Woodside is committed to recognising and respecting your privacy.
This Privacy Statement details how Woodside collects, holds, uses and discloses personal information provided by visitors to our website and individuals external to Woodside. It sets out rights in relation to personal information and how you can contact us.
In this Privacy Statement, references to ‘Woodside’, ‘we’ or ‘us’ means Woodside Petroleum Ltd (ABN 55 004 898 962) and all related or subsidiary companies both in and out of Australia.
The contents of this Privacy Statement and the disclaimer may be updated from time to time. You should regularly check this Privacy Statement and the disclaimer to ensure you have the latest versions. By dealing with Woodside, you acknowledge that you have understood and accept the contents of this Privacy Statement and the disclaimer including any changes made to these documents by Woodside from time to time.
Who does this Privacy Statement apply to?
This Privacy Statement applies to:
- visitors to and users of our website;
- visitors to our offices or sites;
- potential employees;
- investors or prospective investors;
- parties with whom Woodside has business relationships;
- joint venture participants;
- customers; and
What is personal information?
Personal information is information or an opinion about you as an individual that identifies you or from which your identity can be ascertained.
What is sensitive information?
Sensitive information includes data about criminal records, health, religion, political affiliations and other special categories of information. Sensitive information may be collected from potential employees as part of recruitment processes or as part of stakeholder engagement on environmental and social impact assessments.
Sensitive information is information that discloses a person's:
- Racial or ethnic origin
- Political opinions
- Membership or political association
- Religious beliefs or affiliations
- Philosophical beliefs
- Membership of a professional or trade association
- Membership of a trade union
- Sexual preferences or practices
- Criminal record
- Health, genetics or biometrics.
Types of information collected
We may receive information about you whenever you interact with us, including via our website, emails, letters, applications, calls, enquiries about our products, our business or an investment in Woodside, or when you respond to surveys or other invitations to engage with Woodside, etc. We may also receive information about you from third parties (e.g. public registers).
Please refer to our recruitment portal for further information about Woodside’s recruitment processes.
Environmental and social impact assessment documentation will describe the purposes for which engagement is occurring and personal information is being collected.
Website interaction information
When visiting Woodside’s website, Woodside keeps a record of your visit. The following information may be collected for statistical purposes and may be used by Woodside to help improve the website:
- Your Internet Protocol (IP) address.
- The previous site you visited.
- Your type of browser and operating system.
- The pages you access and the documents you download.
Woodside will not attempt to identify users or their browsing activities, however, government agencies may be entitled to inspect such records in the event of an investigation.
During your visit to our website, we may also ask you to provide us with other information. For example, if you wish to request information from us, you may provide your email address and information about your interests. Similarly, if you apply for a job via our website, we will receive details of your application (including your CV).
Cookies are small text files which are stored in memory or on your hard drive for record keeping purposes and are used to enhance Woodside’s website.
- utmz - records whether the visitor came from a search engine (and if so, the search keyword used), a link, or from no previous page (e.g. a bookmark)
- utma - stores the amount of visits for each visitor, the time of the first visit, the previous visit, and the current visit
- utmb and utmc - checks how fast people leave and when a visit starts and ends
- WSS_FullScreenMode - indicates whether a page is shown in full screen mode and expires when you close your browser
The cookies (other than WSS FullScreen Mode) are stored by Google Analytics to see how people visit the website and capture trends, but do not identify the user. The information may be collected for statistical purposes and used by Woodside to help improve the website.
Other websites and social media may be accessible via hyperlinks from the Woodside website. Woodside is not responsible for the levels of data protection afforded to you by these other websites and social media platforms. We encourage you to review the separate privacy guidance for these websites and platforms before using them.
Woodside may provide links to other websites and social media features (e.g. so that you can interact with Woodside on social media websites). As these are third party websites and features, Woodside cannot be responsible for your use of them.
Your use of other websites and social media features could lead to the collection or sharing of information about you.
Those websites and social media platforms are not subject to this Privacy Statement. Woodside encourages you to review the privacy guidance and settings of each website and social media platform with which you interact to assess whether the guidance and settings are satisfactory to you in relation to the collection, use and disclosure of information by those websites and platforms.
Please refer to the disclaimer for more information.
When you interact with us via other channels, we may also collect the following information about you:
- Your name, title, role, biographical and contact details.
- Current employment and position.
- Information concerning your potential employment by Woodside.
- Your usernames and passwords.
- Biometric information or CCTV footage relating to maintaining security and safety with respect to Woodside sites, premises, systems, assets or people.
- Your photograph.
- Information required to facilitate site visits (including to provide personal protective equipment or meet dietary or cultural requirements).
- Information concerning your Woodside shareholdings or relating to an investment in Woodside.
- Your responses (including to competitions) on our social media platforms.
- Survey and environmental and social impact assessment information.
- Information collected in undertaking due diligence activities.
- Information provided by you about incidents, complaints or grievances.
- Other information relevant to your relationship with us.
For potential employees, we may collect date of birth, gender, tax file number, bank account details and may also need to collect information from third parties such as referees or publicly available information. Please refer to our recruitment portal for further information about Woodside’s recruitment processes and the types of information collected.
