4fab92b04d94a.jpg4fab92e9c4e76.jpg4fab93a56f34b.jpg

Membership

Sign up now as a
Grosvenor
Life Member

Click here!

COLLECTION NOTICE

THE GROSVENOR TOPLESS BAR AND STRIP CLUB

In accordance with the Liquor Act 1992, we are required to scan your photo identification before you enter the premises after 10pm 7 Days a week to check if you have been issued with a banning order that applies to this premises.

You may also be prevented from entering if you are subject to a ban initiated by this venue or you are subject to a banning order or venue ban for another venue.

If we do not scan your identification as required by the Liquor Act, then we must not allow you to enter the premises.

The Liquor Act exempts certain persons from having their ID scanned, such as temporary or permanent residents of the regulated premises. The full list of exemptions is outlined in section 173 EH(7) of the Liquor Act.

The personal information we collect when scanning your ID is limited to name, date of birth and photo. It may only be used to:

identify if you have been issued with a current banning order or licensee ban

create a venue ban.

All personal information is stored at the venue and by the approved operator in a way that protects it from unauthorised access, modification or disclosure. Your personal information is automatically and permanently deleted from the ID scanner system 30 days after it is first entered into the system. However, information on banned people will be held in the system for the period of the ban, which may exceed 30 days.

You may request access to the personal information that is held about you. You can contact us or our approved operator to request this information. You will need to provide photo ID before any information can be released. Some exceptions apply.

You can also ask us to correct the personal information that is held about you. We will require satisfactory proof of the inaccuracy before we consider correcting your personal information.

Further information is available in our ID Scanner Privacy Policy which is publically available on our website at www.thegrosvenorongeorge.com.au or please ask us for a copy.
To make a complaint or raise privacy concerns, contact this venue's privacy officer at <contact details for venue>07 32210054 or jasminerobson@hotmail.comor our approved operator <contact details for approved operator>.

 



ID SCANNER PRIVACY MANAGEMENT PLAN

This venue must use patron identification (ID) scanners during regulated hours. (See section 173EH of the Liquor Act 1992 for details.)

ID scanner procedures
A collection notice (outlining the venue's Privacy Policy) must be displayed at, or near, any public entrance to the venue in a manner that enables patrons to be alerted to its contents immediately before being required to produce a photo ID.

To ensure patron rights are respected, venue staff must:
alert patrons to the requirement to have their ID scanned
tell patrons about their privacy rights if requested
respond to patron queries about the operation of ID scanners and personal information held by the venue
provide a copy of the privacy policy to patrons if requested
provide contact details for the venue's privacy officer if requested
only accept valid forms of ID as prescribed under the Liquor Act 1992
scan all non-exempt patron's ID prior to them entering the venue during regulated hours
provide patrons with the venue and approved operator contact details if they want to make a privacy related complaint.

Staff must refuse a non-exempt person entry if they:
refuse to produce a photo ID for scanning; or
are subject to a banning order for the premises.

Patron rights
Patrons have the right to request information about the operation of the ID scanners and the personal information held about them.

Personal information is securely stored at the venue and by the approved operator. The information collected is used strictly to identify if a patron has been issued with a current banning order or licensee ban.

Scanned personal information is automatically and permanently deleted from the ID scanner system 30 days after it is first entered into the system. However, information on banned people will be held in the system for the period of the ban, which may exceed 30 days.

Patrons have the right to request access to the personal information held by the licensee through the ID scanning system. The patron can contact the venue or approved operator to request this information. The patron will need to produce photo ID before any information is released. Some exceptions apply, such as where access would be likely to interfere with criminal matters, or other breaches of the law.

A patron can also ask to correct any personal information that is held by this venue. Satisfactory proof and/or explanation of the inaccuracy must be provided before the correction of information occurs.

