PRIVACY POLICY

Scope


1 Medical (the Business) takes seriously its commitment to preserve the privacy of the personal information that we collect.  This summary sets out the key points about how we handle personal information.  More information can be found by clicking on the links below.

We collect, hold, use and disclose personal information to carry out our functions or activities as required by the Australian Privacy Principles set out under the Privacy Act 1988 (Australian Privacy Act) as amended, the Privacy Act 1993 (New Zealand) and the European General Data Protection Regulation (GDPR).  This Privacy Policy sets out the policies regarding the collection and treatment of personal information.

Collection of your personal information
We will collect personal information from you directly: if you are a Candidate, when you apply for work; if you are a Client, during our business relationship with you; or if you are a Referee, when seeking your opinion.

We may also collect personal information from a third party or a publicly available source to enable us to confirm the information you have provided to us, and to include other relevant and necessary information in connection with your application to us for work. 

We also collect personal information through our websites and social networking services such as Facebook and Twitter. We use this information to improve our website.

Collection of your personal data
We will collect personal data from you which is information about a human which makes them identifiable, and this includes (but is not limited to) names, contact information (address, email, phone number, fax number), insurance details, employment history, financial / taxation / accounting information.

Collection of sensitive personal data

Sensitive personal data may also be collected, which is personal data that relates to information such as medical history, racial or ethnic origin, religious or philosophical beliefs, political opinion, trade union activities, criminal history and biometric data. 

Data Processor

A Data Processor is a person or organisation which processes personal and / or sensitive data for the Data Controller.

Data Processing

Data processing describes any manual or automated operation or set, or operations performed on personal data or sets of personal data.  This may include collection, recording, organising, structuring, storing, adapting, altering, retrieving, consulting, using, disclosing by transmission, disseminating or making available, aligning or combining, restricting, erasure or destruction of data.

How your personal information is held
Information is held in our secured Information Record System until it is no longer needed.

Disclosure
We may disclose your personal information for any of the purposes for which it is primarily held or for a related purpose where lawfully permitted.  Disclosure will usually be to our Clients and to Referees.  Disclosures may also be to our contracted service suppliers, such as IT suppliers and background checking agents.

We do not disclose sensitive information about you unless you agree or would reasonably expect us to.  Some of your personal information is likely to be disclosed to overseas recipients.  This will occur when our databases are hosted on overseas servers.

Accessing and correcting your personal information
Subject to some exceptions that are set out in privacy law, you can gain access to the personal information that we hold about you.  You will need to be in a position to verify your identity, and we may impose a moderate charge.  If personal information that we hold about you is inaccurate, out of date, incomplete, irrelevant or misleading, we will take reasonable steps to correct it.

How to make a complaint
You have a right to complain about our handling of your personal information if you believe that we have interfered with your privacy.  Please contact us, preferably in writing, using the details below.

How to contact us
You can contact us at Privacy Officer on 02 9544 1180 or info@1Medical.com.au.

 

 

Introduction


1 Medical PTY LTD (the Business) takes seriously its commitment to preserve the privacy of the personal information that we collect.

We will only collect information that is reasonably necessary for the proper performance of our activities or functions as a recruitment agency.

We do not collect personal information just because we think it could be useful at some future stage if we have no present need for it. We do not collect or use personal information for the purposes of unlawful discrimination.

We may decline to collect unsolicited personal information from or about you and 1 Medical PTY LTD may take such measures as we think appropriate to purge it from our systems.

1 Medical PTY LTD Privacy Policy complies with the 13 Australian Privacy Principles (APPs) contained in Schedule 1 of the Privacy Amendment (Enhancing Privacy Protection) Act 2012, which amends the Privacy Act 1988. For the latest versions of these Acts visit the ComLaw website: www.comlaw.gov.au. The APPs are available from the Office of the Australian Information Commissioner (OAIC) website: http://www.oaic.gov.au/privacy/privacy-act/australian-privacy-principles

1 Medical PTY LTD Privacy Policy also complies with the New Zealand Privacy Act 1993 and the European General Data Protection Regulation (GDPR).

Information Collection
1 Medical PTY LTD manages personal information as an Australian Privacy Principles (APP) entity under the Australian Privacy Principles (APPs) of the Privacy Act.

We will collect personal information from you directly when you fill out and submit one of our registration forms, application forms, or any other information in connection with your application to us for work.

As a contracted service provider to a range of Commonwealth, State and Territory government agencies, it may be necessary for us to collect and manage personal information as an Agency under different privacy arrangements. To find out if this may apply please contact us on the details noted above.

