This policy outlines the procedures for handling personal information and sensitive
information relating to customers and staff.
Respecting your privacy
We respect the privacy of the personal or sensitive information you may provide to us or that we are otherwise required by law to collect. The way we manage your personal or sensitive information is governed by the Privacy Act 1988 (Privacy Act), the Australian Privacy Principles (APPs) established under the Privacy Act and, in respect of your credit-related personal information, the Privacy (Credit Reporting) Code (CR Code).
For the purposes of this Policy, “personal information”, “sensitive information” and “credit-related personal information” have the meaning given in the Privacy Act:
- personal information: information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether the information is true or not, and whether the information or opinion is recorded in a material form or not.
- sensitive information: personal information which is health information about an individual, genetic information about an individual that is not otherwise health information, biometric information that is to be used for the purpose of automated biometric verification or biometric identification, biometric templates or personal or sensitive information about an individual’s racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual orientation or practices, criminal record.
- credit-related personal information: personal information (other than sensitive information) about an individual that is “credit information”, “credit reporting information”, “credit eligibility information” or “regulated information”, each as defined in the Privacy Act. This Policy explains how we manage the personal, sensitive or credit-related personal information we hold about you. Please note that this Policy is to be read subject to any overriding provisions of law or contract.
What kind of personal or sensitive information do we collect and hold?
The types of personal information we may collect and hold include, but are not limited to:
- your name, date of birth and evidence of your identity
- your personal and business contact details
- your employment details and personal information provided when you seek employment with us or after you commence employment with us
- banking, tax and superannuation fund details (including your tax file number and ABN if applicable). We note that there are additional protections when collecting, using or disclosing tax file numbers for individuals
- personal information obtained from background screening as part of due diligence relevant to employment or to a business relationship with us
- internet protocol (IP) addresses, including via electronic signing platforms (for example, DocuSign)
- personal information provided when you (or entities you represent or have a beneficial ownership interest in) commence a business relationship with us
- contact and identification details of any third party you have authorised to negotiate or provide your personal information on your behalf
- your device’s internet protocol (IP) address, your Twitter or other social media identity and posts
- any correspondence between you and us, and any other personal information provided to us when you contact us
We may also collect sensitive information, such as:
- if you are a director, officer, employee or contractor, details of any allergies or dietary requirements or other medical conditions you consider important for us to be aware of
- criminal record information obtained through background screening before you commence, or during your business or employment relationship with us
- if you are a Virescent Ventures Employee or visitor of any premises of Virescent Ventures, information that is reasonably necessary for preventing or managing COVID-19. Only the minimum amount of personal and sensitive information reasonably necessary to prevent or manage COVID-19 will be collected, including information that the Department of Health advises is needed to identify risk and prevent or manage COVID-19
How do we collect information?
Directly from you
Where possible, we try to collect information directly from you, for example when you:
- request information or contact us through our website or by telephone
- correspond with us in writing (such as letters and emails)
- provide your business card or other documents to us
- meet with us in person
From third parties
We may also obtain your information from third parties, such as:
- where you are an employee, director or hold a substantial beneficial ownership of an entity that we do business with
- government and law enforcement agencies
- our professional advisers, service providers or any other organisation with whom we do business
Where we collect information from third parties you refer to us, we will assume and you will ensure that you have made that third party aware of the referral and the purposes of collection, use and disclosure of the relevant information. Where you are a client or service provider who provides information to us about individuals, we may also ask you to advise them of the purposes of our collection, use and disclosure of their information in accordance with this Policy or with any collection notice given.
Where we receive unsolicited personal or sensitive information about you, we will only retain it if we determine within a reasonable period that it is necessary for one or more of our functions or activities and that you have consented to the information being collected or that it was impracticable or unreasonable for us to obtain your consent under the circumstances. If these conditions are not met, we will destroy or de-identify the information as soon as practicable if lawful and reasonable to do so.
Dealing with us anonymously
In general, you can visit our website without telling us who you are or revealing any personal or sensitive information about yourself. Our web servers collect the domain names, not the email addresses, of visitors. However, there are parts of our website where we may need to collect personal or sensitive information from you for a specific purpose, such as to provide you with certain information you request.
Why do we collect, hold, use and disclose your information?
We collect, use and disclose your information to enable us to provide the services, products and information you request, and when it is reasonably necessary to enable us to perform our functions and activities. In particular, we may collect, use and disclose your information for the purposes of:
- providing financial services and products to you (or an entity you represent)
- responding to your inquires or any other purpose which relates to or arises out of requests made by you
- assessing your application for or managing your employment
- your business or other relationship with us
- complying with our obligations under law including the Anti-money Laundering and Counter Terrorism-Financing Act 2006
- communicating with you during the course of your business or other relationship with us, including payment of invoices and/or loan repayments
- account management and administering records of our subscription services
- our insurers may obtain credit-related personal information about you from us, such as for the purpose of assessing whether to provide insurance to us
- promotion of Virescent Ventures and its programmes, including carrying out direct marketing and market research campaigns
- where necessary, updating and maintaining our records
- making our website easier to use and providing access to all parts of it
- notifying you about important changes or developments to our functions, activities, services, or our website
- administering, supporting, improving, and developing our business and the services we provide to you
- doing anything which you authorise or consent to us doing
- taking any action, we are required or authorised by law to take
- notifying employees that a colleague or visitor has or may have contracted COVID-19 (noting Virescent Ventures will only use or disclose personal information that is reasonably necessary in order to prevent or manage COVID-19 in the workplace.
