Privacy Policy

Background

Local Buy Trading Trust (Local Buy Pty Ltd as Trustee); was created in 2001, is wholly owned by LGAQ, and operates as a profit-for-purpose enterprise. Local Buy is Queensland’s principal local government procurement partner and the largest provider of legislatively compliant pre-qualified supplier Arrangements in Queensland. We aim to make it easy, efficient and effective for local governments to connect with their local suppliers.  

Local Buy is committed to acting in accordance with the highest ethical and governance standards.  Local Buy’s structure under the LGAQ necessitates this, and whilst we are a private company, we adopt public sector governance requirements. Our governance framework sets out how our business operates effectively and transparently to ensure long-term sustainability and success.  

Purpose

Local Buy is committed to protecting the privacy, security and confidentiality of Personal Information it collects through conducting its business. This Privacy Policy sets out Local Buy’s policy on the collection, handling and disclosure of Personal Information.

This Privacy Policy is made in accordance with the Privacy Act 1988 (Cth) (“Act”), and the Australian Privacy Principles (“APPs”), which are set out in the Act, as amended from time to time.

Scope

This policy applies to all employees, secondees, consultants, contractors, work experience students and other volunteers, as well as Directors and Board Members (Representatives) of Local Buy Trading Trust (Local Buy Pty Ltd as Trustee) (Local Buy).

Employee means an employee of Local Buy, including any employee of a Related Body Corporate who is Seconded to Local Buy to perform services on behalf of Local Buy.

This policy applies to any person/s that have direct or indirect access to Personal Information (the ‘Recipient’) and includes (but not limited to the following):

  • Local Buy employees (including secondees and casual employees).
  • Group Chief Executive Officer.
  • Local Buy Board Members.

In this Privacy Policy, “we”, “our” and “us” refers to any Recipient outlined above that handles Personal Information, and “you” and “your” refers to any individual we collect Personal Information on.

What personal and sensitive Information do we collect

Personal Information

Generally, the main types of Personal Information we will collect includes (but is not limited to):

  • Name(s).
  • Address(s) (including email address(s)).
  • Date of birth.
  • Signature.
  • Telephone and facsimile contacts.
  • Emergency Contact(s).
  • Occupation / job title.

We do not collect your Personal Information unless the information is reasonably necessary for, or related to, one or more of our functions or business activities.

Sensitive Information

From time to time, we may hold Personal Information that is deemed to also be Sensitive Information. Examples may include your racial or ethnic origin (for sole traders that are registered as an indigenous business) and the collection of dietary restrictions.  

We will not collect Sensitive Information about you unless you consent to the collection of that information, and the collection of that information is reasonably necessary for, or directly related to, one or more of our functions or business activities.

Personal Information

For the purposes of this policy, the meaning of Personal Information is as in accordance with the Act. The Act defines Personal Information as information or opinion about an individual who is identified (or reasonably identifiable), whether true or not and whether the information or opinion is recorded in a material form or not.

Sensitive Information

When Personal Information concerns certain matters, it is also considered “Sensitive Information”. Sensitive information is information about your:

  • Racial or ethnic origin.
  • Political opinions.
  • Membership of a political association.
  • Religious beliefs, affiliations or philosophical beliefs.
  • Membership of a professional or trade association or membership of a trade union.
  • Sexual preferences or practices.
  • Criminal record. or otherwise, information relating to an individual’s:
    • Health or disability.
    • Genetic information that is not otherwise health information.
    • Biometric information.
    • Biometric templates.

    Collection and Storage of Personal Information

    We may collect Personal Information in a number of ways and from a variety of sources. These include (but are not limited to):

  • When you/your organisation submits a tender response for the purpose of becoming a Local Buy supplier.
  • When you/your organisation enters any Personal Information on a web platform that Local Buy has visibility over (e.g. VendorPanel).
  • When preparing an event/conference hosted by us and attended by you/your organisation.
  • When you or your organisation provide a response to a quality assurance activity(s) conducted by us from time to time.
  • When you submit an email to us, log an enquiry via our website, or otherwise contact us.
  • Where you apply for a position with us.

    Where it is reasonably practicable to do so, we will collect Personal Information from you directly. Should we receive unsolicited Personal Information about you, we will within a reasonable period of time, determine whether we could have collected such information in the manner set out in this privacy policy. If so, then our Privacy Policy will apply to the handling, use and disclosure of the information. Otherwise, we will delete such unsolicited information.

