The retail and commercial properties identified on the QIC GRE website are owned by QIC Limited ACN 130 539 123, its related bodies corporate, joint venture partners and are managed by QICP Pty Ltd (collectively “QIC”). QIC respects your privacy and we are committed to being transparent about our privacy practices and security. This Policy explains how we handle your personal information by setting out:
The Policy also describes how you can access or correct information we hold about you, how you can ask further questions or make a complaint, and information about our websites and online activities.
In this Policy, personal information refers to any information relating to an identified or identifiable natural person such as a name, identification number, location data, an online identifier or information specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
From time to time it may be necessary for QIC to collect personal information in order to continue our business operations and deliver products and services. Personal information will only be collected by lawful and fair means from the individual concerned or their authorised representative. The collection of ‘sensitive data’ will only be in accordance with the law.
Where appropriate, we will inform you at or before the time of collection (or as soon as possible afterwards) of the purposes for collection, to whom your data might be disclosed and any other relevant details that will help you to ensure we are protecting your privacy. In some instances, we may direct you to this Policy for this information.
It is at your discretion whether you provide QIC with this information, however, failure to supply relevant information may mean we are unable to maintain or provide products or services to you.
By providing personal information to us, you consent to the collection, use and disclosure of your personal information in accordance with this Policy and any other arrangements that apply between us.
Customers
QIC collects information from customers in a number of different ways. These include the following:
In connection with competitions or signing up to email or mobile newsletters (either in centre or online), customers provide us with their contact details. Your name and address are automatically entered into QIC’s database when you enter competitions. QIC collects these details to contact competition winners, to inform customers about in-centre events, activities and promotions and to better target and personalise customers shopping experiences. Customers have the option to opt out from receiving this information.
Where you provide information to us in different ways, or we hold information about you, QIC may connect information provided to us for one purpose, with other information for use for one or more of the above purposes.
Additionally, QIC also conducts certain online activities through the QIC websites and mobile applications, and associated sites managed by members of the QIC or their subcontractors. The collection of personal information through these activities and information associated with these websites is dealt with below.
Suppliers
If you, or a company you work for, supplies goods or services to QIC, QIC may collect personal information about you in connection with the provision of those goods or services, either directly from you or from that company. This information may include your name, date of birth, contact information, and any other information you provide, or is provided on your behalf, as part of our induction and compliance processes. This information will be used for the purposes of managing the provision of those good or services.
Employees or potential employees
If you are employed by QIC, or are seeking employment with QIC, QIC may collect personal information about you in connection with your employment. This information may include your name, date of birth, contact information, and any other information you provide, or provided on your behalf, as part of our induction and compliance processes. This information will be used for the purposes of our recruitment process and, if successful, managing your employment, in accordance with the requirements of the Privacy Act 1988 (Cth).
Users of our website and mobile applications
We may also collect the following information from you:
• where devices are enabled to connect to, or are identifiable by, in-centre infrastructure (for example, in-Centre WiFi networks or blue tooth transmitter (beacon) infrastructure), we and our third party providers may automatically collect data from those devices including usage, type of device and location and proximity of your wireless device in-centre, centre arrival and departure time, and other data which users consent to us collecting from time to time;
We are collecting this information (and may use or hold this information) for the following purposes:
We may transfer your personal information to others in countries outside Australia (including to those that operate our cloud servers outside of Australia).
QIC may use anonymised data for the purposes set out above and to inform our promotional and marketing strategies, as well as research and profiling purposes including customer demographics, interests and behaviours based on personal information and other information provided to us. This research may be compiled and analysed on an aggregate basis, and we may share this aggregate data with our affiliates, agents and business partners. This aggregate information does not identify you personally. We may also disclose aggregated information in order to describe our services to current and prospective business partners, and to other third parties for other lawful purposes.
QIC may connect information you provide to us for one purpose, with other information for use for one or more of the above purposes. If you access or log-in to an in-centre Wi-Fi service, and we already hold other information (both personal or non-personal) that can be associated to you or the device on which you are accessing the Wi-Fi service (including, but not limited to a device ID number (MAC address)), then that information may be linked with personal information we hold about you as set out in this Policy, and will be treated in the same manner as the personal information to which it has been linked.
Unsolicited information
If we receive personal information about you that we did not ask for either directly from you, from someone on your behalf, or through someone on our behalf, and we determine that we could have collected this information from you had we asked for it, we will take reasonable steps to notify you, as soon as practicable, that we have collected your personal information. If we could not have collected this personal information from you (or if you do not agree to us collecting information in this way), we will lawfully de-identify or destroy that personal information. Any unsolicited information provided by you, someone on your behalf or someone on our behalf, will be used for the purposes for which it was provided.
Who collects this information
Personal information collected about individuals (as described above) may be collected by, or on behalf of:
Information may also be collected by QIC on behalf of other people as set out in notices given to individuals, or consents given by individuals, at or prior to the time the personal information is collected.
Generally, we do not collect sensitive information unless required by law or where you consent for us to do so (and in any event only where it is relevant). We will not collect sensitive information about you where this is expressly prohibited by local law.
Sensitive information includes information relating to:
As a general rule, the only type of sensitive data we hold is in relation to an individual’s professional or trade association membership.
We understand how important it is to keep your personal information private, so we will disclose personal information we have about you only in certain specific circumstances, when:
To the extent permitted by law, we may also disclose information about you to:
or as otherwise permitted by law.
We do not sell personal information for marketing purposes to other organisations.
We will not send your personal information outside Australia unless it is authorised by law and we can be satisfied that the recipient of the personal information has adequate data protection arrangements in place.
Any data sharing will be in compliance with the local privacy laws and governed by our strict standards and policies, and where appropriate, confidentiality and other agreements to ensure your information is secure and treated with the utmost care and respect. By consenting and providing your personal information to QIC, you agree to this processing.
We protect personal information with appropriate safeguards and security measures and restrict access to those who have a legitimate business purpose and reason for accessing it. Personal information is only retained for as long as it is necessary for the identified purposes or as required by law.
All personal information collected by QIC is held securely, whether on QIC’s physical files, in QIC’s computer systems or in a database (which may be hosted by QIC’s or a third party on QIC’s behalf). This information is only made available to QIC’s staff on a 'need to know' basis and for the purposes outlined above or to other people as outlined in this Policy who have agreed to treat that information confidentially. These databases are protected by a firewall as well as host-based security.
Your personal information may be transmitted over the internet once it has been stored in a database and may also be transferred across borders to recipients in foreign countries other than Australia and New Zealand, and may be stored on servers, using databases or via cloud technology in a number of countries other than Australia and New Zealand, including regions such as the Americas, the European Union and Asia, where doing so is part of QIC’s ordinary business practices relating to the storage of data and where permitted by law.
Examples of the steps QIC takes to protect the security of the personal information we hold include:
If other organisations provide support services, we require them to take appropriate technical and organisational measures to secure the privacy of the information provided to them.
Some web browsers incorporate a “Do Not Track” (DNT) feature that signals to web services that a visitor does not want to have his/her online activity tracked. DNT is not a standardised feature in browsers and not all web browsers offer DNT options, which prevents QIC guaranteeing support of the feature to users. As such, while respecting users privacy and their ability to request that data not be collected, or deleted on request, we and many other website operators do not, as standard, respond to DNT signals.
Our website may contain links to websites operated by third parties. Unless expressly stated otherwise, we are not responsible for the privacy practices of, or any content on, or security of those linked websites, and have no control over or rights in those linked websites. The privacy policies that apply to those other websites may differ substantially from this Policy, so we encourage individuals to read them before using those websites.
At QIC, decisions and actions may be taken or made on the basis of personal information in our possession and we take reasonable steps to keep personal information as accurate, complete, and up-to-date as is necessary.
You have rights to access, update and correct your personal information held by us. We will take reasonable steps to ensure that personal information is up-to-date, accurate and complete.
If you wish to access, update or correct your personal information held by us, please contact your relevant shopping centre manager or our Privacy Officer, whose details appear below.
If you receive marketing communications from us, you may easily request not to receive such communications from us by following the instructions on the communication to opt-out or unsubscribe from further communications.
If you have any questions, concerns or complaints about the treatment of your personal information please contact your centre manager.
If your concerns have not been resolved to your satisfaction, please contact our Privacy Compliance Officer by emailing privacy@qic.com. We will respond to let you know who will be handling your matter and when you can expect a further response.
If your concerns are not resolved to your satisfaction, you may be able to escalate your complaint to the Office of the Australian Information Commissioner on 1300 363 992 or by email on enquiries@oaic.gov.au. You can also visit their website and obtain further information relating to the Australian Privacy Legislation and the Australian Privacy Principles at www.oaic.gov.au.
The website is an Australian based website, and it is not intended to provide services to EU residents, and its terms may not be fully consistent with the General Data Protection Regulation. If you are an EU resident and you choose to use the Website then you do so at your own risk, and on the terms of the website.
This Policy outlines our current privacy standards. We may vary our Policy from time to time. We will notify you of any changes by publishing the latest policy from time to time at qicgre.com/privacy-policy.
Further Information
QIC Limited 130 549 123
This document is subject to the QIC GRE disclaimer and website access terms and conditions.