Legal

Privacy policy


Policy Snapshot

We are committed to protecting your privacy in compliance with our legislative obligations.
We will only collect, use, handle and disclose personal information as allowed by, and in compliance with, the privacy legislation applicable to us.

Your privacy is important to us 

QIC Limited (together ‘QIC’, ‘we’ or ‘our’) are committed to protecting your privacy, in compliance with the Australian Privacy Principles (APPs) and the Privacy Act 1988 (Cth). Our related entities in the U.K. and the U.S. also protect your privacy in compliance with local privacy laws.
We are committed to being open about how we use personal information and this Policy sets out how we handle your information.
By providing personal information to us, you consent to our collection, use and disclosure of your personal information in accordance with this Policy and any other arrangements that apply between us. We may change our Policy from time to time by publishing changes to it on our website. We encourage you to check our website periodically to ensure that you are aware of our current policy. 

 

Collection of information

We limit our collection of personal information  to those details we identify as reasonably necessary for the lawful purposes of our business.
We do not collect or hold personal information in relation to individual members of funds who invest with us.  Personal information will only be collected by lawful and fair means from the individual concerned (where practicable) or their representative.  The collection of ‘sensitive information’  will only be in accordance with the law.
As part of our Global Real Estate business, we may collect information from you as an individual who enters, is employed at or is a tenant in one of our Shopping Centres through various means, including video surveillance cameras, wireless local area networks, surveillance equipment used in parking areas, and Bluetooth beacons throughout our Shopping Centres. 
We will inform you at or before the time of collection (or as soon as possible afterwards) of the purposes for collection, to whom your information might be disclosed and any other relevant details that will help you to ensure we are protecting your privacy.  In particular, in our Shopping Centres, these details may be displayed at certain entry points to the Shopping Centre and/or otherwise throughout the Shopping Centre. In some instances, we may direct you to this Policy for this information.
We take reasonable steps to keep personal information as accurate, complete, and up-to-date as is necessary for the purposes we have identified.

 

Handling of information


We only collect and use information for the purpose of providing our products or services, including sending you information, or undertaking our business.  In relation to our Global Real Estate business, we collect and use personal information for purposes in connection with the management, administration, operation and promotion of our retail and commercial properties.  Examples of who we usually collect information from, types of information, purposes for collection and method of collection are contained in a Table in Appendix 1.


Disclosure of information

At QIC, personal information is strictly confidential.  We will only disclose personal information in accordance with the law.  We may disclose your personal information:
‒ to other companies within the QIC group;
‒ to our insurers and insurance brokers and other professional advisers, dealers and agents;
‒ to our existing or potential commercial and joint-venture partners;
‒ to third parties who perform services for us and otherwise help us to deliver our services and to enforce our agreements with third parties (including information technology suppliers, communications suppliers and our business partners);
‒ to third parties for direct marketing purposes where you have 'opted-in' for such services;
‒ to law enforcement, regulatory or government agencies/bodies, including where necessary to meet our statutory obligations; 
‒ where it is required or authorised by law; 
‒ where we use it for the purposes for which it was collected; 
‒ anyone to whom our assets or businesses (or any part of them) are transferred; 
‒ to specific third parties authorised by you to receive information held by us; or 
‒ where you have consented to the disclosure of your personal information.
We may use and disclose your personal information overseas, including to recipients located in countries where we have an overseas office as listed here. Any information sharing will be in compliance with the APPs (and or U.K., or U.S. privacy law(s) as applicable) and governed by our strict standards and policies, and where appropriate, confidentiality and other agreements to ensure your information is secure and treated with the utmost care and respect.
We may also disclose your personal information to a trusted third party who also holds other information about you. This third party may combine that information in order to enable it and us to develop anonymised consumer insights so that we can better understand your preferences and interests, personalise your experience and enhance the services that you receive. 

Links

Our website may contain links to websites operated by third parties. Those links are provided for convenience and may not remain current or be maintained. Unless expressly stated otherwise, we are not responsible for the privacy practices of, or any content on, those linked websites, and have no control over or rights in those linked websites. The privacy policies that apply to those other websites may differ substantially from this Policy, so we encourage individuals to read them before using those websites. 


Overseas disclosure of personal information 

We may from time to time disclose your personal information to third party suppliers and service providers located overseas (including providers for the operation of our websites and/or our business or in connection with providing our products and services to you).
 We will, however, take reasonable steps to ensure that any overseas recipient will deal with such personal information in a way that is consistent with the Australian Privacy Principles. 

However you should be aware that if:
- you are located in Australia;
- we disclose your personal information to recipients outside Australia; and 
- they handle that information in a way that breaches the APPs, 
the overseas recipient may not be accountable under the Privacy Act 1988 (Cth), and you may not be able to seek redress under the Privacy Act 1988 (Cth).   
Depending on their location, a recipient outside Australia may not be subject to any privacy obligations or to any principles similar to the APPs, and you may not be able to seek redress in that jurisdiction.  Recipients outside Australia may also be subject to a foreign law that could compel the disclosure of personal information to a third party, such as an overseas authority. 


Storage of information

We protect personal information with appropriate safeguards and security measures and restrict access to those who have a legitimate business purpose and reason for accessing it. Some of this personal information may be stored by a third party who provides us with data storage services. We require these third parties to comply with our strict security measures and policies. However, we cannot guarantee the security of your personal information. 
Personal information is only retained for as long as it is necessary for the identified purposes or as required by law. 

Information access and correction

At QIC, decisions and actions may be taken or made on the basis of personal information in our possession and we take reasonable steps to keep personal information as accurate, complete, and up-to-date as is necessary.    
We will give you, or your authorised representative, access to your information unless the request is frivolous, vexatious or there are other lawful reasons to restrict access. We may require identification to ensure the person requesting access is entitled to such access. If you, or your representative, is denied access to your information, we shall provide reasons for the denial. 
You may also make an application to access or amend your personal information under the Information Privacy Act 2009 (Qld). See the Office of the Information Commissioner website for further information.
If you require access to your information, believe any part of the information is inaccurate, incomplete or not up-to-date, you should contact your usual QIC contact and request we provide / amend it accordingly. We may ask you to put your request in writing.  If we are reasonably satisfied our records need correcting, we will make the correction within a reasonable period.  If we do not agree our records need correcting, we will inform you of the reason(s) and you may require us to keep a statement on our records that you believe the information is inaccurate, incomplete, misleading, irrelevant or not up-to-date. 
If you are a registered member of one of our Shopping Centre membership programs, you may be able to access and update the information on your member profile in the applicable section of the Shopping Centre website. You may also access and update your personal information as part of your use of any of our Shopping Centre ‘opt-in’ services, such as Wi-Fi services and frictionless parking services.

 

Opting out of communications

We and/or our carefully selected business partners may send you direct marketing communications and information about our Shopping Centre services. This may take the form of emails, SMS, mail or other forms of communication in accordance with the Spam Act and the Privacy Act. 
If you receive direct marketing communications from us, you may easily request not to receive such communications from us by:
(a) following the instructions on the communication to opt-out  or unsubscribe from further communications (such as using an unsubscribe link);
(b) if you are a member of one of our Shopping Centre membership programs, by logging into the member area on the Shopping Centre website and ticking the opt-out option; 
(c) contacting your usual QIC contact; and/or
(d) contacting our Privacy Compliance Officer.

Resolving enquiries or complaints

If you have any questions, concerns or complaints about the treatment of your personal information, the first step is to discuss the issue with your usual QIC contact.  We will investigate your complaint and respond to you within a reasonable period. Any privacy related breaches will be managed in accordance with our Breaches and Incidents Policy.
If your concerns have not been resolved to your satisfaction, please contact our Privacy Compliance Officer on +61 7 3360 3922 or by email at privacy@qic.com. In the U.K., please contact our UK Data Protection Officer on +44 20 7092 8220 or by email at privacy@qic.com. We may ask you to put your query in writing. 
If after contacting our Privacy Compliance Officer your concerns remain unresolved, you may contact the Office of the Australian Information Commissioner on 1300 363 992, or by email on enquiries@oaic.gov.au. You can also visit their website at www.oaic.gov.au. In the U.K., you may contact the Information Commissioner’s Office on 0303 123 1113. You can also visit their website at www.ico.gov.uk. 

