Scope of this policy
This policy applies to all workers of the Company.
Workers engaged by the Company must comply with this policy at all times in the course of their engagement by the Company. However, this policy does not form part of any person’s contract with the Company or create any enforceable rights or entitlements for them.
Failure to comply with this policy is likely to lead to the Company taking disciplinary action against a person, which may include termination of the person’s engagement by the Company.
In this policy:
A worker in this policy means any person who carries out work in any capacity for the Company, including work as:
- an employee
- a manager
- an employee of a labour hire company who has been assigned to work in the Company (i.e. a ‘temp’)
- an apprentice or trainee
- a student gaining work experience, or
- a volunteer.
Personal information is recorded information about a living identifiable or easily identifiable individual (including work-related information or images).
Sensitive information is information about a living individual’s race or ethnicity, political opinions, religious or philosophical beliefs, sexual preferences or practices, criminal record, or membership details, such as trade union or professional, political or trade associations.
Health information is information about a living or deceased individual’s physical, mental or psychological health.
When and how the Company collects your personal information
The Company collects your personal information to comply with its legal obligations to you and others, for example, under work health and safety legislation, income tax legislation, and superannuation guarantee charge legislation, and to conduct the Company’s business.
The Company will generally collect personal information directly from you. This may include your contact details and sensitive information such as health information or professional or trade association memberships.
The Company may also collect personal information from third parties such as your representatives or publicly available sources of information.
If someone other than you provides personal information about you that the Company did not ask for and the Company determines that it could have collected this information from you had the Company asked for it, the Company will notify you as soon as practicable. However, this notice will not be provided if doing so would be a breach of an obligation of confidence. If the Company could not have collected this personal information from you had it asked for it, the Company will lawfully de-identify or destroy that personal information.
The Company will only collect sensitive information revealing your race, ethnic origin, political opinions, religious or philosophical beliefs, trade union memberships or details of health or disability if:
- you have given express consent to the Company to do so and the information is reasonably necessary for it to carry out its functions or activities
- the use of this information is required or authorised under Australian law or a court or tribunal order, or
- the information is necessary for the establishment, exercise or defence of a legal claim.
How the Company uses and discloses your information
The Company uses your personal information in the course of conducting its business. Generally, this use is limited to the Company’s functions in connection with your engagement by the Company. Common uses of your personal information in this way include for the purposes of the Company’s compliance with income tax legislation and superannuation guarantee charge legislation. However, the Company may also use your personal information in, for example, its Company’s marketing and promotional purposes (including on its website), or for the purposes of tendering for work.
This disclosure may include (but is not limited to) providing your personal information to the Australian Taxation Office, your nominated superannuation fund, your nominated financial institution, a corporate travel service, clients of the Company, an employee association (such as a trade union) or a professional association. The Company takes reasonable steps to ensure that these organisations are bound by privacy obligations in relation to the protection of your personal information.
How does the Company maintain the accuracy of your information?
The Company take reasonable steps to ensure that the personal information it holds is accurate, complete and up to date. If you believe the Company holds inaccurate personal information about you, please contact the Company and the Company will take reasonable steps to correct it.
How will the Company manage your personal information in relation to third parties?
- the Company is required to do so by law
- to protect the Company’s rights or property (or those of any third party), or
- to avoid injury to any person.
The Company is not responsible for the privacy practices of third parties or their privacy policies regarding the collection, storage, use, disclosure and distribution of your personal information the Company provides to the third parties.
How does the Company store and protect your information?
The Company takes reasonable steps to protect the security of your personal and/or sensitive information. For example:
- electronic files containing personal information are stored in a secure computer database, to which access is tightly restricted.
The Company maintains appropriate software and IT systems to protect both its hardware and software from misuse, interference, loss, unauthorised access, modification and disclosure.
The Company’s procedures are designed to prevent your personal information being accessed by unauthorised personnel, lost or misused. If you reasonably believe there has been unauthorised use or disclosure of your personal information, please contact the Company’s Privacy Officer (see below).
If the Company no longer needs your personal information, unless the Company is required under Australian law or a court or tribunal order to retain it, the Company will take reasonable steps to destroy or securely delete your personal information in accordance with its document retention policy.
Variation and consent to variation
Access to information the Company holds about you
If you request access to the personal information the Company holds about you, the Company will respond to your request within a reasonable period of time and, where reasonable and practicable, give access to the information in the manner you request. This will be subject to any exemptions allowed under the Privacy Act.
You may request this information by writing to the Managing Director.
When contacting the Company, you have the option to either not identify yourself or to use a pseudonym. However, this will not apply if it is impracticable for the Company to communicate with you that way or if the Company is required or authorised under Australian law (or a court or tribunal order) to only deal with individuals who have identified themselves.
How you can make a complaint
If you have a complaint about the Company’s management of your personal information, you may make it in writing to the Privacy Officer on the details above or by submitting a complaint to the Office of the Australian Information Commissioner using the form available at this website: https://forms.business.gov.au/aba/oaic/privacy-complaint-/
The telephone enquiry line of the Office of the Australian Information Commissioner is 1300 363 992.
In the course of your engagement by the Company, the Company may give you access to (or you may acquire or collect) personal information of other individuals. Such individuals may include other employees or managers of the Company, contractors engaged by the Company, clients of the Company or employees, agents or contractors of clients of the Company, and third parties involved in possible or actual legal matters (e.g. witnesses or experts).
You must comply with the Australian Privacy Principles and the Privacy Act in relation to any personal information of other individuals. The Company may be vicariously liable for your conduct if you breach the Privacy Act in relation to the personal information of other individuals.
Amongst other things, and without limiting your obligations, you must:
- only use or disclose such personal information for the purpose for which it was collected
- not disclose such personal information to any other individual or organisation unless strictly necessary (and then only for the purpose for which it was collected)
- maintain the strict confidence and security of the personal information, and
- not retain personal information for any longer than necessary.
If you are unsure of your obligations in respect of other individuals’ personal information, please contact the Managing Director for more details or contact the Office of the Australian Information Commissioner at http://www.oaic.gov.au/ or on 1300 363 992.