Australian Grain Technologies (AGT) regards customer privacy as an important part of our relationship with our customers. The following privacy policy applies to all AGT website users, and conforms to Internet privacy standards.

1 - INTRODUCTION

AUSTRALIAN GRAIN TECHNOLOGIES PTY LIMITED A.C.N. 100 269 930 (referred to below as we, us, and our) is a privacy conscious organisation. We respect and protect your privacy and thank you for visiting our website and reviewing this Privacy Policy (this Policy). We collect, hold, use and disclose Personal Information in accordance with this Policy, the Privacy Act 1988 (Cth) (the Privacy Act) and its Australian Privacy Principles (the Principles).

In this Policy, Personal Information and Sensitive Information have the meanings given to those terms in the Privacy Act.

The current version from time to time of this Policy is publicly available on our website or by contacting us and requesting a copy. It may be supplemented or amended from time to time, and reposted to our website, without specific notice to you. By accessing and using our websites, our customer portals, our mobile applications and/ or our products and services (collectively, the Services) you consent to the version of this Policy that is in effect at the time. This Policy may also be subject from time to time to privacy statements that are specific to certain aspects of the Services.

2 - KINDS OF PERSONAL INFORMATION THAT WE COLLECT AND HOLD

2.1 Personal Information - General

Depending on your interactions with us and the Services provided, the kinds of Personal Information we collect, hold, use and disclose may include: Your name and date of birth; your gender and marital status; your contact details (including work, postal and residential address(es), telephone and facsimile number(s), and email address(es)); personal information (such as driver’s licence and passport details; financial information such as your payment information (credit card, bank account etc.); business details (such as your ABN and other information about your business including information about directors and responsible persons); credit information (such as consumer credit liability information, type and amount of credit sought, default information, repayment history information, payment information relating to overdue payments; National Grower Register (NGR) numbers; type and quantity of products sold by you; type and quantity of products sold to you; any other information that you otherwise share with us relevant to the interactions you have with us; records of your communications and other interactions with us; and any other content that you provide when accessing and using the Services (including postings on any blogs, forums, wikis and other online and social media applications and services).

2.2 Personal Information - Sensitive Information

We do not usually seek, collect, hold, use or disclose Sensitive Information.

If we require your Sensitive Information, we may collect, hold, use and disclose it: (a) only with your consent, only as permissible by law and only if the information is reasonably necessary for one or more of our functions or activities; or (b) as otherwise required or authorised by the law, court or tribunal. By accessing and using the Services or otherwise providing us with your Sensitive Information, you consent to our collection, holding, use and disclosure of your Sensitive Information for the particular purpose(s) in which it was collected, for the purpose of performing our functions and activities, for providing the Services, and for discharging our statutory and other legal obligations.

If we wish to use or disclose your Sensitive Information for any secondary purpose, we will only do so with your consent and only if the secondary purpose is directly relevant to the primary purpose for which the information was collected. We will not disclose your Sensitive Information for the purpose of Direct Marketing without your consent.

2.3 Non-Personal Information

We may also collect, hold, use and disclose information about you that is not Personal Information. This includes data relating to your activity on our website (including any portal) and any mobile applications via tracking technologies such as analytic, cookie and session tools (which data can include the identity of your internet browser, the type of operating system you use, your IP address, the domain name of your ISP, the pages accessed on our website and the next website visited), and non-personal details of any survey responses or forms you provide. We may use this non-personal information for internal purposes including administering the Services, diagnosing problems, generating statistics and trends, marketing, and improving the quality of the Services.

2.4 Government related identifiers

Unless permitted by the Principles or any other law, court or tribunal, we will not use or disclose any government related identifier of you or adopt it as our own identifier.