Future Changes
This policy may change over time in light of changes to privacy laws, technology and business practice.  If you use our website regularly or conduct transactions with us that involve us to collect your personal information, it is important that you check this policy regularly to ensure that you are aware of the extent of any consent, authorisation or permission you might give.

Kinds of Information that we Collect and Hold
The type of personal information that we collect and hold is information that is reasonably necessary for the proper performance of our activities or functions as a recruitment agency (go to Purposes) and is likely to differ depending on whether you are:

A Candidate - i.e. someone who is looking for a placement or work through us; or whom we have identified as a person who might be receptive to an offer of a placement or work through us;
A Client – i.e. someone other than a Candidate who is looking to acquire our services as a recruitment agency or whom we have identified as someone who might be interested in acquiring our services; or
A Referee – i.e. a person from whom we have sought facts or opinions regarding the suitability of one of our Candidates for work or positions through us; and who may be a Referee nominated by the Candidate, a Client or us.
Sensitive information is only collected with consent and where it is necessary for the performance of our functions and activities as a recruitment agency.   Sensitive information will need to be collected where it relates to a genuine occupational requirement, for the purposes of the right to work in Australia verification or an inherent requirement of the job or work being considered.  Our collection of some types of sensitive information is also governed by equal opportunity and anti-discrimination laws.

You may choose not to provide us your personal information or to act under a pseudonym.   However, to do so will render us unable to provide you our services in seeking and being placed into work.

For Candidates
The type of information that we typically collect and hold about Candidates is information that is necessary to assess amenability to work offers and work availability; suitability for placements; or to manage the performance in work obtained through us. It includes:

·       Information submitted and obtained from the Candidates and other sources (e.g. Referees or Clients) in connection with applications for work;

·       Information about personality, character, skills, qualifications and experience;

·       Information about career path and preferences;

·       Information about work entitlement and ability to undertake specific types of work;

·       Information about health status and ability to undertake specific types of work;

·       Work performance information;

·       Information about incidents in the workplace;

·       Personnel information including contact details;

·       Information in relation to absences from work due to leave, illness or other causes;

·       Bank details and Tax File Number;

·       Information required to undertake criminal history checks and obtain criminal history records; and

Information required to ascertain a Candidate’s right to work in Australia.
For Clients
The type of information that we typically collect and hold about Clients is information that is necessary to help us manage the presentation and delivery of our services and includes:

·       Client relationship information;

·       Information about position, contracting and hiring authority;

·       Information about team structures and roles;

·       Information about incidents in the workplace;

·       Client facility addresses, ABN, key personnel and contact details; and

Credit check and financial information.
For Referees
The type of information that we typically collect and hold about Referees is information that is necessary to help make determinations about the suitability of one of our Candidates for particular jobs or particular types of work and may include:

·       Information about work position, authority to give a reference and preferred contact details;

·       Opinions of the Referee regarding the Candidates character and work performance or work environment; and

·       Facts or evidence in support of those opinions, sometimes involving the Referee’s own knowledge and experience of having worked with the Candidate.

Purposes
The purposes for which we collect, hold, use and disclose your personal information are those purposes that are reasonably necessary for the proper performance of our functions and activities as a recruitment agency.

·       Candidates - personal information is typically used for recruitment and work placement operations, pre-employment screening, staff management, training, remuneration, workplace health and safety, statistical purposes and statutory compliance requirements.

·       Clients - personal information is typically used for client and business relationship management, review of workplace operations and health and safety management, credit checking, statistical purposes and statutory compliance requirements.

·       Referees - personal information is typically used to confirm identity and authority to provide references and for candidate suitability assessment.

How your personal information is collected
Generally, information will be collected directly from you.

·       Candidate – information is collected through your application, from referees, results of any competency test or similar, and other sources such as registrations or any professional disciplinary matter.

·       Client - information is collected when you provide it to us for business purposes.

Referee - information is collected from the Candidate in the course of their application for work, and from you when providing the reference.
We may also collect personal information about you from publicly available sources including newspapers, journals, directories, the Internet and social media sites. This information will be included in our records only if reasonably necessary for the performance of our activities or functions as a recruitment agency.

The legal basis for processing your personal data

As a Data Controller, we are bound by the requirements of the GDPR regarding users with citizenship of an EU member state.  The legal ground for processing your personal data is formed by the legitimate interest we have for processing your data, which is to inform you about suitable job options and placements, potential candidates and vacancies.  Further grounds for processing your data may be based on the consent you give when registering with us, contacting us via our platforms, entering into a contract with us or entering a contract with another company which we facilitate on your behalf.  If you are a client, your employing organisation may have entered into an agreement with us which provides us with consent to store and process your information.  You can withdraw and / or manage your consent by contacting us on info@1Medical.com.au

 

Photos & Images
We may request proof of identification from you including copies of your passport, visa, driver’s license or any other relevant licences and will only do so for the performance of our activities or functions as a recruitment agency.

