(Including Credit Reporting Policy)
At the Tandem group of companies (Tandem Corp Pty Ltd and its subsidiaries), we believe that privacy is an important individual right, and to that end we will endeavour to abide by the Australian Privacy Principles, as set out in the Privacy Act 1988 (the Act).
In this policy:
- APP means the Australian Privacy Principles prescribed by the Privacy Act 1988
- client is a company or organisation that engages Tandem to perform a service, undertake work or supply goods to
- personal information means any information or opinion about a natural person (whether or not true) which is reasonably identifiable
- sensitive information means (without limitation) information about an individual’s race, political opinions, religious beliefs, philosophical beliefs, membership of a trade union, sexual preference, criminal record, or health, genetic or biometric information, including “sensitive information” as defined in the Privacy Act 1988
- subcontractor means a contractor engaged by Tandem to perform services under specific contracts
- “we” “us” and “our” are references to Tandem Corp Pty Ltd (ACN 89 612 789 983 and its subsidiaries)
- website means our website at http://www.tandemcorp.com/
- “you” and “your” means a natural person whose personal information we have knowingly collected
2. What personal information we collect
Depending on the purpose for which we collect personal information, personal information we collect or hold may include information about your:
- contact details;
- payment details;
- previous job history, skills and qualifications;
- identification details;
- communications and dealings with us;
- telephone recordings, images and video footage;
- any other personal information you or a person ostensibly authorised by you submits to us; and
- any other information that we consider is reasonably necessary (such as information about your opinions, preferences and interests) to perform our functions and activities.
- We may also collect sensitive information, which includes:
- an individual’s health information (e.g. we may collect this in connection with sick leave or pre-employment checks;
- police checks from prospective and current employees or sub-contractors; and
- information about your ethnic or cultural origin to assist us to develop diversity programs.
Some of the personal information we collect is collected pursuant to legislation such as:
- the Fair Work Act and Building Code;
- the Migration Act;
- the Superannuation Guarantee (Administration) Act;
- the Income Tax Assessment Act and other tax laws;
- the Corporations Act;
- the Workplace Gender Equality Act;
- occupational health; and
- safety acts and workers compensation acts.
3. Employee records exemption
4. How we collect personal information
We collect personal information in a number of ways, including:
- Where you provide information directly to us on our website or a hardcopy form;
- Where you provide information directly to us during a recruitment process;
- Where you complete feedback forms or surveys online or using a hardcopy form;
- Where you interact directly (including by telephone and video link-up) with our employees and such other persons acting for us or on our behalf, such as our customer service team or People team;
- From your referees or representatives;
- From customers;
- From related entities in our corporate group;
- Through the use of work allocation devices and software; and
- From publicly available sources of information.
Where we use and disclose sensitive information about you, we will only do so for the purposes for which you gave it to us or for directly related purposes that you would reasonably expect.
If we do comply with your request, or you provide us with inaccurate or incorrect information, we may not have sufficient information to conduct our business and we may be limited:
- In our ability to provide our services to subcontractors and clients;
- In our ability to keep you informed of company updates and services information;
- In considering your application for employment with us; and
- In our ability to respond to your inquiry or request.
5. Purpose of collection, use and disclosure
We collect, use and disclose personal information for the primary purpose of conducting our business, which includes:
- Providing and managing the delivery of products or services;
- Supplying and managing contractor workforces;
- Establishing legal right to work in Australia;
- Establishing, maintaining and managing an account with an organisation;
- Assessing a person’s application for employment with us, or with clients who contract Tandem to recruit and select people on their behalf;
- Delivering service and company update notices to you, to inform you about new goods or services or information about projects being undertaken;
- To provide information to debt collection agencies, solicitors and legal representatives for the purpose of recovering debts and reporting to a credit reporting or debt collection agency of any credit defaults;
- Accessing any credit application made to us by you or an applicant in respect of which are a director, principal, partner or proposed to act as a guarantor;
- Resolving disputes;
- Collecting feedback forms (online or hardcopy) to improve our services;
- Responding to an inquiry or request;
- Responding to customer feedback or complaints;
- Identifying repeated employment applications and avoiding duplication of records in respect of applicants;
- Maintaining the integrity of our employment application process;
- Consolidating and verifying our records;
- Engaging with contractors or outsourced service providers who assist our business operations such as technology services;
- Improving our services;
- Compiling and maintaining mailing lists derived from our website or our hardcopy forms and communicating with persons on those lists;
- Collecting and disclosing personal information to related bodies corporate in connection with the corporate group’s own internal operations;
- Fulfilling obligations to, and cooperating with, government authorities;
- To confirm fitness to work
- Doing something that one would reasonably expect us to do using the information; and
- Where you otherwise provide your consent, whether express or implied.
