PRIVACY POLICY

In this Privacy Policy, BMD, us, we or our means B.M.D. Constructions Pty Limited (ACN 010 126 100), BMD Infrastructure Services Ltd (UK company number 14400095) and other members of the BMD Group.  This Privacy Policy sets out how, when and why we collect, store, use, disclose and otherwise process personal information in connection with our businesses and the services we provide, and your rights in relation to your personal information.

You means any of the following, depending on the context:

  • Job applicant of BMD;
  • Employee of BMD;
  • Customer Representative (e.g. employee) of a customer that uses our service or of a potential customer who seeks to use our services and makes enquiries with us;
  • Website visitors, but excluding customers or potential customers;
  • Supplier Representative (e.g. employee) of a supplier who provides or wishes to provide services to BMD.

Please read this Privacy Policy carefully – it is important that you understand how we collect, control and process your personal information.

BMD Group – who are we?

The BMD Group is a privately owned Australian company providing civil engineering construction, civil and structural engineering design and investment services for property development and major infrastructure projects throughout Australia. We provide our services through a particular BMD Group company and/or through a division of one of those companies. For further information on the corporate structure of the BMD Group, please visit https://www.bmd.com.au/our-companies/.

BMD Infrastructure Services is the UK extension of the BMD Group in Australia. Our operations in the UK drives the delivery of smart solutions with the global perspective and expertise of Australia’s largest privately owned civil contractor.

What privacy laws do we comply with?

We are bound by the privacy and data protection laws of the countries in which we operate, being Australia and the United Kingdom. These laws may provide exemptions for the collection and use of some personal information, including personal information about employees in employee records. We may also be bound by workplace surveillance legislation in some countries (and states and territories) that regulate our camera, computer and tracking surveillance of employees.

In Australia, BMD is bound by the Privacy Act 1988 (Cth), which includes the Australian Privacy Principles (APPs) and, where applicable, State or Territory legislation relating to health information.  If you have accessed our website or are otherwise engaging with us from and in Australia, this Privacy Policy applies.

If you have accessed our website or are otherwise engaging with us from and in the UK, you can view our UK Privacy Policy here: https://bmdinfrastructureservices.co.uk/privacy/.

Collection of personal information

Information we collect directly from you

BMD collects personal information from Customer Representatives when they enquire about or make arrangements on behalf of their company (i.e. the customer) to use our services. This includes the Customer Representative’s information such as:

  • your name, mailing or street address, email address, and telephone number;
  • credit card information and account details, banking or payment information;
  • transaction history and services preferences; and
  • information through customer surveys, promotions and any enquiries.

If you are a Job Applicant or a current Employee, we may collect information such as:

  • your name, residential address, postal address, telephone number and email address;
  • credit card information and account details, banking or payment information;
  • your gender and date of birth;
  • identity information such as driver’s licence or passport;
  • details about your qualifications, skills, employment history and salary;
  • links to your professional profile (e.g. corporate website or LinkedIn);
  • if applicable, your company name, ABN and applicable tax information;
  • your nationality, citizenship status and/or right to work;
  • background and criminal history information through background checks;
  • whether you have a disability, illness or other health issue we need to accommodate in your role;
  • your emergency contact details, next of kin, dependents and beneficiaries; and
  • your employment with BMD such as leave records, salary and payments, health information and medical records, performance information (including any information regarding performance reviews or disciplinary matters).

If you are a Supplier Representative acting on behalf of a supplier who wishes to provide services to BMD, we may collect information from the Supplier Representative such as:

  • your name, work email address and telephone number;
  • identity information such as driver’s licence or passport;
  • your company name, ABN and applicable tax information; and
  • background and solvency information of the supplier through background checks.

We collect personal information in a number of ways.  How we collect personal information from you will depend on how you engage with us and use our services.

For example, we may collect personal information about you when you deal with us over the telephone, enter into an agreement with us or send us correspondence (whether by hard copy or e-mail), visit our premises and complete a visitor or sign-in log, through CCTV cameras we operate at our premises (if you are reasonably identifiable from the images captured by those cameras), or have contact with us in person or through any other mode of communication.

Information we collect automatically

We collect certain data from you automatically when you use our services and/or when you visit our websites. When you visit our websites as a Website Visitor this includes:

  • the date and time of the visit;
  • the pages viewed;
  • how you navigate through the site and interact with pages (including fields completed in forms, applications completed, search items entered);
  • information about the device used to visit our website;
  • internet provider details;
  • referring URL (universal locators); and
  • IP address and location information based on your address.

