ESR Real Estate (Australia) Pty Ltd (ESR Australia) and its subsidiaries (together we, us, our) are owned by ESR Group Limited (formerly ESR Cayman Limited), a leading logistics real estate platform with a network spanning across Hong Kong, the People’s Republic of China, Japan, South Korea, Singapore, India and Australia.
ESR Australia is a developer and manager of industrial, logistics and commercial property with established fund management capabilities.
ESR Australia is committed to safeguarding personal information.
The Personal Information We Collect
Under the Privacy Act 1988 (Cth), “personal information” is information or an opinion about an identified individual or an individual who is reasonably identifiable. Common examples include a person’s name, address, telephone number or date of birth.
We may collect personal information about individuals we have dealings with, including our customers, contractors, suppliers, tenants, business partners and their (and our) staff and representatives.
The types of personal information we collect and process includes but is not limited to:
Information about the individual – including personal information such as individuals’ name, gender, date of birth, nationality, contact details, identification, photograph or video images, employment, positions held, forms submitted, credit status, work permits, interests, preferences, opinions, enquiry/complaint details and social media profiles. Where an individual operates a business, we may also collect information about directorships, shareholders, Australian Business Numbers, Australian Company Numbers etc.
Payment details – including account and billing information.
CCTV and video camera footage – we, and third parties acting on our behalf, may collect CCTV and video camera footage to ensure the safety and security of those visiting and working at our premises.
Our interactions with the individual – including records of their dealings with us, any contact we have with them by telephone, correspondence, electronic communication, through our website, our applications, online through social media platforms (including any posts that refer to us). We may collect internet protocol (IP) addresses of each visit to our website. At times we may also use IP addresses to collect information regarding the frequency with which users browse various parts of our website. Our website may also use other technical methods to track and analyse the traffic patterns on our website. We may collect the information from use of these technical methods in a form that is personally identifiable.
Mobile Devices - data relating to the device identification code, profile pictures that you upload to our mobile applications or websites developed by us.
If we’re unable to collect your personal information, we may not be able to provide our products and services to you, or consider you for employment.
How We Collect Personal Information
We may collect personal information directly during the normal course of business and workplace practices, through access and use of our website, from mobile applications developed by us or on our behalf, during conversations with our representatives or when enquiries are made with us.
We may collect personal information from our related companies and third parties including an individual’s organisation or representatives, information service providers (such as providers of credit status information), law enforcement agencies, Government agencies and other parties with whom we exchange information.
We may engage third parties to collect personal information on our behalf, including credit reporting agencies, Government agencies and in connection with the management of our properties.
Collection, Storage, Use and Disclosure of Personal Information
We, and third parties acting on our behalf collect, hold, use and disclose personal information to conduct our business activities, comply with our legal obligations and as otherwise permitted by law. When you share information with us, some of the ways we may use your personal information include:
To provide and administer our products or services.
To provide customer support, including responding to enquiries and requests or dealing with any complaints.
For marketing and research purposes, including for the purpose of improving our products and services.
For legal and administrative purposes such as identifying individuals, maintaining and updating our records, protecting and enforcing our legal rights, verifying and processing payments, screening against fraud, screening against money laundering and other criminal or unlawful activities, assessing proposed agreements, managing our projects and sites (including security management) and ensuring the financial status of an entity.
We may also use information for the purposes related to those described above which would be reasonably expected.
We may collect non-personally identifiable information, including anonymous information and aggregate data. This is information that does not personally identify any individual. We may use this information to understand better how visitors use our website, research our website visitors’ demographics, interests, behaviours, and provide customised service and information and for other similar purposes. We may combine this information with personally identifiable information. We may share this information with others, such as investors, for information or promotional purposes to the extent permitted by law.
We may disclose personal information as described below:
In relation to staff and job applicants, we may exchange personal information with academic institutions, recruiters, screening check providers, health service providers, professional and trade associations, law enforcement agencies, referees and current, previous and prospective employers.
