One Key Group Privacy Policy
This Privacy Policy sets out the approach of OKR Technical Services Australia Pty Ltd and its subsidiaries and associated companies (“One Key”, “we”, “our”, “us”) in relation to our management of personal information. We are bound by the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth) (Privacy Act). This policy has been drafted in order to comply with the APPs. For guidance on the following key terms used in this Privacy Policy, please refer to the dictionary on pages 14 and 15: “collect”, “consent”, “health information”, “personal information” and “sensitive information”.
What are our functions and activities?
1. One Key will only collect personal information if it is reasonably necessary to pursue at least one of our functions and activities in the course of operating our business as a labour hire and technical recruitment service provider.
2. Our core functions and activities include:
a. the provision of labour hire employees to our clients;
b. workforce management, including:
i. payroll and tax administration;
ii. travel services;
iii. 24 hour emergency advice and support;
iv. workplace injury management;
v. accommodation arrangements;
vi. meet, greet and security services;
vii. pre-assignment medicals and inoculations;
viii. functional assessments; and
ix. substance testing;
c. permanent recruitment across specialist sectors including oil and gas, power and energy, mining and minerals and engineering; and
d. providing flexible workplace solutions for our clients.
3. In support of our core activities we also carry out the following related functions and activities:
a. human resource activities;
b. corporate administration;
c. property management; and
d. public relations activities.
What kinds of personal information do we collect and hold?
4. As mentioned above in paragraph 1, we collect and hold personal information that is reasonably necessary to carry out our functions and activities in the course of operating our business as a labour hire and technical recruitment service provider.
5. From time to time, we may collect sensitive information about you in order to conduct our activities. However, we only collect sensitive information if:
a. the collection is reasonably necessary for one or more of our activities or functions; and
b. we have your consent to the collection; or
c. an exception applies (see paragraph 6 below).
6. The APPs list a number of circumstances that permit the collection of sensitive information about you without your consent. We only collect sensitive information without your consent if one or more of those circumstances applies.
7. The kinds of personal information that we may collect will depend on whether you are a work seeker, a client or a referee.
Work Seekers
8. The type of personal information that we typically collect and hold about work seekers is information that is reasonably necessary to assess amenability to work, offers and work availability, suitability for placements, or to manage performance in work obtained through us. This may include:
a. contact information, including names, dates of birth, titles, email addresses, residential addresses, and telephone numbers;
b. information that may be included within a curriculum vitae, such as your educational qualifications, career history, interests, hobbies and job interests;
c. references of work seekers;
d. records of pre-employment medicals, including “fitness for work” information and inoculations;
e. criminal records and drug test results, which are both collected as part of our pre -employment checks;
f. nationality, which may be collected as part of applications for medical expenses insurance;
g. PAYG information;
h. police clearances, qualification records and spouse information;
i. information recorded on our compulsory health questionnaire, which is undertaken when a work seeker receives a job offer from a client; and
j. Australian taxation and superannuation details of work seekers are held by our payroll department in Brisbane.
Clients
9. The type of personal information that we typically collect and hold about clients is information that is reasonably necessary to help us manage the presentation and delivery of our services. This may include contact information, including names, titles, email addresses, business addresses, and telephone numbers.
Referees
10. The type of personal information that we typically collect and hold about referees is information that is reasonably necessary to make determinations about the suitability of one of our work seekers for particular jobs or particular types of work and may include:
a. contact information, including names, titles, email addresses, business addresses, and telephone and fax numbers; and
b. qualifications and job titles.
Purposes for which we collect, hold, use and disclose personal information
11. As described in paragraph 1 above, we may collect and hold personal information if it is reasonably necessary to pursue at least one of our functions or activities in the course of our business as a labour hire and technical recruitment service provider, or if its collection and storage is required or authorised by or under an Australian law, or a court/tribunal order.
12. As described in paragraphs 5 and 6 above, we may collect and hold sensitive information that is reasonably necessary for us to pursue at least one of our functions and activities in the course of our business as a labour hire and technical recruitment service provider. Further, unless the APPs permit otherwise, we will only collect and hold your sensitive information if we have received your consent to do so.
13. Generally, we will only use or disclose personal information for the purpose for which it was collected (the primary purpose). For example, if we collect your personal information for the purpose of corporate administration, we will generally only use and disclose that information for that purpose.
14. From time to time, we may use or disclose personal information for secondary purposes if we receive your consent or if the APPs otherwise permit us to do so. The APPs permit us to use and disclose personal information for a secondary purpose without your consent if:
a. you would reasonably expect us to use or disclose the information for a certain secondary purpose and:
i. if the information is sensitive – directly related to the primary purpose; or
ii. if the information is not sensitive – related to the primary purpose; or
b. the use or disclosure of the information is permitted or authorised by or under an Australian law or a court/tribunal order.
15. For example, if we collect your personal information for the primary purpose of corporate administration and you later make some form of complaint against us, we may use that personal information for the secondary purpose of investigating your complaint.
Work seekers
16. The purposes for which we may collect, hold, use and disclose personal information about work seekers include:
a. work placement operations;
b. recruitment functions; and
c. statistical purposes and statutory compliance requirements.
Clients
17. The purposes for which we may collect, hold, use and disclose personal information about clients include:
a. client and business relationship management;
b. recruitment functions;
c. marketing services to you; and
d. statistical purposes and statutory compliance requirements.
Referees
18. The purposes for which we may collect, hold, use and disclose personal information about referees include:
a. confirming identity and authority to provide references;
b. work seeker suitability assessment; and
c. recruitment functions.
Direct marketing
19. We may use email to forward marketing materials to you if you are a work seeker on our database. However, we may only use or disclose your personal information (other than sensitive information) for direct marketing if:
a. we collected the information from you; and
b. you have consented to, or would reasonably expect us to, use or disclose the information for that purpose; and
c. we provide you with a simple means by which you may easily request not to receive direct marketing communications from us; and
d. you have not made a request to us pursuant to clause 19 (c) above.
20. If your personal information is sensitive, we will not use or disclose the information for direct marketing purposes without your consent.
21. We will act in accordance with the Do Not Call Register Act 2006 and the Spam Act 2003.
How do we collect personal information?
Collection of personal information
22. We will only collect personal information if it is reasonably necessary for us to carry out our functions and activities, and only by lawful and fair means that is not unreasonably intrusive.
23. The means by which we will generally collect your personal information may differ depending on whether you are a work seeker, a client or a referee. Please see below from paragraphs 28 to 30 for more information on this.
24. We may collect personal information about work seekers, clients and referees from a range of sources including newspapers, journals, directories, the internet and social media sources, including Facebook, Twitter and LinkedIn. When we collect personal information about you from publicly available sources for inclusion in our records, we will ensure that we deal with that information in a manner that is compliant with the APPs and our Privacy Policy.
25. We may collect personal information from third parties when it is reasonably necessary for a particular purpose, such as checking information that you have given us, where you have consented or would reasonably expect us to collect your personal information from a third party. For example, we may collect personal information about work seekers from referees as part of the recruitment process.
26. If you supply us with personal information of a third party, such as a spouse, colleague or friend, we accept that information on the condition that you have all the rights required from that third party to provide that personal information to us to use for our functions and activities.
27. We will only collect personal information from third parties if:
a. we are required or authorised by or under an Australian law, or a court/tribunal order, to collect the information from someone other than the individual concerned; or
b. it is unreasonable or impracticable to collect the information directly from you.
Collection of personal information from work seekers
28. Personal information will be collected from you directly when you fill out and submit one of our application forms or any other information in connection with your application to us for work.
Collection of personal information from clients
29. Personal information about you may be collected when you provide it to us for business or business related social purposes
Collection of personal information from referees
30. Personal information about you may be collected when we are checking information that we obtain from you about work seekers.
