ABOUT THIS POLICY
HOW WE MANAGE YOUR PERSONAL INFORMATION
ACCESS, CORRECTION & COMPLAINTS
This Policy applies to the following people or categories of people in relation to their dealings with the Organisation:
‘Employee’ means any permanent, casual or temporary person employed directly by the Organisation.
‘Employer’ or ‘Organisation’ means EMA Consulting Pty Ltd.
‘Permitted situation’ means a permitted general situation or permitted health situation as described in the Act.
The General Manager or other position as designated by the Organisation is responsible to review this Policy on an annual basis.
The Organisation will only collect information which is directly relevant to our business activities which include the provision of consulting services, products and product support, and public and private training courses. It is important for us to collect this information in order to provide a complete and comprehensive service. We collect information about a person where it is necessary to:
This information may include such things as:
5.2 Employee Records
We may also collect personal information about employees in order to maintain employment history and payroll and administrative information relating to all former and present Employees according to the requirements of relevant legislation. The Organisation is required to retain employee records for a period of seven (7) years from the date on which an entry is changed or from termination of the employee’s employment, whichever is the latter. The types of personal information that may be kept in employee records is contained in Appendix 1.
5.3 Prospective Staff
We may also collect personal information about prospective staff (e.g. a Resume) during the hiring process. Such information may include interview notes, employment applications and other information relating to the recruitment of Employees. All information will be destroyed immediately when no longer required.
5.4 Sensitive Information
We may collect sensitive information where required to fulfil our business functions or activities. That collection must be consented to by you, or in a ‘permitted situation’, or where otherwise required or authorised by law. Such information includes but is not limited to: information about an individual’s racial or ethnic origin, membership of professional, trade or political associations, criminal record, or health information.
5.5 Information About Vulnerable Persons
We may collect personal information about a vulnerable segment of the community (such as children, or persons with disabilities), to the extent that it is necessary for the proper management of our Organisation and business activities.
5.6 Web data
The organisation may use various kinds of software devices to collect information about internet use. Small files called “cookies” may be attached to your web browser. These files identify and save information about your browser so that websites can recognise you. You can set your browser to disable cookies, but some EMA Consulting websites (and other websites) may not work properly if you do this.
6.1 How we collect personal information depends on each business relationship. We may collect it through telephone or internet contact or in person through a visit. We will generally only collect information about a person directly from that person; however, where appropriate we may collect information indirectly from list purchases, or referrals. Other ways in which we collect information may include via feedback forms at training courses and breakfast seminars.
6.2 We will not collect any personal information except where such information has knowingly been provided to us. If the Organisation comes into possession of any unsolicited personal information, we will destroy it where appropriate, as soon as practicable.
6.3 Our electronic database and manual information management facilities which are used to hold personal information are maintained secure at all times. This includes security from illegal network access as well as appropriate security levels. Internal access will be controlled such that the relevant persons are authorised only for the minimum access that is required by them to enable them to carry out their job function. Other ways in which we hold information may include in hard copy files, stored in lockable filing cabinets.
6.4 Employee Records and any other information related directly to the employment relationship between the Organisation and the individual is exempt from privacy protection in the Act. However, the Organisation will ensure the secure and proper management of its employee records and will observe strict confidentiality.
7.1 We will only use or disclose personal information for the purpose for which it was collected, such as those listed in Clause 1.1 of this Policy. Other purposes for which we use personal information may include:
7.2 Where personal information is used by the Organisation, that information will only be accessed by persons where access is required by them to enable them to carry out their job function. This may include the General Manager, Consultants, and Directors.
7.3 We may disclose personal information in a ‘permitted situation’ or if otherwise authorised or required by law, in which case we will make a written note of that use or disclosure.
7.4 The Organisation will not share any of its Employees’ personal information with any person or organisation whatsoever unless authorised by the Employee or required by law, and will take all reasonable steps to respect the privacy of its Employees.
7.5 Disclosure to Overseas Recipients
8.1 The Organisation is committed to the integrity, quality and security of personal information held by the Organisation. Information may be stored in hard copy or electronic files and can only be accessed for bona fide purposes according to established practices and as assessed by the Organisation at the time of a request.
8.2 An individual may make request to access or correct his or her personal information held by the Organisation under the Privacy Act. Individuals may make such a request by applying to applying to:
|Contact:||The General Manager|
|Phone:||08 8203 1700|
8.3 A person, other than the individual, may make a request to access or correct personal information where that person is the parent or guardian of the individual, or has such powers as conferred by the relevant legislation pertaining to guardianship and/or powers of attorney.
8.4 Employees are entitled to access their personnel records (timesheets, wage and leave and superannuation details). The Organisation will provide copies of these records where the employee makes a request for such access and provides sufficient notice.
9.1 If an individual believes there has been a breach of the APPs, or a registered APP code that binds the Organisation, he or she should contact the Organisation in writing using the details listed at 1.2 (above).
9.2 The Organisation will respond to the individual within thirty (30) days or within such other time frame as is reasonable in the circumstances.
9.3 After thirty (30) days, the individual may refer his or her complaint to a recognised external dispute resolution scheme of which the Organisation is a member (where applicable).
9.4 The individual may lodge a grievance in relation to his or her complaint in accordance with the Organisation’s Grievance Policy at any time.
9.5 If the complaint is not resolved using the above process, the individual may refer his or her complaint to the Office of the Australian Information Commissioner (OAIC).
The types of information that may be kept on employee records may include: