Privacy policy

1. About us

North Queensland Bulk Ports Corporation Limited (ABN 36 136 880 218) (NQBP) is a government owned corporation (or GOC) under the Government Owned Corporations Act 1993 (Qld). We are the port authority responsible for the Queensland Ports of Abbot Point, Hay Point, Mackay, and Weipa.

This Privacy Policy also applies to our subsidiaries, Ports Corporation of Queensland Limited (ABN 49 657 447 879) and Mackay Ports Limited (ABN 69 131 965 707).

We are committed to complying with the Privacy Act 1988 (Cth) (the Act) and the Australian Privacy Principles (APPs).

2. What is personal information?

Personal information is – information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether the information or opinion is true or not, and whether the information or opinion is recorded in a material form or not.
Personal information includes someone’s name, address, age, date of birth, email address, driver’s licence number and distinctive physical characteristics, or other details about a person, including details that may allow the person to be identified.

Personal information may also be sensitive information about an individual (such as political and religious beliefs, sexual orientation, criminal record or biometric information) or health information (including a disability) about a person. Additional rules apply to sensitive information and health information.

Personal information about our employees in records kept by us under the Fair Work Act 2009 (Cth) is not covered by the APPs or this Privacy Policy but will only be used by us for purposes related to the employment of those individuals or as otherwise permitted by law. Employee information which may not fall within this employee record exemption will be dealt with in the same way as any other personal
information.

3. How do we collect personal information?

We will provide you with, or otherwise make available or direct you to, our Personal Information Collection Notice (which is attached to and forms part of this Privacy Policy), at the time of, or as soon as practicable after collection.

4. What personal information do we collect and why, and how will we use or disclose it?

We collect, store and use a range of personal information, including the following, without which we may not be able to provide you with some goods and services, or carry out our functions–

  • Stakeholders. We collect and use personal information about our stakeholders so that we can work effectively with them. This includes engagement through community, port user and technical working groups.
    Personal information may also include photographs or video of community events hosted or attended by our personnel, or community surveys. Photographs and video may be used for media purposes and we generally obtain consent from attendees before collecting and using such personal information. The personal information collected may also be used to allow us to distribute corporate communications.
    We may also disclose personal information to our related bodies corporate, to our Shareholding Ministers under the Government Owned Corporations Act 1993 (Qld), and as required to other Queensland Government departments or agencies.
  • Suppliers and contractors. NQBP collects and uses personal information to allow normal business processes to take place, such as the names and addresses of suppliers and contractors, or their employees. This information may be collected to manage procurement processes, evaluate tenders, administer contracts, to make payments and undertake due diligence.
    Some contractors are required to make their personnel available to undergo drug and alcohol testing for safety purposes, in the same manner as our employees. Where contractor personnel are tested, their health information is collected by our testing supplier. This will be done with the consent of those individuals and may be disclosed to us and the businesses for which they work.
  • Tenants. Where our tenants are individuals, we collect basic personal information about them such as their names and addresses for the purposes of their tenancies.
  • Safety and security. Our ports are under closed-circuit television (CCTV) surveillance for security purposes to help keep them secure and the community safe. This includes areas that the public may use, such as the Mackay Southern Breakwater at the Port of Mackay.
    Signage is in place at these locations to alert the public to the presence of CCTV and direct them to this Privacy Policy. Personal information captured by CCTV may include visual images of individuals and vehicle registration numbers.
    We also collect information to issue port access cards or visitor passes to port users and visitors and maintain access logs which show when those cards or passes are used.
    We may provide this kind of personal information to law enforcement agencies (such as the Queensland Police Service or Australian Border Force) without your consent in certain permitted circumstances.
    Third parties such as the Australian Border Force, our tenants and other port users may also operate their own CCTV within the areas of our ports, and the personal information collected by them will be governed by the separate privacy policies of those third parties.
    Facial or fingerprint recognition may be offered to employees and some contractors as a multifactor authentication option to help keep the devices we provide them like mobile phones secure. This data will be treated sensitive information. It is encrypted by the device and cannot be used by us for any other purpose. The device will be securely erased when no longer needed (for example, when the staff member no longer needs the mobile phone).
    Our authorised officers under the Transport Infrastructure Act 1994 (Qld) may ask you for, or
    require you to provide, personal information in some limited circumstances, if you are at one of our
    ports. Personal information collected in this way may be used by us for law enforcement purposes, and disclosed to other appropriate agencies as permitted by law. Other law enforcement agencies (such as the Australian Border Force) may also make similar demands of port users using their own statutory powers and that personal information will be dealt with according to their own privacy policies or applicable legislation.
  • Job applicants. We collect and use personal information for the recruitment and selection of
    staff. This includes recruitment records and pre-employment medical, reference, police and
    probity checks, some of which may be sensitive information (such as a criminal record
    check) or health information (as part of a fitness for work assessment). This material is
    collected with the consent of employment applicants.

