We are bound and obligated to the Australian Privacy Principles in the Privacy Act and all related and subsidiary legislation. We are obligated to these requirements with the Federal Government.
We may review and update this Policy from time to time to take in account any changes in the law, in our business operations and to ensure that it remains appropriate to any Federal Government contracts that Forrest Personnel is a party to. When we do, we will revise the “effective date” at the top of this Policy. Please check the Policy from time to time for the most current version of this Policy.
Collection of Personal Customer Information
The purpose of this Policy is to:
• Give you an understanding of the kinds of personal information that we collect and hold.
• Communicate how and when your personal information is collected, disclosed, used, held and otherwise handled by us.
• Inform you about the purposes for which we collect, hold, use and disclose personal information.
• Provide you with information about how you may access your personal information and seek correction of your personal information.
• Provide you with information about how you may make a complaint, and how we will deal with any such complaint.
What is personal information?
Personal information means information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether the information or opinion is true or not, and whether the information or opinion is recorded in a material form or not. It includes your name, date of birth / age, gender and contact details as well as health information (which is also sensitive information). In this Policy, a reference to personal information includes sensitive / health information.
Collection of personal information
Personal information collected by us will usually fall into one of the following categories:
• Contact information (name, age, address, email address and telephone numbers).
• Commonwealth identifiers (e.g. CRN, TFN).
• Employment information (e.g. employment history, work performance, absences, workplace incidents, next of kin information).
• Financial information (e.g. bank account details).
• Sensitive information (e.g. information about your health, medical history, criminal history, religious beliefs, trade union activity).
• Information obtained to assist in managing client and business relationships.
We may collect your information from you in a variety of ways including when:
• We provide services to you;
• You visit our website;
• You visit or utilise our Support Bridge platform;
• You submit your information in response to Forrest Personnel marketing events or activities; or
• You contact us by any method, such as face-to-face, over the telephone, through an online form or portal, through a paper form or by email.
Sometimes we will collect personal information from a third party or a publicly available source, for example where we have your consent, where we are required by law to do so, or if it is unreasonable or impracticable to collect the personal information directly from you (e.g. checking a candidate’s work history).
You may choose to deal with us anonymously or under a pseudonym. However, in some circumstances, anonymity or the use of a pseudonym will render us unable to provide the relevant service or reasonably conduct our business, and we may request that you identify yourself. For example, it would not be practical to deal with you anonymously if we are providing assistance in securing paid employment for or providing services to you.
You may also choose not to provide us with your personal information. Depending on the circumstances in which you do so, however, we may be unable to provide you with our services as a result.
Where we are collecting personal information from a child or young person, we will use our judgement to determine if that person has the capacity to consent. Where we are unsure, we will seek consent from a parent or guardian.
Why do we collect, use and store your personal information?
We collect, use and store your personal information to provide you with our services which include:
• Recruitment / Employment Services through our Labour Hire services;
• Psychological Assessments / Counselling through our Psychosocial services;
• Services provided by us under the National Disability Insurance Scheme (“NDIS”);
• Services provided by us under the Department of Education, Skills and Employment (“DESE”) and / or the Department of Employment and Workplace Relations (“DEWR”).
We may also collect, use and store your personal information:
• for marketing purposes, in order to provide you information about the services we offer;
• to respond to your questions or suggestions;
• to improve the quality of our services;
• to improve the quality of your visit to our website;
• to undertake employee recruitment activities; or
• to assist with data analytic processes.
You may opt out of receiving marketing information by notifying us accordingly, or by using any unsubscribe facility we provide for that purpose. If you opt out of receiving marketing information, we may still contact you in connection with the services we provide to you, such as for appointment reminders and follow-ups.
Our services, functions and activities, as well as those of our contracted service providers, may change from time to time.
All privacy protocols set out in this Policy will apply to all of our platforms and websites.
Protecting and storing your personal information
We understand the importance of keeping personal information secure and safe.
Our Information Security Management System (“ISMS”) ensures that we have mechanisms in place to protect the confidentiality of sensitive information (including mechanisms to prevent intentional or accidental leaks).
We have a cloud centric ICT architecture. All systems and information handled by our processes are cloud hosted by carefully verified, Tier 1 / accredited providers. We have no on-premises systems holding data and all data is stored and processed in SaaS cloud solutions.
• Require employees and contractors (when required) to enter into confidentiality agreements;
• Require all employees to sign our Code of Conduct;
• Secure hard copy document storage (i.e. storing hard copy documents in locked filing cabinets);
• Implement security measures for access to computer systems to protect information from unauthorised access, modification or disclosure and loss, misuse and interference;
• Ensure data storage devices such as laptops, tablets and smart phones are password protected;
• Provide discreet environments for confidential discussions;
• Implement access control for our buildings including waiting room / reception protocols and measures for securing the premises when unattended; and
• Implement security measures for our website(s).
As part of our ongoing commitment to maintaining the privacy of any personal information we may collect from you, we maintain the following accreditations:
• ISO 27001:2013 ISMS
• DESE ISMS Scheme Issue 1
Who will we disclose your personal information to?
Like most businesses in Australia, we contract out some of our functions and rely on third party suppliers or contractors to help us conduct our business, for example to provide specialised services such as employment services, “cloud computing” technology and data storage services, data analytic and marketing services, legal advice, insurance broking, security services, business advisors and financial services. We may disclose personal information to these third parties in connection with their provision of goods or services to us.
We may also disclose your personal information to other related entities within our organisation for our own business purposes.
We may also disclose your personal information to government agencies, private sector organisations or other entities where required or permitted by law, which may include the following circumstances:
• You have consented to such disclosure.
