Privacy
Privacy
Privacy policy summary
The Grains Research and Development Corporation (GRDC, we) handle personal information in accordance with the Privacy Act 1988 (Cth).
For more information, view our privacy policy.
Collection of your personal information
We usually collect your personal information (including sensitive information) for purposes which are reasonably necessary for, or directly related to our functions and activities under the:
- Primary Industries Research and Development Act 1989 (Cth)
- Grains Research and Development Regulations 1990 (Cth)
- or any other legislation such as the Public Governance, Performance and Accountability Act 2013 (Cth).
We sometimes collect personal information from a third party or a publicly available source, so we can carry out assessments of applications for funding, for a particular research and development project or from referees as part of a recruitment process.
We also collect personal information through our website and social media platforms. We use this information to improve our services and receive feedback.
Disclosure
We only use and disclose personal information for the purposes for which it was given to us, or for purposes which are reasonably necessary for or directly related to one of our functions or activities.
We don’t disclose sensitive information about you unless you agree or would reasonably expect us to.
We are not likely to disclose personal information overseas. If we do disclose your personal information to an overseas recipient, we will comply with the Australian Privacy Principles (APP) 8. This includes seeking to provide assurances that the information will be protected in accordance with the APPs.
Accessing and correcting your personal information
If you ask, in most cases we must give you access to the personal information that we hold about you. We will take reasonable steps to correct the information if we consider it is incorrect.
You also have the right under the Freedom of Information Act 1982 (Cth) to request access to:
- documents that we hold and ask for
- information that we hold about you, to be changed or annotated if it is incomplete, incorrect, out-of-date or misleading.
How to make a complaint about GRDC's handling of your personal information
You can complain to us in writing about how we have handled your personal information. We will respond to the complaint within 30 days.
If you wish to lodge a complaint, you can visit the contact us page and complete the form provided.
If you are not satisfied with GRDC’s response, you can make a complaint directly to the Privacy Commissioner within the Office of the Australian Information Commissioner. Further details about how to make a privacy complaint to the OAIC.
The Privacy Commissioner can be contacted at:
Email: enquiries@oaic.gov.au
Phone: 1300 363 992
Postal: GPO Box 5218, Sydney NSW 2001
Data breach
A data breach response plan has been established to enable us to:
- contain, assess and respond to data breaches quickly
- help mitigate potential harm to affected individuals
- comply with the notifiable data breaches (NDB) scheme that commenced on 22 February 2018.
Privacy Impact Assessments
GRDC’s Privacy Impact Assessment (PIA) Register is published pursuant to section 15(1) of the Australian Government Agencies Privacy Code. Privacy Impact Assessments are required for all high-risk privacy projects. As of December 2022, GRDC had no high-risk privacy projects.
Last updated: 13 December 2022.
| Reference | Date | Project Title/Description | PIA required? |
|---|---|---|---|
| 2018-01 | September 2018 | Levy Payer Register | No |
| 2022-01 | June 2022 | New payroll system - ELMO | No |
| 2022-02 | July 2022 | Upgrade FMIS | No |
How to contact us
Email: privacy@grdc.com.au
Phone: (02) 6166 4500
Postal: Privacy Officer
Grains Research and Development Corporation
PO Box 5367
Kingston ACT 2604