 

Contact details


THE GROSVENOR TOPLESS BAR & STRIP CLUB

Privacy Officer

Name: Jasmine Robson
Phone: 07 32210054
Email: jasminerobson@hotmail.com


THE GROSVENOR TOPLESS BAR & STRIP CLUB

Address: 320 George Street, Brisbane,
Phone: 07 32210054
Email: jasminerobson@hotmail.com

Approved Operator - JASMIN ROBSON

Address: 320 George Street, Brisbane,
Phone: 07 32210054
Email: jasminerobson@hotmail.com

 

Use and access to ID scanners

We use the Government Approved ID Scanners at The Grosvenor supplied by SCANTEK.

Only APPROVED OPERATOR may use the ID Scanning Machine.

ID is physically sighted by APPROVED OPERATOR & then scanned as per SCANTEK Instructions.

Information is NOT re accessed, unless PATRON has been removed from the venue or upon QPS request. Then we will make sure patrons details have 100% been recorded correctly & a BAN will be requested by LICENSED SECURITY CONTROLLER.

Only APPROVED MANAGER can access the Patrons Details & confirm a Patron Ban as requested by a LICENSED SECURITY CONTROLLER.

Scantek logs out after non use for 3minutes and 30 seconds. Then user must re login using Name, Password & Drivers License.

Scantek is in an area that is NOT accessible by any UNAUTHORIZED users.

If you detect a BREACH of these Privacy measures, contact Jasmine Robson 07 32210054 or jasminerobson@hotmail.com


ID SCANNER PRIVACY POLICY

Scope
This Privacy Policy applies to personal information collected by The Grosvenor Topless Bar & Strip Club as part of the ID Scanner System operating at this venue.

We must comply with the Australian Government's privacy laws and the Australian Privacy Principles. Personal information is defined in these laws, and for the purposes of this policy, the information scanned from your photo ID includes personal information.

This policy describes how we will meet our obligations under the privacy laws and sets out our commitment to protect your personal information collected as part of the ID scanner process.

Consideration of personal information privacy

1. Open and transparent management of personal information

When scanning your ID we collect your personal information to meet our obligations under the Queensland liquor laws. This personal information consists of, and is limited to:

your name
your date of birth
the photograph appearing on your photo ID.

All personal information is securely held and managed at this venue and by our approved operator JASMIN ROBSON, JASMINE ROBSON, JAMES DEIGAN & DAMIEN O'SHEA Our approved operator is also subject to the Australian Government's privacy laws.

2. Anonymity and pseudonymity

By law, we must operate our ID scanners from 10pm on days that we are approved to permanently trade past 12 midnight.

During these times, you cannot enter our venue without your identification being scanned. An exception applies if you are exempted under the Liquor Act from this requirement.

The only identification accepted is current photo ID as follows:

an Australian driver licence or learner permit
an adult proof of age card
a recognised proof of age card (e.g. Keypass identity card)
a passport (from any country)
a foreign driver licence (displaying the name, photo and date of birth of the licence holder). Note: Where a foreign driver licence is not written in English, an international driver permit issued in the foreign country of origin (and including a photo of the licence holder and translation) should be presented with the foreign driver licence.

It is an offence for a person to use false ID to gain entry into our venue. The maximum penalty of 40 penalty units applies.

Collection of personal information

3. Collection of solicited personal information

We are required by law to scan your photo ID prior to letting you into our venue, unless you are exempt under the Liquor Act. We must refuse entry if you choose not to produce your photo ID, or if you have been issued with a banning order that applies to this premises.

The information collected by us is used strictly for safety and security purposes to identify if you have been issued with a current banning order or licensee ban. The information may also be used to create a licensee ban from this venue.

4. Dealing with unsolicited personal information

The ID scanner system does not collect or use unsolicited personal information.

5. Notification of the collection of personal information

Our staff will alert you to the ID scanner requirements prior to scanning your photo ID.

Your personal information will only be scanned in your presence.

We must also:

make this privacy policy publically available and provide you with a copy if you request to see it
display notification of the personal information to be collected under the ID scanner requirements at each public entrance to our venue, and the conditions and requirements related to such (referred to as a 'Collection Notice').

All of our staff operating ID scanners can answer your questions about our venue's privacy policy.

