This policy is only intended to cover information that is covered by the Act.
MONITORING AND REVIEW
This policy was last reviewed on 08 December 2021.
WHAT WE COLLECT AND WHY
We will only collect information which is directly relevant to our business activities, which includes the provision of consulting services, products and product support, and public and private training courses. It is important for us to collect personal information in order to provide a complete and comprehensive service.
We may collect the following types of personal information about you:
Your contact details when you sign up as a client or for a public seminar or webinar, or subscribe to our mailing list. We may occasionally use our mailing list for direct marketing purposes—for example, if our partner company releases a new product or we release a new service.
Your contact details when you purchase a good or service from us, including any of our template contracts, policies, or guides.
Your personal information, including your name, in the course of providing consulting services to our clients. This may include when the information comes directly from you, for example when we take a witness statement during a workplace investigation; or from a person other than you, for example when we are providing advice to one of our clients in relation to workplace matters.
Your personal information in any emails that you send to us.
Your contact details where you act as a supplier of goods or services to us.
Your personal information for the purposes of employment, including for prospective employees who have applied for a job with us. While employee records are typically exempt from the APPs, we endeavour to treat our current and former employees’ personal information with the same level of confidentiality as all other personal information.
This information may include such things as:
details that identify by name, address, date of birth and other related areas;
contact history and references; and
business contact information such as clients, bank managers, accountants, legal advisors and consultants.
We may collect and hold sensitive information where required to fulfil our business functions or activities. We will only collect sensitive information with your consent, or in a ‘permitted situation’, or where otherwise required or authorised by law. Such sensitive information includes but is not limited to:
information about your racial or ethnic origin;
membership of your professional, trade or political associations;
your criminal record; or
your health information (for health and safety purposes – such as vaccination records where required for our business activities).
INFORMATION ABOUT VULNERABLE PERSONS
We may collect personal information about a vulnerable segment of the community (such as children, or persons with disabilities), to the extent that it is necessary for the proper management of our organisation and business activities, such as in the course of providing consulting services to our clients.
We may use various kinds of software to collect information to assist with user experiences on our websites, but none of this information can be used to identify individual users.
Small files called “cookies” may be attached to your web browser on your personal computer. These files identify and save information about your browser so that websites can recognise you, which helps optimise your experience on EMA Consulting’s website and its related entities’ websites. You can disable cookies on your computer, but this may affect your experience on our websites.
HOW WE COLLECT AND HOLD INFORMATION
How we collect personal information depends on each business relationship. We may collect it through telephone or internet contact or in person through a visit. We will generally only collect your personal information directly from you, other than the collection of your personal information in the course of providing consulting services to our clients – such as advice on a workplace matter that may involve you. Where appropriate, we may also collect personal information indirectly from list purchases, or referrals. Other ways in which we collect information may include via feedback forms at training courses and breakfast seminars.
We will not collect any personal information except where that information has knowingly been provided to us or the collection of the information is directly relevant to our business, such as the provision of advice to a client. If we come into possession of any unsolicited personal information, we will destroy or de-identify that information, if it is appropriate to do so, as soon as practicable.
STORAGE AND SECURITY
Our electronic database and manual information management facilities which are used to hold personal information are maintained secure at all times. This includes security from illegal network access as well as appropriate security levels. Internal access will be controlled such that the relevant persons are authorised only for the minimum access that is required by them to enable them to carry out their job function. Other ways in which we hold information may include in hard copy files, stored in our secure offices.
We endeavour to keep all personal information secure and up to date (so far as is necessary to perform our business functions). Our staff members are all trained in confidentiality and the appropriate access and use of personal information to ensure the information is only accessed and used as required for the provision of our services.
We continually monitor and keep up to date with our obligations under the notifiable data breach scheme and will comply with those obligations in the event of a notifiable data breach. Our staff are all trained in our notifiable data breach policies to ensure they understand their individual obligations and can escalate any issues appropriately.
USE AND DISCLOSURE
We will only use or disclose personal information for the purpose for which it was collected, or otherwise as permitted or required by law. Other purposes for which we use or disclose personal information may include the following:
To notify our contacts of developments or upcoming events, such as new training courses or industrial relations news that affects our clients.
To obtain feedback from our clients about our products, services, and training.
In the course of seeking legal advice, such as when we act as an agent on behalf of a client.
Where required by law, such as an order of a court, in which case we will (if reasonably practicable) notify you of that use or disclosure.
Where personal information is used by us, that information will only be accessed by persons where access is required by them to enable them to carry out their job function.
We may share your information to one of our partner companies during the provision of services to you. For example, if you have expressed an interest in a product that one of our partner companies produces, we may pass your contact details to that partner company so they can get in touch with you.
DISCLOSURE TO OVERSEAS RECIPIENTS
ACCESS AND CORRECTION
We endeavour to keep all of our records of personal information up to date where relevant—for example, for the purposes of client contact details. We encourage you to contact us if you have updated any of your personal information or contact information so our records remain up to date. We may also periodically contact you to confirm whether our records include the most current information.
You may request access to your personal information, but there may be circumstances where that access is not permitted, such as when it breaches confidentiality or commercial sensitivity of our business or a client’s business.
If you would like to request access to or correct your personal information held by us, or have any other questions about how we collect, use, and store your personal information, please contact the General Manager on:
Phone: 08 8203 1700
A person, other than the individual, may make a request to access or correct personal information where that person is the parent or guardian of the individual, or has such powers as conferred by the relevant legislation pertaining to guardianship and/or powers of attorney.
If you believe there has been a breach of the APPs, or a registered APP code that binds us, please contact us in writing at firstname.lastname@example.org.
We will endeavour respond to any complaints within thirty (30) days or within such other time frame as is reasonable in the circumstances.
If you are not satisfied with how we have handled your complaint, you may refer your complaint to the Office of the Australian Information Commissioner at www.oaic.gov.au.