Prosegur Australia Pty Limited (Prosegur) is the Australian entity of Prosegur and provides cash logistics and cash processing services, products and solutions for Australian business including financial institutions, retail, government and hospitality. Prosegur’s headquarters are in Madrid, Spain but it operates and has offices all over the world. Address details for all Prosegur offices are on its page.
For European Union data protection purposes, when Prosegur acts as a controller of personal information, Prosegur Compañia de Seguridad S.A. Company Number 3452/3/22/32805 is its representative in the European Union.
1.0 Purpose of Policy
2.0 Scope of Policy
It is the responsibility of every employee of Prosegur in the context of their particular work and responsibilities to apply this Policy when handling other people’s personal information.
This policy will be placed on Prosegur’s website and copies will be available in all of its call centres and major office locations to be provided to people on request.
5.0 What is personal information?
Personal information is information or opinion about an identified individual, or an individual who is reasonably identifiable. It is not relevant whether the information or opinion is true or not, nor whether it is recorded in a material form or not.
6.0 What personal information does Prosegur collect?
6.1 Prosegur will only collect personal information that is needed for it to operate its business activities effectively. Such information includes (but is not limited to):
6.2 The personal information Prosegur may collect may include: name; mailing or street address; email address; telephone number; facsimile number; age; profession; occupation; employment history; educational history; medical information; security information from police and other governmental departments; tax file numbers; superannuation account information; bank account information; licences and/or qualifications held.
7.0 How does Prosegur collect personal information?
When individuals visit Prosegur’s website or use its services it may collect personal information. The ways in which Prosegur collects it is as follows:
Information from third parties. Whilst the majority of the information collected is directly from individuals, sometimes Prosegur might collect personal information from other sources, such as publicly available materials or trusted third parties like marketing and research partners or medical professionals and government agencies. Prosegur uses this information to supplement the personal information already held, in order to better inform, personalise and improve its services, and to validate the personal information provided.
8.0 How does Prosegur store personal information?
Personal information is stored via:
All personal information is stored securely to protect it from being inadvertently or deliberately accessed. Where applicable (e.g. workers compensation) systems are audited to ensure Prosegur’s processes are working.
9.0 How does Prosegur use personal information?
9.1 Prosegur will only use personal information for the purpose(s) originally explained when the information was collected and for any related purpose that would reasonably be expected by both the individual concerned and Prosegur. For example, Prosegur would also use the name and address of a customer who requested the cash servicing of an ATM for invoicing purposes and to advise the person concerned of new or changed products and services available from Prosegur.
9.2 If Prosegur uses personal information it holds for direct marketing of its products or services, it will always provide the individual the opportunity at the point of first contact and at any time afterwards at the individual’s request to decline receipt of any further marketing information. Otherwise, Prosegur will not use personal information without an individual’s consent, unless:
10.0 How does Prosegur share personal information?
There will be times when Prosegur will need to share personal information with third parties. Prosegur will only disclose personal information to:
11.0 Data Quality
Prosegur will take reasonable steps to ensure that the personal information it uses is accurate, complete and up-to-date.
12.0 Data Security and Retention
12.1 Prosegur will take reasonable steps to protect all personal information in its possession, to ensure integrity of the information and that it is only accessed by those people whom Prosegur authorises to do so.
12.2 The length of time Prosegur keeps personal information depends on what it is and whether it has an ongoing business need to retain it (for example, to provide individuals with a service they have requested or to comply with applicable legal, tax or accounting requirements. Personal information that is no longer needed by Prosegur or required to be held by law will be destroyed by secure means, or modified so that the data cannot be traced back to the person concerned.
13.0 Access and Correction
13.1 A person on whom Prosegur holds personal information may apply in writing to the:
Prosegur Australia Pty Limited
Level 2 – 112 Talavera Road
Macquarie Park NSW 2113
to view the personal information held on them.
13.2 Prosegur will take reasonable steps to confirm the identity of the person making the request and will respond within 14 days of receiving the request. However, where the request is more complex or time consuming to comply with, Prosegur will provide access to the information requested within 28 days.
13.3 Prosegur reserves the right to deny access to personal information if providing access:
13.4 Should giving access to personal information involve revealing evaluative information generated within Prosegur in connection with a commercially sensitive decision making process, Prosegur reserves the right to give the individual an explanation for the decision made rather than direct access to the relevant information.
13.5 Where there is disagreement about direct access or where direct access to personal information is impractical or inappropriate, Prosegur will discuss the possible use of a mutually acceptable intermediary.
13.6 If an individual advises Prosegur that personal information held on them is inaccurate, incomplete or not up to date, Prosegur will take reasonable steps to update the information accordingly. Should there be a disagreement between Prosegur and the individual about whether the personal information is complete or up-to-date and the individual requests, Prosegur will take reasonable steps to associate a statement from the individual that the information is not correct with the relevant record(s) held by Prosegur.
13.7 Prosegur reserves the right to levy a reasonable charge to meet the costs of providing access to personal information, although there will be no charge for the act of making the request for access.
13.8 Prosegur will always provide reason(s) should it deny access to or correction of personal information it holds.
Where lawful and practical, Prosegur will give individuals the option of not identifying themselves when dealing with Prosegur
15.0 Trans-border Data Flows
Prosegur may transfer information to, and process it in, countries other than Australia – such as Madrid and Germany where its data hosting providers’ servers are located. These countries may have different laws to Australia, however, when Prosegur discloses personal information to a third party in another country, it puts safeguards in place to ensure that personal information remains protected.
16.0 Sensitive Information
16.1 Prosegur will not, without the consent of the individual, collect information concerning that individual’s racial or ethnic origins; political opinions; membership of a political , professional or trade association or trade union; philosophical or religious beliefs or affiliations; sexual preferences or practices or health information unless:
16.2 Prosegur will also collect health information where it is necessary to assess a person’s fitness to perform the full and inherent requirements of their employment. In so doing, Prosegur will take account of any relevant legal requirements and/or rules established by competent health or medical bodies that deal with obligations of professional confidentiality which bind the organisation.
17.0 Breaches or suspected breaches of personal information
17.1 Prosegur recognises its responsibility under the Privacy Act 1988 and in this regard has established a Data Breach Response plan. The plan exists in the unlikely event of a breach of privacy related information. This would include scenarios such as the accidental or deliberate leakage of sensitive material outside the company.
17.2 Any employee who suspects a breach of this policy has occurred, or who thinks that they may have accidentally leaked sensitive material outside the business, should immediately contact the:
Prosegur Australia Pty Limited
Level 2 – 112 Talavera Road
Macquarie Park NSW 2113