5. Do we disclose any personal information to overseas recipients?

It is unlikely we would disclose your personal information to someone overseas. We store most personal information on servers (include those of our third-party cloud providers) located in Australia, at secure physical premises located in Queensland, or on secure laptops and mobile devices. In some situations, personal information may be hosted by our main Australian cloud services provider on servers located in Singapore but in that situation would not generally be disclosed to anyone in that country.

We also use various other cloud-based services, including for file transfer, project management and social media, which may host data overseas in accordance with the provider’s standard terms (for example, Facebook). Most of these services, other than social media services, the hosted data is not personal information covered by this Privacy Policy or its disclosure to third parties overseas.
Consent is obtained prior to our use of any personal information for social media purposes.
We also maintain a self-insurance arrangement with a company in Guernsey to which personal information may be disclosed in limited circumstances, such as in the event of a claim.

6. How long do we keep your personal information?

Under State law, our records are kept for variable periods as required by or approved under the Public Records Act 2023 (Qld). Subject to these retention requirements, we will not keep your personal information longer than we need to. Personal information that we no longer need to keep will be securely erased or destroyed.

7. Will your personal information be safe?

We are committed to keeping your personal information protected from misuse, interference and loss, and unauthorised access, modification or disclosure using various methods, including secure electronic storage.

8. How can I access or correct my personal information?

In accordance with the APPs, if you would like to access the personal information we hold about you, you would like us to correct your personal information, or if you have a complaint about privacy, you can write or email us to the following addresses:
The Privacy Officer
North Queensland Bulk Ports Corporation Limited
GPO Box 409
Brisbane Qld 4001
Email: info@nqbp.com.au

We will respond to you in writing within a reasonable time, usually within 30 days. We may impose a reasonable charge to cover our costs of providing access to your personal information. If applicable, we will notify you of this charge when you contact us. There is no charge for correction requests.

The APPs permit us to withhold access or to refuse to make a correction, or associate a statement that the information is inaccurate, in some circumstances, in which case we will provide you with written reasons. If you disagree with our decision, you can write to us and ask our Chief Executive Officer to review it.

You may have other rights if you disagree with our decision, including making a complaint to the Office of the Australian Information Commissioner (www.oaic.gov.au).

Right to Information (RTI)
You may also be able to make an application for the provision of documents under the Right to Information Act 2009 (Qld) which may include personal information. This is a separate procedure, and you should read the following about how to apply:

Right to Information | North Queensland Bulk Ports Corporation Ltd.

Any responses to an RTI access application will be made in accordance with the applicable statutory timeframes.

9. Any queries?

If you have any enquires relating to privacy issues, they should be directed to NQBP’s privacy officer via email in the first instance.


Personal Information Collection Notice

1. What is this Personal Information Collection Notice about?

You have been provided with or directed to this Personal Information Collection Notice because we need to collect, or have recently collected, your personal information and there are some important things we need to make you aware of. This Personal Information Collection Notice is an attachment to and should be read with our Privacy Policy.

2. What personal information do we want to collect?

The personal information we want to collect will either be clear from the circumstances, or we will let you know at the time of collection or as soon as practicable afterwards. Examples of the kinds of information we collect can be found in our Privacy Policy.

3. From whom do we collect your personal information?

We will only collect your personal information from you, and not a third party, unless it is unreasonable or impractical to do so.

4. Why do we need to collect your personal information?

We may need to collect personal information for a number of reasons, such as those described in our Privacy Policy. The reason we are collecting your personal information will usually be clear from the circumstances, or it will be explained to you at the time of or as soon as practicable after collection.

5. Will you disclose my personal information to third parties?

We may provide your personal information to a range of third parties as explained in our Privacy Policy. Specific third parties may be explained at the time of collection, or their identity may be clear from the circumstances of the collection.

6. Will you use my personal information for direct marketing?

Yes. We may occasionally send email updates about our business to stakeholders, customers and suppliers whose personal information we have collected with permission for this purpose. If at any point you would not like to receive material like this from us, please contact us as provided below.

7. How can you contact us?

You can write or email us using the contact details set out under ‘8. How can I access or correct my
personal information’ in our Privacy Policy if you have a question or complaint.