
Personal Information provided to our Online Shop is encoded using Transport Layer Security technology, a powerful encryption protocol that protects data as it travels over the Internet. Credit card transactions are processed using the secure EFTPOS network. Our policy is to ensure that all transactions processed by us meet industry security standards to ensure payment details are protected.
Like many companies, we use 'cookie' technology on our website. 'Cookies' are small text files stored on your computer that websites can use to improve the customer experience, for example by: recognising repeat users, storing registration data, and keeping and facilitating the user's online preferences and use of the websites. Gold Corporation uses the information generated by some cookies (i.e. Google Analytics and Google Tags) for marketing purposes.
Visitors to our website can request to join a mailing list by completing a form on this site. We maintain this list of Perth Mint Priority Members to inform them of new information on our websites. We do not sell, rent, lease, loan, trade or otherwise divulge the addresses on our lists to third parties or any unauthorised personnel. We comply with the Spam Act 2003 and best practice guidelines in relation to the contents of its commercial electronic messages.
If you are concerned about sending your information over the internet, you can contact us directly by the telephone or postal address below.
Use and disclosure of information
We will use and/or disclose your Personal Information for the purpose it was collected. We may also use and/or disclose your personal information for other purposes which you consent to or which are required or permitted by law. This may include for a secondary purpose that is related to a purpose for which we collected it, and for which you would reasonably expect us to use or disclose your personal information. The Personal Information we collect is for purposes including determining how to process your requests and transactions, to provide you with high quality service, to tell you about products we think will be of interest to you, to customise your experience on our site, and to understand your needs so that we may provide you with the most suitable products. We may send this information via post, telephone or any form of electronic communication. We may also use any email address or other Personal Information you provide to us for this purpose.
To help us carry out these activities and functions, on occasion, we may disclose Personal Information to other persons including:
- organisations that we engage with to conduct business, research or analysis;
- our professional advisors (i.e. auditors and lawyers); and
- government and regulatory authorities (as required or authorised by law).
We take reasonable steps to ensure that any third parties we use are bound by privacy obligations in relation to your Personal and Sensitive Information. In the event of a security incident involving unauthorised access, use or disclosure of Personal Information involving a third party with whom we have shared Personal Information, we will work cooperatively with them to protect the Personal Information that we have shared with them.
Disclosure of personal information overseas
We may disclose your Personal Information to third party service providers who are located overseas. For example, information we collect may be held in a cloud-based server overseas. Unless you provide your consent or an exception under Privacy Law applies, we can only disclose your Personal Information to an overseas third party in certain circumstances, including if you provide your consent, we have taken reasonable steps to ensure that the overseas third party does not breach the Australian Privacy Principles or the overseas recipient is bound by a similarly stringent privacy protection regime.
Use of information for marketing
From time to time, we may use the Personal Information we collect from you for direct marketing as allowed by Privacy Law. This marketing may be for purposes such as providing you with news, promotions and special offers, and other information which we think you may find interesting. At any time, you can opt out of receiving marketing material by using the unsubscribe capability in email communications or by contacting our Privacy Officer. After receiving such a request we will:
- cease sending you direct marketing;
- identify the source of any information used to contact you for direct marketing purposes, unless it is impracticable or unreasonable to do so; and
- perform these tasks within a reasonable period of time.
You agree and acknowledge that if you opt out of receiving marketing material, we will still send you essential information that we are legally required to send you relating to services we provide to you.
Access, accuracy and correction - information
You have the right to request access to your Personal Information that we hold. You also have the right to request its correction if it is inaccurate, incomplete or out of date. We will take reasonable steps to give access to the information or correct it within a reasonable period of time from receipt of your request, subject to any exemptions allowed under the Privacy Law. For example, we will not provide you with access to the extent it would be illegal to do so or, unless required otherwise by law, your request is frivolous or vexatious or it would have an unreasonable effect on the privacy of others. If access is refused, we will give you a notice explaining our decision to the extent practicable and your options to make a complaint.
To request access to or correction of your Personal Information please contact our Privacy Officer. We will require you to verify your identity and to specify what information you require. If a fee is charged for providing access, you will be advised of the likely cost in advance.
Notifiable data breaches
Gold Corporation subscribes to and has implemented clear procedures for the management and notification of data breaches in order to comply with the Privacy Amendment (Notifiable Data Breaches) Act 2017 (an amendment to the Privacy Act) effective 22 February 2018.
Contact us and complaints
Please contact us if you have any queries about the Personal Information that we hold about you or the way we handle that Personal Information. You can complain to us about how we have collected or handled your Personal Information. We will investigate your complaint and we endeavour to respond within 30 days of receiving your complaint or within timeframes designated by Privacy Law.
Our contact details are below:
The Perth Mint
If you contact us and are not satisfied with our response you may refer your complaint to the Office of the Australian Information Commissioner:
Office of the Australian Information Commissioner
Australian privacy principles means the principles under the Privacy Act 1988 (Cth) by which relevant entities, including Gold Corporation, must collect, use and disclose Personal Information.
Personal information means any information or an opinion about an identified individual, or an individual who is reasonably identifiable, (including you):
- whether the information or opinion is true or not; and
- whether the information or opinion is recorded in a material form or not.
Notifiable data breach (refer Annexure) means a data breach that is likely to result in serious harm to any of the individuals to whom the information relates. It occurs when Personal Information held by Gold Corporation is lost or subjected to unauthorised access, modification, disclosure, or other misuse or interference.
Sensitive information includes, but is not limited to, information or an opinion about your racial or ethnic origin, political opinions, religious beliefs, philosophical beliefs, membership of a trade union, sexual preferences, criminal record, health information or genetic information.