IntroductionPower Pays Pty Ltd takes seriously its commitment to preserve the privacy of your personal information that we collect.We will only collect information that is reasonably necessary for the proper performance of our activities or functions. We do not collect personal information just because we think it could be useful at some future stage if we have no present need for it. We do not collect or use personal information for the purposes of unlawful discrimination.
We may decline to collect unsolicited personal information from or about you and may take such measures as we think appropriate to purge it from our systems.
By following the links in this document, you will be able to find out how we manage your personal information as an APP Entity under the Australian Privacy Principles (APPs).
You will also be able to find out about the information flows associated with that information.
If you wish to contact us about your personal information you should contact us:
The Privacy Co-Ordinator
3/334 Highbury Road,
Mount Waverley, Vic, 3149
We will need to collect personal information about you. Personal information may range from the sensitive (e.g. relevant medical history or criminal history) to the everyday (e.g. address and phone number). We may collect the opinions of others about your work performance your work experience and qualifications, aptitude test results and other information in connection with your possible work placements.
We manage personal information, as an APP Entity, under the Australian Privacy Principles (APPs).
As we are a contracted service provider to a range of Commonwealth, State and Territory government agencies, it sometimes becomes necessary for us to collect and manage personal information as an Agency under different privacy arrangements. If you wish to know whether this applies to you, please contact us.
- we check that it is reasonably necessary for our functions or activities as a contractor payroll company and contracting firm;
- we check that it is current, complete and accurate. This will sometimes mean that we have to cross check the information that we collect from you with third parties;
- we record and hold your information in our Information Record System.
- we retrieve your information when we need to use or disclose it for our functions and activities. At that time, we check that it is current, complete, accurate and relevant. This will sometimes mean that we have to cross check the information that we collect from you with third parties once again – especially if some time has passed since we last checked.
- subject to some exceptions, we permit you to access your personal information in accordance with APP:12 of the (APPs).
- we correct or attach associated statements to your personal information in accordance with APP:13 of the (APPs).
- we destroy or de-identify your personal information when it is no longer needed for any purpose for which it may be used or disclosed provided that it is lawful for us to do so. We do not destroy or de-identify information that is contained in a Commonwealth Record.
This policy may change over time in light of changes to privacy laws, technology and business practice. If you use our website regularly or conduct transactions with us that involve to collection of your personal information, it is important that you check this policy regularly to ensure that you are aware of the extent of any consent, authorisation or permission you might give.
Kinds of information that we collect and hold
The type of personal information that we collect and hold is information that is reasonably necessary for the proper performance of our functions and activities as contractor payroll company and contracting firm is likely to differ depending on whether you are:
Sensitive information is only collected with consent and where it is necessary for the performance of our functions and activities. Sensitive information will need to be collected where it relates to a genuine occupational requirement or an inherent requirement of the job or work being considered. Our collection of some types of sensitive information is also governed by equal opportunity and anti-discrimination laws.
The purposes for which we collect, hold, use and disclose your personal information are those purposes that are reasonably necessary for the proper performance of our functions and activities.
The following sections are also relevant to our use and disclosure of your personal information:
- General Disclosures
- Our Policy on Direct Marketing
- Overseas Disclosures
Our Policy on Direct Marketing
We may sometimes use personal information for marketing purposes but only subject to the following:
- Contractors, whilst they are employed with us, with updates in relation to opportunities, market information and promotions from time to time;
- Agencies and clients, with whom we have a relationship, with market information and promotions from time to time;
- Subscribers to our website with news alerts to which they have subscribed;
- Personal Information is not used by or disclosed to any third party for marketing purposes;
- Client lists are not generally obtained from third parties for marketing purposes;
In accordance with the anti-spam legislation, individuals to whom marketing communications are sent are:
- chosen on the basis of having given their express and/or implied consent for such communications to be sent to them since they registered with Us for the purpose of engaging Us as their contractor payroll company; and
- always given on opt out or unsubscribe option in relation to such communications.
When sending direct marketing material we will give you the direct option as to whether or not you wish to receive marketing communications and remain compliant with anti-spam legislation.
How your personal information is collected
Personal information will be collected from you directly when you fill out and submit one of our application forms or any other information in connection with your application to us for payroll.
