The Australian Recording Industry Association Limited (ARIA) respects the privacy of the
individuals we deal with. In our handling of personally identifiable information about
individuals, we comply with the requirements of the National Privacy Principles (NPPs) in the Federal Privacy Act 1988.
- What personal information does ARIA collect?
- How does ARIA use personal information?
- Who does ARIA usually disclose personal information to?
- Storage, security and destruction of personal information
- Online privacy issues
- How do I access and correct my personal information?
- How do I contact ARIA?
1. What personal information does ARIA collect?
We only collect personal information that we need for one or more of our business activities.
Most of the personal information ARIA collects relates to individuals in their business or
professional capacities, so we only collect this information as an incident of a business
relationship with an individual or the organisation they work for. Some examples of this sort of information include:
- contact details for the people we deal with at the various ARIA member companies;
- details of artists and their recordings, which we use to compile the ARIA charts;
- contact details for the people we deal with at other organisations with which ARIA has business relationships, such as music retailers, industry or trade associations, media
organisations, government authorities and suppliers of goods and services; and
- information provided to us by the people and organisations ARIA licenses to make and
distribute reproductions of sound recordings.
Occasionally, we may collect personal information about individuals in their private capacities, for example where an individual:
- subscribes to receive the ARIA charts;
- makes an inquiry (eg. by email or telephone); or
- makes a complaint about warning stickers on CDs; or
- makes a comment via our Facebook or Twitter page, or through other social media and online channels. This is discussed further below (Section 5, Online privacy issues).
In most cases, the primary purpose for which we need personal information will be apparent from the context in which we collect it. If this is not the case, we will take steps to specify our purpose(s) at, or as soon as possible after, the time of collection.
ARIA usually does not need to collect any sensitive information (such as information about racial or ethnic origin, political activities or affiliations, memberships of unions or other associations, religion, sexual preferences or practices, criminal record or medical history). If we do collect or hold such information, we will only do so strictly in accordance with the NPPs in the Privacy Act.
2. How does ARIA use personal information?
Generally, we only use personal information for the primary purpose for which we have collected it, or for closely related business purposes. We may also use personal information to send you information about our activities, or about goods or services that we believe may be relevant or useful to you. If at any time you do not wish to receive such information, please let us know by contacting our Privacy Officer (see section 7 below).
In other respects, we will only use personal information with your consent, or if we are required or permitted by law to do so (eg. under the NPPs in the Privacy Act).
3. Who does ARIA usually disclose personal information to?
ARIA generally only discloses personal information to other persons or organisations for the primary purpose for which we have collected it, or with your consent (which may be explicit, or may be implied from your conduct or from the circumstances in which the information is collected). We may also disclose personal information if we are required or permitted by law to do so (eg. under the NPPs in the Privacy Act).
The following sections describe some of the organisations, or types of organisations, to which ARIA usually discloses personal information. Wherever personal information is disclosed outside of ARIA, we take reasonable steps to ensure that the recipient:
- handles that information in accordance with the NPPs in the Privacy Act;
- only uses the information for the specific purpose(s) for which it is provided to them;
- does not disclose the information to any person or organisation except in accordance with
directions from ARIA; and
- stores the information securely, and either destroys it or returns it to ARIA when it is no
3.1 Disclosures to PPCA
The Phonographic Performance Company of Australia (PPCA) is closely affiliated with ARIA.
PPCA is a non-profit organisation established by Australian record companies to issue licences for the broadcasting and public performance of sound recordings and music videos.
Under longstanding arrangements between our organisations:
- certain PPCA staff are able to access the ARIA recordings database, for the purposes of
allocating and distributing to copyright owners and artists the revenue PPCA earns from
its licensing activities;
- ARIA passes on to PPCA certain information we obtain from individuals and
organisations who are licensed by ARIA to reproduce sound recordings. PPCA uses this
information to determine whether a licence may be required for the public use of sound
- ARIA provides to PPCA on a regular basis its database of public domain contact details
for industry and trade associations.
3.2 Disclosures to contractors and service providers
Occasionally, ARIA has to rely on third party contractors to provide services or perform
functions on our behalf, and this may involve a disclosure of personal information by ARIA to that third party. While these vary from time to time, they may include:
- organisations that provide communication services on our behalf (eg. faxstream);
- debt collection agencies; and
- information technology service providers.
3.3 Other disclosures
When a record company or other qualified person applies to become a member of ARIA, their
application (including any personal information contained in it) is considered by the ARIA
Board, which is made up of representatives of several of the major record companies.
We may also disclose to ARIA member companies (such as ARIA's licensors) and Music Industry Piracy Investigations (MIPI), information about a
person or organisation that is reproducing sound recordings in order to verify any claims tregarding whether such a person or organisation is licensed by ARIA or has already obtained a reproduction licence from the copyright owner of the sound recordings.
From time to time, ARIA may disclose public domain personal information to other organisations in response to requests. In particular, we may disclose the names and contact details of our record company members, for inclusion in industry directories or similar publications.
4. Storage, security and destruction of personal information
ARIA takes reasonable steps to ensure that the personal information we hold is protected from risks such as loss or unauthorised access, destruction, use, modification or disclosure. We only allow authorised personnel to access personal information, and it is a condition of employment with ARIA that our employees maintain the confidentiality of all information to which they have access.
We only retain personal information for as long as it is needed by us, or for as long as we are legally required to retain the information. When we are no longer required to retain personal information, we ensure that it is disposed of or destroyed in a secure fashion in accordance with our obligations under the NPPs in the Privacy Act.
5. Online privacy issues
However, this Policy applies to any personal information you choose to provide to us online, for example if you fill out a form on our website or send us an email.
This Policy also applies to the personal information that individuals provide to us via our Facebook and Twitter pages, or through other social media and online channels. We will generally use and disclose that information only for the purposes of participating in and managing an online conversation (including by responding to individuals’ comments), or otherwise as permitted under this Policy. We will not use or disclose information collected through these channels for marketing purposes unless we make that clear at the time of collecting the information (for example, in the context of a competition or other specific online activity). If an individual decides to communicate or otherwise publish personal information about themselves via our website, Facebook and Twitter pages or through other social media and online channels, then the individual acknowledges that ARIA cannot control the use of such personal information by other users of our website or other online channels.
6. How do I access and correct my personal information?
Under the Privacy Act, you generally have a right to seek access to the personal information that ARIA holds about you, although there are some circumstances in which we may be required or permitted by law to withhold access to some or all of that information. You also have the right to ask us to correct personal information about you that you believe is inaccurate, incomplete or out of date.
If you wish to exercise these rights, we ask that you make a request in writing to our Privacy Officer (see section 7 below). You will need to provide some form of identification (eg. a copy of your driver's licence or passport) so we can verify that you are the individual to whom the personal information relates. You should also include details of how we can contact you in case we need to discuss your request.
7. How do I contact ARIA?
If you have any questions or comments about this Policy, or if you wish to access or correct your personal information or make a complaint about our handling of that information, please contact our Privacy Officer by one of the following methods:
- By telephone: (during business hours) 02 8569 1144
- By fax: 02 8569 1181
- By email: firstname.lastname@example.org
- By post:
The Privacy Officer
PO Box Q20
QVB POST OFFICE NSW 1230
This Policy was last updated on 10 May 2011