References
1. The Privacy Act 1988 (Cth) and this Policy do not apply to the handling of personal information directly related to a current or former employment relationship with Grand Central or to employee records held by Grand Central.

2. Personal information’ is information or an opinion about an identified individual, or an individual who is reasonably identifiable:
- whether the information or opinion is true or not; and
- whether the information or opinion is recorded in a material form or not.

3.Sensitive information’ is a subset of personal information. It means information or an opinion about an individual’s racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual orientation or practices, criminal record, health, genetics or biometrics. As a general rule, the only type of sensitive information we hold is in relation to an individual’s professional or trade association membership.

Appendix 1

1. Key individuals employed by our investment clients or their representatives
Types of information
Business and personal contact details, family information (such as name of spouse/partner, and details of children), social preferences (information which enables us to tailor events and entertainment), special dietary information
Identified purposes
Client relationship management, business development, seminars and other client events, and for the conduct of daily business operations including the identification of clients as required by law or regulation
Method of collection
Verbally or by email, directly from the individual or personal assistant / secretary

2. Potential employee candidates

Types of information
Employment history, experience, qualifications, contact details, and checks as to criminal history, personal insolvency and regulatory sanction
Identified purposes
Assessment for suitability for a current or future position
Method of collection
Resumes received from applicants in response to positions advertised, or unsolicited resumes, or completion of a criminal history / insolvency check form (or by way of a response received from an external agency verifying the details provided on the form)

3. Industry-related contacts and other individuals interested in QIC or the funds management industry
Types of information
Contact details (including job title and name of their organisation)
Identified purposes
Distribution of newsletters and other publications to provide regular information about the views and operations of QIC
Method of collection
Directly from the individual, either verbally or via a form for updating details

4. Individuals who supply (or are employed by organisations that supply) goods or services to QIC – this includes those who facilitate our investment transactions
Types of information
Contact details and bank account details (where financial transactions are undertaken)
Identified purposes
In relation to the supply of the goods and services and to facilitate the credit and payment arrangements
Method of collection
From the individual directly, usually verbally or from transaction documentation

5. Individuals in respect of who we are obliged by law to conduct AML/CTF checks
Types of information
Copies of identification documents
Identified purposes
To enable QIC to comply with our AML/CTF obligations
Method of collection
Directly from the individual, either verbally or via a form for collecting details

2 In relation to the Centre:

6. Individual tenants, licensees and guarantors (and key individuals associated with corporate tenants, licensees and guarantors) of leases and licences of the Centre (including potential tenants, licensees and guarantors and associated key individuals)
Types of information
Information collected may include: Contact details, date of birth, ABN, financial and trading information, business experience, insurance details, and copies of identification documents
Identified purposes
Leasing and licensing negotiations, decisions (including assessing applications) and documentation, managing tenancy design and delivery process, operational tenancy and Centre communications, relationship management, issuing invoices and notices, sale of premises, providing access to marketing retailer portal and monitoring performance and value of the Centre.
Method of collection
Leasing and licensing applications and documentation; communications with tenants, licensees, guarantors and solicitors

7. Customers (or other individual visitors) of retail the Centre
Types of information
Information collected may include: Contact details (including name, address, phone number, gender, email address, interest, date of birth), shopping preferences, interests, photographic and video images
Identified purposes
Direct marketing (e.g., promotional activities, distribution of e-newsletters, advertising (including third party advertising), and other publications and communications and mobile push notifications). Management of operations at the Centre, including the administration of events and promotional activities at the Centre (including competitions and promotions) Administration of our Centre gift card program. Providing services to customers at the Centre (for example, mobility aid hire services, lost and found services, Wi-Fi, services related to your use of the Centre car park and other services to benefit customers). Photographic and video images are used for security purposes or for promotional/ research activities
Method of collection
Directly from the individual, which could be verbally, via a form for collecting details or via an online form to ‘opt-in’ to a service, such as a Wi-Fi network in the Centre or to use a frictionless parking solution in the Centre. From you or from third parties, via Bluetooth beacons or other location sensors located in the Centre. For images, from you or from third parties from video surveillance cameras when customers visit our Centre, including the car parks, or when using cameras for promotional/ research activities.

8. Individuals who use websites associated with the Centre or our Global Real Estate business, who use free Wi-Fi services provided at our Centre, who interact with us through social media pages associated with our Centre or who download and use our Centre smartphone applications
Types of information
Information collected may include: Contact details (including name, address, phone number, gender, email address, date of birth), shopping preferences, interests, credit card information, social media IDs, likes and areas of interest, location-based data (movement tracking throughout the Centre), IP address or the fully qualified domain name from which the individual accessed our website, Wi-Fi services or apps, the date and time an individual accesses our website, Wi-Fi services or apps, the web browser that is being used by the individual to access our website, the individual’s browsing history of websites accessed over the Wi-Fi service and the pages accessed and the URL of any webpage from which the individual accessed our website. Any additional information relating to you that you provide to us directly though our website or app or indirectly through your use of our website, responding to surveys, using our apps or online presence or through other websites or accounts from which you permit us to collect information.
Identified purposes
Direct marketing (e.g., promotional activities, distribution of e-newsletters, advertising (including third party advertising) and other publications and communications and mobile push notifications that we think may be of interest to you, including information sent by or on behalf of us, our business partners that we think you may find interesting). Management of operations at the Centre, including the administration of events and promotional activities at the Centre (including competitions and promotions) Administration of our Centre gift card program Customising and improving our website and e-newsletter content. To enable you to access and use our website, services and apps and to send you service, support and administrative messages, updates and alerts.
Method of collection
Directly from the individual when they sign up for membership of the Centre membership program, register for an event, sign-up to receive communications regarding opportunities or offers associated with one or more Centre or participate in a competition or promotion or access a free Wi-Fi service at a the Centre. We use cookies (or other similar tracking technologies) to track usage of our website and to remember your preferences. Cookies are small files that store information on your computer, mobile phone or other device. They enable the entity to put the cookie on your device to recognise you across different websites, services, devices and /or browsing sessions. We may also use cookies to enable us to collect data that may include personal information and we will handle any such personal information in the same way as we handle all other personal information as described in this policy. You can disable cookies through your internet browser but our websites may not work as intended for you if you do so.

9. Individuals who supply goods or services or carry out works in respect of the Centre (or are employed or engaged by organisations that do so)
Types of information
Information collected may include: Contact details, ABN, financial information, insurance details, business experience, location-based data (movement tracking throughout the Centre).
Identified purposes
Tendering, contract negotiations, decisions and documentation in relation to the supply of the goods and services or the works, operational communications, and to issue and process invoices
Method of collection
From the organisation or from the individual directly (either verbally or through quotes, correspondence, tender forms or contract documentation), through contractor induction and compliance processes, or indirectly (through Bluetooth beacons and Wi-Fi services).

10. Individuals who enter the Centre (including customers, retailers, staff and contractors)
Types of information
Information collected may include: Video surveillance images, location-based data (movement tracking throughout the Centre). Your device ID, device type, geo-location information, computer and connection information, statistics on page views, traffic to and from the sites, ad data, IP address and standard web log information. Any other personal information that may be required in order to facilitate your dealings with us.
Identified purposes
Management and security of the Centre. To operate, protect, improve and optimise our website, services and apps, business and individuals' experience, such as to perform analytics, conduct research and for advertising and marketing.
Method of collection
Directly from the individual, which could be verbally, via a form for collecting details or via an online form to 'opt-in' to a service or app, such as a Wi-Fi network in the Centre or to use a frictionless parking solution in the Centre. From you or from third parties, via Bluetooth beacons or other location sensors located in the Centre. For images, from you or from third parties from video surveillance cameras when customers visit our Centre, including the car parks, or when using cameras for promotional/ research activities.