3 - HOW WE COLLECT AND HOLD PERSONAL INFORMATION

3.1 Direct collection of Personal Information from you

We collect your Personal Information directly from you wherever it is reasonable and practical to do so. This includes: when you contact or otherwise communicate with us and vice versa (including possibly recording the information you provide via phone calls, interviews and other forms of communication); when you attend our premises; through applications or other forms that you fill-in and provide to us (including surveys); when you attend an event we have organised or sponsored; when you post on any blogs, forums, wikis and other online and social media applications and services; when you access any of our websites or portals; when you complete a declaration or form such as a Harvest Declaration Form, Warehouse Declaration Form and/ or Seed Sharing Form; from grain buyer reports, end point royalty collectors or other means consistent with our Variety Licence Agreement; using the National Grower Register (NGR) (and deal with this information as per the NGR privacy policy available at www.ngr.com.au); when you access and use the Services (including collection through the use of third party analytic, cookie and session tools); and any other means by which you directly communicate or provide the information to us.

3.2 Collection of Personal Information from external sources

Sometimes, we may also collect your Personal Information from external sources where it is unreasonable or impracticable to collect it from you directly. These external sources may include: public records or sources of information (e.g. telephone directories, government registers, market research organisations, credit reporting bodies); people authorised by you to provide us with your Personal Information. If you are a third party that provides us with the Personal Information of a person, in doing so, you acknowledge and confirm that you are authorised by that person to do so, you have informed that person that you will be doing so, and that person has been directed to this Policy.

If we receive unsolicited Personal Information, we will make a determination within a reasonable period of time as to whether the Personal Information could have been collected through normal means, including direct from you. In order to make that determination however, we may use or disclose your Personal Information to others including using your Personal Information to contact you. If we determine that the Personal Information could not have been collected through normal means, including having being solicited direct from you, we will securely destroy the information or de-identify it as soon as is practicable, and if it is lawful and reasonable to do so. This includes destroying or de-identifying Personal Information that is not strictly necessary for our business activities.

3.3 How we hold Personal Information

We will generally hold your Personal Information as physical records (at our premises or off-site) and/ or as electronic records (on our servers or on third party servers) and, in any case, in accordance with the storage and security of Personal Information procedures detailed below.

4 - PURPOSE FOR WHICH WE COLLECT, HOLD, USE AND DISCLOSE PERSONAL INFORMATION

4.1 Primary purposes

In order to provide the Services effectively, we need to collect, hold, use and disclose certain Personal Information.

This includes for the following primary purposes: offering and providing the Services to you; responding to your requests, feedback or enquiries; establishing, managing, maintaining, upgrading and expanding the Services; conducting appropriate checks for fraud and preventing/ detecting any misuse or fraudulent activities; arranging for other related products or services to be provided or offered to you; promoting, advertising and marketing the Services; verifying your identity; conducting research and development in respect of our products and/or services such as the marketing and development of new seed varieties; facilitating end-point royalty (EPR) collection; gaining an understanding of your information/ communication needs or obtaining your feedback or views about our products and/or services in order for us to improve them; maintaining and developing our business systems and infrastructure, including testing and upgrading of these systems; enabling us to meet our legal and regulatory obligations; any other purposes that you may reasonably expect; any other purposes that have been disclosed to and authorised by you from time to time (including, but not limited to, those you consent to below); any purpose authorised or required by law, court or tribunal (including those required by the Anti- Money Laundering and Counter-Terrorism Financing Act 2006 (Cth), the Corporations Act 2001 (Cth); and for any other purpose reasonably considered necessary or desirable by AGT in relation to the operation of our business. Satisfying these primary purposes may also include collection from, and disclosures to, third parties that handle information on our behalf or provide us with technical/ support services and professional advice.

4.2 Secondary purposes

If we have collected Personal Information (other than a government related identifier) for a primary purpose(s), we will not use or disclose the Personal Information for another purpose (other than for Direct Marketing) unless you have consented to the use or disclosure of the Personal Information or you would reasonably expect us to use or disclose the Personal Information for the other purpose and the other purpose is: (a) if the information is Sensitive Information—directly related to the primary purpose; or (b) if the information is not Sensitive Information—related to the primary purpose; or (c) otherwise authorised by law, court or tribunal.

4.3 Other uses

Your Personal Information may also be used and disclosed in order to protect our rights or and property, the rights and property of users of the Services, and where appropriate, to comply with legal processes (which may include disclosures to law enforcement, regulatory or government agencies).

