Privacy Act

Privacy Act

Important Note

A business that can be defined as an organisation, which consists of an individual, a company, a partnership, a trust, an incorporated association or any other unincorporated association, is required to comply with the Privacy Act 1988.
The Privacy Act 1988 exempts:
– employee records
– related companies
– individuals in a non-business capacity
– registered political parties
– acts and practices of media organisations carried out in the course of journalism
– a small business with a $3 million turnover (or less), unless it:
– provides a health service
– sells personal information
– purchases personal information
– is related to a business that is not a small business
– is an operator of a residential tenancy database
– is a reporting entity for the purposes of the Anti-Money Laundering and Counter-Terrorism Financing Act 2006
– contracts as a service provider to the Commonwealth.

Policy
The Privacy Act 1988 provides extensive regulations about the collection, storage and use of information relating to individuals. It also contains some specific exemptions for organisations that have a need to collect, store and use information about individuals, one of which is to exempt the “acts and practices of employers in relation to employee records”.

To be exempt, an act or practice relating to the employee record must be directly related to the employment relationship. This means that acts or practices of an employer that are outside the scope of the employment relationship are not exempt. For example, the Project Green Group could not sell details of employees to another organisation.

The act or practice must also be directly related to a current or former employment relationship. This does not cover future employment relationships. This means that personal information collected from prospective employees who are subsequently not employed, such as unsuccessful job applicants, are not covered by the employee records exemption.

Once an employment relationship is formed with an individual, the records the Project Green Group holds relating to that individual’s pre-employment checks then become exempt.

The Project Green Group is also covered by the 13 Australian Privacy Principles, as set out in the legislation, which cover all aspects of dealing with personal and sensitive information, not only those relating to employees. The Project Green Group recognises the importance of protecting personal information, which it may be required to collect from individuals who become associated with its business. The purpose of this Privacy Policy is to ensure that any individual who provides information to The Project Green Group is protected according to the requirements of the Privacy Act 1988.

For the purpose of this Privacy Policy, information is described as:

personal information means information relating to an individual, including an opinion, which may be provided to The Project Green Group as part of its business requirements, either in material form or not, and whether true or not. Such information may personally identify an individual or make the person’s identity reasonably apparent
sensitive information means information or an opinion about an individual’s racial or ethnic origin, political opinions, membership of a political association, religious beliefs, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual practices, criminal record or health information.
The Project Green Group takes its obligations under the Privacy Act 1988 seriously, and as such, takes all reasonable steps in order to comply with the Act and protect the privacy of personal information that it holds.

Procedure
Collection and Use of Information
The Project Green Group may require the collection of personal information from individuals to enable it to provide arboricultural services and throughout the course of general business operations. The reasons for the collection of personal information include, but are not limited to, responding to requests or queries, fulfilling service delivery requirements, maintaining contact with clients and other contacts to keep them informed, meeting regulatory obligations, to conduct surveys and seek feedback, for recruitment and administrative purposes, taxation and other legal requirements.

The Project Green Group may collect and hold personal information, such as, but not limited to, names of employees and proprietors of organisations, addresses, telephone numbers, facsimile numbers, email addresses, titles and professional affiliations. These details are collected for the purpose of providing The Project Green Group services to customers and clients, and the selling and marketing of its extended range of services. The Project Green Group may also use such information to for customer satisfaction surveys. The Project Green Group does not disclose this information to any other organisation, nor does it send any information overseas for any purpose whatsoever.

In the event that sensitive information is collected by The Project Green Group, it is not used for any purpose without the express permission of the individual. The collection, use and disclosure of information is in accordance with the The Project Green Group collection statement.

Storage, Access and Retention of Personal Information
Personal information collected by The Project Green Group is retained as part of a database, which is securely monitored and maintained by The Project Green Group. The data is not made available to a third party, unless it is legally required and verified, without the authority of the individual who provided the personal information.

The Project Green Group makes available for inspection personal information, based on the information supplied by the individual, that it holds in relation to an individual, provided reasonable notice is given. In the event that any part of the personal information that the individual inspects is determined to be incorrect and requires alteration, then The Project Green Group makes such alteration in compliance with the corrected advice provided by the individual.

The Project Green Group takes all reasonable steps to protect the security of the personal information that it holds. This includes appropriate measures to protect electronic materials and materials stored and generated in hard copy.

Where information held by The Project Green Group is no longer required to be held, and the retention is not required by law, The Project Green Group will destroy such personal information by secure means.

Compliance
If an individual has any concerns regarding the privacy of personal information, the individual may make a complaint to the HR Manager who will endeavour to resolve the complaint.

Sources of Information
Where possible, The Project Green Group collects the information directly from individuals, customers and clients.

The Project Green Group acknowledges that there is no obligation for an individual to provide personal information. However, if an individual chooses not to provide The Project Green Group with personal details, it may not be able to provide the individual with a full range of services or may reduce the ability of directly servicing the individual’s organisation.

Collection Statement1
Purpose of the Collection
The Project Green Group may require the collection of personal information to satisfy the needs of the organisation. The reasons for the collection of the personal information include, but are not limited to, service delivery, administrative and recruitment purposes, taxation and other legal requirements.

The personal information may be required for the purpose of:

giving the information which a member or customer is entitled to
supplying to, and administering, the products and services the member or customer requires.
The Project Green Group may also collect the information for the provision of marketing, unless a specific request in writing is provided, detailing what is not required.

The Project Green Group may need to give personal information to other organisations to comply with its legal obligations, such as auditors, legal advisers and the Australian Taxation Office (or any other relevant organisations).

Disclosure to an Organisation
The Project Green Group may disclose personal information, for the purposes set out above, to any of its subsidiaries, branches, franchises or legally related companies, agents, dealers or contractors. Disclosure to external parties or entities does not occur without the individual’s consent except where disclosure is required by law. The Project Green Group is unlikely to be required to disclose personal information to overseas recipients.

The Project Green Group acknowledges that there is no obligation for an individual to provide it with personal information. However, if an individual chooses not to provide The Project Green Group with personal details, it may not be able to provide the individual’s organisation.

Access Rights and Contact Details
The Privacy Act 1988 provides the right to access personal information held by The Project Green Group. If the information is inaccurate, a request can be made to correct it.
The Project Green Group reserves the right to charge a nominal fee if required for the retrieval of information requested.

Further information can be obtained by contacting The Project Green Group nominated privacy officer. A copy of the Australian Privacy Principles can be accessed at http://www.oaic.gov.au/privacy/australian-privacyprinciples/read-the-australian-privacy-principles/

1 In order to comply with the privacy laws, organisations are required to provide specific information to an individual at the time the personal information is collected. An organisation must take reasonable steps to ensure that the individual is aware of this information,
whether or not an individual requests it. The individual must also be told who is collecting the information, the reason for collecting it and how to directly contact the privacy officer.