We are committed to complying with the Privacy Act 2009 in relation to all personal information we collect. Our commitment is demonstrated in this policy. The Privacy Act incorporates the Australian Privacy Principles (APPs). The APPs set out the way that personal information must be treated.
Safe Places for Children are a Contracted Service Provider (CSP) for the Department of Communities and often handle personal information of individuals. The Information Privacy (IP) Act applies to this information. The standard terms of a CSP is to comply with relevant provisions of the IP Act.
This policy applies in respect of personal information we collect from contractors and agents who perform services on our behalf, and from prospective employees and prospective contractors and agents.
This policy does not apply to:
Any person whose personal information is obtained under and governed by any other legislation, including but not limited to Child Protection Act 1999 (QLD); or
Any person or information that is exempted from the provisions of the Privacy Act, including but not limited to employment records.
This policy applies to personal information. In broad terms, 'personal information' is information or opinions relating to a particular individual who can be identified.
Information is not personal information where the information cannot be linked to an identifiable individual.
HOW DO WE MANAGE THE PERSONAL INFORMATION WE COLLECT?
We manage the personal information we collect in numerous ways, such as by:
implementing procedures for identifying and managing privacy risks;
implementing security systems for protecting personal information from misuse, interference and loss from unauthorised access, modification or disclosure;
providing staff with training on privacy issues;
appropriately supervising staff who regularly handle personal information;
implementing mechanisms to ensure any agents or contractors and agents who deal with us comply with the APPs;
implementing procedures for identifying and reporting privacy breaches and for receiving and responding to complaints; and
appointing a privacy officer within the business to monitor privacy compliance.
We will take reasonable steps to destroy or de-identify personal information if that information is no longer needed for the purposes for which we are authorised to use it.
WHAT KINDS OF INFORMATION DO WE COLLECT AND HOLD?
If you are prospective employee or a prospective contractor or agent, we may collect and hold personal information about you, which may include:
sensitive information (see below);
date of birth;
employment arrangements and history;
banking details; and
any other personal information required to engage you as our contractor or agent, or to consider offering you employment.
‘Sensitive information’ is a subset of personal information and includes personal information that may have serious ramifications for the individual concerned if used inappropriately.
However, we may collect sensitive information from and about contractors and agents, and prospective employees and contractors and agents, such as:
health information (including but not limited to drug and alcohol testing results);
criminal history; and
membership of professional or trade associations.
HOW AND WHEN DO WE COLLECT PERSONAL INFORMATION?
Our usual approach to collecting personal information is to collect it directly from the individual concerned.
We may also collect personal information in other ways, such as from:
our contractors and agents;
your current and previous employers;
entities that conduct drug and alcohol tests on our behalf; and
entities that conduct psychometric testing.
HOW DO WE HOLD PERSONAL INFORMATION?
Our usual approach to holding personal information includes holding that personal information:
physically, at our premises; and
electronically, on secure servers; and
in a private cloud.
We secure the personal information we hold in numerous ways, including:
using security systems to limit access to premises outside of business hours;
using secure servers to store personal information;
using unique usernames, passwords and other protections on systems that can access personal information; and
holding certain sensitive documents securely.
WHY DO WE COLLECT, HOLD, USE OR DISCLOSE PERSONAL INFORMATION?
We take reasonable steps to use and disclose personal information for the primary purpose for which we collect it. The primary purpose for which information is collected varies, depending on the particular service being provided or the individual from whom we are collecting the information but is generally as follows:
in the case of contractors and agents – to assist us in providing our clients with high quality services;
in the case of potential employees and contractors and agents – to assess your suitability for employment or engagement.
Personal information may also be used or disclosed by us for secondary purposes that are within an individual’s reasonable expectations and that are related to the primary purpose of collection.
We may collect and use contractors’ and agents’ personal information:
to conduct checks to ensure that the contractor or agent can perform and is performing the services to our standards; and
for payment purposes.
We may disclose personal information to:
contractors and agents;
employers of individuals;
practitioners and entities that provide drug and alcohol testing and other medical testing for us;
government bodies (such as Centrelink and the Department of Communities, Child Safety and Disability Services);
other service providers in order to assist our functions or activities (such as psychological and/or trauma specialists); and
any third party technology providers we may engage from time to time to carry out work on our IT systems.
Otherwise, we will only disclose personal information to third parties if permitted by the Privacy Act.
WILL WE DISCLOSE PERSONAL INFORMATION OUTSIDE AUSTRALIA?
We may disclose your personal information to our contractors and agents in the overseas jurisdictions.
We take reasonable steps to ensure this personal information is handled in a safe and secure manner.
HOW DO YOU MAKE COMPLAINTS OR ACCESS AND CORRECT YOUR PERSONAL INFORMATION?
It is important that the information we hold about you is up-to-date. You should contact us if your personal information changes.
Access to information and correcting personal information
You may request access to the personal information held by us or ask us for your personal information to be corrected by using the contact details in this section.
We will grant you access to your personal information as soon as possible, subject to the request circumstances.
In keeping with our commitment to protect the privacy of personal information, we may not disclose personal information to you without proof of identity.
We may deny access to personal information if:
the request is unreasonable;
providing access would have an unreasonable impact on the privacy of another person;
providing access would pose a serious and imminent threat to the life or health of any person; or
there are other legal grounds to deny the request.
We may charge a fee for reasonable costs incurred in responding to an access request. The fee (if any) will be disclosed before it is levied.
If the personal information we hold is not accurate, complete and up-to-date, we will take reasonable steps to correct it so that it is accurate, complete and up-to-date, where it is appropriate to do so.
If you want to complain about any interference with your privacy, you must follow the following process:
The complaint must first be made to us in writing, using the contact details in this section. We will have a reasonable time to respond to the complaint.
If the privacy issue cannot be resolved, you may take your complaint to the Office of the Australian Information Commissioner.
Who to contact
A person may make a complaint or request to access or correct personal information about them held by us. Such a request must be made in writing to the following address:
Postal Address: Unit 1/44 Leonard Street, Woolloongabba, QLD, 4102
Telephone number: 1300 993 483
Email address: email@example.com
CHANGES TO THE POLICY
This policy is effective from 1 October 2015. If you have any comments on the policy, please contact our privacy officer using the contact details above.