We are committed to protecting your personal information, and ensuring its privacy, accuracy and security. We handle your personal information in a responsible manner in accordance with the Privacy Act 1988 (C’th) (Act) and the Australian Privacy Principles (APPs). A copy of the Australian Privacy Principles may be obtained from the website of The Office of the Australian Information Commissioner at https://www.oaic.gov.au/.
You do not have to provide us with your personal information. However, if you do not, we may not be able to conduct business with you.
What do we mean by ‘personal information’?
This policy applies to all personal information we collect. References in this policy to ‘personal information’ or ‘sensitive information’ have the same meaning as in the Privacy Act:
- ‘personal information’ means information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether true or not, and whether or not recorded in a material form.
- ‘sensitive information’ (a type of personal information), means information or an opinion about an individual’s race or ethnic origins, political opinions and associations, religious beliefs or affiliations, philosophical beliefs, sexual preferences or practices, trade or professional associations and memberships, union membership, criminal record, health or genetic information or biometric information.
Whose personal information do we collect?
We may collect your personal information from a range of sources, including from you, recruitment agencies, contractors, business partners and government agencies. For example, we may collect your personal information when you:
- request information about our services
- provide us with either products or services;
- apply for employment or work experience with us; or
- communicate with us via our website, by e-mail, telephone or in writing.
What type of personal information do we collect?
The personal information we collect includes:
- names, addresses, e-mail addresses, phone numbers, other contact details, payment details, occupation, photographs, and other information to assist us in conducting our business, and providing and marketing our products and services;
- information about former, current and potential suppliers and clients; and
- information about former, current and potential employees and directors of our business.
We will only collect your sensitive information:
- if you have consented to us doing so;
- or where required or permitted by law.
How do we collect personal information?
We only collect personal information by lawful and fair means. We usually collect personal information from:
- business cards;
- face-to-face meetings, interviews and telephone calls;
- electronic communications – for example, e-mails and attachments;
- your website, social media, publications and other publicly available sources,
- current, former or potential clients and any stakeholders introduced by those clients;
- security information supplied by you or the Australian Government Security Vetting Agency;
- forms filled out by people, including applications for employment, expressions of interest in contracting roles or requests for information about our services;
- other organisations and people we engage on a subcontractor basis to assist in the delivery of services;
- third parties – for example, recruitment agencies and your representatives or agents; and
- our website, including any message you send via that medium.
Why do we collect personal information?
We collect personal information to provide you with the products and services you have requested from us; to provide you with information about products and services that may be of interest to you; to improve the products and services we provide; and to enable us to conduct our business, including compliance with our legal and regulatory obligations. If you do not provide your personal information, we may not be able to supply the requested product or service, employ you or otherwise deal with you.
Do you have to disclose your identity when dealing with us?
Where lawful and practicable, we will give you the option of interacting with us anonymously or using a pseudonym. However, in some cases this may not be possible.
How we deal with unsolicited personal information?
If we receive personal information about you that we have not requested, and we determine that we could not have lawfully collected that information under the APPs had we asked for it, we will destroy or de-identify the information if it is lawful and reasonable to do so.
Use of personal information
We only use your personal information for the purpose for which it was provided to us, for related purposes or as required or permitted by law. Such purposes include:
- conducting the ordinary affairs of our business, e.g., supplying or acquiring products and services (and in proposals or tenders for such work), responding to your enquiries and feedback, and providing information about our events, news, publications and products and services that may be of interest to you;
- market research and product and service development, so that we are able to better understand our customers’ needs and tailor our future products and services accordingly;
- performing general administration, reporting and management functions, e.g., invoicing and account management, payment processing, risk management, training, quality assurance and managing suppliers;
- employment-related purposes, such as recruiting and providing services to staff;
- as part of a sale (or proposed sale) of all or part of our business; and
- other purposes related to or in connection with our business, including meeting our legal and contractual obligations to third parties and for internal corporate governance purposes.
How do we disclose personal information?
We may disclose, and you consent to us disclosing, your personal information to third parties:
- that are authorised by you to receive information we hold;
- that are our business partners, related bodies corporate or agents;
- that require that information to support the management of Australian Government security clearances;
- that are engaged by us to provide products or services, or to undertake functions on our behalf, e.g., pre-employment screening, IT support or payment processing;
- that are current or potential clients who need information about the individual(s) who provide the services;
- as part of a sale (or proposed sale) of all or part of our business, e.g., we may disclose information to our external advisers, potential and actual bidders and their external advisors;
- such as our external advisers, and government agencies, e.g., where disclosure is reasonably required to obtain advice, prepare legal proceedings or investigate suspected unlawful activity or serious misconduct; or
- as required or permitted by law.
Use or disclosure of sensitive information
We will only use or disclose your sensitive information for the purpose for which it was initially collected or for a directly related purpose, as required or permitted by law, or where you consent to the use or disclosure.
How is my personal information stored?
We take reasonable steps to protect your personal information from misuse, interference, loss and unauthorised access, modification and disclosure. Such steps include:
- physical security over paper-based and electronic data storage and premises;
- computer and network security measures, including use of firewalls, password access and secure servers;
- restricting access to your personal information to employees and those acting on our behalf who are authorised and on a ‘need to know’ basis;
- retaining your personal information for no longer than it is reasonably required, unless we are required by law to retain it for longer; and
- entering into confidentiality agreements with staff and third parties.
Where we no longer require your personal information, including where we are no longer required by law to keep records relating to you, we will ensure that it is de-identified, archived or destroyed.
How can I access my personal information?
You may request access to the personal information we hold about you by contacting us. We will respond to your request within a reasonable time.
We will provide you with access to the information we hold about you unless otherwise permitted or required by law. If we deny you access to the information, we will notify you of the basis for the denial unless an exception applies.
Where reasonable and practicable, we will provide access to the information we hold about you in the manner you request. No fee applies for requesting access to information we hold about you. However, we reserve the right to charge a reasonable fee where we do provide access.
How can I ensure my personal information is correct?
We take reasonable steps to ensure that your personal information is accurate, complete and up to date. However, we rely on you to advise us of any changes or corrections to the information we hold about you.
If you believe that the information we hold about you is inaccurate, incomplete or out of date, or if your information has changed, please let us know as soon as possible. We will deal with your request within a reasonable time.
If we do not agree with the corrections you have requested (for example, because we consider that the information is already accurate, up to date, complete, relevant and not misleading), we are not required to make the corrections. However, where we refuse to do so, we will give you a written notice setting out the reasons.
Government Related Identifiers
Government related identifiers include your tax file number, passport number, driver’s licence number, Medicare number and security clearance number. We will not require, request or collect government related identifiers for any unauthorised reason. In addition, we will not adopt, use or disclose government related identifiers unless required for personal assistance or authorised under relevant laws.
If you have a complaint in relation to the collection, storage, use or disclosure of your personal information, please contact our Privacy Officer using the details below. You will need to provide us with details of your complaint, as well as any supporting evidence and information. We will review all complaints received and our Privacy Officer will respond to you.
If you are not satisfied with our response, you may refer the issue to the Australian Privacy Commissioner via www.oaic.gov.au.
How to contact us