We are committed to protecting your privacy in compliance with our legislative obligations.
We will only collect, use, handle and disclose personal information as allowed by, and in compliance with, the privacy legislation applicable to us.
Your privacy is important to us
Nemrs.biz Limited (together ‘Nemrs’, ‘we’ or ‘our’) are committed to protecting your privacy, in compliance with the U.K. Privacy Principles (APPs) and the Privacy Act 1988 (Cth). Our related entities in the U.K. also protect your privacy in compliance with local privacy laws.
We are committed to being open about how we use personal information and this Policy sets out how we handle your information.
By providing personal information to us, you consent to our collection, use and disclosure of your personal information in accordance with this Policy and any other arrangements that apply between us. We may change our Policy from time to time by publishing changes to it on our website. We encourage you to check our website periodically to ensure that you are aware of our current policy.
Collection of information
We limit our collection of personal information to those details we identify as reasonably necessary for the lawful purposes of our business.
We do not collect or hold personal information in relation to individual members of funds who invest with us. Personal information will only be collected by lawful and fair means from the individual concerned (where practicable) or their representative. The collection of ‘sensitive information’ will only be in accordance with the law.
As part of our Global Real Estate business, we may collect information from you as an individual who enters, is employed at or is a tenant in one of our Shopping Centres through various means, including video surveillance cameras, wireless local area networks, surveillance equipment used in parking areas, and Bluetooth beacons throughout our Shopping Centres.
We will inform you at or before the time of collection (or as soon as possible afterwards) of the purposes for collection, to whom your information might be disclosed and any other relevant details that will help you to ensure we are protecting your privacy. In particular, in our Shopping Centres, these details may be displayed at certain entry points to the Shopping Centre and/or otherwise throughout the Shopping Centre. In some instances, we may direct you to this Policy for this information.
We take reasonable steps to keep personal information as accurate, complete, and up-to-date as is necessary for the purposes we have identified.
Handling of information
We only collect and use information for the purpose of providing our products or services, including sending you information, or undertaking our business. In relation to our Global Real Estate business, we collect and use personal information for purposes in connection with the management, administration, operation and promotion of our retail and commercial properties. Examples of who we usually collect information from, types of information, purposes for collection and method of collection are contained in a Table in Appendix 1.
Disclosure of information
At Nemrs, personal information is strictly confidential. We will only disclose personal information in accordance with the law. We may disclose your personal information:
‒ to other companies within the Nemrs group;
‒ to our insurers and insurance brokers and other professional advisers, dealers and agents;
‒ to our existing or potential commercial and joint-venture partners;
‒ to third parties who perform services for us and otherwise help us to deliver our services and to enforce our agreements with third parties (including information technology suppliers, communications suppliers and our business partners);
‒ to third parties for direct marketing purposes where you have 'opted-in' for such services;
‒ to law enforcement, regulatory or government agencies/bodies, including where necessary to meet our statutory obligations;
‒ where it is required or authorised by law;
‒ where we use it for the purposes for which it was collected;
‒ anyone to whom our assets or businesses (or any part of them) are transferred;
‒ to specific third parties authorised by you to receive information held by us; or
‒ where you have consented to the disclosure of your personal information.
We may use and disclose your personal information overseas, including to recipients located in countries where we have an overseas office as listed here. Any information sharing will be in compliance with the APPs (and or U.K. privacy law(s) as applicable) and governed by our strict standards and policies, and where appropriate, confidentiality and other agreements to ensure your information is secure and treated with the utmost care and respect.
We may also disclose your personal information to a trusted third party who also holds other information about you. This third party may combine that information in order to enable it and us to develop anonymised consumer insights so that we can better understand your preferences and interests, personalise your experience and enhance the services that you receive.
Our website may contain links to websites operated by third parties. Those links are provided for convenience and may not remain current or be maintained. Unless expressly stated otherwise, we are not responsible for the privacy practices of, or any content on, those linked websites, and have no control over or rights in those linked websites. The privacy policies that apply to those other websites may differ substantially from this Policy, so we encourage individuals to read them before using those websites.
Overseas disclosure of personal information
We may from time to time disclose your personal information to third party suppliers and service providers located overseas (including providers for the operation of our websites and/or our business or in connection with providing our products and services to you). We will, however, take reasonable steps to ensure that any overseas recipient will deal with such personal information in a way that is consistent with the U.K. Privacy Principles.
However you should be aware that if:
- you are located in U.K.;
- we disclose your personal information to recipients outside U.K.; and
- they handle that information in a way that breaches the APPs,
the overseas recipient may not be accountable under the Privacy Act 1988 (Cth), and you may not be able to seek redress under the Privacy Act 1988 (Cth).
Depending on their location, a recipient outside U.K. may not be subject to any privacy obligations or to any principles similar to the APPs, and you may not be able to seek redress in that jurisdiction. Recipients outside U.K. may also be subject to a foreign law that could compel the disclosure of personal information to a third party, such as an overseas authority.
Storage of information
We protect personal information with appropriate safeguards and security measures and restrict access to those who have a legitimate business purpose and reason for accessing it. Some of this personal information may be stored by a third party who provides us with data storage services. We require these third parties to comply with our strict security measures and policies. However, we cannot guarantee the security of your personal information.
Personal information is only retained for as long as it is necessary for the identified purposes or as required by law.
Information access and correction
At Nemrs, decisions and actions may be taken or made on the basis of personal information in our possession and we take reasonable steps to keep personal information as accurate, complete, and up-to-date as is necessary.
We will give you, or your authorised representative, access to your information unless the request is frivolous, vexatious or there are other lawful reasons to restrict access. We may require identification to ensure the person requesting access is entitled to such access. If you, or your representative, is denied access to your information, we shall provide reasons for the denial.
If you require access to your information, believe any part of the information is inaccurate, incomplete or not up-to-date, you should contact your usual Nemrs contact and request we provide / amend it accordingly. We may ask you to put your request in writing. If we are reasonably satisfied our records need correcting, we will make the correction within a reasonable period. If we do not agree our records need correcting, we will inform you of the reason(s) and you may require us to keep a statement on our records that you believe the information is inaccurate, incomplete, misleading, irrelevant or not up-to-date.
If you are a registered member of one of our Shopping Centre membership programs, you may be able to access and update the information on your member profile in the applicable section of the Shopping Centre website. You may also access and update your personal information as part of your use of any of our Shopping Centre ‘opt-in’ services, such as Wi-Fi services and frictionless parking services.
Opting out of communications
We and/or our carefully selected business partners may send you direct marketing communications and information about our Shopping Centre services. This may take the form of emails, SMS, mail or other forms of communication in accordance with the Spam Act and the Privacy Act.
If you receive direct marketing communications from us, you may easily request not to receive such communications from us by:
(a) following the instructions on the communication to opt-out or unsubscribe from further communications (such as using an unsubscribe link);
(b) if you are a member of one of our Shopping Centre membership programs, by logging into the member area on the Shopping Centre website and ticking the opt-out option;
(c) contacting your usual Nemrs contact; and/or
(d) contacting our Privacy Compliance Officer.
Resolving enquiries or complaints
If you have any questions, concerns or complaints about the treatment of your personal information, the first step is to discuss the issue with your usual Nemrs contact. We will investigate your complaint and respond to you within a reasonable period. Any privacy related breaches will be managed in accordance with our Breaches and Incidents Policy.