Last Updated: 5 February 2015
RESPECTING YOUR PRIVACY
We carry out those activities in a manner that is respectful of your personal information and manage it in accordance with the Australian Privacy Principles set out in the Privacy Act 1988 (Cth) (Privacy Principles).
TYPES OF PERSONAL INFORMATION WE COLLECT
When you enter Brisbane Airport or use our facilities (e.g. the roads, car parks, retail facilities and terminals including check-in and passing through screening points) we may collect:
- Contact and identification details e.g. name, postal or email address, post code, telephone numbers, date of birth, gender, driver’s licence details, passport number or Aviation Security Identity Card (ASIC) number;
- Transactional information e.g. credit card details;Information from our Electronic Monitoring Systems (as described below);
- A voice recording from calls to our reception numbers, certain operational or security telephone lines and in some search rooms; and
- Travel related information e.g. flight details, destination/origin, purpose of travel, nationality, visa status and baggage message system status.
Your image, licence plate number, location and movements are collected by the electronic monitoring tools and systems that we have in place at Brisbane Airport.
Our Electronic Monitoring Systems include:
- Closed Circuit Television (CCTV);
- Automatic number plate recognition technology (ANPR);
- Access control systems and electronic keys; and
- Other observational tools and systems such as portable cameras and the baggage message system.
When you purchase a product or service or participate in any promotion, survey or other marketing we may collect other information about you including:
- Other contact and identification details e.g. social media information, your photograph
- How you use and your opinion about, our products and services, travel, destinations; and
- Your income demographics.
We also collect information (often known as metadata) in relation to our communications with you e.g. the time communications are accessed, the links visited and the device used to access the communication.
Security and operations
Where necessary for matters related to security or airfield operations we may also collect:
- Place of birth, country of citizenship, gender;Your photograph; and
- Residential address history, criminal history, details of any pending prosecutions and the outcome of security assessments, criminal history checks and immigration checks.
Feedback and complaints
We may collect sensitive information (e.g. health information, information about your ethnicity or political opinions) in feedback, complaints, claims or correspondence but only if you give it to us or with your consent.
When you interact with us via our websites, social media channels, mobile applications or wireless internet (Online Platforms), we gather statistical information about your use of those Online Platforms e.g. which resources on a website are the most visited. The information we collect includes IP addresses, MAC addresses, geographical location, pages visited and computer information such as the operating system and browser being used. We use this statistical information to help us analyse the usage and performance of our products and to improve our offerings.
REMAINING ANONYMOUS OR USING A PSEUDONYM
We need to know who we are dealing with for most matters, like applying for security access or booking car parking online. However, where it is lawful and practical to do so we will allow you to deal with us anonymously or using a pseudonym such as when you make a general enquiry or for some marketing activities.
HOW WE COLLECT YOUR PERSONAL INFORMATION
We collect information directly from you when you deal with us, for example when you:
- fill out a form with us;
- make a phone enquiry;
- enter a promotion run by us;
- make an application for a security clearance;
- use or purchase any of our products or services;
- or access any of our Online Platforms.
We also collect some information indirectly from you through our Electronic Monitoring Systems and in-building infrastructure when you use the airport’s facilities.
Collection from other sources
We also collect your personal information from other organisations we deal with including:
- Law enforcement agencies e.g. the police, Customs;
- Government agencies e.g. the Civil Aviation Safety Authority (CASA), WorkCover, Airservices, Department of Immigration;
- Our tenants and licensees e.g. airlines, car park operators, retail outlets;
- Our professional advisers e.g. our insurers, lawyers; and
- Our contractors e.g. contracted security, car parking and cleaning companies, marketing consultants, project companies.
For example, when issuing ASICs, investigating an incident, investigating fraud, responding to a claim, conducting a survey or dealing with feedback.
If you access external websites, applications or services via hyperlinks from our Online Platforms (Linked Services), we may also receive your personal information from that Linked Service e.g. booking a rental car, a hotel or trip via a link on our website.
We may also collect your personal information from publicly available sources of information.
CONSEQUENCES OF NOT PROVIDING YOUR PERSONAL INFORMATION
If you do not provide us with your personal information, it may not be possible for us to provide you with the products, services or information you request such as booking car parking or entering a promotion. In some cases it might mean you cannot access certain parts of Brisbane Airport for work or pass through a screening point to fly.
TAKING CARE OF YOUR PERSONAL INFORMATION
Storage and security
The security of your personal information is important to us and we take reasonable steps to protect it from misuse, interference and loss, and from unauthorised access, modification or disclosure. Some of the measures we use include:
- Implementing document storage, information classification and incident notification and management security policies and procedures;
- Applying access restrictions to our systems including network segregation for certain information;
- Protecting electronic security systems by use of firewalls, encryption technology and intrusion detection systems;
- Requiring our employees and contractors to adhere to confidentiality requirements; and
- Controlling physical access to our buildings and instigating further controls to those parts of buildings where sensitive information is held.
We store personal information physically and electronically and sometimes with contracted data storage providers e.g. providing backup storage. If we use a contracted service provider, we use contractual arrangements to ensure that provider takes appropriate measures to protect the personal information.
What happens when we no longer need your information?
We will keep your information for as long as we require it for our business purposes or for as long as any applicable law requires us to keep it. When we no longer require your information or when any period imposed by law expires, we will ensure that your personal information is destroyed in a secure way or that it is de-identified.
WHAT WE DO WITH PERSONAL INFORMATION WE DID NOT ASK FOR
If we receive personal information about you that we did not ask for (referred to as ‘unsolicited information’) and we determine that we have not lawfully collected that information, we will destroy or de-identify it provided it is reasonable or lawful to do so.
HOW WE USE YOUR PERSONAL INFORMATION
We use your personal information to:
- Develop, improve, manage and administer our products and services;
- Keep in contact with you e.g. deal with feedback or complaints, return lost property;
- Maintain any business relationship we have with you;
- Maintain our records;
Run our business and perform administrative and operational tasks like:
- training staff;
- marketing the airport and its products and services;
- developing and testing our systems, including our Online Platforms;
- undertaking research, analysis and planning; and
- Carry out any purpose for which you have expressly or impliedly given consent.
We may combine or link the personal information we collect from you with other information we already hold about you and use it to support our functions and activities.
We use the personal information collected by our Electronic Monitoring Systems (e.g. CCTV, ANPR, access systems) for Safety, Operations, Emergency and Security purposes. These purposes include:
- Managing airport security;
- Managing airport operations such as traffic flow, passenger and aircraft facilitation and access to our facilities and infrastructure e.g. roads, car parks, terminals, retail facilities;
- Managing the safety and security of airport operations including in relation to passengers, staff and other airport users;
- Conducting investigations;
- Detecting, deterring and responding to criminal or unlawful activity or suspicious, inappropriate or unauthorised activity on Brisbane Airport;
- Monitoring emergencies and incidents to manage response, recovery and investigation activities; and
- Operations and airport planning purposes e.g. analysis to understand behaviour and movements of people, equipment, aircraft and vehicles using our facilities and infrastructure.
We might let you know - via mail, SMS, email, telephone or online - about news, special offers, products and services that might serve your needs or that you might be interested in. We may also ask for your opinion or about your use of the airport or our offerings via research or surveys. We will engage in direct marketing to you where you have consented and unless you tell us otherwise. You can contact us to update your direct marketing preferences at any time.
We may also use and disclose your personal information to others that provide us with specialised data matching, trending or analytical services as well as general marketing services. We, and those who provide us with marketing services, may combine the personal information we collect from you with information we, or our service providers, already hold about you and use it for further marketing, including online targeted marketing, data and audience matching and market segmentation.