Government and regulatory authorities and bodies to comply with a legal requirement, such as a law, regulation, court order, subpoena, warrant, in the course of a legal proceeding, in response to a law enforcement agency request or to conduct checks, including credit and fraud checks to enable us to provide our products and services.
To protect the safety and security of the relevant individual, us, our website, our databases, third parties and the security of tangible or intangible property that belongs to the relevant individual, us or third parties.
Where we disclose your personal information to third parties, we will require that the third party follow the requirements of the Privacy Act regarding handling your personal information.
Storage, Transmission and Security of Personal Information
Information that we collect may from time to time be stored, processed in or transferred between parties located in countries outside of Australia, including countries with a lower level of data protection than in the country in which you are located. These may include, but are not limited to, Singapore, People’s Republic of China, Japan, South Korea, India and the United States of America.
If there is a change of control in our business or a sale or transfer of business assets, we reserve the right to transfer to the extent permissible at law our user databases, together with any personal information and non-personal information contained in those databases. This information may be disclosed to a potential purchaser under an agreement to maintain confidentiality.
ESR Australia is committed to ensuring that the information provided to us is secure. In order to prevent unauthorised access or disclosure, we maintain commercially reasonable physical and electronic means to safeguard and secure personal information in accordance with the requirements of the Privacy Act. These may include, for example, the protection of passwords using industry standard encryption, measures to preserve system security and restrict unauthorised access, and back-up systems to reduce the risk of accidental or malicious loss of data. We may use third party providers to store personal information electronically and we take reasonable steps to ensure this information is held securely.
We will retain personal information for as long as is necessary for the processing purpose(s) for which it was collected and any other permitted linked purpose (for example where we are required to retain personal information for longer than the purpose for which we originally collected it in order to comply with certain regulatory requirements). Our retention periods are based on business needs. We will take reasonable steps to ensure that any personal information that is no longer needed is either irreversibly anonymised (and the anonymised information will be retained) or securely destroyed.
Data Breach Response
If you become aware of any misuse, interference or loss or any authorised access, modification or disclosure of personal information held by us (a “Data Breach”), please notify our Privacy Officer immediately.
If we become aware of a Data Breach, we will promptly investigate the incident, and take reasonable steps to contain and remedy the Data Breach. We will take steps to notify the relevant person(s) as soon as practicable if we believe that the Data Breach would be likely to result in serious harm to them.
After investigating a Data Breach, we may disclose information about the incident to the Office of the Australian Information Commissioner and to law enforcement agencies in order to comply with our reporting obligations under the Privacy Act.
Accessing and Updating Your Information
We will take reasonable steps to ensure that all personal information we collect from individuals is accurate, complete and up to date. To help us do this, please notify us of any change to your personal information.
We will provide individuals with reasonable opportunity to contact us to access their personal information held by us and correct any inaccuracies or update their personal information. We may require such individuals to verify their identity prior to accessing or making changes to the information. We will provide our reasons if we deny any request for access to or correction of personal information. Where we decide not to make a requested correction to an individual’s personal information and they disagree, such individual you may ask us to make a note of their requested correction with the information.
Like many other websites, our website may use ‘cookies’ and other technical methods from time to time. These technical methods may involve the transmission of information either directly to us or to another party authorised by us to collect information on our behalf. We may collect information from use of these technical methods in a form that is personally identifiable, and we may use the information to, amongst other things, track the traffic patterns on the Site and collect and analyse Site session information.
If you have concerns or queries about our handling of your personal information, you can contact us as set out below.
Contact: Yasothara Yoganathan, Privacy Officer
Address: ESR Australia, Level 24, 88 Phillip Street, Sydney NSW 2000
Phone: 02 9186 4700
If your compliant is not resolved by our Privacy Officer, you can contact the Office of the Australian Information Commissioner at www.oaic.gov.au or on 1300 363 992 or GPO Box 2999, Canberra ACT 2601, Australia.