Dealing with personal information

6. Use or disclosure of personal information

Your personal information will be stored at our venue and by our approved operator in a way that protects it from unauthorised access, modification and disclosure.

The venue and our approved operator have access to your personal information for the purpose of maintaining the system and responding to lawful requests from a law enforcement agency.

If you have been issued with a banning order or licensee ban, the approved operator will alert us to these bans. If you are subject to police or court ordered ban for this venue, we cannot allow you to enter the premises.

7. Direct marketing

The personal information held by this venue is not used or disclosed for the purpose of direct marketing.

8. Cross-border disclosure of personal information

Your personal information is securely managed and held by The Grosvenor Topless Bar & Strip Club and our system provider, Scantek This information will not be transferred in a readable format outside of Australia.

9. Adoption, use or disclosure of government related identifiers

Government issued identifiers such as passport numbers are not collected or used as part of the ID scanner system.

Integrity of personal information

10. Quality of personal information

We rely on the information provided to us by you to be accurate and current.

When we scan your photo ID, our staff will ensure the accuracy of the scanned information by comparing it with the information contained on your photo ID.

11. Security of personal information

We take steps to ensure that your personal information is not misused. Data is stored in a secure environment and all data communications are encrypted.

Your personal information is automatically and permanently deleted from the ID scanner system 30 days after it was collected. However, information on banned persons will be held in the system for the period of the ban, which may exceed 30 days.


Access to, and correction of, personal information

12. Access to personal information

You have the right to request access to what personal information is held about you. You can contact us or our approved operator to request this information.

You will need to provide photo ID before any information can be released. Some exceptions apply, such as where access would be likely to interfere with criminal matters, or other breaches of the law.

13. Correction of personal information

You can contact us and ask to correct the personal information that is held about you.

We will require satisfactory proof and/or explanation of the inaccuracy before we consider correcting your personal information.

Contacts and complaints

If you believe we have breached your privacy, or if you want to raise any issues you may have about privacy at our venue, please contact us by the following methods:

THE GROSVENOR TOPLESS BAR & STRIP CLUB
Address: 320 George Street, Brisbane,
Phone: 07 32210054
Email: jasminerobson@hotmail.com
JASMINE ROBSON

Address: 320 George Street, Brisbane,
Phone: 07 32210054
Email: jasminerobson@hotmail.com


In making a complaint to us about privacy, please give us enough details to be able to identify your concerns and respond appropriately. You must provide us with your name and contact details and a description of your complaint. We will respond to you in a reasonable time frame (usually not more than 30 days).

We are also required by law to notify the Queensland Office of Liquor and Gaming Regulation, within 14 days of any written complaint by you about a breach of privacy.

If you are unhappy with how we handle the complaint or do not receive a response within 30 days, you have a right to take the complaint to the Office of the Australian Information Commissioner.

Office of the Australian Information Commissioner
Phone: 1300 363 992
Email: enquiries@oaic.gov.au
Web: www.oaic.gov.au
 



People who must have their ID scanned

As a licensee of a regulated premises, you are only required to scan the ID of patrons entering after 10pm.
Regardless of whether you choose to close at or before midnight (on days you are permanently approved to trade past midnight), you will still be required to scan the ID of all patrons entering from 10pm.
For example, if you are the licensee of a regulated premises approved on a permanent basis to trade until 2am and you choose to close the premises at midnight, you are still required to scan the ID of all patrons entering and re-entering the premises between 10pm and midnight. You would also need to employ a licensed crowd controller during this time.
People exempt from ID scanning
You are not required to scan the ID of the following people:
Employees of the licensee - this includes contractors and entertainers who enter the premises after 10pm (unless they are entering the premises as a patron).
Persons attending a function at the premises - you will not be required to scan a patron's ID if the sole purpose of their visit is to attend a function held on the premises. Examples of functions include a 21st birthday or a wedding, which are not open to the public.
Persons attending the premises for the sole purpose of dining/meals - if a patron's sole purpose for entering a regulated premises is to eat a meal in a part of the premises ordinarily set aside for dining (whether or not alcohol is supplied to the patron while consuming the meal), licensees of premises subject to the following licence types will not be required to scan a patron's ID

o a commercial hotel
o a subsidiary on-premises licence if the principal activity of the business conducted under the licence is the provision of accommodation
o a community club.
Residents of the premises - you are not required to scan the ID of a temporary or permanent resident of the regulated premises (e.g. hotel guests).
Exempt minors.

Refusing entry and ID scanning on re-entry
The law requires that a patron has their ID scanned when they first enter a regulated premises after 10pm, and every time they re-enter after that.
Refusing entry to a regulated premises
Under the Liquor Act 1992, you must refuse a patron entry to a regulated premises after 10pm (subject to certain exemptions) if:
the scan (or manual check) of the photo ID indicates the patron is subject to a banning order for the premises
the patron fails to produce a photo ID
a licensed crowd controller (or staff member supervised by a licensed crowd controller) of the regulated premises does not scan the photo ID using an approved ID scanner linked to an approved ID scanning system (or in the case of system failure, does not check the photo ID against the manual ban list).
Scanning ID on re-entry
A patron is not permitted to re-enter the regulated premises after 10pm without having their ID scanned. This applies regardless of whether a 'pass-out stamp' (or similar identifier that the patron has previously entered the premises) has been issued.

Banning orders and your venue
There are 3 types of bans from Queensland licensed venues. Licensees, crowd controllers and staff should understand the differences between these bans and how to handle the entry of banned patrons at your venue, based on the type of ban they have been issued.
Court and police bans
There are 2 types of banning orders supported by the ID scanning system and recognised by the Liquor Act 1992:
1. Court bans - bans imposed as a condition of bail under the Bail Act 1980, and banning orders issued under the Penalties and Sentences Act 1992.
2. Queensland Police Service bans (police bans) - police banning notices issued under the Police Powers and Responsibilities Act 2000.
You must refuse entry to a patron if the approved ID scanning system makes a positive ban check for a patron subject to a court or police ban for the regulated premises.
It is up to the licensee whether you allow a person entry who has been identified as subject to a court or police ban that does not include your premises.
Licensee or venue ban
You are able to ban a person from entering your licensed premises and have this ban registered on the approved ID scanning system. To create a ban, you are required to enter certain details into the system, such as:
name
date of birth
duration of the ban
reason for the ban
a photo.
Your approved operator will be able to provide instructions on how to do this.
Admitting persons subject to a licensee ban is at the discretion of each respective venue - there is no obligation under the Liquor Act to prevent their entry.
For more information on each of these bans, read about banning problem patrons.
What to do in the event of a positive ban check
When scanning ID, a licensed crowd controller must prevent the entry of a patron who returns a positive ban check if the person is subject to a court or police banning order for the regulated premises.
The approved ID scanning system will automatically send an email to police advising that a banned patron has attempted to gain entry to the premises.
The Queensland Police Service (QPS) asks that regulated premises notify them at the time through Policelink on 131 444 or through any linked radio system operated within a SNP that includes real-time monitoring by the QPS. To assist the QPS, crowd controllers should keep note of the offender's description and direction of travel if they have left the scene.
There is no legislative requirement that allows for a banned person to be detained or their identification to be seized. QPS has advised that in the event of a positive ban check, the licensed crowd controller must not:
confiscate the patron's ID 
detain the banned person.
For more information, read about security staff for licensed venues.
How to handle the 3 ban types at your venue
You must prevent the entry of a patron if they are subject to a court or police ban/direction relevant to your premises. For example, if John Smith is subject to a police ban prohibiting him from entering or remaining in all licensed premises in Mackay, and you are a licensee of a regulated premises in Mackay, you must prevent the entry of John Smith.
But, when John Smith is scanned going into a regulated premises in Townsville, the Townsville licensee is not obliged to refuse John Smith entry, as he is only banned from licensed premises in Mackay.
If John Smith is also subject to a licensee ban in Townsville, it remains at the discretion of each licensee (including the licensee/s responsible for issuing the ban) to allow or prohibit entry of John Smith to the licensed premises.
For example, if a patron has temporarily exited the regulated premises to have a cigarette, the patron will still need to have their ID scanned again when they re-enter the premises after 10pm.
Operational requirements for networked ID scanning
You should contact your approved operator for training and advice about operating your chosen approved ID scanning system.
Licensing requirements under the Security Providers Act 1993
Any person operating an approved ID scanner at a regulated premises is required to be licensed as a crowd controller under the Security Providers Act 1993 (PDF, 430KB).
There are exemptions to this requirement where certain persons are involved only in scanning patron IDs subject to the following criteria:
the person is accompanied and directly supervised by a licensed crowd controller when undertaking duties associated with the operation of an approved ID scanner at all times
the licensed crowd controller independently assesses both the ID and the patron, and appropriately screens the entry of the patron
if the ID scan identifies a banned patron (only a licensed crowd controller may remove that person from on or around the regulated premises)
in any physical interaction between a licensed crowd controller and a patron (a person merely scanning a patron's ID must avoid all involvement)
the person must be appropriately trained to operate the approved ID scanning system.