Personal information is also collected when:
- we receive or give any reference about you;
- we receive results of inquiries that we might make of your former employers, work colleagues, professional associations or registration body;
- we receive performance feedback (whether positive or negative);
- we receive any complaint from or about you in the workplace;
- we receive any information about a workplace accident and/or incident in which you are involved;
- we receive any information about any insurance investigation, litigation, registration or professional disciplinary matter, criminal matter, inquest or inquiry in which you are involved;
- you provide us with any additional information about you;
- electronically through our telecommunications and technology systems – see the section in this policy on Electronic Transactions.
This section explains how we handle personal information collected from our website and by other technology in the course of electronic transactions.
It is important that you understand that there are risks associated with use of the Internet and you should take all appropriate steps to protect your personal information. It might help you to look at the OAIC’s resource on Internet Communications and other Technologies.
It is important that you:
- be careful what information you share on the Web;
- use privacy tools on the site – control access to your search listing and profile;
- make sure your anti-virus and data protection software is up-to-date.
Please contact us by land line phone or postal mail if you have concerns about making contact via the Internet.
Sometimes, we collect personal information that individuals choose to give us via online forms or by email, for example when individuals:
- ask to be on an email list such as a job notification list;
- register as a site user to access facilities on our site such as a job notification board or rewards program;
- make a written online enquiry or email us through our website;
- submit a resume by email or through our website;
- Social Networks and Web Searches
- Web Browsing
- Email Tracking & Analytics
- Cloud Computing Services
- Uploading photographs
- Call and message logs
- Teleconferences and Video conferences
- Mobile Access
- Paperless Office
When you look at our website, our Internet service provider makes a record of the visit and logs (in server logs) the following information for statistical purposes:
- your server address
- your top level domain name (for example .com, .gov, .org, .au, etc)
- the pages you accessed and documents downloaded
- the previous site you visited and
- the type of browser being used.
We do not identify users or their browsing activities except, in the event of an investigation, where a law enforcement agency may exercise a warrant to inspect the Internet service provider’s server logs.
Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work and improve the usability of those sites.
Email Tracking and Analytics
We may conduct email tracking for analytics purposes. Such tracking includes open rates, click through rates and which links were clicked but are not used to collect sensitive information.
We use Google analytics to track website traffic such as visits, time spent on site, and search terms. We do not collect personal or sensitive information using this method of tracking, which shows how many people have visited the website, but not who.
Cloud Computing Services
In cases where we use cloud computing services we will take reasonable steps to ensure that:
- disclosure of your personal information to the cloud service provider is consistent with our disclosure obligations under the APPs. This may include ensuring that we have obtained your consent, or that the disclosure is for purposes within your reasonable expectations.
- disclosure is consistent with any other legal obligations, such as the restrictions on the disclosure of tax file number information or the disclosure by private employment agencies of contractor details;
- our Cloud computing services providers’ terms of service recognise that we are bound by obligations to protect the privacy of your personal information and that they will not do anything that would cause us to breach those obligations.
Our technology systems log emails received and sent and may include voting, read and receipt notifications to enable tracking.
When your email address is received by us because you send us a message, the email address will only be used or disclosed for the purpose for which you have provided it and it will not be added to a mailing list or used or disclosed for any other purpose without your consent other than as may be permitted or required by law.
Call & Message Logs
Our telephone technology (systems and mobile phones) logs telephone calls and messages received and sent and enables call number display, which may include your profile picture if you have provided it.
When your call number is received by us because you phone us or send us a message, the number (and profile picture) will only be used or disclosed for the purpose for which you have provided it and it will not be added to a phone list or used or disclosed for any other purpose without your consent other than as may be permitted or required by law.
Teleconferences & Video Conferences
Teleconferences and video conferences may be recorded with your consent. In cases where it is proposed that they be recorded, we will tell you first the purpose for which they are to be used and retained.
We use recruiting software and databases to log and record our operations. Our Information Record System is designed to meet requirements that are reasonably necessary for our functions or activities as a contractor payroll company and contracting firm.
Some staff may use laptops, tablets, phones and other portable electronic devices that allow them to access, retrieve and store your personal information. Where our staff utilise portable devices, they are subject to our remote access and acceptable IT use policies.
Recognising the environmental advantages and efficiencies it provides, we operate a partially paperless office. As a result, your paper based communications with us may be digitised and retained in digital format. The paper based communications may be securely culled.
It is therefore important that, except where specifically requested, you do not send us originals of any paper based document and that you retain copies for your own records.
Where we do request original paper based documents we will return them to you once they are no longer required by us for the purpose for which they may be used or disclosed.
How your personal information is held
When your personal information is collected it will be held in our Information Record System until it is no longer needed for any purpose for which it may be used or disclosed at which time it will be de-identified or destroyed provided that it is lawful for us to do so.
Your personal information may be accessed by our staff and disclosed in accordance with the APPs.
We take a range of measures to protect your personal information. There are some inherent risks in the use of the Internet Communications and other Technologies. It is important that you read the section on Electronic Transactions if you are using Internet Communications or other technologies to communicate with us. You should also read the section on Cross-Border Disclosures.
Our Information Record System
Personal information is stored in our secure contractor and client database and payroll system.
Where personal information is received in hard copy form, and the information is to be held, the hard copy is scanned into our internal contractor and client database and uploaded into the relevant client or contractor file, and the hard copies subsequently destroyed. Where personal information is received in electronic form, and the information is to be held, the soft copy/electronic format is uploaded into the relevant client or contractor file in our secure contractor and client database.
Where a contractor has been offered a contract and the information received includes payroll details (such as bank details, tax file number and superannuation information) this information is entered into the secure payroll system and stored in a secure electronic archiving solution.
We take a range of measures to protect your personal information from:
- misuse, interference and loss; and
- unauthorised access, modification or disclosure.
- System Access and Password Protection
- Software Protection
- Hardware Protection
- Policy on portable electronic devices
- Retention and disposal
- Clients and third parties
We train our staff to respect the confidentiality of client information and the privacy of individuals.
System Access and Password Protection
Our Information Record Systems have multi-layer permission access which includes password protection and permission level access.
Our software is protected as follows:
- Our network is protected using a firewall which governs internal and external access rights;
- Our emails are filtered to determine email rights, spam control and content control;
- Data is kept virus free by antivirus software which controls virus definition to all machines;
- Data access is controlled by permissions software; and
- All data is backed up both onsite and offsite.
Our hardware is protected as follows:
- Our servers are located in dedicated, secure IT facilities. All access to IT equipment is strictly controlled.
- Our servers are protected from failure by redundant hardware features.
- All disk systems are redundant using some form of RAID; and
- Sites contain backup UPS systems to protect against power loss or power anomalies.
Policy on portable electronic devices
In order to protect personal information from misuse, interference and loss, we do not, as a matter of practice, issue their staff with laptops, tablets, mobile phones or other portable electronic devices. Where our staff utilise their own portable devices, they are subject to our remote access and acceptable IT use policies.
Retention and disposal
We adopt record management practices in accordance with legislative requirements and policies and guidelines on recordkeeping and management of electronic communications.
Where information is lawfully destroyed this is done by secure means of disposal.
Clients and 3rd Parties
All client and third party information accessed and used by our on-hired personnel during the course of their assignments with our clients is protected from disclosure or unauthorised use by:
- The confidentiality and privacy obligations that are contained in our contracts signed by such on-hired personnel; and
- The obligations to comply with all client policies and procedures, including those in relation to confidentiality and privacy that are contained in our contracts signed by such on-hired personnel.
This section deals with our disclosure policies. Personal Information that we hold about you is only disclosed for the primary and related purposes for which it was collected. In this section you will find out about our policies dealing with:
- General Disclosures
- Related Purpose Disclosures
- Cross Border Disclosures
We may disclose your personal information for any of the purposes for which it is primarily held or for a related purpose where lawfully permitted. We may disclose your personal information where we are under a legal duty to do so.
Disclosure will usually be:
- internally and to our related entities
- to our Clients
- to Referees for suitability and screening purposes.
In addition to disclosures for general purposes, we may also disclose your personal information for a range of related purposes.
Related Purpose Disclosures
We outsource a number of services to contracted service suppliers (CSPs) from time to time. Our CSPs may see some of your personal information. Typically our CSPs would include:
- Software solutions providers;
- I.T. contractors and database designers and Internet service suppliers;
- Legal and other professional advisors;
- Accredited Auditors;
- Insurance brokers, loss assessors and underwriters;
- Superannuation fund managers; and
- Background checking and screening agents.
We take reasonable steps to ensure that terms of service with our CSPs recognise that we are bound by obligations to protect the privacy of your personal information and that they will not do anything that would cause us to breach those obligations.
Some or all of your personal information may be disclosed to overseas recipients. The likely countries, type of information disclosed and likely recipients are indicated, so far as is practicable, in the following table:
We will take such steps as are reasonable in the circumstances to ensure that the overseas recipient does not breach the Australian Privacy Principles.
