- General
- This privacy policy governs the way RED Risk Management Pty Ltd ACN 658 697 691 and its related bodies corporate (RED RISK MANAGEMENT, RED RISK, RED, we, us) handles personal information. It applies to all personal information we collect in connection with our websites, including www.redrmc.com; www.redriskmanagement.com and www.redgroup.global (our Websites) and through our dealings with you.
- We operate an Australian-based Risk Management and Consulting firm. The services we provide include:
- Risk Consulting;
- Workplace Health & Safety Audits;
- Human Resources consulting;
- Training & Instruction; and
- Data Management
- Risk Consulting;
- Workplace Health & Safety Audits;
- Human Resources consulting;
- Training & Instruction; and
- Data Management
- The nature of our services means that we may collect, handle and disclose a broad range of information about you, including personal information. ‘Personal information’ is information or an opinion about you (whether true or not) that identifies you or from which your identity is reasonably identifiable.
- Please take a moment to read this privacy policy as it explains how we collect and handle your personal information, and in what circumstances we will disclose your personal information to third parties.
- Purpose
- We comply with the Privacy Act 1988 (Cth) (Privacy Act) and the Australian Privacy Principles (APPs), which regulate how we may collect, use, disclose and store personal information.
- The purpose of this privacy policy is to keep you informed of the ways we gather, manage, store, disclose and protect your personal information, as well as to help you to understand your rights, and our obligations under the Privacy Act.
- Changes to this privacy policy
- We may change this privacy policy from time to time. The updated privacy policy will be posted on our Website, with the date of the update shown.
- Information we collect about you
- We collect information about you that we reasonably need for our business functions and activities, which predominantly involves providing the services described above to our clients.
- The information we may collect about you includes:
- your name, address and contact details;
- your date of birth;
- information about where you live and work;
- information about your education and work history; and
- financial information, including information relating to your credit worthiness.
- We may also collect and hold ‘sensitive information’ about you, such as information about your criminal record, where collecting this information is reasonably necessary for the provision of our services.
- How we collect information about you
- We will collect and hold your personal information in a fair and lawful manner. Where it is reasonably practical to do so, we will collect your personal information directly from you. For example, we may collect the personal information you directly give us directly through some of the following means:
- when you make a general enquiry through one of our Websites;
- when you communicate with us via phone, email, or face to face;
- when you provide us with documents or USBs with materials to review; or
- when administering any of our services.
- Where it is not reasonably practical for us to collect your personal information from you directly, we may collect personal information about you from third parties or from publicly available sources. For example, your personal information may be provided to us by one of our clients to enable us to provide services to that client.
- If we collect personal information about you from a third party we will, if appropriate, request that the third party inform you that we are holding such information, how we will use and disclose it, and that you may contact us to gain access to and correct and update the information.
- We use third party gateways, such as PayPal or Stripe to process payments for purchases made on our Websites. We will not generally access, collect or store your credit card details.
- Unsolicited information
- If we receive personal information about you that we have not requested, and if we determine that we could not have lawfully collected that information under the Privacy Act if we had requested it, we will destroy or de-identify the information (if it is lawful and reasonable to do so). If we collect your personal information in an unsolicited manner, we will take reasonable steps to inform you of such collection and also how we use, disclose and secure your personal information where appropriate. Such reasonable steps may include referring you to this privacy policy.
- Do I have to provide you with my personal information?
- It is generally not practical to remain anonymous or to use a pseudonym when dealing with RED RISK MANAGEMENT as we usually need to use your personal information to provide services to you. If you choose not to provide us with your personal information, we may not be able to provide you with requested products or services, or provide you with requested information concerning an enquiry, account or complaint.
- Purpose for handling your personal information
- As a general rule, we only process personal information for purposes that would be considered relevant and reasonable in the circumstances. We collect, hold, use and disclose personal information to:
- provide services to our clients;
- communicate with you and provide you with relevant information;
- assess your needs so that we can refer you to relevant products and services;
- improve our service and product offerings;
- comply with legal and regulatory obligations; and
- otherwise manage our business.
- We may also use your personal information for activities in support of our primary business functions such as processing payments, administration, recruitment, management, IT, legal, and customer support.
- Protection of your personal information
- We will hold personal information as either secure physical records, electronically on our intranet system, in cloud storage, and in some cases, records on third party servers. Our cloud storage is based in Australia and we use A1 Technologies to secure it. It is not our usual practice to send data overseas.
- We maintain appropriate physical, procedural and technical security for our office and information storage facilities so as to prevent any loss, misuse, unauthorised access, disclosure, or modification of personal information. This also applies to disposal of personal information. We will destroy or de-identify your personal information once it is no longer needed for a valid purpose or required to be kept by law.
