Privacy Policy

Privacy Policy

(Including Credit Reporting Policy)

At Tandem (Tandem Corp Pty Ltd and its subsidiaries), we believe privacy is an important individual right, and we endeavour to abide by the Australian Privacy Principles, as set out in the Privacy Act 1988 (the Act).

This policy sets out how we collect, use, manage and store personal information in accordance with the Act. You agree to the collection, use and disclosure of personal information in accordance with this privacy policy.

1.  Terminology

In this policy:

  • APP means the Australian Privacy Principles prescribed by the Privacy Act 1988
  • client is a company or organisation that engages Tandem to perform a service, undertake work or supply goods to
  • personal information means any information or opinion about a natural person (whether or not true) which is reasonably identifiable
  • sensitive information means (without limitation) information about an individual’s race, political opinions, religious beliefs, philosophical beliefs, membership of a trade union, sexual preference, criminal record, or health, genetic or biometric information, including “sensitive information” as defined in the Privacy Act 1988
  • subcontractor means a contractor engaged by Tandem to perform services under specific contracts
  • “we” “us” and “our” are references to Tandem Corp Pty Ltd (ACN 89 612 789 983) and its subsidiaries
  • website means our website at http://www.tandemcorp.com/
  • “you” and “your” means a natural person whose personal information we have knowingly collected

2.  What personal information we collect

  • Depending on the purpose for which we collect personal information, personal information we collect, or hold may include information about your:
  • name
  • contact details
  • payment details
  • previous job history, skills and qualifications
  • identification details
  • communications and dealings with us
  • telephone recordings, images and video footage
  • any other personal information you or a person ostensibly authorised by you submits to us; and
  • any other information that we consider is reasonably necessary (such as information about your opinions, preferences and interests) to perform our functions and activities.
  • We may also collect sensitive information with your consent that includes:
  • an individual’s health information (e.g. we may collect this in connection with sick leave, pre-employment checks or work suitability e.g. exposure to asbestos)
  • police checks from prospective and current employees or sub-contractors; and
  • information about your ethnic or cultural origin to assist us to develop diversity programs.
  • Some personal information we collect is collected pursuant to legislation such as:
  • the Fair Work Act and Building Code
  • the Migration Act
  • the Superannuation Guarantee (Administration) Act
  • the Income Tax Assessment Act and other tax laws
  • the Corporations Act
  • the Workplace Gender Equality Act
  • occupational health and safety acts; and
  • workers’ compensation acts.

3. Employee records exemption

Notwithstanding this Privacy Policy, we rely on the “employee records exemption” in the Privacy Act and any other applicable exemptions in the Privacy Act or other relevant legislation. The employee records exemption means that in many cases, we are not bound by the requirements of the Privacy Act in relation to personal information we hold about current or former employees (relating to their employment).

4. How we collect personal information

We collect personal information in a number of ways, including:

  • Where you provide information directly to us on our website or a hardcopy form
  • Where you provide information directly to us during a recruitment process
  • Where you complete feedback forms or surveys online or using a hardcopy form
  • Where you interact directly (including by telephone and video link-up) with our employees and such other persons acting for us or on our behalf, such as our customer service team or People team
  • From third parties, such as our service providers (see clause 5 of this Privacy Policy for examples), academic institutions, professional and trade associations and law enforcement agencies
  • From your referees or representatives
  • From customers
  • From related entities in our corporate group
  • Through the use of work allocation devices and software; and
  • From publicly available sources of information.

Where we use and disclose sensitive information about you, we will only do so for the purposes for which you gave it to us or for directly related purposes that you would reasonably expect.

If you do not wish for your personal information to be collected in a way anticipated by our Privacy Policy, we will use reasonable endeavours to accommodate your request. If we do comply with your request, or you provide us with inaccurate or incorrect information, we may not have sufficient information to conduct our business and we may be limited:

  • In our ability to provide our services to subcontractors and clients
  • In our ability to keep you informed of company updates and services information
  • In considering your application for employment with us; and
  • In our ability to respond to your inquiry or request.

5. Purpose of collection, use and disclosure

We collect, use and disclose personal information for the primary purpose of conducting our business, which includes:

