The following describes how Metro Trains Sydney (“MTS”) deals with personal information collected through its websites, mobile apps and other Digital Customer Channels (“websites”) and should be read in conjunction with Metro Trains Sydney Privacy Policy and Privacy Management Plan.
Personal information collected by MTS is handled in accordance with the Privacy and Personal Information Protection Act 1998 and the Health Records and Information Privacy Protection Act 2002 (“the Acts”).
MTS may collect personal information and other data about you from your computer as you browse or otherwise interact with our websites. This may include server logs, proxy logs, and cookies.
A cookie is a package of data which a website requests be stored temporarily on your computer (or in memory) to identify you as a visitor to that website. You can choose to disallow cookies by changing settings on your web browser. However, if you reject all cookies you may not be able to use some of the functions of the MTS websites. The cookies on MTS websites do not read the information on your hard drive and MTS makes no attempt to associate cookies with users' names or identities.
The information collected by these various mechanisms includes:
When you access the pages on our Site our computers automatically record information that identifies, for each page accessed:
MTS uses the data collected for website analysis and for statistical and business purposes such as diagnosing a fault and improving our services. The data is generally not accessible except to authorised MTS ICT staff for these purposes. Information which is automatically collected may be published as aggregated (de-identified) information to assist with improving the services offered by MTS through its website.
If you use the feedback, complaints, services or assistance facilities on the website you may also choose to provide us with your personal information such as your name, address, phone number and relevant contact details or other information about you. Depending on the assistance you require, sometimes the information you may need to provide may also include health information. You may choose to provide feedback or complaints anonymously or not provide all the information requested but if you use the feedback facilities anonymously or do not provide us with the requested information we may not be able to reply to your feedback.
We may also collect personal information concerning your use of our services and other information or opinions concerning our dealings with you. We do not collect or disclose government related identifiers such as drivers license numbers unless it is reasonably necessary, such as for proof of identity or for legal purposes.
Personal information will also be collected when purchases are made through the website. MTS will however not collect any credit card information but will use third party online merchant gateways to facilitate the transaction.
MTS only collects personal information where it is reasonably necessary for one or more of its functions or activities and only where it is collected by lawful and fair means.
If your personal information is collected from someone other than you, reasonable steps will be made as soon as is practicable to notify you that we have collected the information and the circumstances of the collection.
Information collected by MTS through automated mechanisms will only be used for the purpose for which it was collected in accord with this Privacy Statement.
The information held by MTS third party services providers will be used and disclosed in accordance with the terms of the service contract.
MTS will not disclose this information concerning you to parties outside of MTS without your consent, or where required or authorised by law. Details regarding how and when disclosures of personal information can be made can be found in the Privacy Management Plan.
Personal information collected through the websites and which is no longer required by MTS, nor required by law to be retained, will be destroyed, as authorised by the disposal authorities issued under the NSW State Records Act 1998.
MTS may use and disclose more extensive information than stated above in certain circumstances, including where there are:
MTS reserves the right to make disclosures to relevant authorities where the use of its websites raises a suspicion that an offence is being, or has been, committed. In the event of an investigation, MTS will provide access to data to any law enforcement agency that may execute a warrant to inspect our logs.
Information automatically collected by MTS through our websites is held primarily but not only by MTS ICT. MTS also uses the services of third party service providers who store information in their systems. MTS ICT has in place security measures based on a risk assessment process and insists on the same measures from its third party service providers to protect against the loss, misuse, and alteration of the information.
Relevant ICT technical staff can access the logs created by servers for the purposes of collecting statistics, dealing with faults and improving the service and investigations.
If you wish to ask a question about this Privacy Statement, or obtain access to or seek correction of your personal information, or make a complaint in relation to your privacy; please contact on privacy@metrotrains-sydney.com.au
If you have an urgent concern that a MTS IT system has been breached and personal information is not properly secure please notify the MTS on privacy@metrotrains-sydney.com.au immediately.
From time to time, this Privacy Statement may be updated, modified or expanded. The amended Privacy Statement will be posted to the websites and will take affect from the time it is posted.
Effective Date 19 June 2018