- Disclosure of personal information
- We may disclose your personal information to:
- our related bodies corporate;
- our clients where it relates to the services we are performing for them;
- public authorities, including law enforcement bodies and courts, if we are asked to disclose personal information in response to a lawful request; and
- other third parties such as our suppliers, providers of technical and support services, and our professional advisors.
- If we disclose information to a third party, where appropriate and practical, we will require that third party to protect your information to the same extent that we do.
- Direct marketing
- We do not generally send marketing communications. On the rare occasion where we send you a marketing communication, such as an email alert about new products or services, we will ensure you have the opportunity to ‘opt out’ by using the unsubscribe button on that marketing communication. Alternatively, you may contact us at any time to unsubscribe by using the contact details provided at the bottom of this privacy policy.
- Cookies
- A cookie is a small text file stored in your computer’s memory or on your hard disk for a pre-defined period of time. We use cookies to identify specific machines in order to collect aggregate information on how visitors are experiencing our Websites. This information will help to better adapt the Websites to suit personal requirements. While cookies allow a computer to be identified, they do not permit any reference to a specific individual. For information on cookie settings of your internet browser, please refer to your browser’s manual.
- Accessing and correcting your personal information
- You may contact our Privacy Officer using the contact details below to request access to, or a correction of, the personal information that we hold about you. We will deal with your request within a reasonable time. On the rare occasion that we refuse access, we will provide you with a written notice setting out the reasons for the refusal and the relevant provisions of the Privacy Act that we rely on to refuse access. We will also provide you with avenues to complain about our refusal to provide you with access to the information.
- We are not obliged to correct any of your personal information if we do not agree that it requires correction. If we refuse a correction request, we will provide you with a written notice with our reasons for refusing. We may recover reasonable costs in relation to a request for access to personal information.
- Resolving personal information concerns
- If you have any questions, concerns or complaints about this privacy policy, or how we handle your personal information, please contact our Privacy Officer using the contact details provided below.
Email: contact@redriskmanagement.com
Phone: 1300 776 522
- We take all complaints seriously, and will respond to your complaint within a reasonable period. You may also lodge a complaint with the Office of the Australian Information Commissioner by telephone: 1300 363 992 or email: enquiries@oaic.gov.au.
This privacy policy was last updated on 25 October 2024.
- General
- This privacy policy governs the way RED Risk Management Pty Ltd ACN 658 697 691 and its related bodies corporate (RED RISK MANAGEMENT, RED RISK, RED, we, us) handles personal information. It applies to all personal information we collect in connection with our websites, including www.redrmc.com; www.redriskmanagement.com and www.redlist.app (our Websites) and through our dealings with you.
- We operate an Australian-based Risk Management and Consulting firm. The services we provide include:
- Risk Consulting;
- Workplace Health & Safety Audits;
- Human Resources consulting;
- Training & Instruction; and
- Data Management
- The nature of our services means that we may collect, handle and disclose a broad range of information about you, including personal information. ‘Personal information’ is information or an opinion about you (whether true or not) that identifies you or from which your identity is reasonably identifiable.
- Please take a moment to read this privacy policy as it explains how we collect and handle your personal information, and in what circumstances we will disclose your personal information to third parties.
- Purpose
- We comply with the Privacy Act 1988 (Cth) (Privacy Act) and the Australian Privacy Principles (APPs), which regulate how we may collect, use, disclose and store personal information.
- The purpose of this privacy policy is to keep you informed of the ways we gather, manage, store, disclose and protect your personal information, as well as to help you to understand your rights, and our obligations under the Privacy Act.
- Changes to this privacy policy
- We may change this privacy policy from time to time. The updated privacy policy will be posted on our Website, with the date of the update shown.
- Information we collect about you
- We collect information about you that we reasonably need for our business functions and activities, which predominantly involves providing the services described above to our clients.
- The information we may collect about you includes:
- your name, address and contact details;
- your date of birth;
- information about where you live and work;
- information about your education and work history; and
- financial information, including information relating to your credit worthiness.
- We may also collect and hold ‘sensitive information’ about you, such as information about your criminal record, where collecting this information is reasonably necessary for the provision of our services.
- How we collect information about you
- We will collect and hold your personal information in a fair and lawful manner. Where it is reasonably practical to do so, we will collect your personal information directly from you. For example, we may collect the personal information you directly give us directly through some of the following means:
- when you make a general enquiry through one of our Websites;
- when you communicate with us via phone, email, or face to face;
- when you provide us with documents or USBs with materials to review; or
- when administering any of our services.