Electronic Transactions
We also collect personal information through our websites and social networking services such as Facebook and Twitter.  We use this information to improve our website.  Refer to our Electronic Transactions Policy.

How your Personal Information is Held
When your personal information is collected it will be held in our Information Record System until it is no longer needed for any purpose for which it may be used or disclosed, at which time it will be de-identified or destroyed provided that it is lawful for us to do so.

Our Information Record System
Information you provide to us is stored on a secure recruitment database and document storage system, which are restricted and accessible by staff through the use of individual log-in credentials.

Information Security
We will take all reasonable steps to ensure the information you provide us remains secure and confidential and is only used for the performance of our functions or activities as a recruitment agency.  Refer to our Data Security Policy.

Disclosures
General Disclosures
We may disclose your personal information for any of the purposes for which it is primarily held or for a related purpose where lawfully permitted.  We may disclose your personal information where we are under a legal duty to do so, including circumstances where we are under a contractual duty to disclose information.

Disclosure will usually be internally and to our related entities, to our Clients, and to Referees for suitability and screening purposes.

Related Purpose Disclosures
We outsource a number of services to contracted service suppliers (CSPs) from time to time. Our CSPs may see some of your personal information. Typically, our CSPs would include Software solutions providers, IT contractors and/or Background checking and screening agents. 

We take reasonable steps to ensure that terms of service with our CSPs recognise that we are bound by obligations to protect the privacy of your personal information and that they will not do anything that would cause us to breach those obligations.

Cross-Border Disclosures
We do not share your information with any overseas offices/companies without your prior consent. We do not have a subsidiary company that operates overseas who have access to your details.

We will take such steps as are reasonable in the circumstances to ensure that the overseas recipient does not breach the Australian Privacy Principles should the situation arise, we ae required to send information overseas.

Access & Correction
Access
Subject to some exceptions that are set out in privacy law, you can gain access to the personal information that we hold about you. You will need to be in a position to verify your identity.   There are some exceptions to providing access, such as when opinions have been provided confidentially in the course of our performing reference checks and access would impact on the privacy rights of other people.

We might impose a moderate charge in providing access.  Our Privacy Coordinator would discuss this with you.  We will generally respond to your request for access within five 5 working days.

Correction
If you find that personal information that we hold about you is inaccurate, out of date, incomplete, irrelevant or misleading, you can ask us to correct it by contacting us.  We will take such steps as re reasonable in the circumstances to correct that information to ensure that, having regard to the purpose for which it is held, the information is accurate, up to date, complete, relevant and not misleading.

Please advise us if you wish to be removed from our recruitment software system.  We will amend your status to “inactive” and will remove information that we have no present need for or obligation to retain.

There is no charge to correct information.  We will generally respond to your request for access within five 5 working days.

Complaints
You have a right to complain about our handling of your personal information if you believe that we have interfered with your privacy.  If you are making a complaint about our handling of your personal information, it should first be made to us in writing.  Refer to our Privacy Complaint Handling Policy.

Please contact our Privacy Coordinator on 02 9544 1180 or info@1Medical.com.au .  You can also make complaints to the Office of the Australian Information Commissioner (http://www.oaic.gov.au/privacy/privacy-complaints), or the New Zealand Privacy Commissioner on investigations@privacy.org.nz

More Information
If you have any questions, or would like more information, please contact us via info@1Medical.com.au or call 02 9544 1180.

For the GDPR, a Data Controller is the person or organisation that decides how and for what purpose any personal data is processed.  The Data Controller for 1Medical is Ryan Kevelighan.  The Data Protection Officer is Michelle Morgan who can be contacted on info@1Medical.com.au

 

 

For all EU Citizens:

If you are an EU Citizen, you have the right to:

-          Request a copy of the information we hold about you.  If you would like a copy of some or all your personal information, please contact us.

-          The correction and deletion of your personal information.  If any information is not current and accurate, please contact us.

-          Withdraw your consent to us storing and processing your information.  If you would like to withdraw your consent, please contact us.

-          Receive all personal data which we hold of you, in a structured, commonly used and machine-readable format.  You have the right to transmit this data to another controller without delay from the current data controller if this is based on consent or contract and is carried out by automated means.  If this is required, please contact us.

-          Have all information that we hold about you deleted.  If this is requested, please contact us.

-          Lodge a complaint if you think your personal data has not been processed in accordance with the GDPR.  If this is the case, please contact us.