  • Providing and managing the delivery of products or services
  • Supplying and managing contractor workforces
  • Establishing legal right to work in Australia
  • Establishing, maintaining and managing an account with an organisation
  • Assessing a person’s application for employment with us
  • Delivering service and company update notices to you, to inform you about new goods or services or information about projects being undertaken
  • To provide information to debt collection agencies, solicitors and legal representatives for the purpose of recovering debts and reporting to a credit reporting or debt collection agency of any credit defaults
  • Accessing any credit application made to us by you or an applicant in respect of which are a director, principal, partner or proposed to act as a guarantor
  • Resolving disputes
  • Collecting feedback forms (online or hardcopy) to improve our services
  • Responding to an inquiry or request
  • Running our website
  • Responding to customer feedback or complaints
  • Identifying repeated employment applications and avoiding duplication of records in respect of applicants
  • Maintaining the integrity of our employment application process
  • Consolidating and verifying our records
  • Engaging with contractors or outsourced service providers who assist our business operations such as technology services
  • Improving our services
  • Compiling and maintaining mailing lists derived from our website or our hardcopy forms and communicating with persons on those lists
  • Collecting and disclosing personal information to related bodies corporate in connection with the corporate group’s own internal operations
  • Fulfilling obligations to, and cooperating with, government authorities
  • To confirm fitness to work
  • Doing something that one would reasonably expect us to do using the information; and
  • Where you otherwise provide your consent, whether express or implied.
  • In relation to applications for employment, we may require you to provide a police check, which is classified as sensitive information. We will only use this information for the purpose of assessing your application and meeting our contractual obligations with our clients. We will only disclose sensitive information to our clients where you provide consent for us to do so and the disclosure is otherwise in accordance with our privacy law obligations.
  • In conducting our operations, we may share some of your personal information with third parties such as contractors and outsourced service providers, our clients and financial service providers. The types of providers we use include providers of:
  • recruitment and employment screening
  • payroll and superannuation
  • staff benefits
  • surveillance
  • training
  • debt collection
  • archival
  • auditing
  • accounting
  • customer contact
  • legal
  • business consulting
  • delivery
  • data processing and analysis
  • document management
  • marketing, research and investigation; insurance
  • website and technology services; and
  • advisory services.
  • If we do disclose your personal information overseas (such as to a service provider based overseas, for example our data storage provider which is located in Japan), we will take reasonable steps to ensure that entity does not breach Australian privacy laws in relation to that information.
  • You acknowledge that we may utilise the services of a cloud services provider to process and store personal information on our behalf and under our effective control, even if their processing and storage facilities are located overseas.

6. Storage and security of personal information

  • Where we hold your personal information, we will take appropriate measures to ensure information is held securely and may only be accessed by authorised persons. All personal information transmitted via our virtual private network and our customer management system is encrypted.
  • We store personal information on secure servers, or at fully classed data centres. We annually submit our servers to annual penetration and vulnerability testing.
  • Where we store your personal information electronically, we restrict who has access to that information, for example password protection and locked folders. There are different levels of security access for different individuals, depending on their position in Tandem. All hardcopies of personal information are stored in a lockable storage room, office or other storage unit (such as a filing cabinet).
  • Where we store your sensitive personal information electronically, we restrict who has access to that information, for example there are system controls restricting visibility of sensitive personal information on our customer management system to approved personnel with operational requirements to access such information.
  • Although we take all reasonable measures, we are not responsible for third party circumvention of security measures on our electronic databases or at any of our premises. Please note that third party recipients of personal information may have their own privacy policies and we are not responsible for their actions, including their handling of personal information.
  • We cannot control the actions of other persons with whom you share your information. Please notify us immediately at privacy@tandemcorp.com if you believe there has been any unauthorised access to your information.
  • If personal information that we hold is no longer required for the purpose in which it was collected and no applicable law requires us to retain that information, we will take reasonable steps to de-identify, delete or destroy the information. Specifically, we hold credit application for seven years from the start of Tandem’s credit dealings with the relevant credit recipient. We hold employment applications for seven (7) years.

7. Direct marketing

Unless you ‘opt out’ or we are subject to legal restrictions, we may use and disclose your personal information for direct marketing purposes.

  • From time to time, we may contact you with information about products and services offered by us and other companies we think may be of interest to you. This includes offering discounts and special deals to you. When we contact you, it may be by mail, telephone, email, SMS or online.
  • Where we use or disclose your personal information for the purpose of direct marketing, we will:
  • allow you to ‘opt out’ or in other words, allow you to request not to receive direct marketing communications; and
  • comply with a request by you to ‘opt out’ of receiving further communications within a reasonable time frame.
  • To ‘opt out’ of direct marketing, email us at privacy@tandemcorp.com or contact our Privacy Officer using the details at clause 11 of this Privacy Policy.

8. Our online services – additional information

(the Websites), and to our other online services including our apps, email communications and social media profiles (together, Online Services). If you use our Online Services, our system may record information such as your server address, top level domain (e.g. .com, .au, etc.), date and time of your visit, content accessed, information downloaded, previous site visited and browser and device type. This information is used for statistical, reporting and website administration and maintenance purposes.

  • Like many other websites, our Websites may use ‘cookies’ from time to time. A cookie is a piece of information that allows our system to identify and interact more effectively with your browser. The cookie helps us to maintain the continuity of your browsing session and remember your details and preferences when you return. You can configure your web browser software to reject cookies however some parts of our Websites may not have full functionality in that case. See allaboutcookies.org for instructions on deleting and rejecting cookies for many common browsers.
  • Our Websites may use Google services such as Google Analytics from time to time. For more about how Google collects and processes data, please see Google’s privacy policy and their information at google.com/policies/privacy/partners/

9. Investors – additional information

  • If you apply for or do invest with our company, we may collect information we receive from you in subscription agreements and other related documents and forms and information about your transactions with us.
  • We are required or authorised to collect your personal information under certain laws including the Income Tax Assessment Act and the Corporations Act.
  • We collect, use and disclose your personal information to assess your application, manage your investment with us and provide investor services.
  • We may exchange your personal information with our investment registry service providers, and they may also exchange your personal information with other services providers of the kinds described above in this Privacy Policy. We are also required to make limited shareholder details available to members of the public on request.