We may also collect any additional information relating to you that you provide to us directly through your use of our services, or indirectly through your use of our services or online presence or through other websites or accounts from which you permit us to collect information (if any).

Information we collect from other sources

We may collect personal information about you from third parties in certain circumstances, such as:

  • from recruitment agencies and your references in connection with a job application or from publicly available sources e.g. your LinkedIn profile or other social media;
  • from government and regulator databases e.g. the Australian Securities and Investments Commission (ASIC); and
  • when you attend a conference which we hold, sponsor or at which we are a partner.

If you have referred us to third parties to obtain personal and other information about you we will assume, and you must ensure, that the third party is aware that you have referred us to them and of the purposes involved in the collection and processing of your personal information.

If you supply us with information about another person, you should ensure you are authorised to do so. You must inform that person who we are, that we will use and disclose their personal information as outlined in this Privacy Policy from time to time and that they have certain rights to access the personal information that we hold about them.

How do we use your personal information?

We collect and use your personal information to enable us to operate our business, administer your job application or employment with us and fulfil our responsibilities as a provider of civil and structural engineering construction and consulting services, commercial landscaping and building, urban property development, marketing and sale of residential lots, consulting services, hospitality services and motor vehicle sales, and to tailor our services to best meet the needs of our customers.  This includes employee recruitment and management, contractor and supplier due diligence, engagement and management, and customer engagement and management.  These purposes include the following:

If you are a Customer Representative:

  • As part of our on-boarding processes, and to stay in contact with you (and/or the company you work for) following any queries you raise with us in connection with our services including projects, engagements, premises and work sites;
  • Where you opt-in or subscribe to direct marketing, to communicate with you about services and events you may be interested in (and you may choose to stop receiving marketing communications from us when using our services by using the unsubscribe link in the communication or by contacting us (contact details below));
  • To facilitate payment from the customer for our services, and payment by us of any amounts we owe you;
  • To facilitate, manage and administer our commercial relationship with you, including to better understand and improve our service offering to the customer;
  • To comply with our legal and regulatory obligations, and our contractual obligations;
  • For strategic planning and to improve our services and service offerings;
  • To respond to enquiries and respond to and resolve complaints.

If you are a Job Applicant:

  • As part of our employee recruitment and on-boarding processes, and to verify your identity, right to work and determine your suitability for a particular role;
  • To comply with our legal and regulatory obligations, and our contractual obligations as your potential employer.

If you are an Employee:

  • As part of our employee on-boarding processes, to verify your identity, and to facilitate, manage and administer the employment relationship with our employees;
  • To control and manage access to, and health and safety in, our premises and work sites, for security and safety related reasons, and to assist with time recording and to help manage absence and capacity in our workplaces;
  • To comply with our legal and regulatory obligations, and our contractual obligations as your employer, including under fair work, human services and workers’ compensation legislation;
  • To facilitate our payroll process and our payment of your salary and entitlements to you;
  • To maintain continuous professional development of our employees.

If you are a Supplier Representative, as part of our supplier due diligence processes, and to comply with our legal and regulatory obligations, and our contractual obligations.

If you are a Website Visitor, to collect information about our website and its usage, and to improve the services we provide via our website.

We keep your personal information for as long as is necessary to fulfil the relevant purposes described in this Privacy Policy, or longer where we are required or permitted to do so under applicable law.

Cookies technology

When you use our website, we may use ‘cookies’ which are software code files placed on your web browser to recognise and identify your computer or device, and help us to monitor your use of our website and remember your preferences so that we may improve our services and provide you with a more user friendly experience when you visit our website.

We may also use cookies to enable us to collect data that may include personal information (e.g. where a cookie is linked to your online account, it will be considered personal information under applicable privacy laws).  We will handle any personal information collected by cookies in the same way that we handle all other personal information as described in this Privacy Policy.

For more information about the functional, marketing, advertising and performance cookies we use, please review our Cookie Policy here: https://bmdinfrastructureservices.co.uk/cookies/.

Most web browsers are set to accept cookies. If you prefer not to receive cookies, you can configure your Internet browser to reject them or to notify you if they are being used. Deleting or refusing to accept cookies may limit the functionality of our website and effect your overall experience in using our website.

 

How do we hold and disclose your personal information?