However, we cannot guarantee that any recipient of your personal information will protect it to the standard to which it ought to be protected. The costs and difficulties of enforcement of privacy rights in foreign jurisdictions and the impracticability of attempting to enforce such rights in some jurisdictions will mean that in some instances, we will need to seek your consent to disclosure. See also Electronic Transactions.
Access & Correction
You have a right to access and correct personal information under the Australian Privacy Principles (APPs).
This section sets out our policy dealing with:
See also: Complaints.
Subject to some exceptions that are set out in privacy law, you can gain access to the personal information that we hold about you.
Important exceptions include:
- evaluative opinion material obtained confidentially in the course of our performing reference checks and access that would impact on the privacy rights of other people. We do refuse access if it would breach any confidentiality that attaches to that information or if it would interfere with the privacy rights of other people. In many cases evaluative material contained in references that we obtain will be collected under obligations of confidentiality that we make and which the communicator of that information is entitled to expect will be observed.
If you wish to obtain access to your personal information you should contact our Privacy Co-ordinator. You will need to be in a position to verify your identity and this may be in person. We may impose a moderate charge in providing access. Our Privacy Co-ordinator would discuss these with you.
You should also anticipate that it may take a little time to process your application for access as there may be a need to retrieve information from storage and review information in order to determine what information may be provided. We will generally respond to your request for access within 30 days.
If we refuse to give access to the personal information or to give access in the manner requested by you, we will give you a written notice that sets out:
- the reasons for the refusal except to the extent that, having regard to the grounds for the refusal, it would be unreasonable to do so; and
- the mechanisms available to escalate the refusal decision.
If you find that personal information that we hold about you is inaccurate, out of date, incomplete, irrelevant or misleading, you can ask us to correct it by contacting us.
We will take such steps as re reasonable in the circumstances to correct that information to ensure that, having regard to the purpose for which it is held, the information is accurate, up to date, complete, relevant and not misleading.
If we have disclosed personal information about you that is inaccurate, out of date, incomplete, irrelevant or misleading, you can ask us to notify the third parties to whom we made the disclosure and we will take such steps (if any) as are reasonable in the circumstances to give that notification unless it is impracticable or unlawful to do so.
You should also anticipate that it may take a little time to process your application for correction as there may be a need to retrieve information from storage and review information in order to determine what information may be corrected. We will generally respond to your request for access within 30 days. There is no charge to correct information.
In some cases we may not agree that the information should be changed. If we refuse to correct your personal information as requested by you, we will give you a written notice that sets out:
- the reasons for the refusal except to the extent that it would be unreasonable to do so; and
- the mechanisms available to escalate the refusal decision.
You may also ask us to associate a statement that the information is contested as being inaccurate, out of date, incomplete, irrelevant or misleading and we will take such steps as are reasonable to do so.
You have a right to complain about our handling of your personal information if you believe that we have interfered with your privacy. See also the section dealing with Access & Correction.
How to complain
If you are making a complaint about our handling of your personal information, it should first be made to us in writing. You can make complaints about our handling of your personal information to our Privacy Co-ordinator.
You can also make complaints to the Office of the Australian Information Commissioner.
How your complaint will be handled
When we receive your complaint:
- We will take steps to confirm the authenticity of the complaint and the contact details provided to us to ensure that we are responding to you or to a person whom you have authorised to receive information about your complaint;
- Upon confirmation we will write to you to acknowledge receipt and to confirm that we are handling your complaint in accordance with our policy.
- We may ask for clarification of certain aspects of the complaint and for further detail;
- We will consider the complaint and may make inquiries of people who can assist us to established what has happened and why;
- We will require a reasonable time (usually 30 days) to respond;
- If the complaint can be resolved by procedures for access and correction we will suggest these to you as possible solutions;
- If we believe that your complaint may be capable of some other solution we will suggest that solution to you, on a confidential and without prejudice basis in our response;
If the complaint cannot be resolved by means that we propose in our response we will suggest that you take your complaint to any recognised external dispute resolution scheme to which we belong or to the Office of the Australian Information Commissioner.
Name: Anne Neiwand
Title: National Operations Manager
Company: Power Pays Pty Ltd
Address: 3/334 Highbury Road, Mount Waverley, Victoria, 3149
Phone Number: 1300 793 804