    Personal information collected from any person or in the course of conducting our professional work will be stored electronically in a secure directory within our IT files. Some records may also be kept in physical form. All records coming under the jurisdiction of this policy are also subject to our records management system which outlines security, access, retention and disposal procedures and protocols.  

    Only staff who have a legitimate need to know personal information in the course of performing their duties will be provided with access to our directory or physical files containing Personal Information. Our storage devices and technology are highly secured and are resident within Australia.

    Permitted use / Disclosure of Personal or Sensitive Information

    We use and disclose Personal Information in accordance with the Act by only use such information for particular purpose(s) it was collected for (“Primary Purpose”). We will not use Personal Information for any other purpose (“Secondary Purpose”) unless:

    Some of the express purposes we use Personal Information (depending on the type of information and the purpose(s) we collected it) include:

  1. You have provided consent to the use / disclosure for a Secondary Purpose; or
  2. You, acting reasonably, would anticipate and expect us to use / disclose the information for the Secondary Purpose, but only where the:
    1. Secondary Purpose is related to the Primary Purpose where the information is not Sensitive Information; or
    2. Secondary Purpose is directly related to the Primary Purpose where the information is Sensitive Information; or
  3. Use and/or disclosure of Personal Information is otherwise authorised under the Act.
  • To create client records with us within our CRM system.
  • For the general administration of our LGA Arrangements and exercising our contractual rights with you / your organisation.
  • To administer our independent contractors/consultants/professional advisors etc.
  • To co-ordinate, plan and cater for functions/events/conferences.
  • General administration and business management, which include:
    • billing/invoicing
    • debt recovery
    • quality improvement activities (including surveys, complaints/dispute management)
    • statistical analysis and reporting
  • For the purpose of obtaining professional advice from consultants or professional advisers.
  • Other purpose(s) disclosed to you at the time we collect the Personal Information.

We may disclose your Personal Information to our services providers, who assist us with the provision of certain administrative and business functions/services. We remain responsible for maintaining the confidentiality of all information (including Personal Information) we disclose to any third party. We will take all reasonable steps to ensure that any use or disclosure of Personal Information by a third party for and on behalf of us is managed in accordance with this Privacy Policy and in all times with the Act.

Data will be deleted in accordance with Local Buy’s data retention processes. 

How can you seek a correction to your personal information

You can request access to your personal information held by us by contacting our Privacy Officer as set out in this Privacy Policy.

If you find any Personal Information, we hold that is incorrect, outdated, incomplete, irrelevant, or misleading, you can request a correction. We will take reasonable steps to amend your details upon receiving such a request.

In certain situations, we may refuse your request to access or correct your information in line with the APPs. If so, we'll explain why and, if applicable, attach a statement about the requested correction to your records.

Under Privacy Principal 2, if an individual prefers not to identify themselves (or prefers to use a pseudonym) in dealing with us concerning privacy matters, we will do our best to support that request if it is feasible to do so under the circumstances.

Complaints: Collection / Use / Disclosure of Personal Information

You may contact us at any time if you have any questions or concerns about this Privacy Policy or about the way in which your Personal Information has been handled.

You may make a complaint about privacy to the Privacy Officer at the contact details set out in this Privacy Policy.

The Privacy Officer will first consider your complaint to determine whether there are simple or immediate steps which can be taken to resolve the complaint. We will generally respond to your complaint within a week.

If your complaint requires more detailed consideration or investigation, we will acknowledge receipt of your complaint within a week and endeavour to complete our investigation into your complaint promptly. We may ask you to provide further information about your complaint and the outcome you are seeking. We will then typically gather relevant facts, locate and review relevant documents and speak with individuals involved.

In most cases, we will investigate and respond to a complaint within 30 days of receipt of the complaint. If the matter is more complex or our investigation may take longer, we will let you know.

If you are not satisfied with our response to your complaint, or you consider that we may have breached the APPs or the Privacy Act, a complaint may be made to the Office of the Australian Information Commissioner (OAIC). The OAIC can be contacted by telephone on 1300 363 992 or by using the contact details on the OAIC website (www.oaic.gov.au).

Local Buy’s Privacy Officer

Any questions relating to this policy, general privacy queries or complaints should be directed to Local Buy’s Privacy Officer.

Privacy Officer:            Mr. Joshua Brown | General Counsel & Compliance Manager
Address:                         Level 1, 25 Evelyn St, Newstead Q, 4006
Phone:                             M: 0438 282 729 / P: 07 3155 4127
Email:                              jbrown@localbuy.net.au

 

Back to top