- Where it is not reasonably practical for us to collect your personal information from you directly, we may collect personal information about you from third parties or from publicly available sources. For example, your personal information may be provided to us by one of our clients to enable us to provide services to that client.
- If we collect personal information about you from a third party we will, if appropriate, request that the third party inform you that we are holding such information, how we will use and disclose it, and that you may contact us to gain access to and correct and update the information.
- We use third party gateways, such as PayPal or Stripe to process payments for purchases made on our Websites. We will not generally access, collect or store your credit card details.
- Unsolicited information
- If we receive personal information about you that we have not requested, and if we determine that we could not have lawfully collected that information under the Privacy Act if we had requested it, we will destroy or de-identify the information (if it is lawful and reasonable to do so). If we collect your personal information in an unsolicited manner, we will take reasonable steps to inform you of such collection and also how we use, disclose and secure your personal information where appropriate. Such reasonable steps may include referring you to this privacy policy.
- Do I have to provide you with my personal information?
- It is generally not practical to remain anonymous or to use a pseudonym when dealing with RED RISK MANAGEMENT as we usually need to use your personal information to provide services to you. If you choose not to provide us with your personal information, we may not be able to provide you with requested products or services, or provide you with requested information concerning an enquiry, account or complaint.
- Purpose for handling your personal information
- As a general rule, we only process personal information for purposes that would be considered relevant and reasonable in the circumstances. We collect, hold, use and disclose personal information to:
- provide services to our clients;
- communicate with you and provide you with relevant information;
- assess your needs so that we can refer you to relevant products and services;
- improve our service and product offerings;
- comply with legal and regulatory obligations; and
- otherwise manage our business.
- We may also use your personal information for activities in support of our primary business functions such as processing payments, administration, recruitment, management, IT, legal, and customer support.
- Protection of your personal information
- We will hold personal information as either secure physical records, electronically on our intranet system, in cloud storage, and in some cases, records on third party servers. Our cloud storage is based in Australia and we use A1 Technologies to secure it. It is not our usual practice to send data overseas.
- We maintain appropriate physical, procedural and technical security for our office and information storage facilities so as to prevent any loss, misuse, unauthorised access, disclosure, or modification of personal information. This also applies to disposal of personal information. We will destroy or de-identify your personal information once it is no longer needed for a valid purpose or required to be kept by law.
- Disclosure of personal information
- We may disclose your personal information to:
- our related bodies corporate;
- our clients where it relates to the services we are performing for them;
- public authorities, including law enforcement bodies and courts, if we are asked to disclose personal information in response to a lawful request; and
- other third parties such as our suppliers, providers of technical and support services, and our professional advisors.
- If we disclose information to a third party, where appropriate and practical, we will require that third party to protect your information to the same extent that we do.
- Direct marketing
- We do not generally send marketing communications. On the rare occasion where we send you a marketing communication, such as an email alert about new products or services, we will ensure you have the opportunity to ‘opt out’ by using the unsubscribe button on that marketing communication. Alternatively, you may contact us at any time to unsubscribe by using the contact details provided at the bottom of this privacy policy.
- Cookies
- A cookie is a small text file stored in your computer’s memory or on your hard disk for a pre-defined period of time. We use cookies to identify specific machines in order to collect aggregate information on how visitors are experiencing our Websites. This information will help to better adapt the Websites to suit personal requirements. While cookies allow a computer to be identified, they do not permit any reference to a specific individual. For information on cookie settings of your internet browser, please refer to your browser’s manual.
- Accessing and correcting your personal information
- You may contact our Privacy Officer using the contact details below to request access to, or a correction of, the personal information that we hold about you. We will deal with your request within a reasonable time. On the rare occasion that we refuse access, we will provide you with a written notice setting out the reasons for the refusal and the relevant provisions of the Privacy Act that we rely on to refuse access. We will also provide you with avenues to complain about our refusal to provide you with access to the information.
- We are not obliged to correct any of your personal information if we do not agree that it requires correction. If we refuse a correction request, we will provide you with a written notice with our reasons for refusing. We may recover reasonable costs in relation to a request for access to personal information.
- Resolving personal information concerns
- If you have any questions, concerns or complaints about this privacy policy, or how we handle your personal information, please contact our Privacy Officer using the contact details provided below.
Email: contact@redriskmanagement.com
Phone: 1300 776 522
- We take all complaints seriously, and will respond to your complaint within a reasonable period. You may also lodge a complaint with the Office of the Australian Information Commissioner by telephone: 1300 363 992 or email: enquiries@oaic.gov.au.
This privacy policy was last updated on 12 May 2022.