Frontline is committed to respecting your right to privacy and protecting your personal information. Frontline is bound by the National Privacy Principles in the Privacy Act 1988 (Commonwealth) and its amendments and any other applicable laws and codes affecting you personal information. This Policy outlines how we manage your personal information, the sorts of personal information that is held and for what purpose, as well as how the information is collected, held, used and disclosed.
This Policy and Complaints Procedure applies to all current and potential employees of Frontline, clients, consultants, contractors, sub contractors, and visitors.
Employee Record: in relation to an employee, means a record of personal information relating to the employment of the employee
Personal information: recorded information or an opinion about an individual whose identity is apparent or can be reasonably ascertained from the information or opinion.
Record: a document, database (however kept) or a photograph or other pictorial representation of a person
Sensitive information: information relating to an individual’s health, racial or ethnic origins, political or religious beliefs.
Non personal information: general information that is deemed to be non personal such as aggregate average data pertaining to web site hits; information that is non specific.
NPP: means the National Privacy Principles that are contained in Schedule 3 of the Privacy Act 1988 (Cth). The PSA establishes ten (10) NPPs as the minimum privacy standards for the private sector.
Privacy Officer: is an employee delegated by Frontline with the responsibility of ensuring the Company complies with the Privacy Act, and who investigates all alleged breaches of privacy.
From time to time Frontline will ask for personal information via various methods including phone, fax and Forms in support of the service we provide. Frontline collects information to enable it to perform its business functions and activities. These may include without limitation:
• Labour hire and recruitment services
• Staff management
• Making contact with individuals and organisations it deals with
• Processing credit applications of, providing products and services to, and marketing to customers
• Selecting and doing business with suppliers and other industry participants, and
• Appointing and doing business with contractors
Personal Information is collected from you when you apply for a position, or on commencement of employment to enable processing of your employment and to maintain ongoing employment related functions such as, payroll, superannuation and personal and emergency contact details.
At the time of collection you will be informed it is a legal requirement. For example if immigration or tax law requires it. At or before Frontline collects personal information the company will take all reasonable steps to ensure that you are aware of:
• who Frontline is and how to contact us
• how to gain access to the information held about you
• the organisation or the types of organisation that Frontline usually discloses information of that kind
• any law that required that particular type of information to be collected
• the consequences (if any) for you if all or part of the information is not provided
Frontline will endeavour, where reasonable and practicable, to collect your personal information directly from you. Where Frontline collects information about you from someone else Frontline will take all reasonable steps to ensure that you, as well as the third party, have been made aware of all the bullet points above. The only exception to this is where making the third party aware of this information would pose a serious threat to the life or health of yourself or another person.
5 USE AND DISCLOSURE
Frontline only uses personal information for the purposes for which it was given to us, or for purposes that are directly related to one of our functions or activities. Frontline will only disclose your personal information to third parties if:
• you have authorised the third party to have access to your personal information. Such parties include but are not limited to Superannuation funds and financial institutions.
• you would reasonably expect or have been told that information of that kind is usually passed to those individuals, bodies or agencies
Frontline will only disclose your personal information without your express authorisation under the following circumstances:
• when required or authorised to do so by law. For example, to satisfy warrants, subpoenas, court orders or Workers Compensation Commission Orders
• where if there are reasonable grounds that the disclosure is necessary to prevent or lessen a serious and imminent threat to the life or health of you or another person
• where it is reasonably necessary for the enforcement of the criminal law or of a law imposing a pecuniary penalty, or for the protection of public revenue
6 DATA QUALITY
Frontline takes all reasonable steps to ensure that the personal information we collect is accurate, up-to-date and complete. These steps include maintaining and updating personal information when we are advised by individuals that the information has been changed, and at other times as necessary. As the accuracy of information held depends largely on the information you provide, we recommend that you:
• advise Frontline immediately if there are any errors in your personal information and
• keep your personal information up-to-date by advising Frontline with any changes. For example by completing a Personal and Banking Detail Form and submitting it to Payroll in Melbourne
If Frontline holds personal information about you and you are able to establish that the information is not accurate, up-to-date and complete, Frontline will take reasonable steps to correct the information unless it is considered that there is a reason under the Privacy Act, FOI Act, or other relevant law not to do so.