4.4 Direct Marketing

We may use your Personal Information to communicate directly with you to inform you about a new product, service or event offered or distributed by us (Direct Marketing). You can opt-out of receiving Direct Marketing information from us at any time. If you receive Direct Marketing information from us and do not wish to continue receiving it, please contact us, asking to be removed from all future Direct Marketing programs. Once we have received your opt-out request, we will remove you from our Direct Marketing programs as soon as reasonably practicable.

5 - DISCLOSURE OF PERSONAL INFORMATION

5.1 To Whom we disclose personal information

We may disclose your Personal Information to other parties. These parties will vary according to the Services involved, but may include: contracted suppliers, service providers and specialist advisers we engage to assist us with providing the Services; courts, tribunals and other dispute resolution bodies, credit reporting or reference agencies, or insurance investigators; anyone authorised by you or to whom you have provided your consent (either expressly or impliedly); and anyone to whom we are required or authorised by law, court or tribunal to disclose your Personal Information (e.g. law enforcement agencies and national and international government and regulatory authorities including the Australian Taxation Office, the Australian Prudential Regulation Authority, the Australian Securities and Investments Commission, the Australian Transaction Reports and Analysis Centre).

5.2 Whether we disclose Personal Information to overseas recipients

We are not likely to disclose your Personal Information to overseas recipients. If in future we wish to disclose your Personal Information to overseas recipients, we will do so with your consent or otherwise in compliance with the Privacy Act and the Principles.

Web traffic information may be also disclosed to Google Analytics or other analytics providers when you visit our website. These analytics providers may store this information across a large multiple of countries (for which it is impracticable to name each one). When you communicate with us through a social network service such as Facebook or X (formerly Twitter), the social network provider and its partners may also collect and hold your personal information overseas across a large multiple of countries. These social networking services have their own privacy policies and we strongly recommend that you review them.

5.3 Disclosure Of Credit Information to Third Parties

We do not disclose your credit information to any credit reporting bodies.

6 - ANONYMITY, PSEUDONYMITY AND CONSEQUENCES IF PERSONAL INFORMATION IS NOT PROVIDED

Where possible, if you wish to remain anonymous or to use a pseudonym when interacting with us, we may be able to provide you with limited information or services, such as general details about the Services. However, in many cases it will be impracticable or impossible for us to provide the Services effectively if you wish to remain anonymous or use a pseudonym. It is your choice whether to provide your Personal Information; however, if you choose not to identify yourself or wish to use a pseudonym, we may be unable to provide you with the specific Services you want.

7 - STORAGE AND SECURITY OF PERSONAL INFORMATION

We have in place reasonable commercial standards of technology and operational security to protect all Personal Information provided to us from misuse, interference, loss, unauthorised access, modification or disclosure. We take steps to protect the security of your Personal Information by regularly assessing the risks of misuse, interference, loss, unauthorised access, modification or disclosure and taking measures to address those risks. For further information on the way we manage security risks in relation to your Personal Information please feel free to contact our Privacy Officer.

We may be legally required to maintain some of your Personal Information for a significant period of time. However, once we no longer need your Personal Information, subject to any legal requirement; we will take such steps as are reasonable in the circumstances to destroy the information or ensure that the information is de-identified.

8 - PRIVACY AND THE INTERNET

8.1 Internet transmission of information

Where appropriate we use secure transmission facilities; however, no transmission of information over the internet can be guaranteed to be completely secure and we do not warrant the security of any information transmitted by or to us over the internet. Users of the Services do so at their own risk.

8.2 Cookies and website analytics

Our website and any mobile applications may use a range of tools provided by third parties, including Google, Bing and web hosting company(ies) to collect or view website and internet traffic information. These sites have their own privacy policies.

We may also use cookies and session tools to improve and customise your experience when accessing the Services. ‘Cookies’ are small text files that are stored by the browser (e.g. Internet Explorer, Firefox, Chrome or Safari) on your computer or mobile device. They allow websites to store such things as user preferences and to help us determine the type of browser and settings you are using, where you have been on the website, when you return to the website, the next page you accessed and where you came from. The purpose of this information is to provide you with a more relevant and effective experience, including presenting web pages according to your needs or preferences.

Cookies are frequently used on many websites on the internet and you can choose if and how a cookie will be accepted by changing your preferences and options in your browser. You may not be able to access some parts of our website if you choose to disable the cookie acceptance in your browser, particularly the secure parts of the website.

Website analytics measurement software may also be used to assist in tracking traffic patterns to and from websites, anonymously surveying users. The system is used to collect such information as the number of unique visitors, how long these visitors spend on a website, and common entry and exit points into and from a website.

This information is collected and aggregated by third party software and provided to us to assist in our analysis of our websites and mobile applications.

8.3 Social networking services

We may use social networking services such as X, Facebook, Instagram and YouTube to communicate with you and the public at large about the Services. When you communicate with us using these services we may collect your Personal Information. The social networking service will also handle your Personal Information for its own purposes. These social networking services have their own privacy policies and we recommend that you review them.

8.4 Linked websites

Our website and any mobile applications may contain links to external third party websites or mobile applications that we believe may be of relevance or use to you. This Policy does not apply to any of these linked websites or mobile applications and they are not subject to our privacy standards and procedures. A linked website or mobile application may contain its own privacy statement and we recommend that you review it.

9 - YOUR CONSENT

By accessing and using the Services or otherwise providing us with your Personal Information, you consent to us collecting, holding, using and disclosing your Personal Information (including Sensitive Information and disclosure to third parties and overseas recipients): in the manner set out in this Policy; for the primary purposes referred to in this Policy; for the secondary purposes referred to in this Policy; for any other purposes specified in this Policy; to provide you with news and information about the Services or events; for any purposes necessary or incidental to the provision of the Services; to provide you with the functionality on the Services (including customising and improving your experience with us); for internal purposes (including administering the Services, diagnosing problems, generating statistics and trends and improving the quality of the Services); to send you marketing and promotional material (including Direct Marketing); to seek your feedback on the Services or for market research purposes; as part of a corporate transaction such as a sale, divestiture, merger or acquisition; and for any other purpose required or authorised by law, court or tribunal.

In providing such consent, you also acknowledge that we have informed you in this Policy that in providing the consent, subclause 8.1 of the Principles will not apply to a disclosure of your Personal Information to an overseas recipient in accordance with this Policy.

10 - ACCESS TO AND CORRECTION OF PERSONAL INFORMATION AND COMPLAINTS

10.1 Privacy Officer details

If you have any questions, concerns, requests or complaints regarding this Policy or your Personal Information, please direct your correspondence or communication to our Privacy Officer at:

The Privacy Officer

20 Leitch Road

Roseworthy SA 5371

Telephone: 08 7111 0209

Email: customer.service@agtbreeding.com.au

For more information on privacy see https://www.oaic.gov.au/

10.2 Access to, and correction of, Personal Information

You may request access to your Personal Information by contacting our Privacy Officer. You are also welcome to contact our Privacy Officer to seek more information about anything contained in this Policy, to request a copy of this Policy, to update or correct your Personal Information, to opt-out of receiving Direct Marketing information, or to make a privacy related complaint. Subject to us being permitted or required by law, court or tribunal to withhold your Personal Information, we would be happy to advise you of your Personal Information that we hold. We will respond to all requests within a reasonable period.

We will take reasonable steps to ensure that your Personal Information is accurate, complete, up to date and relevant whenever it is collected, used or disclosed. We rely on the accuracy of the information you, and anyone authorised by you, provides to us. If you think that we may hold information about you that is inaccurate, out of date, incomplete, or otherwise irrelevant or misleading in any way, please contact our Privacy Officer to correct it.

10.3 Complaint procedure

If you wish to make a complaint in relation to your Personal Information, please do so in writing addressed to our Privacy Officer. We take all complaints seriously, and will respond to your complaint within a reasonable period. We will determine what (if any) action we should take to resolve the complaint and will inform you of the same. If you believe that we have not adequately handled your complaint, you may contact us further to advise of your concerns and, if we are unable to reach a satisfactory resolution, you may pursue it further with the Office of the Australian Information Commissioner.

Last Updated: 10th January 2024