1. Purpose

The purpose of this Policy is to set out how BlueScope Lysaght (Fiji) Pte Limited (Lysaght) collects, uses, stores and discloses your Personal Information.

While no laws regulate personal data protection in Fiji, Lysaght is guided by the privacy principles applying to its parent company in Australia (Australian Privacy Principles) with an intent to ensure levels of protection of your personal information which is consistent with the highest standards of good corporate practice in our region.

2. Scope

This Policy applies to all businesses operated by Lysaght in Fiji.

We may change our Privacy Policy from time to time by publishing changes to it on our website. We encourage you to check our website periodically to ensure that you are aware of our current Privacy Policy.

3. References

The following company policies were used to guide the creation of this policy.

BZ-LGL-P-07-03 Australian Privacy Policy

4. Definitions

In this Privacy Policy, 'us' 'we' or 'our' means BlueScope Lysaght (Fiji) Pte Limited (Company Number 900) (Lysaght).

Personal Information - means information or an opinion about an identified individual, or an individual who is reasonably identifiable whether the information or opinion is true or not, and whether the information or opinion is recorded in a material form or not.

For example, this may include your name, age, gender, postcode and contact details, as well as financial information.

Sensitive Information – means information or an opinion about an individual’s racial or ethnic origin, political opinion, religious beliefs, sexual orientation, memberships of professional associations or trade unions, or criminal record, provided the information or opinion otherwise meets the definition of Personal Information. It also includes health information about an individual.

5. What Personal Information we collect

The types of Personal Information Lysaght will collect from you will depend on the circumstances in which that information is collected. It may include your name, date of birth, contact details such as current and previous address, telephone numbers, email address, occupation, details of shareholdings, information required for recruitment purposes, information required to open or maintain a trading account with Lysaght or otherwise do business with us, including your bank account details, information obtained through credit checks, information from prior dealings with Lysaght and statistical information on the use of Lysaght’s websites, such as your IP address, dates and times of visits.

Where the collection of Sensitive Information is reasonably necessary for us to pursue one or more of our functions or activities, we will only collect such information when we obtain your express consent. In the event that the collection of your Sensitive Information is required or authorised by law, we will not need your consent.

6. How we collect Personal Information

We collect Personal Information through various means including: our websites, software products, interactions with our social media pages and advertisements, from publicly accessible social media profiles, orders for and provision of products, services or support, employment applications, third party service providers, credit checks, credit assessments and debt recovery actions, warranty claims, feedback from customers, our shareholder registry, provision of training and educational materials, content and services, responses to surveys or research conducted by us, and entries into competitions or trade promotions.

If you do not provide us with the information we request, we may not be able to fulfill the applicable purpose of collection, such as to supply products or services to you or to assess your application for employment.

Where lawful and practical, you have the right to remain anonymous or to make use of a pseudonym, however if you choose to remain anonymous or to use a pseudonym, we may not be able to provide you with access to some or all of our websites or to our other products or services.

The Australian Privacy Act, which guides this Privacy Policy, contains certain exemptions in relation to certain acts undertaken in relation to employee records and related bodies corporate. Where appropriate we apply relevant exemptions in that law.

Where practicable, we will collect Personal Information directly from you. If we receive information about you from someone else (for example from someone who supplies goods or services to us or is our customer), we will take reasonable steps to ensure you are aware that we have collected Personal Information about you and the circumstances of the collection.

7. Use and disclosure of Personal Information

Our main purposes for collecting, holding, using and disclosing Personal Information are to: supply and obtain products or services or software; provide training and educational materials, content and services; respond to enquiries; assess and process warranty claims; assess employment applications; undertake research and surveys, analyse statistical information, conduct trade promotions, comply with legislation and regulations, comply with our internal policies, including in relation to occupational health and safety, diversity, workers compensation, the Employment Relations Act and environmental matters, inform you of changes to our business and our products, give you access to our websites and software, and for marketing purposes, including to assist in developing our websites and software.

We may disclose Personal Information for the purposes described in this Privacy Policy to our employees and related bodies corporate, third party suppliers and service providers (including providers for the operation of our websites and/or our business in connection with providing our products and services to you), professional advisers, dealers, payment systems operators (e.g. merchants receiving card payments), our existing or potential agents and representatives, business partners, anyone to whom our assets or businesses (or any part of them) are transferred, specific third parties authorised by you to receive information held by us, your employer in instances where you register or participate in training or educational activities with us that are related to your employment, customers in response to inquiries made by those customers’ clients, and other persons, including government agencies, regulatory bodies and law enforcement agencies, or as requested, authorised or permitted by law.

We generally explain at the time we collect Personal Information how we will use or disclose that information. We will only use or disclose Personal Information for a secondary purpose where such use or disclosure is compliant with the Australian Privacy Act.

In carrying out our business, it may be necessary to share information about you with and between our related bodies corporate and organisations that provide services to us. These related bodies corporate and organisations may combine this information with other Personal Information they hold about you.

8. How we hold Personal Information

We may hold your Personal Information in either electronic or hard copy form. We take reasonable steps to hold your Personal Information securely by protecting it from misuse, interference and loss, as well as unauthorised access, modification or disclosure. To achieve this, we use a number of physical, administrative, personnel and technical measures to protect your Personal Information. However, we cannot guarantee the security of your Personal Information.

9. Disclosure of Personal Information outside Fiji

We may disclose Personal Information to recipients outside of Fiji. This may include our related bodies corporate, across the various jurisdictions in which they operate (see https://www.bluescope.com/about-us/where-we-are/ for the list of countries in which we operate), for the purposes set out in this Privacy Policy. From time to time we may also store some Personal Information in servers located overseas, or may disclose Personal Information to our service providers who assist us to operate our businesses and provide products and services to our customers and third parties. Examples include CapGemini (a multinational company, headquartered in France) and DXC Technology (a multinational company, headquartered in the USA). We will take reasonable steps to ensure that any overseas recipient will deal with such Personal Information in a way that is consistent with the Australian Privacy Act.

10. Direct Marketing

We may, from time to time, send you direct marketing communications in the form of emails, SMS, mail or other forms of communication in accordance with the Australian Privacy Act and the Spam Act 2003 (Cth). If you no longer wish to receive such communications, please contact us using the details set out in section 15 (‘Contacting Us’) and ask to be removed from our mailing lists or use the unsubscribe facilities included in our marketing communications.

11. Cookies

We sometimes use cookie technology on our websites to provide information and services to website visitors. Cookies are pieces of information that a website transfers to your computer's hard disk for record keeping purposes and are a necessary part of facilitating online transactions. Most web browsers are set to accept cookies. Cookies are useful to determine overall traffic patterns through our websites. If you do not wish to receive any cookies, you may set your browser to refuse cookies. This may mean you will not be able to take full advantage of the services on the website.

12. Links to other websites

Our websites may contain links to third party websites. These linked websites are not under our control and we are not responsible for the content of those websites nor are those websites subject to our Privacy Policy. Before disclosing your Personal Information on any other website, we recommend that you examine the terms.

13. Accessing and correcting the Personal Information we hold about you

You can access the Personal Information we hold about you by contacting us using the details set out in section 15 (‘Contacting Us’). Sometimes, we may not be able to provide you with access to all of your Personal Information we hold about you and, where this is the case, we will tell you why. We may also need to verify your identity when you request your Personal Information. Your information will usually be made available to you within 21 days. If you think that any Personal Information we hold about you is inaccurate, please contact us using the details set out in section 15 (‘Contacting Us’) and we will take reasonable steps to ensure that it is corrected.

14. Making a complaint

If you think we have breached any law in relation to personal information or data protection, or you wish to make a complaint about the way we have handled your Personal Information, you can contact us using the details set out in section 15 (‘Contacting Us’).

Please include your name, email address and/or telephone number and clearly describe your complaint. We will investigate your complaint and will use reasonable endeavours to respond to you in writing within 30 days of receiving the written complaint.

15. Contacting Us

If you have any concerns or complaints about how we handle your Personal Information, or if you have any questions about this Privacy Policy or our practices, please contact us at info@Lysaght.com.fj.

QUESTIONS    

If you’re planning a build or refining the details, our team is here to help. From product selection to performance considerations, we’ll guide you toward the right Lysaght solution with clarity and confidence.