If Frontline does not agree to make the requested changes to personal information the individual may make a statement about the requested changes and this statement will be attached to the record. To access your personal information or request changes to the information please contact the Privacy Officer on:
7 DATA SECURITY
Frontline stores your personal information in a combination of electronic and paper formats. Frontline takes steps to protect the personal information we hold against loss, unauthorised access, use, modification or disclosure and against other misuse. These steps include password protection for electronic files, securing paper files in locked cabinets and secured areas, physically restricting access to files and cabinets, and giving access to authorised personnel only.
Where electronic records are secured by passwords, all passwords are kept secure and are not to be shared with colleagues and are changed periodically.
Records of personal information are not stored indefinitely. For current and former employees records are kept for the duration of the employment relationship and are then archived externally for a period of seven (7) years.
Where candidates for roles have been made an offer of employment and accepted all recruitment materials including the application, resume, interview notes and email correspondence and other information is to be kept on the personnel file. Where candidates for roles have not progressed through the recruitment process and made an offer all recruitment materials as detailed above shall be filed centrally for a period of six (6) months.
Information of candidates received from Agencies and who are not considered for roles will not be retained.
Personal information is destroyed when no longer required via a secure service provider or is deleted from electronic systems.
This Policy will be made available to any person who asks for it. Frontline on request will let an individual know generally what sort of personal information it holds for that individual, for what purpose and how it collects, holds, uses and discloses that information.
You have the right to access personal information held about you by Frontline and Frontline will provide you with that access except to the extent that:
• providing access would pose a serious and imminent threat to the life or health of any individual
• providing access would have an unreasonable impact upon the privacy of other individuals
• the request for access is frivolous or vexatious
• the information relates to existing or anticipated legal proceedings between Frontline and you, and the information would not be accessible by the process of discovery in those proceedings; or
• providing access would reveal the intentions of Frontline in relation to negotiations with you in such a way as to prejudice those negations; or
• providing access would be unlawful under legislation such as the Privacy Act, Freedom of Information Act 1982 (Cth) (FOI Act); or
• denying access is required or authorised by or under law; or
• providing access would be likely to prejudice an investigation of possible unlawful activity
If Frontline does not agree to provide access to personal information we will provide you with reasons and you may seek a review of our decision or may appeal our decision under the FOI Act.
9.1 Exemptions from the Privacy Act
Employee records, including those of former employees of Frontline, are exempt from the Privacy Act. Where the ‘employee records’ exemption applies, you do not have the right under the Privacy Act to access personal information held about you.
An employee record is defined as a record of personal information relating to the employment of the employee. Examples of personal information relating to the employment of the employee are health information about the employee and personal information which includes:
• the engagement, training, disciplining or resignation of the employee;
• the termination of the employment of the employee;
• the terms and conditions of employment of the employee;
• the employee’s personal and emergency contact details;
• the employee’s performance or conduct;
• the employee’s hours of employment;
• the employee’s salary or wages;
• the employee’s recreation, long service, sick, personal, maternity, paternity or other leave;
Although you have no legal right to review your employment records, Frontline may grant access to certain information under its sole discretion. You need to put your request in writing to the Privacy Officer and specify what information you would like to access.
Frontline is entitled to refuse to provide access to some or all of the materials requested. Examples of the types of information that may be reasonably refused access to is:
• where disclosure might unreasonably impact on the privacy of another individual. For example, a disciplinary matter involving another employee
• where disclosure might prejudice an investigation of suspected unlawful activity. This can include commission of a crime or a breach of the individual’s employment obligations. For example, suspected theft of company or client property and/or assets, breach of confidence, insider trading, inappropriate or unlawful email or internet use.
• the information relates to an existing legal dispute. Examples include a worker’s compensation claim or sexual harassment complaint.
The Privacy Act does not apply to individual’s applying for work with Frontline and who have entered the recruitment process. The Privacy Act only applies once the employment relationship has begun or when the employment relationship has ended.
