James Hardie values and respects the privacy of the people we deal with – customers, business partners, investors and staff. In all markets in which we operate we are committed to ensuring that personal information is handled properly by our staff and our service providers, in accordance with local community standards. In individual countries we adopt privacy policies that comply with all local laws and standards.
James Hardie Australia Pty Ltd ABN 12 084 635 558 of Level 3, 22 Pitt Street, Sydney 2000, and James Hardie New Zealand Limited NZBN 94 2900 001 6346 of Level 11, 41 Shortland Street, Auckland 1010, and their related bodies corporate, (James Hardie, we, us or our) complies with its obligations under the Australian Privacy Principles (APPs) contained in the Australian Privacy Act 1988 (Cth) and the New Zealand Privacy Principles contained in the Privacy Act 1993 (NZ) (the Principles) and (the Privacy Acts) as applicable.
Collection of Personal Information
Personal information is any information about you, from which you can be identified. James Hardie only collects personal information to the extent that it is necessary for the functions or activity we are carrying out. The types of personal information we collect will depend on the nature of our relationship with you. This may include, but is not limited to:
- contact details (including name, address, email);
- company details;
- employment details; and
- educational qualifications.
We will collect your personal information directly from you when you:
- interact with us or make purchases via our website, telephone, post, in person, email, or social media;
- create an account or profile on our website;
- make an enquiry using the ‘Find an Installer’ feature;
- subscribe to receive communications from us or notifications about offers;
- provide feedback on any of our products or services;
- apply for a job with us;
- otherwise interact with us or disclose your personal information to us.
As well as collecting information directly from you, there may be occasions when we collect information from third parties. We may combine this information with information we already have about you to help us understand trends, behaviour, and use of our products and services. Third parties may include people or organisations who provide marketing leads, marketing and data analysis services to us. Where we receive information about you indirectly from others, we require that the third party has collected and shared that information in accordance with the Principles.
You do not have to give us your personal information. However, if you do not provide us with your personal information, we may not always be able to provide you with the requested services/goods or allow you to participate in an advertised activity. We will tell you at the time if this is the case.
Collection of Sensitive Information
We will not collect information that is regarded as sensitive under the Principles, such as information regarding your racial or ethnic origin, political opinions or religious or philosophical beliefs, unless you have expressly consented to such collection.
Use of Personal Information
We collect, use, hold and disclose personal information for purposes including to:
- provide you with information, products or services that you request from us, or that we think will interest you;
- facilitate business relationships with suppliers, distributors, customers or employees;
- fulfil requests for information;
- deal with customer, employees or business partner enquiries or complaints;
- conduct market research on products and services;
- improve the quality and level of the products and services we offer;
- for statistical purposes, including but not limited to contacting you for your views on our products/services and notifying you about changes or developments to our products/services; and
- ensure that our content is presented in the most effective manner for you on your device.
We will only use, hold or disclose your personal information for the purpose for which it was collected, unless:
- you have expressly or impliedly consented to its further use or disclosure;
- you would reasonably expect us to use or disclose it in such a way; or
- we are required by law or are otherwise compelled to disclose such information in accordance with the Privacy Acts.
On, or as soon as practical after, collection we take reasonable steps to ensure that you are aware of the purpose or purposes of collection, the extent to which we may disclose that information and other relevant information.
Disclosure of Personal Information
We may disclose your personal information to:
- related bodies corporate and our associated companies;
- installers or service providers where you have submitted an enquiry and given us permission to pass your details onto that installer or service provider;
- organisations with whom we have arrangements for the purpose of promoting our products or services;
- our agents, contractors and external advisers who carry on our functions and activities or who assist us to carry on our functions and activities;
- organisations who are contracted by us to perform certain services, including to maintain our websites, provide cloud storage of and management services for personal information, deliver products ordered from us, handle complaints and queries or facilitate any other service offered by us;
- our legal and other professional advisors, when needed; and
- other parties to whom we are authorised or required by law to disclose information.
Transborder Flow of Personal Information
Some of the entities we disclose your personal information to may be based or have servers located overseas in various countries, including the United States of America and the Philippines. We make every reasonable effort to ensure data security and appropriate privacy practices are maintained by the overseas entities we share personal information with. In this respect, we will only disclose your information to entities located overseas who we have contracted with to treat your personal information in a manner consistent with the APPs or are subject to similar requirements to protect personal information overseas. You consent to us disclosing your personal information to overseas recipients on this basis.
The James Hardie group has companies in a number of different countries including New Zealand, United States of America, Ireland, the Netherlands, the United Kingdom and the Philippines. As part of our internal administration, your personal information may be shared with one or more of the companies in those countries.
Security of Personal Information
We make every effort to ensure the security of personal information we hold. We take reasonable steps to ensure that all personal information we collect, or use is:
- Stored in a secure environment;
- Safeguarded from misuse, interference, loss and unauthorised access, modification or disclosure;
- Accessed only by authorised personnel for permitted purposes; and
- Destroyed or de-identified when it is no longer needed.
We may use reputable and secure third parties for data storage services. In this respect, we will only store your information with third parties whom we have contracted with and who treat your personal information in a manner consistent with the Principles or are subject to similar requirements to protect personal information overseas.
Access and Correction of Personal Information
We try to ensure that the personal information we hold is up-to-date, accurate and complete. Please contact us if you:
- require access to any personal information we hold about you; and
- wish to notify us of any change, modification or correction to your personal information.
We require suitable proof of identity from you before we can grant access or make the requested changes. We generally allow access to the personal information we hold about you unless access or correction would:
- pose a serious threat to the life or health of any individual;
- have an unreasonable impact upon the privacy of other individuals; or
- otherwise be inappropriate in accordance with the applicable Principles.
If we do not grant access to personal information or make the requested changes, we will provide you with the reasons for our decision.
Concerns or Complaints
If you have a concern or complaint in relation to our handling of your personal information or you believe that we have breached the Principles or any other applicable privacy laws, please contact us for assistance. If you are not satisfied with any assistance you are given you may request that your concerns be referred to our Privacy Officer for an independent review. Our Privacy Officer will investigate your concerns and will respond to you in writing (usually within 14 days). If you believe that your complaint has not been satisfactorily addressed by us, you can make a complaint to the following:
- In Australia you may contact the Office of the Australian Information Commissioner (OAIC) who may investigate your complaint further. The OAIC’s details can be found at www.oaic.gov.au.
- In New Zealand you may contact the New Zealand Office of the Privacy Commissioner (OPC) who may investigate your complaint further. The OPC’s details can be found at www.privacy.org.nz.