Heinz Law ("the Firm") is bound by the Privacy Act 1988 (Cth) ("the Act"), which requires the Firm to comply with the 13 Australian Privacy Principles ("the APP's"), which sets out minimum standards in relation to the collection, use, storage and disclosure of all personal information that is collected by the Firm. The Firm will take all reasonable steps to protect the privacy of the personal information that is collected by the Firm. The Firm will take all reasonable steps to protect the privacy of the personal information that it collects, uses or discloses.
Application of this Policy
This policy applies to all employees and prospective employees (i.e. job applicants) of the Firm. This policy does not apply to acts and practices of the Firm which relate directly to the personal information the Firm collects from customers, suppliers, contractors, agents and any other individuals.
What is Personal Information?
Personal information is any information that can be used to identify a person. This includes any personal information or opinions about the person, whether true or not, no matter how the information or opinions are recorded.
Sensitive information is a special category of personal information and includes, but is not limited to, information about a person's health, race or ethnic origin, political or religious beliefs, membership of a trade union or association, or criminal record. The Firm will not disclose a person's sensitive information without the person's consent, unless there is a need to disclose such information in accordance with the Act or to comply with any other legislation. The Firm will also only collect personal information with the individual’s consent if the information is reasonably necessary for its continued function and service.
If the Firm receives unsolicited information regarding an individual, it must determine whether it would have been permitted to collect it by the individual. If not, and the information is not contained in a Commonwealth record, the Firm must destroy/de-identify the information (as long as it is lawful and reasonable to do so)
Prospective Employees/Job Applicants
The Firm collects personal information from job applicants and prospective employees when considering whether to make offers of employment or for employment purposes. A failure by an applicant to provide any lawfully requested information may result in the processing of the application being delayed or may result in the application being unsuccessful. Any information which is provided by a job applicant which is later found to be false, may result in the person's application being unsuccessful or if the person is employed, result in the termination of that person's employment.
If a job applicant applies for a job and their application is unsuccessful but they would like the Firm to hold on to their application to consider them for other positions which may arise from time to time, the applicant should provide their written consent to the Firm to do so.
Access to and Correction of Personal Information
Subject to any agreed lawful exceptions, a job applicant has a right to:
Security of Personal Information
The Firm will take reasonable steps to secure and protect a job applicant's personal information from interference, in addition to misuse and loss, an unauthorised access, modification and disclosure.
If a job applicant has a complaint about the Firm's privacy practices / a breach of the APP’s it should contact the Practice Manager.
Inspection of Certain Records by Employees
Firm employees do not have a general right to access and review their personal records which is held about them by the Firm.
Employees may however, access certain statutory employment records including:
The Firm will provide an employee with a copy of these records within 7 days of the request being made. These records will be made available to the employee at either the premises where the employee works or at other mutually agreed premises. All other employment records are exempt from the Privacy Act 1988 (Cth) and those employment records and personnel records may not be made available to employees.
An employee will not be provided with access to another employee's records.
Maintenance of Records
The Firm is required to keep employee records for seven years from the date on which an entry is made or from termination of an employee's employment, depending on which happens first. The Firm will take reasonable steps to ensure that personal information on employees is accurate, up-to-date and complete.
In the case of other records such as tax records, the Firm must maintain those records for a continuous period of seven years from the date the entry is made.
All employees of the Firm must not disclose confidential or personal information which is collected by the Firm about its suppliers, clients, agents or contractors. If an employee is not sure whether information is confidential or personal then they must check with the Practice Manager or their immediate manager.
Confidential and Personal information is information that is not in the pubic domain. It includes, but is not limited to, the following types of information: