About this policy
Golden Heart Care (being Golden Heart Care Pty Ltd and its wholly owned subsidiaries) (as defined in the Corporations Act 2001 (Cth)) are committed to protecting the privacy of individuals’ Personal Information. Golden Heart Care is bound by the Privacy Act 1988 (Cth) and the New Zealand Privacy Act 1993 and the Privacy Principles set out in them, (the Privacy Laws).
Some entities in the Golden Heart Care group may process personal data of individuals who are based in the EU, when those entities offer goods or services to, or monitor the behaviour of, those individuals. Where the requirements under the “Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016”, known as the EU General Data Protection Regulation (GDPR), apply to entities in the Golden Heart Care group, the way those entities handle the personal data of customers, suppliers and website visitors based in the EU, will be governed by the Golden Heart Care GDPR Privacy Notice.
Types of Personal Information
Golden Heart Care collects Personal Information and in some cases Sensitive Information about individuals, eg. clients and prospective clients, employees of clients or prospective clients, consultants, subcontractors, suppliers, industry participants, competition participants, candidates for employment, and employees.
‘Personal Information’ is information or an opinion (whether true or not, and whether recorded in material form or not) about an identified individual, or an individual who is reasonably identifiable.
‘Sensitive Information’ is a sub-set of Personal Information about an individual’s racial or ethnic origin; political opinions; membership of a political association; religious beliefs or affiliations; philosophical beliefs; membership of a professional or trade association; membership of a trade union; sexual orientation or practices; criminal record; health information; genetic information that is not otherwise health information; biometric information that is to be used for the purpose of automated biometric verification or biometric identification; or biometric templates.
The Personal Information Golden Heart Care collects may include things such as name; address; telephone number; email address; date of birth; age; gender; marital status; banking and superannuation details; credit card details; driver’s licence and other occupational licence details; passport number; tax file number; photographs; medical history; records and reports; racial or ethnic origin; information about financial status; credit history and insurances; proof of the right to work in Australia, or with children; resumes; qualifications; next of kin; employment history; criminal history and/or police checks; references; and use of Golden Heart Care’s services.
We aim to collect this information only as reasonably necessary to provide proposals; products and services to our clients; candidates and competition participants; to assist candidates to find employment; to understand and forecast our business; and to respond to requests for information. Individuals are not required to provide us Personal Information, however withholding it might mean we are not able to satisfactorily fulfil those purposes. Where the Personal Information we collect includes Sensitive Information, we will collect and handle that Sensitive Information in accordance with our obligations under the Privacy Laws.
We may also collect information about you from your access to our websites (for statistical purposes). This information is usually anonymous and we do not use it to identify you. However, due to the nature of internet protocols, such information might contain details that identify you, such as your IP address, internet service provider, the web page directing you and your activity on our website.
How we collect and hold Personal Information
Golden Heart Care may collect Personal Information through our marketing, business development, operational, human resources, finance, risk, research or other activities.
We will generally collect Personal Information directly from you, unless it is unreasonable or impracticable to do so. For example, if you are seeking employment we may collect your Personal Information when you respond to an advertisement, request our services directly, apply for a position, or make yourself available as a candidate for employment generally or under labour hire arrangements. We will generally only collect Sensitive Information about you with your consent or if authorised by law. By providing us or a third party authorised by us with Personal and Sensitive Information, you consent to our collection and use of it for the purposes set out in this policy.
We may collect information from other sources such as: your employer when your employer is seeking our services; referees proposed by you; previous employers; police or Citrix (with your consent); agreements we enter; order forms; credit applications; surveys or other forms submitted to us (eg. website forms, online applications); online platforms or other technologies (for example if you place your details on a recruitment database or online platform, whether managed by us or another third party technology provider); telephone or in-person discussions about our services and business; correspondence; emails or other electronic means (eg. accessing our website and using the ‘contact us’ form or using social media sites); third parties (such as our agents and advisors, network contacts, credit providers, credit reporting bodies, regulatory bodies, government offices or your agents); and publicly available sources of information.
We collect data from our website using various technologies, including ‘cookies’. A ‘cookie’ is a text file that our website sends to your browser which is stored on your computer as an anonymous tag identifying your computer (but not you) to us. You can set your browser to disable cookies. However, some parts of our website may not function properly (or at all) if cookies are disabled.
Golden Heart Care takes reasonable steps to hold Personal Information using appropriate physical and/or electronic security technology, settings and applications (eg. passwords and firewalls), and by training staff who deal with Personal Information on our policies and procedures. These measures are designed to protect Personal Information from unauthorised access; modification or disclosure; and from misuse, interference and loss. Notwithstanding this, you should be mindful that the internet is generally not a secure environment.
In the event of a data breach that is likely to result in serious harm, the Notifiable Data Breaches Scheme in Part IIIC of the Privacy Act 1988 (Cth) sets out obligations for notifying affected individuals, and the Australian Information Commissioner (Commissioner), about an “eligible data breach”. Where a data breach occurs and serious harm to affected individuals is likely, we will notify those individuals and the Commissioner in accordance with our legal obligations.
We will keep your Personal Information only for as long as required for our business purposes and otherwise as required by Australian law. Where we no longer need to keep your Personal Information in accordance with the purposes for which we collected it, we will take reasonable steps to destroy or de-identify your Personal Information. If you wish to have your Personal Information destroyed or de-identified, please let us know and we will take reasonable steps to do so (unless we need to keep it for legal, auditing or internal risk management reasons, or as otherwise required by law).
Purposes for which Personal Information is collected, held, used and disclosed
Golden Heart Care will only use Personal Information for the primary purpose for which we collect it, or a secondary purpose related to the primary purpose for which you would reasonably expect us to use the collected information.
We generally collect, hold and use Personal Information for the primary purpose of providing our services to our clients and prospective clients. We may also do so for a secondary related purpose, such as recording bank details to process payments.
We will not use your information for an unrelated secondary purpose unless we obtain your written consent or an exception applies (eg. it is authorised by law; or it is impracticable to obtain your consent and we believe it is necessary to lessen a serious threat to the life, health or safety of any individual).
Some examples of the purposes for which we collect, hold and use Personal Information are to: conduct business with or provide services to clients (including providing your Personal Information or Sensitive Information (such as health information and criminal records) to clients and to prospective employers if you are an applicant for employment or job placement or if you are an employee) and otherwise administer client’s accounts; market or otherwise promote our services; seek participation in promotions etc.; disclose health information to health professionals in a medical emergency; record details of incidents for insurance purposes; disclose Personal Information or Sensitive Information (such as health information and biometric information) to our information technology providers to allow you to utilise our technology platforms if you are an employee; contact family if requested or needed; improve our services through audits, surveys etc.; obtain professional advice; or comply with our obligations under applicable laws. We may use Personal Information to provide you with a customer account or credit account (including evaluating and processing your application for a customer account); to manage your customer account or credit account (including orders and payments, collecting overdue amounts, and managing fraud and risks); assessing or approving an application for credit; or assessing your credit worthiness.
We may disclose Personal Information to third parties, such as credit reporting agencies, banks, professional advisers, courts, tribunals, regulatory authorities, other companies and individuals for the purposes such as: complying with our obligations under contract or as required by law; having services performed such as delivering packages, addressing warranty claims, sending correspondence, obtaining ASIC and/or other searches and processing payments; and recovering unpaid debts. We may also disclose your information to our business associates, such as Joint Venture or Alliance partners, auditors, and financial services, IT or insurance providers, for them to provide us with services or to offer services to you. We will not authorise third parties to use your information for any other purpose.
We may provide statistics about our staff, prospective employees, customers, readers, sales, traffic patterns and related site functions to reputable third parties primarily to assist us to improve our services.
Golden Heart Care may use Personal Information we collect to provide you with direct marketing materials if you would reasonably expect it to be used for that purpose, or if you consent to receive direct marketing materials, or another exception applies. We will seek your consent to provide you with direct marketing materials if we have obtained your Personal Information from a third party. We provide an easy opt-out procedure for you to request your information not be used for direct marketing.
Access to and correction of Personal Information
You are entitled at any time, upon request, to access your Personal Information held by us. We will respond within a reasonable time after the request is made and give access to the information in the manner requested by you, unless it is impracticable to do so. We will not disclose commercially sensitive information to you. Employment records fall outside the disclosure requirements of the Privacy Act 1988 (Cth). If you are or were an employee, we will generally provide you with access to information that you have provided to us unless it is impracticable to do so. Information obtained from third parties or produced by us would be excluded from disclosure. We are entitled to charge you a reasonable administrative fee for giving you access to the information requested. If we refuse access to your information, we will explain the reasons for refusal and advise of the mechanisms to complain.
If we are satisfied that any of the information we have about you is inaccurate, out-of-date, irrelevant, incomplete or misleading, or you request we correct any information, we will take reasonable steps to ensure the information held by us is accurate, up-to-date, complete, relevant and not misleading. If you request, we will notify the correction to recipients to whom we have disclosed the information, unless it is impractical or unlawful. If we refuse your request, we will explain the reasons for refusal and advise on the mechanisms to complain.
If you wish to complain about our response to a request, or a potential breach of this policy or the Privacy Principles, please contact Golden Heart Care’s Privacy Officer:
Golden Heart Care Pty Ltd
Phone: +61 43 1746 632
Email: [email protected]
If you are not satisfied with our response, you may contact (in Australia) the Office of the Australian Privacy Commissioner www.oaic.gov.au. Golden Heart Care reserves its right to amend this policy from time to time and re-publish it on our website.