CGH Group is committed to respecting your privacy and we understand how important it is to protect an individual’s personal data and apply high ethical and regulatory standards (Privacy Act 1988 (as amended) (Australian Act) in Australia to the processing of such data.
This policy applies to all candidates, contractors, clients and suppliers. It applies to the collection, updating, use, storage, disclosure and access to personal and sensitive information that can be recorded in any format including, but not limited to, information held in writing, online, digitally or by electronic means, including mobile phones and USB devises.
1. Why does CGH Group need your personal information?
CGH Group mainly collects, holds, uses and discloses candidates and client personal information so we can establish, manage and provide recruitment services and manage our workplace health and safety obligations. To do this effectively, we need to collect certain personal information.
2. What types of personal information does CGH Group collect?
The personal information collected may consist of your name, address, telephone number, photo, email address, age or birthdate, citizenship and residency, qualifications, titles, contact information, information from your CV, employment records, bank details, tax file number, details of our services you have used or enquired about and other information about you.
Sensitive information is a specific category of personal information. Such information includes membership of a profession or trade association or of a trade union, health information, vaccination status, criminal record and the like. We may need to collect, hold and disclose sensitive information about you in relation to the specific requirements of your placement with our clients or direct engagement by us or to provide you with services. We will only collect and disclose this information with your consent.
3. How does CGH Group collect personal information?
CGH Group collects information only by lawful and fair means and not in an unreasonably intrusive way. Whether your personal information is gathered through face-to-face meetings or by interacting with us via telephone, mail, internet or other methods, we take steps to store your information securely. We hold your personal information in a combination of secure computer storage facilities, paper-based files and other formats.
4. Do we disclose any information to outside parties?
CGH Group does not sell, trade, or otherwise transfer to outside parties your personally identifiable information. This does not include trusted third parties who assist us in operating our website, conducting our business, or servicing you, so long as those parties agree to keep this information confidential. We may also release your information when we believe release is appropriate to comply with the law, enforce our site policies, or protect ours or others rights, property, or safety.
5. To whom do we disclose your information?
We may disclose your personal information to:
• comply with legislative requirements;
• our customers;
• contractors or service providers if such disclosure is required to administer our business functions or to provide our products and services to you for instance without limitation, web hosting providers, IT systems administrators, mailing houses, couriers, payment processors, electronic network administrators, debt collectors and professional advisors such as accountants, solicitors, business advisors and consultants;
• any organisation for any authorised purpose with your express consent; and
• should we intend to merge with, or sell the majority of our assets or equity to a third party, personal information may be disclosed to that third party.
6. Direct Marketing Materials
We may send you direct marketing communications and information about our products and services that we consider might be of interest to you. These communications may be sent in various forms, including mail, SMS, fax and email in accordance with applicable marketing laws, such as the Spam Act 2003 (Cth). If you indicate a preference for a method of communication, we will endeavour to use that method wherever practicable to do so. You consent to receiving direct marketing communications and information from us. However, at any time you may opt out of receiving marketing communications for us by contacting us (see details below) or by using opt out facilities provided in the marketing communications and then we will ensure that your name is removed from our mailing list
7. Are cookies and IP addresses used?
The CGH Group Site uses a variety of technologies to assess how our sites are used, to personalise your experience and to deliver online content tailored to your interests, such as internet tags and cookies.
Cookies are small text files that are placed on your computer or other web-accessing devices by our websites. These cookies allow us to distinguish you from other users of this website, and to enhance this website and your experience when you browse this website. If you do not wish to receive cookies, you can set your browser to refuse them. However, a user who does not accept the cookie from the CGH Group Site may not be able to access certain areas and may limit your use of the CGH Group’s Site and some of our services. In administering the CGH Group Site and diagnosing potential system problems, we also log all IP addresses which access the CGH Group Site
8. How does CGH Group protect your personal information?
We want your personal data to remain as secure as reasonably possible. We will maintain the levels of protection of your personal data in accordance with data protection laws and use all available technical resources to prevent the loss, alteration and unauthorised access or processing of your data. The security measures we use to protect all personal data are designed to meet or exceed industry standards to prevent intruders from gaining access, however you should be aware that no security measure is guaranteed to be 100% secure and you should always take appropriate security measures to protect your personal data, including ensuring that you have up-to-date antivirus software.
9. What happens if there is a privacy or data breach?
The Privacy Amendment (Notifiable Data Breaches) Act 2017 established the Notifiable Data Breaches (NDB) scheme in Australia.
CGH Group will notify individuals whose personal information is involved in a data breach that is likely to result in serious harm. In this context, serious harm refers to serious physical, psychological, emotional, financial or reputational harm to an individual or individuals. CGH Group will manage all data breaches in accordance with the NDB Act.
If a suspected or known data breach occurs, CGH Group’s Privacy Officer will initially respond and work with the affected area to contain further access or disclosure of the data. The Privacy Officer and the Chief Executive Officer will determine whether serious harm is likely from the suspected or known breach.
If serious harm is likely from the data breach, CGH Group will immediately notify the affected individuals to advise that a suspected or known data breach has occurred which includes their personal information, and actions are being undertaken to limit or mitigate the harm as much as possible.
CGH Group will review the incident to determine possible causes of the breach and revise its internal policies and/or procedures to prevent reoccurrence. Possible actions will include updating policies and procedures relating to records management, updating the CGH Group’s Data Security and additional staff training on privacy.
10. How does CGH Group access, change, and/or delete personal information?
You may request access to any personal information we hold about you at any time by contacting us. Where we hold information that you are entitled to access, we will try to provide you with a suitable means of accessing it (for example, by mailing or emailing it to you. We will then contact you to request sufficient information to allow us to confirm your identity. As soon as practicable after your request is received, we will give you access to your personal information.
If you believe that the personal information we hold about you is incorrect, incomplete or inaccurate, you may request us to amend it by contacting our Privacy Officer. We will consider if the information requires amendment. If we do not agree that there are grounds for amendment then we will add a note to the personal information stating that you disagree with it. You may also have your personal information deleted. You should be aware that we are required by law to retain certain personal information (such as payroll records); such information will not be deleted. We will let you know if we cannot delete your personal information for legal or other reasons.
11. How long will CGH Group keep your information?
We may be legally required to maintain some of your records for a significant period of time. However once we believe information is no longer needed we may remove any identifying details or destroy the records entirely.
12. Contacting Us?
You can make enquiries, requests to access/delete or correct your information, or complain about alleged breaches of the APP’s to our Privacy Officer: Telephone: (08) 8942 6666, Email: firstname.lastname@example.org or by writing to GPO Box 1113, Darwin NT 0801.
This policy will be reviewed and updated from time to time to take account of new laws and technology, changes to our operations and practices and to make sure it remains appropriate to the changing environment.
HSQPOL004 REV7 Issued 10.11.2021