Photos and images
31. We will not request that you supply photographs, scan photo identification, or capture and retain video image data of you in cases where simply sighting photographs or proof of identity documents would be sufficient in the circumstances.
Electronic transactions
32. From time to time, we may collect personal information that you provide to us via online forms or by email. For example, when you:
a. request to be placed on an email list, such as a job notification list;
b. register as a site user to access facilities on our website, such as a job notification board;
c. update your personal information including emergency contacts when requested by us;
d. make a written online inquiry or email us through our website; and
e. submit a resume by email or through our website.
33. If you have concerns about contacting us via the internet, you may contact us by telephone or post.
Cookies
34. Our website uses cookies to help us provide you with a user friendly website. Cookies are small text files that are placed on your computer or mobile phone when you browse websites.
35. Our cookies help us to:
a. make our website work as you would expect;
b. save you having to login every time you visit our website;
c. remember your settings during and between visits;
d. improve the speed and security of our website;
e. allow you to share pages with social networks like Facebook and Twitter;
f. personalise our website to help you get what you need faster;
g. remember if you have accepted our terms and conditions;
h. make our shortlist and application process work; and
i. continuously improve our website for you.
36. We do not use cookies to:
a. collect any personally identifiable information (without your expressed permission);
b. collect any sensitive information (without your express permission);
c. pass data to advertising networks;
d. pass personally identifiable data to third parties.
Granting us permission to use cookies
37. If the settings on your software that you are using to view our website (your browser) are adjusted to accept cookies, we take this and your continued use of our website, to mean that you agree with this. Should you wish to remove or not to use cookies from our website, you can learn how to do this below. However, doing so will be likely to mean that our website will not work as you would expect.
38. There is no way to prevent these cookies being set other than to not use our website.
39. You can switch cookies off by adjusting your browser settings to stop the browser from accepting cookies.
Third party cookies
40. Our website includes functionality provided by third parties (for example, an embedded Google Map showing you where our offices are located).
41. We also use anonymous visitor statistics cookies to record how many visitors our website has had, where these visitors came from, which pages the visitors came from, and which pages the visitors have visited whilst on the website. This allows us to modify our website to improve its usability and make popular and important information easier to find.
Notification of collection of personal information
42. At or before the time we collect personal information about you (or, if that is not practicable, as soon as practicable after), we will take such steps as are reasonable in the circumstances to notify you of the following information (“Collection Information”):
a. our identity and contact details;
b. that we have collected the personal information;
c. if the collection of the personal information is required or authorised by or under an Australian law or a court/tribunal order – the fact that the collection is so required or authorised;
d. the purpose for collecting the personal information;
e. the main consequences (if any) for you if we do not collect all or some of the personal information;
f. the organisations, or types of organisations, to which we usually disclose personal information of that kind;
g. the fact that our Privacy Policy contains information about how you may access the personal information that we hold about them and how you may seek correction of such information;
h. the fact that our Privacy Policy contains information about how you may complain about a breach of the APPs and how we will deal with such a complaint; and
i. whether we are likely to disclose the personal information to overseas recipients, and if so, the countries in which such recipients are likely to be located (if practicable to do so).
43. Circumstances may arise where it would be reasonable for us not to provide you with notice of all or some of the Collection Information. For example, this may be reasonable where:
a. you are already aware that personal information is being collected, the purpose of the collection and other matters relating to the collection;
b. we collect personal information about you on a recurring basis over a short period of time in relation to the same matter, and you are aware (or reasonably ought to be aware) that a separate notice will not be issued for each instance of collection; and
c. notification would be inconsistent with a legal obligation, such as legal professional privilege.
Receipt of Unsolicited Personal Information
44. If we receive personal information that we did not solicit, we will, within a reasonable period of receiving the information, determine whether the information is reasonably necessary to pursue at least one of our functions and activities in the course of operating our business as a technical recruitment service provider.
45. If we determine that we have received personal information that we would not have been permitted to collect pursuant to the APPs (and the information is not contained in a Commonwealth record), we will as soon as practicable and where it is lawful and reasonable to do so, destroy the information or ensure that it is de-identified.
46. If we determine that we would have been permitted to collect the personal information pursuant to the APPs, we will ensure that the information is dealt with in a manner that complies with the APPs.
How do we hold personal information?
47. We will take such steps as are reasonable in the circumstances to protect personal information that we hold from:
a. misuse, interference and loss; and
b. unauthorised access, modification or disclosure.
If we hold personal information about you which we no longer require, we will take reasonable steps to destroy the information or ensure that it is de-identified (unless our compliance with the APPs or another law requires us to avoid taking such steps).
48. We store hardcopy documents containing personal information in secured facilities.
49. Electronic documents are stored with security measures implemented to ensure the security and confidentiality of the documents and the personal information contained in them. For example, our computers have password protections in place to ensure that only our staff have access to your electronically stored personal information.
Anonymity and pseudonymity
50. When interacting with us, circumstances may arise where you choose to remain anonymous or to use a pseudonym. However, we may elect not to deal with you anonymously or pseudonymously if:
a. we are required or authorised by or under an Australian law, or a court/tribunal order, to deal with you in accordance with your identity; or
b. it is impracticable for us to deal with you in this way.
51. In some circumstances, it may not be possible for us to provide a service without the knowledge of your identity.
Quality of personal information
52. We will endeavour to take reasonable steps to ensure that the personal information that we collect is accurate, up-to-date and complete. Further, we will endeavour to take reasonable steps to ensure that the personal information that we use or disclose is, having regard to the purpose of our use or disclosure, accurate, up-to-date, complete and relevant.
53. The reasonable steps described above that we may undertake include:
a. ensuring that updated and new personal information is promptly added to relevant existing records;
b. reminding you to update your personal information when we engage with you;
c. with respect to personal information in the form of an opinion (such as in the case of some personal information obtained from a referee), we may take the following steps to verify the accuracy of the opinion:
i. checking that the opinion is from a reliable source;
ii. providing the opinion to you before we use or disclose it;
iii. clearly indicating on our record that the information is an opinion and identifying the individual who formed that opinion.
Disclosure
54. As mentioned in paragraph 13 above, generally we will only use and disclose your personal information for the primary purpose for which it was collected, or for secondary purposes where such use and disclosure is permitted in accordance with the APPs.
55. We may disclose your personal information if we are required or authorised by or under an Australian law, or a court/tribunal order.
56. Our disclosure of your personal information will generally be:
a. internal;
b. to our clients; and
c. to referees for suitability and screening purposes.
57. With respect to work seekers, during the pre-offer phase we generally only disclose curriculum vitae information to the client, with contact details being removed. If a work seeker progresses to the offer stage, we may give copies of references to the client.
58. We do not forward copies of work seekers’ medical information or D & A tests to clients unless authorised by the work seeker. Rather, we simply inform the client that we have records of such information and we then advise the client whether or not the work seeker has any health concerns that need to be identified.
59. When a work seeker commences an assignment with a client of ours, the client may require additional information in monthly/quarterly reporting. In this case, we may provide further personal information where necessary.
Disclosure for related purposes
60. From time to time, we may outsource a number of our services to contracted service providers (CSPs). Our CSPs may access some of your personal information. Our CSPs may include:
a. software solutions providers;
b. information technology contractors and database designers and internet service suppliers;
c. legal and other professional advisers;
d. insurance brokers, loss assessors and underwriters;
e. superannuation fund managers; and
f. background checking and screening agents.
61. We take reasonable steps to ensure that the terms of service with our CSPs recognise that we are bound by obligations to protect the privacy of your personal information and that they will not do anything that would cause us to breach those obligations.
Access to personal information
62. Requests for access to your personal information should be made in writing and addressed to the Privacy Officer. The Privacy Officer may be contacted at communications@onekeyresources.com.au
63. Upon request of your personal information, we will, within a reasonable period of the request being made, give access to the information in the manner requested (if it is reasonable and practicable to do so), subject to exceptions set out in the APPs.
64. The APPs provide a list of situations in which we may deny you access to your personal information. These situations include where:
a. granting access would have an unreasonable impact on the privacy of others;
b. the information relates to existing or anticipated legal proceedings, and would not be accessible by the process of discovery in those proceedings;
c. access would reveal our intentions in relation to negotiations with you in such a way as to prejudice those negotiations;
d. granting access would be unlawful; and
e. denying access would be likely to prejudice the taking of appropriate action in relation to the matter.
65. If we refuse to give access to personal information in accordance with the APPs, we will provide a written notice setting out:
a. the reasons for denying access to personal information (except where it would be unreasonable to provide such reasons);
b. the mechanisms available to complain about the refusal; and
c. any other matters prescribed by the regulations.
66. Generally, we will not charge fees for giving access to personal information. However, we reserve the right to charge reasonable fees where requests for personal information contain complications or are resource intensive.
Correction of personal information
67. Requests for correction of your personal information should be made in writing and addressed to the relevant Privacy Officer at communications@onekeyresources.com.au
68. If, with regard to the purposes for which it is held, the Privacy Officer is satisfied that the personal information we hold is inaccurate, out-of-date, incomplete, irrelevant or misleading, or if the individual about whom the information relates makes a request, we will take reasonable steps to correct the information. However, as a matter of practice, when we receive personal information, we will hold the information for a period of 5 years before we consider whether it is inaccurate, out-of-date, incomplete, irrelevant or misleading (unless we are informed otherwise).
69. If we correct your personal information, we will take reasonable steps to notify any third party to which we have previously disclosed the information, if you request and it is not unlawful or impracticable for us to do so.
70. If we refuse to correct your personal information in accordance with the APPs, we will provide a written notice setting out:
a. the reasons for the refusal (except where it would be unreasonable to provide the reasons);
b. the mechanisms available to complain about the refusal; and
c. any other matter prescribed by the regulations.
71. If we refuse to correct your personal information in accordance with the APPs, you may request that we associate the information with a statement that the information is inaccurate, out-of-date, incomplete, irrelevant or misleading. Where such a request is made, we will take reasonable steps to associate the statement so that it is apparent to the users of the personal information.
72. We will aim to respond to any request regarding the correction of your personal information within 30 days of the request being made.
73. We will not charge fees for requests for the correction of your personal information or for associating the statement with the personal information.
Complaints
74. If you believe that we have breached the APPs in any way in relation to your personal information, yo u may make a written complaint to the Privacy Officer communications@oekeyresources.com.au.
75. When we receive your complaint:
a. we will take steps to confirm the authenticity of the complaint and the contact details provided to us to ensure that we are responding to you or to a person whom you have authorised to receive information about your complaint;
b. upon confirmation we will write to you to acknowledge receipt and to confirm that we are handling your complaint in accordance with our policy;
c. we may ask for clarification of certain aspects of the complaint and for further detail;
d. we will consider the complaint and may make inquiries of people who can assist us to establish what has happened and why;
e. we will require a reasonable time period (usually 30 days) to respond;
f. if the complaint can be resolved by procedures for access and correction, we will suggest these to you as possible solutions; and
g. if we believe that your complaint may be capable of some other solution we will suggest that solution to you, on a confidential and without prejudice basis in our response.
76. You may also make a complaint to the Recruitment and Consulting Services Association (RCSA), the industry association of which we are a member. The RSCA administers a Code of Conduct for the professional and ethical conduct of its members.
77. The RSCA is supported by rules for resolution of disputes involving members.
78. Please note that the Association Code and Dispute Resolution Rules do NOT constitute a recognised external dispute resolution scheme for the purposes of the APPs, but are primarily designed to regulate the good conduct of the Association’s members.
79. If the complaint cannot be resolved by means that we propose in our response, we will suggest that you take your complaint to any recognised external dispute resolution scheme to which we belong, or to the Office of the Australian Information Commissioner.