The share registry for Woodside Petroleum Ltd is managed by Computershare Investor Services Pty Ltd (Computershare) and further details regarding the share registry are in this document. Please also see the “Links to other websites and social media” section of this Privacy Statement below.
In some limited cases, we may also make travel arrangements for third parties requiring additional travel related information. The personal information required will be discussed with you at the time of collection.
We may also collect, use or disclose personal information to regulatory or governmental agencies in the event of an investigation in order to meet our on-going regulatory and compliance obligations. Where permitted or authorised by law, we use systems designed to flag suspicions of potentially unlawful or fraudulent activity.
We will only collect the above personal information to the extent permitted by law.
Third party information you provide
Occasionally, you may give us personal information about other people - for example your referees or authorised representatives. If so, you must tell those individuals that you are giving their personal information to us and that this Privacy Statement governs the collection, use, disclosure and storage of that information.
We use your information for our legitimate business interests, in order to comply with legal obligations and in connection with investigations or claims. Sometimes, we will ask for your express consent to use certain types of personal information and, where we do so, you may have the right to withdraw that consent.
Woodside may collect, use and store this personal information for the following legitimate business interests of Woodside:
- Facilitate our internal business and oil and gas operations, work management and maintain proper business records
- Administer databases (including our contracts database)
- Establish and manage good commercial or stakeholder relations with you or the organisation with which you are associated
- Engage in business sales or acquisitions or joint ventures
- Receive and provide services (including maintaining records of business relationships)
- Arrange travel
- Investigate or respond to any incidents, complaints or grievances
- To authenticate your access to and protect and maintain the security and safety of Woodside owned or operated premises, sites, systems and assets and people
- Helping us to learn more about customers, stakeholders and products, services or information you receive or may be interested in receiving
- Give you the option of receiving our publications
- Invite you to Woodside functions
- Taking steps to improve our products, services and stakeholder communication and our use of technology
- Billing and accounts
- Publishing information sources used in advertising and mailing lists for public relations
We may also use your information in order to comply with the law or enforce the law or cooperate with investigations carried out by the police, government or regulators, or for the establishment, exercise or defence of a legal or equitable claims.
We may sometimes ask you for your consent to use personal information for other purposes. If we do, we will ask for your consent explicitly and you may be entitled to withdraw that consent.
Please refer to our recruitment portal for further information about Woodside’s recruitment processes.
Direct marketing and newsletters
Woodside may from time to time send marketing, newsletters or other informative communications to you in accordance with your instructions, with your consent, or as otherwise permitted by law. If you do not wish to continue to receive this
information, please contact our Privacy Officer or follow the unsubscribe instructions in the marketing communication.
Do we disclose your personal information to anyone?
Unless you specify otherwise, we may disclose your information to the following groups, in each case in accordance with laws on data transfers:
- companies in the Woodside group (or to any prospective purchaser of all or part of the group or its assets), to third parties we work with or in connection with investigations, or for legal or regulatory reasons;
- companies in the Woodside group and to third parties who provide goods and services to the Woodside group, or carry out activities on behalf of, the Woodside group for the purposes set out in the section titled “Why we collect hold, use and disclose personal information”, including external consultants and professional advisers such as lawyers, auditors and accountants, technical support functions and IT consultants carrying out testing and development work on our business technology systems;
- potential buyers of all or part of the Woodside Group’s business or its assets; and
- tax, audit, or other authorities, when we believe that the law or other regulation requires us to share this data (for example, because of a request by a tax authority, as part of our statutory obligations, or to a court in response to a subpoena).
Cross-border disclosure of information
Due to the global nature of Woodside’s business, we may disclose your information to recipients who are outside of the country in which your personal information was collected. For example, the recipient may be in a country outside of Australia and the European Economic Area (EEA), which does not have laws in place that require your personal information to be protected in the same way as it would be within Australia or the EEA. Woodside will ensure that disclosure to overseas recipients occurs in accordance with applicable privacy laws and that measures are put in place to safeguard your personal information (e.g. contracts obliging the third party to protect your data).
Personal information held by Woodside may be disclosed for specific purposes from time to time and this may occur in the many countries around the world. The countries in which Woodside processes or stores data from time to time may include:
- United Kingdom
- European Economic Area
- Republic of Ireland
Personal information may be disclosed to providers around the world.
Woodside, its contracted services providers (and their affiliates or subcontractors) may also use cloud services, systems and servers both within and outside of Australia to store and manage your personal information. Woodside requires its service providers to ensure that any data transfer in relation to such cloud storage occurs in accordance with applicable privacy laws.
Woodside requires service providers it contracts with from time to time to take appropriate steps to protect the privacy and manage the security of your personal information.
If you have any further questions about the protections Woodside puts in place when transferring information overseas, please contact our Privacy Officer.
The security of your personal information is important to us. Woodside takes such steps as are reasonable in the circumstances to protect personal information from loss, misuse, interferences, unauthorised access, modification or disclosure. Please notify us immediately if you become aware of any breach of security.
Woodside employs a number of means to protect your personal information, including:
- external and internal premises security measures designed to ensure that your information is not capable of being seen or modified by unauthorised persons
- restricted access to personal information
- maintaining technology products designed to prevent unauthorised computer access
- regular review and testing of our technology in order to improve the level of security
- implementation of mandatory requirements in relation to use of Woodside’s IT Systems
It important to be aware that email is generally not a secure way to communicate. Personal information contained within emails sent to and from email addresses external to Woodside may not be secure.
Woodside will retain your data in line with good record-keeping practices. The relevant time period for retention of your information is determined in accordance with relevant legal and regulatory requirements, the purpose for which your personal information was collected, limitation periods for any claims that might arise and industry practice guidelines.
Woodside’s approach to retention and disposal of information groups ‘like information’ together in order to apply Woodside’s retention rules according to legal and operational requirements. This policy is based on best practice, the Australian Records Retention Manual and legal requirements. After the requisite time has passed, we will take such steps as are reasonable in the circumstances to attend to the destruction, de-identification or deletion of your personal information.
Woodside complies with applicable laws which grant individuals certain rights in respect of their personal information (e.g. rights to access, correct, delete, withdraw consent, complain etc.). You can contact our Privacy Officer to exercise your rights.
The rights that individuals have in respect of their personal information vary from country to country. We set out below a list of the key rights you should be aware of. Some rights will not apply in some jurisdictions and there may also be limitations on the ways in which rights can be exercised.
Please contact our Privacy Officer if you would like to request the exercise of any of these rights in relation to your personal information held by Woodside. If we deny your request, we will explain why.
Right to access
You may request access to or correction of any of the personal information Woodside holds about you. Your entitlement to access your personal information will be subject to applicable laws.
For more detailed requests for access to personal information, for example, access to information held in archives, a fee may be charged where permitted under applicable laws to cover the cost of retrieval and supply of this information to you.
Your request for access will be handled as soon as reasonably practicable. We will comply with applicable laws and, in any event, endeavour to process your request within 30 days after receiving the request. Some requests may take longer to process depending upon the nature of the personal information being sought.
Right to correction
Woodside takes reasonable steps to ensure that information is up to date and complete. However, if you believe the information we hold about you is inaccurate or incomplete, you may request that we correct it.
Right to object to, or restrict use of, data
You may write to us to object to us using your personal information – either generally or for specific purposes.
Right of deletion
In some circumstances, you may be able to request that Woodside erase some or all of the personal information we hold about you.
Right to data portability
If you have made personal information available to us for automated processing and have provided your explicit consent for that processing (or that processing is required for the purposes of a contract between Woodside and you), you may be able to ask us to transfer that data to you or a third party in a machine-readable format.
Right to withdraw consent
If you have given us explicit consent for the use of your personal information, you may later withdraw that consent (although this will not affect the lawfulness of our previous use of your information).
Right to make a complaint
If you believe that Woodside has not protected your personal information as set out in this Privacy Statement or has breached your privacy rights in any way, you may lodge a complaint with us by contacting our Privacy Officer using the contact details set out below.
On receipt of your complaint, Woodside will:
- Provide a written acknowledgement or receipt
- Promptly investigate the complaint and let you know if further information is required to investigate it
- Endeavour to provide you with a substantive written response within 30 days
Our Privacy Officer is responsible for Woodside's management of data privacy. You can contact our Privacy Officer for all queries relating to data privacy or in order to exercise your rights.
Our Privacy Officer is able to receive queries on behalf of all Woodside entities and, if required, can also confirm which Woodside entity is a data controller of your personal information, and provide further contact details for that entity.
Note, our Privacy Officer does not amount to a data protection officer for the purposes of the European General Data Protection Regulation.
You can contact our Privacy Officer in any of the following ways:
- By emailing [email protected]
- By phone in Australia: +61 8 9348 4000, between 8:00 am and 4:00 pm AWST, Monday to Friday.
- By sending a letter to:
The Privacy Officer
Woodside Petroleum Ltd
11 Mount Street
Perth, Western Australia 6000
You can also contact us by phone from outside Australia:
- Singapore: + 65 6709 8021, from 8:00 am to 4:00 pm.
- Canada: + 1 587 956 0913, from 8:00 am to 4:00 pm.
We invite you to first discuss with us any concerns or queries you might have. If you are not happy with our handling of your concern or query, you can contact the relevant privacy regulator.
In Australia, the privacy regulator is the Office of the Australian Information Commissioner:
- By telephoning 1300 363 992 (of +61 2 9284 9749 if calling from outside Australia)
- By fax to +61 2 92849666
- By emailing [email protected]
- By writing to:
Director of Compliance
Office of the Australian Information Commissioner
GPO Box 5218
Sydney, New South Wales 2001.
In the European Union, the privacy regulators for each Member State are listed (along with contact details) on the following website: http://ec.europa.eu/justice/article-29/structure/data-protection-authorities/index_en.htm.
Last Updated: 3 May 2018. Please check back for updates on a regular basis.