Frontline will not use or disclose the identifiers for individuals used by governments, other agencies or service providers, unless permitted under prescribed circumstances under the Act. Identifiers include a number assigned by an organisation to an individual to identify uniquely the individual for the purpose of the organisations’ operations. However, an individuals’ name or ABN is not an identifier.
Wherever it is lawful and practicable, individuals have the option of not identifying themselves when entering transactions with Frontline.
12 TRANSBORDER DATA FLOWS
Frontline will only transfer personal information to another party in another country where it will be for the benefit of the individual. Frontline will always endeavour to obtain the consent of the individual and will take reasonable steps to ensure that the information will not be held, used or disclosed by the recipient inconsistently with the NPP.
13 SENSITIVE INFORMATION
Sensitive Information means information or an opinion about an individual’s:
• racial or ethnic origin; or
• political opinions; or
• membership of a political association; or
• religious beliefs or affiliations; or
• philosophical beliefs; or
• membership of a professional or trade association; or
• membership of a trade union; or
• sexual preferences or practices; or
• criminal record;
that is also personal information; or
• health information about an individual; or
• genetic information about an individual that is not otherwise health information.
Frontline will not collect sensitive information about you unless:
• you have consented
• the collection is required by law
• the collection is necessary to prevent or lessen a serious and imminent threat to the life or health of any individual, where the individual whom the information concerns is physically or legally incapable of giving consent to the collection or physically cannot communicate consent to the collection
• the collection is necessary for the establishment, exercise or defence of a legal or equitable claim
Frontline may collect health information from you as part of the recruitment process and in the context of the employment relationship in order to assess your fitness for duty.
14 COMPLAINTS PROCEDURE
Step 1 Submission of complaint
The complaint must be in writing and can be submitted either by letter or by the Privacy Complaint Form. A complaint should;
• specify the name and address of the complainant
• briefly describe the conduct that gave rise to the interference with their privacy
• specify what action they have taken to rectify the problem
• describe any response provided by the complainant
• the complaint must be forwarded to Frontline’s Privacy Officer
• the Privacy Officer must acknowledge receipt of the complaint in writing within 14 days of receipt
Step 2 Processing of Complaint
On receipt of the complaint the Privacy Officer will request from relevant employees in the area of the company for documents in relation to the complaint. The employees will:
• conduct/supervise the search for relevant documents within their area
• complete the provided certification that a thorough and exhaustive search of documents in their area has been conducted
• indicate the location of other documents relevant to the complaint but not held in their area
• provide additional information which may assist in resolving the complaint
• forward original documents held
Step 3 Complaint Resolution
The Privacy Officer will forward to the Directors, for advice, details of the breach and possible resolutions. This may include a written apology, retraining of staff, changing procedures, amending or deleting personal information.
Step 4 Reporting
The Privacy Officer will forward a report to the Directors on the status of the complaint and actions taken to resolve the issue.
• reviewing and authorising this Policy and Procedure and any amendments at the sole discretion of Frontline
• understanding and complying with the Privacy Act
15.2 Privacy Officer
• considering applications for access to personal information or requests for changes to personal information
• communicating the outcomes of requests to access or change personal information
• responding to all email or written correspondence in a timely manner
• investigating all complaints of alleged breaches of privacy in a timely manner
• delegating their responsibilities when on leave or absent so at all times a Privacy Officer is available within the business
15.3 Manager & Supervisors
• accurately completing and submitting forms and other documents detailing employee information
• ensuring all employee information is kept in personnel files
• updating their personal information as it changes by completing and submitting Personal and Banking Detail Form and other documentation
• ensuring all personal information provided to Frontline is accurate, complete, and correct
• not breaching other employee’s privacy
16 RELATED DOCUMENTS
• Bullying/Harassment/Discrimination Policy
• Bullying/Harassment/Discrimination Complaint Form
• Electronic Resources Policy
• Performance Management Policy
• Personal & Banking Detail Form
• Social Media Policy
• Standards of Behaviour Policy