When and where to scan ID
Under the ID scanner scheme, you are obliged to install an approved ID scanner at each entry to the regulated premises. Approved operators can provide advice in the placement of approved ID scanner terminals if required.
You are also required under the Liquor Act 1992 (PDF, 2MB) to: 
scan the photo ID of all patrons after 10pm (unless the patron is exempt as outlined in People who must have their ID scanned)
prevent entry to patrons subject to a banning order under the Liquor Act (see Refusing entry and scanning ID on re-entry)
opt in to be covered by the Privacy Act 1988 (Cwlth) (see the opt-in register)
and
comply with the Privacy Act 1988 (Cwlth) in relation to the protection of personal information recorded by an approved ID scanner operated in the regulated premises.
Note: While there are no record-keeping requirements under the Liquor Act in relation to approved ID scanners, you will still need to comply with crowd controller requirements under the Security Providers Act.
Obligations for employees of regulated premises
If you are an employee of a regulated premises, you have various responsibilities under the Liquor Act and Privacy Act in relation to the ID scanner scheme. These include knowing:
what actions you need to take in the event of a positive ban check or approved ID scanner system failure
the types of identification that are acceptable
the requirements for refusing entry and re-entry
your obligations in relation to privacy, including accessing personal information
details of your venue's collection notice and how to access the venue's privacy policy
how to deal with a privacy complaint from a member of the public.
You do not need to have your ID scanned when entering the licensed premises for the purpose of work; however, you will need to have your ID scanned if you are entering the premises as a patron.
Acceptable forms of identification for scanning
The following types of ID (valid) are acceptable for use with an approved ID scanner:
all Australian drivers licences
an adult proof of age card (e.g. Australia Post Keypass identity card)
Australian and Foreign passports
foreign drivers licences - must display name, photo and date of birth of the licence holder. (Where a foreign drivers licence is not in English, an international driver permit issued in the foreign country of origin is acceptable.)
System failure or malfunction of an approved ID scanning system
If an approved ID scanner malfunctions or breaks down, you must not allow a patron to enter the venue unless their ID has been checked and you have confirmed the patron is not subject to a banning order for the premises.
You can continue to allow patron entry after 10pm, provided you manually check a patron's photo ID against a current list of persons subject to banning orders for the premises (the manual ban list).
The approved operator is required to make a manual ban list available to you. We strongly recommend that you make specific arrangements with your approved operator to have access to the manual ban list prior to a malfunction occurring. This will ensure that entry to your premises is not unduly delayed if a malfunction occurs. The manual ban list remains current for a period of 7 days.
Take particular note of your privacy obligations in handling and storing the personal information contained in the manual list.
In the event of a system failure you should immediately notify your approved operator in writing so that arrangements to rectify the system failure can be made. You also need to advise the Office of Liquor and Gaming Regulation (OLGR) and the Queensland Police Service (QPS) of a system failure if you are unable to scan a patron's identification during regulated hours and you have allowed patrons entry to the venue using a manual ban list.
If an approved ID scanning system fails outside of regulated hours, or patrons are not permitted entry or re-entry during the failure, this is not considered a system failure and this would not need to be reported to OLGR as the failure has not affected the regulated premises' ability to scan patron's identification.
If any incident occurs - even one which doesn't necessarily result in the failure of the ID scanner system, but may impact the security or performance of the ID scanning system - you must still notify the approved operator as soon as possible.
Incident examples include:
a drink is spilt on the ID scanner
the ID scanner is dropped
physical interference or suspected unauthorised access to the scanner or system.
Steps to follow if an approved ID scanning system fails
1. Ensure that all patron IDs are being manually checked prior to entry using a manual ban list to check for patrons subject to an official ban.
2. If a licensed crowd controller makes a positive ban check for a patron subject to an official ban for the regulated premises, they should
notify QPS at the time (through Policelink on 131 444) or through any linked radio system operated within a SNP that includes real-time monitoring by QPS
record the following information, to be provided to OLGR (at Step 4) 
o date and time of the detection
o personID (this is located on the manual ban list)
o nicheID (this is located on the manual ban list)
o venue name.
  Contact the regulated premises' approved operator for assistance, and to arrange for a technician to attend the premises (if required).
  Login to the OLGR Client Portal and complete the System Failure - Licensee form within 48 hours from first allowing entry to a patron during the system failure. By doing this you will satisfy the requirement to notify OLGR and QPS (as OLGR have put in place arrangements to share the notification with QPS).
Installation, repair and maintenance of approved ID scanning systems
Repair and maintenance of approved ID scanners and ID scanning systems must be conducted through an approved operator.
Approved operators must provide 24-hour phone support for regulated premises. This includes the ability to escalate to appropriately qualified technicians in the event of system failure.

Privacy and ID scanning
In addition to the following information, we recommend you read the Commissioner's liquor Guideline 64: Privacy obligations for establishing and operating identification scanning systems.
Opt in to be covered by the Privacy Act 1988 (Cwlth)
The Liquor Act 1992 requires that licensees of regulated premises comply with the Privacy Act 1998 (Cwlth). If you are a licensee who is not already deemed an 'organisation' under the Privacy Act (i.e. you have a turnover of less than $3 million per year), the Liquor Act requires you to 'opt in' to be covered under the Privacy Act.
To do this, you must complete an opt-in application form and return it to the Office of the Australian Information Commissioner (OAIC) by mail, email or fax.
After verification, the trading name of your business and its ABN will be placed on the public opt-in register as required under the Privacy Act. Opting in for coverage under the Privacy Act is free. See the opt-in register for more information about opting in and applying.
Australian Privacy Principles
Licensees of regulated premises must comply with the Australian Privacy Principles (APPs) as set out in the Privacy Act.
APPs relate to the collection, use, disclosure and storage of personal information. Licensees of regulated premises must take steps to protect the personal information they hold from misuse, interference, loss, and from unauthorised access, modification and disclosure. The following APPs are of particular relevance:
APP 1: Open and transparent management of personal information - regulated premises are required to manage personal information in an open and transparent way. Your publicly available Privacy policy should detail how you manage personal information in this manner.
APP 5: Notification of the collection of personal information - regulated premises are required to notify patrons that approved ID scanning systems operating at the premises will collect personal information. Do this by displaying a 'collection notice' at each public entrance to the premises.
APP 10: Quality of personal information - regulated premises are required to take reasonable steps to ensure that personal information collected is accurate, up to date and complete.
APP 12: Access personal information - a person has the right to access personal information held about them by an approved operator. Some exceptions apply, such as if access might interfere with criminal matters, or other breaches of the law.
APP 13: Correction of personal information - a person is able to request the personal information held about them be corrected. For personal information to be corrected, satisfactory proof or explanation as to why the information needs to be corrected would be required.
The OAIC's Privacy Management Framework can also assist licensees of regulated premises to implement practices, procedures and systems that ensure compliance with the APPs.
Note: regulated premises should always refer to the OAIC's APPs and the Privacy Act for full details in relation to privacy.
Use of personal information for other purposes (value-added services)
Under the APPs, a licensee of a regulated premises may only use personal information for the primary purpose for which it is collected (i.e. identifying banned patrons), and in other limited circumstances as outlined in section 7.2 of the APPs.
Section 7.2 provides that a regulated premises may use or disclose personal information about a patron for the purpose of direct marketing.
Licensees are required to make patrons aware of their intentions for use of personal information through displaying notices at all entries to the venue and must also make patrons aware of how they can easily request not to receive direct marketing communications (see sections 7.2 and 7.3 of the APPs for further information about opting out).
OLGR is aware that approved operators may offer value-added services to enhance the capability of their approved ID scanner. Before you sign up for value-added services, consider whether the service complies with the APPs and your obligations under the Privacy Act, particularly in relation to the use of personal information for other purposes.
Privacy resources for regulated premises
Use our notes and sample presentation about ID scanning privacy to inform your staff about their privacy obligations when scanning patrons' ID. It is based on the APPs and is designed to be adapted for each regulated premises.
Collection of personal information notice, privacy policy and management plan
Under the Privacy Act, you must notify patrons of ID scanner requirements prior to having their photo ID scanned. You must also display this collection notice at each public entrance to the regulated premises.
Regulated licensees must also have:
a publicly available privacy policy that details how the collection of all personal information is managed
an internal procedure document (a privacy management plan) which explains how your venue manages privacy. This includes protecting personal information from any misuse, interference, loss, unauthorised access, modification or disclosure - and how to handle complaints.
The OAIC's guide to developing an APP Privacy Policy also provides useful tips when drafting your privacy policy document.
Access to personal information
The approved ID scanning system will automatically delete scanned personal information after 30 days.
Access to scanned data (including personal information) at a regulated premises will be restricted to a limited number of people, such as venue management. This access will be auditable - the approved ID scanning system will retain a record of the login details of all persons who log on to the approved ID scanning system at the premises. Some best-practice measures that you may take to meet your obligations include:
limiting staff access to the approved ID scanning equipment
not having a group password
staff training
physical measures to keep approved ID scanning equipment secure, including locking offices and ensuring the equipment is constantly supervised.
You are required to provide access to patron scan data from your approved ID scanner upon request from an enforcement body.
OLGR's access to scanned data is generally limited to de-identified data (data that does not include personal information). This de-identified data will be used by OLGR for statistical purposes and to evaluate the success of the ID scanner scheme.
Privacy complaints
You have an obligation to inform patrons about how they can make a privacy complaint.
Information on how a person can make a complaint must be advertised on the collection notice that is required to be displayed at or near any public entrance to a regulated premises, as well as detailed in the venue's privacy policy.
Steps for patrons wishing to lodge a privacy complaint
1. Lodge a written complaint directly to the regulated premises/approved operator and allow 30 days for a response.
2. If a response is not received in this timeframe, or if the person is not satisfied with the response, a complaint can then be lodged directly with OAIC. OAIC can investigate privacy complaints from individuals about private-sector organisations covered by the Privacy Act.
3. Complaints should be made to OAIC in writing by completing the online Privacy Complaint form, or by mail, fax or email. Read more about how to make a privacy complaint.
Steps for regulated premises to deal with a privacy complaint
1. Accept and review written privacy complaints.
2. Notify OLGR that a written privacy complaint has been received (within 14 days of receiving the complaint). This can be done by logging in to the OLGR Client Portal and selecting the Privacy Complaint form.
3. Provide a response to the person's privacy complaint within 30 days.
4. If the person is not happy with the outcome, provide the person with details on how to lodge a complaint with OAIC. Refer the person to the regulated premises' collection notice and privacy policy.
 

Functions...

Call 3221 0054
or 0415 815 731

The GrosvenorBookmark SiteYouTubeTwitterFacebook