We will not sell your personal information to any other organisation.
Security and operations
The security and operational purposes we might use your personal information for include:
- Issuing and maintaining airport authorities, licenses, passes, and permits e.g. Authority to Drive Airside, ASICs, other access cards;
- Maintaining records that are required for security and aviation purposes e.g. audits conducted by CASA or the Office of Transport Security;
- Recording, investigating and analysing any emergencies and actual or potential incidents or occurrences that occur on Brisbane Airport; and
- Maintaining and managing airport operations, safety and security e.g. passenger identification, screening of passengers, reviewing access to secure areas.
SHARING YOUR PERSONAL INFORMATION
We will use and disclose your personal information:
- For the purposes for which we collected it;
- For another related purpose provided you would reasonably expect us to use or disclose your personal information for that other purpose;
- If you consent to the use or disclosure; or
- Where the use or disclosure is authorised under the Privacy Principles
For example we may disclose your personal information to:
- Organisations that participate with us in payments systems including merchants, payment organisations, tolling organisations;
- Organisations that participate with us in providing, managing or administering a product or service e.g. a government authority involved in an airport process or responsible for a particular services (like noise complaints); organisations that assist us to conduct research, marketing or analyse data;
- Other organisations involved in our normal business practices, including our consultants and contractors e.g. security, car parking and cleaning contractors; those involved in debt collecting, IT contractors, print/mail/digital service providers;
- Organisations with whom we have alliances or arrangements for the purposes of promoting our respective products or services e.g. airlines, charities;
- Organisations that maintain, review and develop our business systems, procedures and technology infrastructure, including testing or upgrading our computer systems;
- Our tenants and licensees e.g. airlines, transport operators;
- Our accountants, auditors, insurers, lawyers and other external advisers:
- Enforcement bodies like the police or Customs; and
- Persons, organisations or regulatory bodies conducting audits, investigations or managing claims or disputes e.g. CASA, WorkCover; the law courts.
Disclosures to overseas recipients
Although we run our business in Australia sometimes we may disclose personal information to entities located overseas e.g. to a contracted service provider providing technology services. Some of our contracted service providers are located in Singapore.
ACCESSING AND CORRECTING PERSONAL INFORMATION
You have a right to request access to your personal information and/or to request that it be corrected. To protect your personal information we will always confirm your identity before giving access or making any change.
You can ask for access by contacting our Privacy Officer by email at email@example.com or by telephone on +61 7 3406 3000. Please tell us what you are looking for.
There are circumstances when we might not give you access to the personal information we hold about you. If that occurs, we will tell you why in writing.
There is generally no cost for accessing the personal information we hold about you, unless the request is complex, resource intensive or we incur additional costs in providing you with access. If there is a charge, it will be reasonable and we will let you know what it is going to be so that you can agree to it before we proceed.
RESOLVING PRIVACY ISSUES
Contact us with your complaint
If you have a complaint about how we have dealt with your personal information, we would like to hear from you. All formal privacy complaints must be in writing however you are welcome to contact us by phone in the first instance if you prefer:
- Call +61 7 3406 3000 and request to speak with our Privacy Officer.
To put a privacy complaint in writing please contact us by:
- Emailing our Privacy Officer at email at firstname.lastname@example.org; or
- Submitting an enquiry form and selecting “Send us your Feedback” via our website at www.bne.com.au/help.
We will try to acknowledge receipt of your written complaint within 3 working days after we receive it. We need a reasonable time to conduct enquiries and so we will usually provide you with a formal response within 30 days of receiving your written complaint. If the circumstances of your complaint are complex and we need additional time to provide you with a formal response, we will contact you to let you know.
Need more help?
If you still feel your issue has not been resolved then you can raise your concern with the Australian Privacy Commissioner:
- Online: www.oaic.gov.au/
- Phone: 1300 363 992 or (if outside Australia) +61 2 9284 9749
- Email: email@example.com