In circumstances where we are considering an application for employment, we may require you to provide a police check, which is classified as sensitive information. We will only use this information for the purpose of assessing your application and meeting our contractual obligations with our clients. We will only disclose sensitive information to our clients where you provide consent for us to do so and the disclosure is otherwise in accordance with our privacy law obligations.
In conducting our operations, we may share some of your personal information with third parties such as contractors and outsourced service providers, our clients and financial service providers.
The types of contractors and outsourced service providers we use include providers of:
- recruitment and employment screening;
- payroll and superannuation;
- staff benefits;
- debt collection;
- customer contact;
- business consulting;
- data processing and analysis;
- document management;
- marketing, research and investigation; insurance;
- website and technology services; and
- advisory services.
If we do disclose your personal information overseas (such as to a service provider based overseas, for example our data storage provider which is located in Japan), we will take reasonable steps to ensure that entity does not breach Australian privacy laws in relation to that information.
You acknowledge that we may utilise the services of a cloud services provider to process and store personal information on our behalf and under our effective control, even if their processing and storage facilities are located overseas.
6. Storage and security of personal information
Where we hold your personal information, we will take appropriate measures to ensure that the information is held securely and may only be accessed by authorised persons . All personal information transmitted via our virtual private network and our customer management system is encrypted.
We store personal information on secure servers, or at fully classed data centres. We annually submit our servers to annual penetration and vulnerability testing.
Where we store your personal information electronically, there are restrictions as to who has access to that information, for example there is password protection and locked folders. There are also different levels of security access for different individuals, depending on their position in Tandem Corp. All hardcopies of personal information are stored in a lockable storage room or lockable offices.
Where we store your sensitive personal information electronically, there are additional restrictions as to who has access to that information, for example there are system controls restricting visibility of sensitive personal information on our customer management system to approved personnel with operational requirements to access such information.
Although we take all reasonable measures, we are not responsible for third party circumvention of security measures on our electronic databases or at any of our premises. Please note that third party recipients of personal information may have their own privacy policies and we are not responsible for their actions, including their handling of personal information.
We cannot control the actions of other persons with whom you share your information. Please notify us immediately at email@example.com if you believe there has been any unauthorised access to your information.
If any personal information that we hold is no longer required for the purpose in which it was collected and no applicable law requires us to retain that information, we will take reasonable steps to de-identify, delete or destroy the information. Specifically, we hold credit application for seven years from the start of Tandem’s credit dealings with the relevant credit recipient. We hold employment applications for seven (7) years
7. Direct marketing
Unless you ‘opt out’ or we are subject to legal restrictions, we may use and disclose your personal information for direct marketing purposes. This includes contacting you as part of our iEXTRA program.
From time to time, we may contact you with information about products and services offered by us and other companies which we think may be of interest to you. This includes offering discounts and special deals to you. When we contact you it may be by mail, telephone, email, SMS or online.
Where we use or disclose your personal information for the purpose of direct marketing, we will:
- allow you to ‘opt out’ or in other words, allow you to request not to receive direct marketing communications; and
- comply with a request by you to ‘opt out’ of receiving further communications within a reasonable time frame.
8. Our online services – additional information
This section applies to our websites including:
(the Websites),and to our other online services including our apps, email communications and social media profiles (together, Online Services). If you use our Online Services, our system may record information such as your server address, top level domain (e.g. .com, .au, etc.), date and time of your visit, content accessed, information downloaded, previous site visited and browser and device type. This information is used for statistical, reporting and website administration and maintenance purposes.
