Website Privacy Policy

Purpose

Sedgman Prudentia is committed to safeguarding and preserving the privacy of our staff and clients. This privacy policy outlines how we collect, hold, secure, enable access to, use, and disclose personal information on during the course of business in accordance with the Privacy Act 1988 (Cth) (Privacy Act), including the Australian Privacy Principles.

Scope

This policy applies to board members, directors, employees, job applicants, consultants, contractors, clients, suppliers, and other individuals (referred to as ‘you’ or ‘your’ in this policy); and describes the type of information we collect, how and to whom the information is disclosed, and how the information may be accessed.

This policy applies to written, verbal and electronic forms of communication.

We will not provide personal information to any other individual or organisation without prior consent, unless required by law to do so.

What personal information we collect

“Personal information” means any information or an opinion relating to an identified individual or an individual who is reasonably identifiable, either directly or indirectly. Applicable personal information we may hold includes, but is not limited to, your:

  • name;
  • contact information including address, email address, phone numbers;
  • employee record information such as gender, date of birth, job title, employment history, salary information, bank account details, superannuation details, tax file number, educational and professional qualifications;
  • business information such as ABN, bank account details and insurance details;
  • computer IP and MAC addresses;
  • photographs or videos taken at company events;
  • other sensitive information such as health information or records relating to fitness for work.

How We Collect Personal information

Personal information is collected in writing, by telephone, by online forums or sites, by email, by mobile or computer applications, and from third parties acting on our behalf or through the services we provide. We collect personal information directly from you, or from a third party where you have given consent to disclose your personal information.

How We Use Personal Information

We will use personal information collected from you for one or more of the following purposes:

  • to comply with our contractual, regulatory, and legal obligations;
  • to enable us to provide services to you;
  • for conducting business including planning, training, product development or conducting internal audits;
  • for marketing and research purposes;
  • to communicate information about our services;
  • to consider the suitability of applicants for employment;
  • to assess and respond to complaints or grievances; or
  • to conduct investigations of suspicious or harmful activity.

Your personal information is never shared, sold, rented or otherwise disclosed beyond the purposes detailed in this policy except if required by law or with your consent.

On occasion information such as employment milestones, achievements, project activities and similar news is published by us via newsletters, intranet, website and social media platforms. This may include photographs, videos or other identifying material. Before we use such photographs, videos or other identifying material we will seek your written permission.

If you would like to opt-out of direct marketing we will provide you with the option to opt out of receiving marketing communications.

How we disclose personal information

We may disclose personal information, including sensitive information, held about you under some circumstances, such as:

  • when passing information between our offices;
  • to public authorities where required or permitted to do so by law;
  • to third party service providers and consultants to facilitate the services they provide to us or for business continuity reasons; or
  • when you consent or as necessary to complete a transaction you have requested or authorised.

How Long We Retain Personal Information

Your personal information will be retained as long as it is necessary to conduct the purposes set out in this privacy policy or as required by the applicable law. If it is no longer necessary to keep your personal information, we will take reasonable steps to destroy or de-identify your personal information safely. We may de-identify your personal information, meaning the information will no longer refer to you, for statistical purposes where we have a legitimate and lawful interest in doing so.

We may use a combination of local, online or cloud-based service providers to store and secure personal information.

Security of Personal Information

We are committed to safeguarding all personal information that you provide to us, ensuring it remains confidential and secure and selecting third-party service providers who have suitable privacy policy and security measures in place. We will take all reasonable steps to ensure personal privacy is respected and apply appropriate technical and organisational measures to maintain the security of all personal information, protecting it from loss, interference, misuse, and unauthorised access, disclosure, or modification.

We use a variety of secure techniques to store and protect your information, including secure IT systems and firewalls. Any digital transfer of personal information is secured using a range of security methods. We are constantly reviewing our information security technology and practices.

Responsible Handling of Personal Information

Sedgman Prudentia provides clear expectations for the use of electronic communications, social media and use of monitoring technologies in the IT Acceptable Use Policy. This includes the appropriate handling of personal information. This policy applies to all board members, directors, employees, contractors and others while they are performing work for Sedgman Prudentia, attending Sedgman Prudentia premises or operating equipment on behalf of or owned by Sedgman Prudentia.

Data Breaches

In the highly unlikely event of a notifiable data breach, we will act promptly to comply with applicable laws. Where it is reasonably foreseeable that an individual will suffer because of a data breach, the relevant regulatory body and, where possible, the affected individual will be contacted without undue delay. This notification shall include the nature of the breach, the type of personal information possibly involved, recommendations for the steps to take in response to the breach, and an appropriate contact person for whom affected individuals can seek further information.

A notifiable data breach has occurred if it is likely to cause you serious harm. Serious harm may include serious physical, psychological, emotional, economic and financial harm, as well as serious harm to reputation or identify their.

Access to Personal Information

You may request details of personal information that we hold about you in accordance with the provisions of the Privacy Act 1988 (Cth). If you would like a copy of the information, which we hold about you or believe that any information we hold on you is inaccurate, out of date, incomplete, irrelevant or misleading, please email us at [email protected].

For security reasons, we will ask you to verify your identity to ensure that we do not give information to the wrong person or change or remove your personal information without your explicit consent.

We reserve the right to refuse to provide you with information that we hold about you, in certain circumstances set out in the Privacy Act.

Complaints

Clarifications, concerns, or a complaint concerning maters associated with this policy should be directed to [email protected]. Concerns or complaints will be addressed in accordance with the applicable law or by the processes described in the Workplace Grievance Procedure.

We take any privacy complaints seriously and your complaint will be dealt with fairly and reasonably. If, however you are not satisfied with how your complaint has been handled, you may also lodge a complaint with the Australian Privacy Commissioner in writing at:

Office of the Australian Information Commissioner (OAIC)

Address: GPO Box 5218, Sydney NSW 2001
Phone: 1300 363 992
Email: [email protected]