Our disclosures of personal information

We may disclose your personal information where necessary for our business functions and activities and as follows:

Related entities within the corporate group: we may share your information with our employees and the BMD Group entities;

Service providers: we share your information with our third party service providers who assist us in providing our services and in our business operations, including payment processing providers, professional advisors, website services and analytics providers;

Our partners: we may share your information with our sponsors or promoters, including in connection with any promotion or competition we run;

Sale or transfer of business: we may share your information with any party to whom our assets or business (or any part of them) are transferred or are to be transferred;

Recruitment and other third party agencies: we may share your information with recruiters who provide your information to us, to third party referees whose details you’ve provided us, and to enable us to undertake verification and background checks for job applicants and service providers;

Legal and regulatory matters: we may share your information with government agencies, regulatory bodies and law enforcement agencies, as required, authorised or permitted by law; and

With your consent: we may share your information with other third parties who are authorised by you to receive information held by us.

While we take reasonable steps to ensure that third party recipients of your personal information comply with privacy laws that are similar to those in your jurisdiction, we cannot always control the actions of third party recipients and so cannot guarantee to you that they will comply with those privacy laws.

Overseas disclosures of personal information

BMD may store and disclose personal information in and to locations outside Australia for the purposes described in this Privacy Policy.  We may also engage service providers outside Australia. When we disclose or transfer your personal information overseas, we take reasonable steps to ensure that your information is secure and that the recipient will not breach the Privacy Act.

The countries in which these third parties are located will depend on the circumstances. However, in the ordinary course of our business operations we commonly disclose personal information to third parties located in the United Kingdom and The Philippines.

Steps we take to secure personal information

We may hold your personal information in either electronic or hard copy form. We take reasonable steps to protect your personal information from misuse, interference and loss, as well as unauthorised access, modification or disclosure and we use a number of physical, administrative, personnel and technical measures to protect your personal information. We do this by taking a range of physical, electronic and other security measures such as:

  • storing electronic documents containing personal information in secure hardware and software systems, and hard copy documents containing personal information in locked cabinets and storage places;
  • maintaining physical and software protection over paper and electronic data stores and premises, by way of locks and encryption security systems; and
  • maintaining computer and network security via the use of firewalls, email and internet monitoring systems, as well as the use of security features that involve user identification and passwords that control access.

Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal information, we cannot guarantee the security of the information transmitted to our services or via our website.  We therefore do not assume any responsibility for any transmission of your information, which you do at your own risk.

Links

Our website may contain links to websites that are operated by third parties. Those links are provided for your convenience only, and may not always be current or maintained. We are not responsible for the privacy practices of, or any content on, those linked websites, and have no control over or rights in relation to those linked websites. The privacy policies that apply to those third party websites may differ substantially from our Privacy Policy, so we encourage you to read the privacy policies of those third parties before using those websites.

Access and correction

You may request access to the personal information we hold about you and you may ask for corrections be made to that information so that it is accurate, complete and up-to-date.

We will generally provide you with access to the personal information we hold about you, however in limited circumstances, we may refuse access if we are required or permitted to do so by law. If we do not provide you with access, we will explain the reasons for our refusal in writing.

We will not charge you for making an application to access your personal information but may charge a reasonable fee to cover the cost of providing access, such as data retrieval or photocopying costs. We will advise you if such a charge applies before your request is dealt with.

 

Engaging with us anonymously

Where practicable, we will give you the option of not identifying yourself or using a pseudonym when you engage with us. However, if you don’t identify yourself and provide us personal information, we may be unable to engage with you further, provide you with the services or information you are seeking or respond effectively to your query.

 

Contacting us and complaints

We welcome questions, comments and requests regarding this Privacy Policy.

If you wish to make a complaint about how we have handled or process your personal information, please contact us using the details provided below. This does not affect the rights you may have to submit a complaint or claim with the privacy regulator or data protection authority in the country you are located in, where you consider we have not complied with the applicable privacy or data protection laws.

We will investigate and respond to your question, comment or request as soon as practicable and otherwise in accordance with the timeframes that apply under the applicable privacy or data protection laws.  When contacting us, please provide as much detail as possible in relation to your question, comment or request.

Please contact the BMD Group Privacy Officer at:

Email: privacy@bmd.com.au
Phone: +61 7 3893 7000
Postal Address: PO Box 197, Wynnum QLD 4178

If you are dissatisfied with our response to your request for access to, or correction of, your personal information or your complaint, you may contact the Australian Privacy Commissioner at:

Office of the Australian Information Commissioner (OAIC)
GPO Box 5218
Sydney NSW 2001
Phone: 1300 363 992
Email: privacy@privacy.gov.au  

 

Changes to this Privacy Policy

BMD may review and update this Privacy Policy from time to time, including if the way we handle and process personal information changes or as required by law.  We will post the updated Privacy Policy on our website at www.bmd.com.au/privacy/.

This Privacy Policy was last updated February 2023.