Disclosing your information
We may disclose your information to:
- Virescent Ventures’ directors, officers or employees
- our business partners and service providers (including the Clean Energy Finance Corporation, Australian Renewable Energy Agency, lead contractors
- who provide website, electronic signing platforms, IT, marketing, administration and other services to support Virescent Ventures)
- in respect of internet protocol (IP) addresses collected via electronic signing platforms, the counterparties to the document being executed electronically by you
- suppliers Virescent Ventures engages for data processing and other administrative and support functions
- our professional advisers (including but not limited to insurers, brokers, auditors and lawyers)
- third parties we engage to carry out promotions or other activities you have requested, or for direct marketing purposes (unless you have opted-out)
- any entity to whom we are required or authorised by law to disclose your personal or sensitive information (for example, law enforcement agencies and government and regulatory authorities such as AUSTRAC)
- any successors in title to our business (including new business partners or owners if a Virescent Ventures member enters into a joint venture with or if Virescent Ventures is sold to or merged with another entity)
- with your consent (express or implied), other entities.
The above entities may in turn disclose your information to other entities as described in their respective privacy policies or notices.
Virescent Ventures will only use or disclose personal or sensitive information about an individual for the particular purpose that it was collected for.
Virescent Ventures will only use or disclose that personal or sensitive information for another purpose if:
- the individual has consented to the use or disclosure of the information
- another exception applies (including where the use or disclosure is required or authorised under an Australian law or where a permitted general situation applies, such as where it is unreasonable or impracticable to obtain consent, and it is necessary to lessen or prevent a serious threat to the life, health or safety of any individual, or to public health or safety).
Correction of information
To effectively conduct business with you, it is important that the information we hold about you is complete, accurate, current and relevant. At any time while we hold your information, we may ask you to tell us of changes to your information. Alternatively, if you believe that any of the information we hold about you is inaccurate, out-of-date, incomplete, irrelevant or misleading, please contact us.
Under certain circumstances in the Privacy Act, we may not be required to correct your Information (for example, where it would be unlawful). If we decide not to correct your information, we will give you reasons for our decision.
Access to information
You may request access to the information we hold about you by contacting us. We may request to verify your identity before responding to any request.
Under some circumstances under the Privacy Act or other legislation, we may not be able to provide you with the access you request (for example, if it is unlawful to give you access or is likely to prejudice enforcement related activities). If we decide not to provide you with access, we will give you reasons for our decision.
Data storage, retention, security and location of your information
We will (and will require our third-party suppliers to) take reasonable steps to protect your information from loss, misuse, unauthorised access, modification or disclosure. We may store your information in different forms, including in hardcopy and electronic form. We have policies, procedures and systems to keep your information secure, and regularly reviewing such policies.
When your information is no longer required by law to be retained by us, we may take reasonable steps to destroy, delete or de-identify your information in a secure manner. However, we may sometimes be required by law to retain certain information, for example, under the Anti-Money Laundering and Counter-Terrorism Financing Act 2006 or the Archives Act 1983.
Overseas disclosure of information
Virescent Ventures may engage service providers located overseas to perform certain functions and activities. While providing services, we may need to disclose your personal or sensitive information to these service providers. If overseas service providers are engaged and personal or sensitive information is sent overseas, we will take reasonable steps to ensure that our service providers have policies, procedures and systems in place to ensure your personal or sensitive information is handled in accordance with the Privacy Act and other applicable legislation.
In most cases, before or at the time of collecting your information we will obtain your consent to the purposes for which we intend to use and disclose your information. However, where we have collected information about you from an entity that is your employer or of which you are a director or substantial owner we may not seek your consent and may assume that the entity has your authorisation to provide that information to us. We will only collect sensitive information about you if we obtain prior consent to the collection of the information or if the collection is required or authorised by law. If you do not give us consent, we may not be able to provide you with the products or services you want.
Dealing with us online
This Policy applies to your use of the Virescent Ventures website (www.virescent.vc) and any personal or sensitive information that you may provide to us via our website.
When you visit our website, we and/or our contractors may collect certain information about your visit. Examples of such information may include:
- site visit information: we may collect general information about your visit to our website. The information is not used to personally identify you, but instead may include your server address, the date and time of your visit, the pages accessed and type of internet browser you use. This information is aggregated and used for system administration, to prepare statistics on the use of our website and to improve its content.
Our website may contain links to other websites which are outside our control and not covered by this Policy. We do not endorse, approve or recommend the services or products provided on other websites, and they have their own privacy policies.
By continuing to use our website or by providing us with information, you consent to us managing your information in the way described in this Policy.
We may compile and categorise a list of our followers on social media platforms. In addition to the above, we may also receive aggregate, non-personalised statistics on the Virescent Ventures coverage in social media.
If you wish to contact us regarding our handling of your information or any of the matters covered in this Policy, please contact us at [email protected]
Changes to this policy
Virescent Ventures reserves the right to revise or supplement this Policy from time to time. Any updated version of this Policy will be posted on our website (www.virescent.vc) and will be effective from the date of posting.
This Policy was last updated in February 2022.