Like many other websites, our Websites may use ‘cookies’ from time to time. A cookie is a piece of information that allows our system to identify and interact more effectively with your browser. The cookie helps us to maintain the continuity of your browsing session and remember your details and preferences when you return. You can configure your web browser software to reject cookies however some parts of our Websites may not have full functionality in that case. See www.allaboutcookies.org for instructions on deleting and rejecting cookies for many common browsers.
9. Investors – additional information
If you apply for or do invest with our company, we may collect information we receive from you in subscription agreements and other related documents and forms and information about your transactions with us.
We are required or authorised to collect your personal information under certain laws including the Income Tax Assessment Act and the Corporations Act.
We collect, use and disclose your personal information to assess your application, manage your investment with us and provide investor services.
10. Access and correction
We will use reasonable steps to ensure the personal information we hold is complete, up to date and accurate, so far as it is practicable for us to do so.
You may request access to the personal information we hold about you by contacting our Privacy Officer. If we determine, having regard to the APPs, that it is either not lawful or not required by law to provide you access to the personal information we hold, we will provide you with a written response within a reasonable period of time, setting out our reasons. If we are otherwise obliged or permitted to give you access to that personal information, we will do so within a reasonable time. We reserve the right to charge you a fee for providing access.
If personal information we hold about you is incorrect we will, on your request and where we are satisfied that the information is inaccurate, out of date, incomplete, irrelevant or misleading, take such steps as are reasonable in the circumstances to ensure that the information is corrected. If you request us to correct personal information that we hold about you and we refuse to do so, we will, to the extent reasonable, provide you a written response as to our reasons. Where we decide not to make a correction you request, you may ask us to make a note of your requested correction with the information.
If you wish to have your personal information de-identified or destroyed please let us know and we will de-identify or destroy that information wherever practicable and appropriate. If we become aware that your personal information is no longer needed for any of our purposes, we will take reasonable steps to de-identify or destroy it.
11. Questions and complaints
If you have a question about how we handle personal information, which companies are currently part of the Tandem group of companies, or wish to lodge a complaint about our compliance with the APPs, you may contact our Privacy Officer:
Group Compliance Manager
1320 Malvern Road, Malvern Victoria 3144
1300 474 000
The Privacy Officer will co-ordinate the investigation of any complaint and any potential resolution of a complaint. We will aim to resolve all complaints as soon as practicable for us to do so.
If you are not satisfied with our response, you may take your complaint to the Office of the Australian Information Commissioner, whose website is: www.oaic.gov.au
12. Changes to this policy
13. Credit reporting policy
We sometimes provide goods and services on credit to our customers, including sole traders, and we may also sometimes obtain personal guarantees in relation to those credit arrangements. We may review these credit arrangements and guarantees on a periodic basis or where there are changes, as though assessing a new credit/guarantor application.
We may collect certain types of ‘personal credit information’ about you, including:
- name, sex, date of birth, driver licence number, employer and three (3) most recent addresses;
- confirmation of previous information requests about the individual to credit reporting bodies (CRBs) made by other credit providers and credit insurers;
- details of previous credit applications, including the amount and type of credit and credit limit;
- details of current and previous credit arrangements, including credit providers, start/end dates and certain terms and conditions;
- permitted payment default information, including information about related payment arrangements and subsequent repayment;
- information about serious credit infringements (e.g. fraud);
- information about adverse court judgments and insolvency;
- publicly available information about an individual’s credit worthiness;
- any credit score or credit risk assessment indicating a CRB’s, credit provider’s or our analysis of an individual’s eligibility for consumer credit; and
- any other types of ‘credit information’ and ‘credit eligibility information’ about an individual permitted under the Privacy Act.
We also exchange personal credit information with CRBs. This assists them to maintain information about you to provide to credit providers and other permitted parties for purposes including credit assessments. The CRB we use is
You have the right to request CRBs not to:
- Use your personal credit information to determine your eligibility to receive direct marketing from credit providers; and
- Use or disclose your personal credit information, if you have been or are likely to be a victim of fraud.
Other parties with which we may exchange personal credit information include other credit providers, credit insurers, debt buyers, parties involved in a sale of our business or assets and your guarantors, representatives, referees and legal advisors.
Chief Executive Officer
Issue Date: 16 April 2020
The policy will undergo scheduled reviews to ensure that it remains relevant and appropriate, and to re-confirm our commitment to People Management.