As an APP Entity under the Australian Privacy Principles, Softtestpays is committed to protecting the privacy of all the individuals it deals with. We only collect information that is reasonably necessary for the activities directly related to our core business.
This document sets out our policies on handling personal information.
KINDS OF PERSONAL INFORMATION COLLECTED AND HELD
Softtestpays is a personnel agency specialising in the recruitment of IT contracting and permanent staff.
The following table provides a summary of the types of personal information that is collected by Softtestpays and the:
|Personal information||What it is used for||How is it collected|
Information such as names, business contact details and dealings with suppliers and potential suppliers to Softtestpays.
Information such as names, business contact details and dealings with clients and potential clients to Softtestpays
Interested 3rd Parties
Information such as names and contact details of persons who contact Softtestpays with requests for information, including through emails from the Softtestpays website.
Job Seekers / Candidates
Information about applicants for employment or contractual positions (including CV information and online profiles)
Information about Softtestpays’ employees and contractors relevant to their employment or contract with Softtestpays. Government related identifiers such as Tax file number, Passport number, and Drivers Licence number
Sensitive information may need to be collected where it relates to a genuine employment requirement of the job or work that a candidate is being considered for. If sensitive information is required we will only collect it with the individual’s prior consent.
We may accept or reject unsolicited information that is sent to us. If a Job Seeker sends their personal information to us for the primary purpose of seeking employment then we will treat that information in the same manner that we do of a person that has responded to a job advertisement. If the unsolicited information is unrelated to Softtestpays core business, then the information will be destroyed.
DISCLOSURE OF PERSONAL INFORMATION
Personal Information that is held about individuals is only disclosed for the primary purpose for which it was collected or where we are under a legal duty to do so.
Disclosure will usually be;
- Internally and to any Softtestpays legally related entity
- To our clients for consideration for vacant positions
- To referees for job suitability purposes
- To ensure continuity of service, to another company if the supply of the service has been transferred to that company
- To applicable Government agencies as required by law
We outsource a number of our business activities to contracted suppliers. As a consequence of this outsourcing our suppliers may see some personal information. Typically our suppliers include;
- Legal and other professional advisors,
- Accredited Auditors
- Insurance Brokers and Assessors
- Superannuation Fund Managers
- Training providers
- Background checking and screening Consultants
- Software solutions providers for the purposes of parsing resume data into our database, and the creation and administration of any online profile.
3rd parties that request access to individual’s personal information (e.g. employment history checks) will only be granted access based on the individual’s written consent.
DISCLOSURE OF PERSONAL INFORMATION OVERSEAS
Softtestpays do not disclose any personal information overseas. All personal information collected and used by Softtestpays is securely stored on IT systems and databases located in Australia and subject to Australian Privacy laws.
STORAGE AND SECURITY OF PERSONAL INFORMATION
No data transmission across any network, including the internet, can be guaranteed to be 100% secure. While we strive to protect personal information from misuse, loss and unauthorised access, we cannot guarantee the security of information that is transmitted across a network (including the internet) by 3rd parties (e.g. jobseekers). These activities are conducted at the 3rd parties’ risk.
Softtestpays will however, take reasonable steps to ensure that we hold personal information in a secure environment accessed only by authorised persons for the purposes and processes described within this policy. Our reasonable steps include but not limited to;
- Records management practices in accordance with our ISO9001 quality certification. Where information is lawfully destroyed at the end of its use by a secure means of disposal
- Training all staff on their responsibilities when handling personal information, including awareness of the Australia Privacy Principals and respecting the confidentiality of client and jobseeker information and the privacy of individuals
- Ensuring a high level of IT security is applied to all systems that hold personal information under Softtestpays control
QUALITY OF PERSONAL INFORMATION
Softtestpays will take reasonable steps to ensure that personal information collected is accurate, up to date and complete. Our reasonable steps include but not limited to;
- Jobseekers’ personal information is date stamped when it is collected.
- Candidates’ personal information will be updated when they are contacted regarding an available and suited position. The Softtestpays recruitment consultant will update the candidate’s record as applicable at this time to ensure all information is current and correct.
- Contractors’ personal information is updated upon contract renewal.
