The Australian Recording Industry Association Limited (ARIA) respects the privacy of the individuals we deal with. In our handling of personally identifiable information about individuals, we comply with the requirements of the Australian Privacy Principles (APPs) in the Federal Privacy Act 1988.
- What kinds of personal information does ARIA collect and hold?
- How does ARIA collect personal information?
- Why does PPCA collect, hold or use personal information?
- Who does ARIA usually disclose personal information to?
- Storage, security and destruction of personal information
- Online privacy issues
- How do I access and correct my personal information?
- How can I make a complaint if I believe that ARIA has breached the APPs?
- How do I contact ARIA?
1. What kinds of personal information does ARIA collect and hold?
We only collect personal information that we need for one or more of our business activities. Most of the personal information ARIA collects relates to individuals in their business or professional capacities, so we only collect this information as an incident of a business relationship with an individual or the organisation they work for. Some examples of this sort of information include:
- contact details of ARIA members;
- details of artists and their recordings, which we use to compile the ARIA charts;
- details of DJs who contribute to the ARIA charts;
- contact details for the people we deal with at other organisations with which ARIA has business relationships, such as music retailers, industry or trade associations, media organisations, government authorities and suppliers of goods and services;
- contact details and information provided to us by the people and organisations ARIA licenses to make and distribute reproductions of sound recordings; and
- contact details and information provided to us by people and organisations applying for International Standard Recording Codes (ISRCs).
Occasionally, we may collect personal information about individuals in their private capacities, for example where an individual:
- subscribes to receive ARIA publications, the ARIA charts and ARIA charts related content;
- makes an inquiry (eg. by email or telephone);
- makes a complaint about warning/advisory stickers on CDs;
- makes a comment via our Facebook or Twitter pages, or through other social media and online channels. This is discussed further below (Section 6, Online privacy issues);
- submits a competition entry form;
- applies for a job with ARIA;purchases industry tickets for the ARIA Awards; or
- votes to determine the nominees and winners of the annual ARIA Awards.
ARIA usually does not need to collect any sensitive information (such as information about racial or ethnic origin, political activities or affiliations, memberships of unions or other associations, religion, sexual preferences or practices, criminal record or medical history). If we do collect or hold such information, we will only do so strictly in accordance with the APPs in the Privacy Act.
2. How does ARIA collect personal information?
ARIA generally collects personal information from the individual. The most common ways in which ARIA collects personal information is:
- from various application forms submitted to ARIA by individuals;
- as a part of ARIA chart contributions;
- when individuals receiving goods or services from ARIA make payment for those goods or services;
- when ARIA requires bank account details from individuals and other creditors who would like to receive payment by direct deposit;
- when individuals enter into a competition or vote for the annual ARIA Awards winners;
- from job applications when individuals apply for jobs at ARIA;
- from contributions made via social media (including Twitter and Facebook); or
- from telephone, email, written and in-person enquiries directed to ARIA.
However, sometimes ARIA sometimes needs to collect personal information from a third party, for example, we collect personal information from the Phonographic Performance Company of Australia Ltd (PPCA) for a range of purposes.
These include: to determine whether persons or organisations may require a licence from PPCA for the public use of sound recordings.
If we collect personal information about you from a third party and it is unclear whether you have consented to the disclosure of that personal information to us, we will take reasonable steps to contact you and ensure that you are aware of the circumstances surrounding the collection and the purposes for which we have collected your personal information.
3. Why does PPCA collect, hold or use personal information?
Generally, we only use personal information for the primary purpose for which we have collected it, or for closely related business purposes. For example, ARIA collects personal information to fulfill its role as an industry association including, for the purpose of:
- compiling the ARIA charts;
- administering reproduction licences;
- distributing licence fees;
- managing ARIA memberships;
- organising the annual ARIA Awards and events;
- managing business relationships;
- administering ISRCs;
- operating competitions and contacting winners of those competitions;
- reviewing and assessing job applications;
- responding to enquiries and complaints;
- receiving and making various payments; and
- providing information to you regarding events and music industry matters.
In most cases, the primary purpose for which we need personal information will be apparent from the context in which we collect it. If this is not the case, we will take steps to specify our purpose(s) at, or as soon as possible after, the time of collection. We may also use personal information to send you information about our activities, or about goods or services that we believe may be relevant or useful to you. If at any time you do not wish to receive such information, please let us know by contacting our Privacy Officer (see section 9 below).
In other respects, we will only use personal information with your consent, or if we are required or permitted by law to do so (eg. under the APPs in the Privacy Act).
4. Who does ARIA usually disclose personal information to?
ARIA generally only discloses personal information to other persons or organisations for the primary purpose for which we have collected it, or with your consent (which may be explicit, or may be implied from your conduct or from the circumstances in which the information is collected).
We may also disclose personal information if we are required or permitted by law to do so (eg. under the APPs in the Privacy Act).
The following sections describe some of the organisations, or types of organisations, to which ARIA usually discloses personal information. Wherever personal information is disclosed outside of ARIA, we take reasonable steps to ensure that the recipient:
- handles that information in accordance with the APPs in the Privacy Act;
- only uses the information for the specific purpose(s) for which it is provided to them;
- does not disclose the information to any person or organisation except in accordance with directions from ARIA; and
- stores the information securely, and either destroys it or returns it to ARIA when it is no longer needed.
4.1 Disclosures to PPCA
Phonographic Performance Company of Australia (PPCA) is closely affiliated with ARIA. PPCA is a non-profit collecting society established by Australian record companies to issue licences for the broadcasting, public performance and communication of sound recordings and music videos.
Under longstanding arrangements between our organisations:
- certain PPCA staff are able to access the ARIA recordings database, for the purposes of verifying copyright ownership of sound recordings;
- ARIA passes on to PPCA certain information we obtain from individuals and organisations who are licensed by ARIA to reproduce sound recordings. PPCA uses this information to determine whether a licence may be required for the public use of sound recordings; and
- ARIA provides to PPCA on a regular basis its database of public domain contact details for industry and trade associations.
4.2 Disclosures to contractors and service providers
Occasionally, ARIA has to rely on third party contractors to provide services or perform functions on our behalf, and this may involve a disclosure of personal information by ARIA to that third party. While these vary from time to time, they may include:
- organisations that provide communication services on our behalf;
- advisers who have been engaged by ARIA to provide ARIA with legal, administrative, financial or other services;
- debt collection agencies; and
- information technology service providers.
4.3 Other disclosures
When a record company or other qualified person applies to become a member of ARIA, their application (including any personal information contained in it) is considered by the ARIA Board, which is made up of senior representatives of several member record companies.
We may also disclose to ARIA member companies (such as ARIA’s licensors) and Music Rights Australia, information about a person or organisation that is reproducing sound recordings in order to verify any claims regarding whether such a person or organisation is licensed by ARIA or has already obtained a reproduction licence from the copyright owner of the sound recordings.
If ARIA receives any information in relation to suspected piracy or copyright infringement, then ARIA may in these circumstances provide this information to third parties such as the copyright owners, Music Rights Australia or legal advisors.
From time to time, ARIA may disclose public domain personal information to other organisations in response to requests. In particular, we may disclose the names and contact details of our record company members, for inclusion in industry directories or similar publications.
ARIA may also disclose information to overseas collecting societies, copyright owners and agents that collect and distribute payments and that have a reciprocal agreement with ARIA. These overseas third parties are located in various countries, for example New Zealand and the United Kingdom. It may be necessary for ARIA to provide personal information to these entities in order to facilitate the licensing activities or the administration and distribution of any remuneration payable to you. ARIA takes steps to ensure that these third parties agree to protect the privacy and security of all personal information, and use it only for the purpose for which it is disclosed.
5. Storage, security and destruction of personal information
ARIA takes reasonable steps to ensure that the personal information we hold is protected from risks such as loss or unauthorised access, destruction, use, modification or disclosure.
Your personal information is stored on a password protected database and hard copy files which are secured from unauthorised access. We only allow authorised personnel to access personal information, and it is a condition of employment with ARIA that our employees maintain the confidentiality of all information to which they have access.
We only retain personal information for as long as it is needed by us, or for as long as we are legally required to retain the information. When we are no longer required to retain personal information, we ensure that it is disposed of or destroyed in a secure fashion in accordance with our obligations under the APPs in the Privacy Act.
6. Online privacy issues
This Policy also applies to the personal information that individuals provide to us via our Facebook and Twitter pages, or through other social media and online channels. We will generally use and disclose that information only for the purposes of participating in and managing an online conversation (including by responding to individuals’ comments), or otherwise as permitted under this Policy. We will not use or disclose information collected through these channels for marketing purposes unless we make that clear at the time of collecting the information (for example, in the context of a competition or other specific online activity). If an individual decides to communicate or otherwise publish personal information about themselves via our website, Facebook and Twitter pages or through other social media and online channels, then the individual acknowledges that ARIA cannot control the use of such personal information by other users of our website or other online channels.
7. How do I access and correct my personal information?
Under the Privacy Act, you generally have a right to seek access to the personal information that ARIA holds about you, although there are some circumstances in which we may be required or permitted by law to withhold access to some or all of that information. You also have the right to ask us to correct personal information about you that you believe is inaccurate, incomplete or out of date.
If you wish to exercise these rights, we ask that you make a request in writing to our Privacy Officer (see section 9 below). You will need to provide some form of identification (eg. a copy of your driver’s licence or passport) so we can verify that you are the individual to whom the personal information relates. You should also include details of how we can contact you in case we need to discuss your request.
8. How can I make a complaint if I believe that ARIA has breached the APPs?
If you would like to make a complaint in relation to this Policy or the manner in which we handle your personal information, please contact our Privacy Officer (contact details are set out in section 9). We will endeavour to respond to complaints within 30 days of their receipt.
If you are dissatisfied with our response, you may refer the matter to the Australian Information (Privacy) Commissioner (see www.oaic.gov.au).
9. How do I contact ARIA?
If you have any questions or comments about this Policy, or if you wish to access or correct your personal information or make a complaint about our handling of that information, please contact our Privacy Officer by one of the following methods:
- By telephone (during business hours) – 02 8569 1144
- By fax – 02 8569 1181
- By email – firstname.lastname@example.org
- By post:
The Privacy Officer
PO Box Q20
QVB POST OFFICE NSW 1230
This Policy was last updated on 12 March 2014.