10. Access and correction

  • We will use reasonable steps to ensure the personal information we hold is complete, up to date and accurate, so far as it is practicable for us to do so.
  • You may request access to the personal information we hold about you by contacting our Privacy Officer. If we determine, having regard to the APPs, it is either not lawful or not required by law to provide you access to the personal information we hold, we will provide you with a written response within a reasonable period of time, setting out our reasons. If we are otherwise obliged or permitted to give you access to personal information, we will do so within a reasonable time. We reserve the right to charge you a fee for providing access.
  • If personal information we hold about you is incorrect we will, on your request and where we are satisfied the information is inaccurate, out of date, incomplete, irrelevant or misleading, take such steps as are reasonable in the circumstances to ensure that the information is corrected. If you request us to correct personal information, we hold about you and we refuse to do so, we will, to the extent reasonable, provide you a written response as to our reasons. Where we decide not to make a correction you request, you may ask us to make a note of your requested correction with the information.
  • In certain circumstances you may request your dealings with us remain anonymous (for example, if you make a Whistleblower report).
  • If you wish to have your personal information de-identified or destroyed please let us know and we will de-identify or destroy that information wherever practicable and appropriate. If we become aware that your personal information is no longer needed for any of our purposes, we will take reasonable steps to de-identify or destroy it.

11. Questions and complaints

If you have a question about how we handle personal information, which companies are currently part of the Tandem group of companies, or wish to lodge a complaint about our compliance with the APPs, you may contact our Privacy Officer:

Group Compliance Manager

1320 Malvern Road, Malvern Victoria 3144

1300 474 000

privacy@tandemcorp.com

The Privacy Officer will co-ordinate the investigation of any complaint and any potential resolution of a complaint. We will aim to resolve all complaints as soon as practicable for us to do so.

If you are not satisfied with our response, you may take your complaint to the Office of the Australian Information Commissioner, whose website is: www.oaic.gov.au

12. Changes to this policy

We may change this Privacy Policy at any time. If we make changes to this Privacy Policy, we will notify you by publication on our website. The revised version of the Privacy Policy will be effective at the time we post it.

13. Credit reporting policy

We sometimes provide goods and services on credit to our customers, including sole traders, and we may also sometimes obtain personal guarantees in relation to those credit arrangements. We may review these credit arrangements and guarantees on a periodic basis or where there are changes, as though assessing a new credit/guarantor application.

  • We may collect certain types of ‘personal credit information’ about you, including:
  • name, sex, date of birth, driver licence number, employer and three (3) most recent addresses
  • confirmation of previous information requests about the individual to credit reporting bodies (CRBs) made by other credit providers and credit insurers
  • details of previous credit applications, including the amount and type of credit and credit limit;
  • details of current and previous credit arrangements, including credit providers, start/end dates and certain terms and conditions
  • permitted payment default information, including information about related payment arrangements and subsequent repayment
  • information about serious credit infringements (e.g. fraud)
  • information about adverse court judgments and insolvency
  • publicly available information about an individual’s credit worthiness
  • any credit score or credit risk assessment indicating a CRB’s, credit provider’s or our analysis of an individual’s eligibility for consumer credit; and
  • any other types of ‘credit information’ and ‘credit eligibility information’ about an individual permitted under the Privacy Act.
  • This may include information about an individual’s arrangements with other credit providers as well as with us. We collect personal credit information in the ways described in clause 4 of the Privacy Policy.

We also exchange personal credit information with CRBs. This assists them to maintain information about you to provide to credit providers and other permitted parties for purposes including credit assessments. The CRB we use is

Dun & Bradstreet,

Level 7, 479 St Kilda Road,

Melbourne, VIC, 3004

www.dnb.com.au

pacaustral@dnb.com.au

1300 734 806

You have the right to request CRBs not to:

  • Use your personal credit information to determine your eligibility to receive direct marketing from credit providers; and
  • Use or disclose your personal credit information, if you have been or are likely to be a victim of fraud.

Other parties with which we may exchange personal credit information include other credit providers, credit insurers, debt buyers, parties involved in a sale of our business or assets and your guarantors, representatives, referees and legal advisors.

We may use and disclose personal credit information collected from CRBs for purposes including to manage credit, collect overdue payments, assign debts and assess and rate your credit worthiness and credit/guarantor applications, subject to our legal obligations. We may use and disclose other personal credit information as described in the Privacy Policy.

Please also see the Privacy Policy in respect of the storage and security of your personal credit information and your rights to access and correct that information, and make complaints. For some correction requests and complaints, we may need to consult with CRBs and other credit providers.

Matt Caulfield

Chief Executive Officer

Issue Date: 10 December 2020

The policy will undergo scheduled reviews to ensure that it remains relevant and appropriate, and to re-confirm our commitment to People Management.