ACCESS, CORRECTION AND DELETION OF PERSONAL INFORMATION
Under the Australian Privacy Principals individuals have a right to access and correct their personal information that is held by Softtestpays.
To the extent that they are entitled under the Privacy Act and other applicable laws, individuals can access and/or request a correction of their personal information held by Softtestpays except where;
- Evaluative opinion information has been obtained confidentially in the course of Softtestpays performing reference checks to which that access would impact on the privacy rights of other people. We reserve the right to refuse access if we believe that it would breach any confidentiality that is attached to that information or the access would interfere with the rights of other people
- If an individual wants to obtain access to their personal information held by Softtestpays they can do so by contacting the Softtestpays Privacy Inquiry Service (firstname.lastname@example.org)
If an individual believes that the personal information that we hold about them is inaccurate, out of date, incomplete, irrelevant and/or misleading they can request that we correct this information by contacting our Privacy Inquiry Service (email@example.com)
If an individual would like their personal information removed from our system/s they can simply send us a deletion request to our Privacy Inquiry Service (firstname.lastname@example.org).
When requesting access, correction and/or deletion of personal information individuals must understand that we will seek sufficient identification from the individual to verify that the information is pertaining to them and that we are accessing, correcting and/or deleting the appropriate personal information.
At Softtestpays we welcome any suggestions for how we can improve our personal information handling processes. All comments, complaints, inquiries or suggestions can be sent to the Privacy Inquiry Service (email@example.com) or in writing to our Privacy Officer, Softtestpays Office, Unit 4, 15 Tench Street, Kingston, ACT 2604.
Upon receiving a privacy compliant, Softtestpays will deal with the complaint by following the process below;
- Taking steps to confirm the nature of the complaint and the contact details provided to us are correct to ensure that we are responding to the correct complainant or to a party that the complainant has authorised to handle their complaint.
- We will confirm receipt of the complaint with the complainant.
- We may seek further information to qualify any aspect of the complaint by making inquiries of any person that can assist us to establish what has happened and why
- We will require a reasonable time frame to respond within; usually 7-14 days
- If the complaint can be resolved by our process for access, correction or deletion we may suggest this as a possible solution.
- If we believe that the complaint may be capable of some other solution we may suggest that solution, on a confidential and without prejudice basis.
- If the complaint cannot be resolved by means of following the above process, we may recommend that the complainant seek external advice like the Office of the Australian Information Commissioner.
NOTIFICATION OF THE COLLECTION OF PERSONAL INFORMATION
Softtestpays only collect personal information that is directly related to fulfilling its obligations as a recruitment service provider.
By voluntarily providing Softtestpays with personal information (i.e. via a job application/submission of your CV), individuals consent to the collection, use and disclosure of their personal information as described in this policy.
Personal information is not used by or disclosed to any third party for purposes of direct marketing. From time to time though, we may use personal information for marketing purposes within Softtestpays that are directly related to the following activities;
- Clients with whom we have a relationship, with market information, service satisfaction surveys.
- Subscribers to our website and social media accounts with news and job alerts to which they have subscribed too.
All marketing communications sent by Softtestpays will include an opt out reply should the individual not wish to receive future communications.
NOTIFIABLE DATA BREACHES
In the event of a suspected or known data breach that involves unauthorised access or disclosure of personal information that Softtestpays may hold; Softtestpays will investigate the breach and take the following actions (as required) in accordance with our information security processes:
- Contain: Softtestpays will take immediate steps to limit any further access to and distribution of the affected personal information.
- Assess: Softtestpays will assess the data breach to determine whether it will result in serious harm to any of the individuals whose personal information was involved.
- Take Remedial Action: Where possible, Softtestpays will take steps necessary to reduce any harm to individuals whose personal information was involved in a data breach.
- Notify: Where serious harm is likely to occur to individuals whose personal information was involved in a data breach, Softtestpays will notify the Office of the Australian Information Commissioner (OAIC) in accordance with the Notifiable Data Breach Scheme, affected individuals and other relevant bodies.
- Review: Softtestpays will investigate the cause of all data breach events and review existing controls to take action to prevent future breaches.
CHANGES TO THIS POLICY
1 All references to “Softtestpays”, “we”, “us”, or “our” in this document are references to Softtestpays Pty Ltd.