• We believe that you would reasonably expect, or have been told, that information of that kind is usually passed to those individuals, bodies or agencies, and it is being disclosed for a purpose related (or directly related, in the case of sensitive information) to the reason we collected the information.
• We are required or authorised to make such disclosure by law or the requirements of any professional bodies, including where we are required to do so in accordance with child safety obligations.
• A permitted general situation or permitted health situation (as these terms are defined in the Privacy Act) exists in relation to the disclosure.
• We believe it is reasonably necessary for enforcement related activities conducted by, or on behalf of, an enforcement body (e.g. police, ASIC, Immigration Department).
Accuracy of personal information
We take steps to help ensure that all personal information we collect, use or disclose is accurate, complete and up-to-date. Please contact us via email@example.com if you are aware that personal information that we hold about you does not meet this objective.
How can you access your personal information and contact us
Customers may contact us via firstname.lastname@example.org to access personal information collected about them. We will endeavour to acknowledge your written requests within 7 business days. Record requests will be provided within allowable legislated timeframes. As a general guide this is within 28 calendar days.
We may refuse to grant access to personal information if there is an exception to such disclosure which applies under relevant privacy legislation.
If access is denied you may seek access through the Freedom of Information (“FOI”) legislation.
Your request should be directed to the FOI section of the Department of Social Services (for DES) or National Disability Insurance Scheme (for NDIS).
We will not disclose personal information of others such as doctors or emergency contacts to third parties. However, we encourage you to inform them if you are disclosing this information to us.
Information collected by us from employers is limited to that which is necessary to assist us in providing appropriate services and/or access to Departmental services and/or programs. This information is managed in accordance within the terms of the Privacy Act.
Should you have a general enquiry or complaint regarding your privacy you are invited to contact us via email@example.com or firstname.lastname@example.org. For general matters you can also contact us via our website www.fp.org.au.
Please be advised if you are not satisfied with how a privacy matter has been handled you may elect to direct your concerns to the Office of the Australian Information Commissioner.
Communications and marketing policy
We communicate with users who subscribe to our services on a regular basis via email, and we may also communicate by phone or SMS. We may use your email address and phone number to:
• confirm your information
• send notices and other disclosures as required by law
• advise you of programs you are formally registered with and/or
• provide information about the services we provide.
Generally, users cannot opt out of these communications, which are not marketing-related but merely required for the relevant business relationship.
We may also collect, use and store your personal information for marketing purposes in order to inform you of the services we offer. Part of delivering a high quality, personalised digital experience is recognising who we are talking to, so we can provide the services that you want from us. To do that, we may need to request and store some of your personal information. We know your privacy is vital, so these details will only ever be used in accordance with the terms of this Policy.
We may also use your personal information for the purpose of marketing our services.
If you do not want to receive marketing material from us, you can contact us as detailed below:
• for electronic communications, you can click on the unsubscribe function in the communication or
• for hard copy communications, you can email email@example.com
Cookies and other technologies are used by us on our website and through email to automatically collect certain types of information. The collection of this information allows us to customise your online experience, improve the performance, usability and effectiveness of our online presence and to measure the effectiveness of our marketing activities.
An IP address is a number assigned to your computer whenever you access the internet. It allows computers and servers to recognise and communicate with one another. Public IP addresses from which visitors appear to originate may be recorded for IT security and system diagnostic purposes. This information may also be used in aggregate form to conduct website trend and performance analysis, and to personalise your user experience.
Cookies may be placed on your computer or internet-enabled device whenever you visit us online. This allows the site to remember your computer or device.
Although most browsers automatically accept cookies, you can choose whether or not to accept cookies via your browser’s settings (often found in your browser’s Tools or Preferences menu). You may also delete cookies from your device at any time. However, please be aware that if you do not accept cookies, you may not be able to fully experience some of our website’s features.
Cookies by themselves do not tell us your email address or otherwise identify you personally. In our analytical reports, we may obtain other identifiers including public IP addresses, but this is for the purpose of identifying the number of unique visitors to our website and geographic origin of visitor trends, and not to identify individual visitors.
We use analytics tools. Reports obtained from these analytic tools are used to help us improve the efficiency and usability of this website.
Analytic tools are used to gather statistics about how our website is accessed. It anonymously tracks how our visitors interact with our website, including where they came from, what they did on the site including such things as news registration. No personal information is collected or stored by us or the analytic tool provider.
We may collect and use the geographical location of your computer or mobile device. This location data is collected for the purpose of providing you with information regarding services which we believe may be of interest to you based on your geographic location, and to improve our location-based products and services.
Social media widgets and applications
Our website may include functionality to enable sharing via third party social media applications, such as the Facebook Like button and Twitter widget. These social media applications may collect and use information regarding your use of our website. Any personal information that you provide via such social media applications may be collected and used by other members of that social media application and such interactions are governed by the privacy policies of the companies that provide the application. We do not have control over, or responsibility for, those companies or their use of your information.
In addition, our website may host applications or services (“social media features“). The purpose of social media features is to facilitate the sharing of knowledge and content. Any personal information that you provide on any Forrest Personnel social media feature may be shared with other users of that social media feature (unless otherwise stated at the point of collection), over whom we may have limited or no control.
Links to third party websites
We do not endorse, approve or recommend the services or products provided on third party websites.
If you have specific disability requirements, we will endeavour to collect your information through assisted technology or other accessible means. All privacy and clauses apply regardless of the methods We use to collect and store your information. We recognise and respect individuality of your needs when providing us with information and we will strive to support your requests.