We are bound by the Australian Privacy Principles (APP) contained in the Privacy Act 1988 (Cth) (Privacy Act) (subject to exemptions that apply to us under that Act), our general law obligations of confidentiality to you and all other applicable guidelines and codes in Australia. The APPs detail how personal information may be collected, used, disclosed, stored and destroyed, and how an individual may gain access to or make complaints about the personal information held about them.
“Personal information” is information or an opinion about an identified individual, or about an individual who is reasonably identifiable, whether or not the opinion is true or not and whether or not the information is stored in material form or not. It includes sensitive information and health information.
“Health Information” is information or an opinion about an individual’s health or disability, the health services provided or to be provided to them, their expressed wishes for the provision of future health services, personal information collected to provide a health service, personal information collected in connection with organ and body-part donation, and predictive genetic information.
“Sensitive information” is a special category of personal information. It is information or an opinion about an individual’s racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual preferences or practices, criminal record, health information about an individual or genetic information about an individual that is not otherwise health information.
This policy details how Gatehouse manages personal information about you. For that reason, please read the following details carefully.
What kinds of information will we collect and hold?
The kinds of personal information that we commonly collect and hold from you or about you include: your name, gender, address, phone, fax and mobile numbers, email address, date of birth, qualifications, education, business, accreditations and your work experience. We may also collect other types of personal information such as the opinions of others about your work performance (whether true or not), your career objectives, the name and contact details of individuals listed as referees within your application for employment, references, aptitude test results and any other information obtained by us in connection with your possible work placements and provided to us.
When you browse our website or contact us electronically, we may record: geographical tagging, cookies, and statistical data.
We may collect sensitive information from you or about you where there is a legal requirement to do so, or where we are otherwise permitted by law. In all other situations, we will specifically seek your consent.
If you provide that information that we do not solicit, we will, within a reasonable period after receiving the information, determine whether or not we could have collected the information under the APP. If we determine that we could not have collected such information under APP and the information is not a Commonwealth Government identifier, then we will as soon as practicable either destroy the information or otherwise ensure it is de-identified, provided that it is lawful to do so. Otherwise, we will hold, use and disclose such information in accordance with this policy.
How do we collect and hold that information?
We aim to collect personal information only directly from you, unless it is unreasonable or impracticable for us to do so. For example, we collect personal information from you or about you from:
- correspondences that you submit to us, whether in writing or by email, facsimile or post;
- communications, telephone calls, meetings or interviews with us;
- questionnaires and feedback surveys that you complete;
- the application, form or application you complete and submit to us;
- your activity on our Website and social media platforms;
- other material provided to us or to our consultants or other persons connected to your interest in your application for employment; and
- information about you that is available on the internet or that is otherwise published.
We may also collect personal information from third parties such as law enforcement agencies and other government entities.
Where you have provided us with your referees, we may also collect personal information about you from them, but only if you give us express permission to do so.
In addition, in connection with your use of the Website, we may also collect cookies from your computer or mobile, which enables us to tell when you use the Website and also to help customise your Website experience.
Your personal information is held and stored on paper, by electronic means or both. We have physical, electronic and procedural safeguards in place for personal information and take reasonable steps to ensure that your personal information is protected from misuse, interference, loss and unauthorised access, modification and disclosure.
The purpose for which we collect, hold, use and disclose personal information
We collect, hold, use and disclose your personal information to provide services we offer or you have contracted us to provide.
We collect, hold, use and disclose personal information from you or about you primarily for the following purposes (where applicable):
- to provide our services to you, including assisting you to find employment or business opportunities, to identify your career objectives and to apply for specific jobs;
- to assist employers to find prospective employees;
- to enable you to submit your CV generally, to apply for specific jobs or to subscribe to our services;
- to assess an application for employment made by you or on your behalf;
- to answer your queries;
- to provide you with any training;
- to assist you with your interviews with potential employers;
- to promote, facilitate and manage the provision of any other services we provide to you;
- for our administrative and accounting functions, fraud checks, marketing and promotions, newsletter communications, website traffic analysis;
- to maintain our business relationship, where you are a user of our Website, a client or candidate; and/or
- for any other purposes disclosed at the time of collection.
Where we use your personal information for marketing and promotional communications, you can opt out at any time by notifying us.
If you are a candidate, we will disclose your personal information to specific employer(s) or third parties that you have consented to us disclosing your information.
We will also disclose your information to third party contractors that we retain to assist us providing services to you, including Information Technology and database design contractors, our internet service provider and our professional advisers (such as our accountants or lawyers).
We will not disclose personal information about you for any other purposes, except that we may disclose or use your personal information where:
- we are under a legal duty to do so, including circumstances where we are under a lawful duty of care to disclose information; or
- such disclosure is authorised or permitted by the APP, law or you.
What is the main consequence for you if you do not provide your information to us?
If you do not provide your personal information to us we may be unable to:
- assist you in your efforts to find an employment and/or business opportunity for you or place you in work;
- assist you in your efforts to find a suitable acquisition and/or merger target;
- provide you with the necessary training or appraisal;
- answer your enquiry; and/or
- provide any other services that you or your organisation have contracted us to provide.
Destruction and De-identification
We will retain your personal information whilst it is required for any of our business functions, or for any other lawful purpose.
We use secure methods to destroy or to permanently de-identify your personal information when it is no longer needed:
- Paper records are commonly sent for secure destruction.
- Electronic records are deleted from all locations, to the best of our ability, or encrypted and/or placed beyond use.
We may disclose your personal information to our contractors, service providers and third party suppliers located overseas (including, without limitation, any organisations engaged by you or us to assist in exploring an opportunity overseas) for one or more of the purposes listed above.
These overseas recipients include our contracted service providers located in the Philippines.
We take reasonable steps to ensure that the overseas recipients of your personal information do not breach the privacy obligations relating to your personal information.
How do we keep personal information accurate and up to date?
We rely on the Personal Information we hold about you in providing you with our services or otherwise conducting our business. Therefore, it is important that the information we hold about you is accurate, complete and up-to-date. This means that from time to time we may ask you to tell us if there are any changes to your Personal Information. To assist us to keep our records up-to-date, please advise your consultant immediately when your personal details change. We generally update your personal information over the telephone, by email or in post.
How are you able to access to your personal information
We have procedures in place for dealing with and responding to requests for access to the personal information held about you.
In most cases, we expect that we will be able to comply with your request. However, if we do not agree to provide you access to information as requested, we will give you written reasons why. For further information, please contact us email@example.com.
Enquiries & complaints
We have procedures in place for handling and dealing with complaints and concerns about our practices in relation to the Privacy Act and the APPs. These procedures are set out in our Privacy Complaints Handling Process annexed hereto. We will respond to your complaint in accordance with our Privacy Complaints Process and the relevant provisions of the APPs. For further information, please contact our Privacy Officer.
Privacy Complaints Process
This Privacy Complaints Process covers both Gatehouse Legal Recruitment ACN 161 120 761 and Gatehouse Business Brokers Pty Ltd ACN 603 978 169 collectively (“Gatehouse” or “we”, “us” or “our”).
Complaint: an expression of dissatisfaction with the quality of an action taken, decision made, or service provided by us or our contractors that may interfere with the privacy of an individual.
Complainant: The person making the Complaint. This can include anyone whose personal information Gatehouse has collected, stored, used or disclosed.
The Privacy Complaints Process aims to establish an open and transparent Complaint handling process. It sets out our approach to resolving Complaints, and clarify the roles and responsibilities of Gatehouse staff in Complaint handling.
There are five phases to the privacy complaints process:
- Receipt of Complaint;
- Assessment of Complaint;
- Actions taken to resolve the Complaint;
- Recording of outcome and monitoring; and
- System improvements, where appropriate.
Receipt of a complaint
A Complaint may be made to the Privacy Officer in one of the following two ways:
In person or via mail:
Gatehouse Legal Recruitment
Level 1, 530 Little Collins Street, Melbourne, Victoria 3000
In the Complaint, the Complainant should:
- include sufficient contact details to enable us to identify them;
- clearly and succinctly state the nature of their Complaint;
- include sufficient information for the Privacy Officer to understand the Complaint;
- provide details of the circumstances giving rise to the Complaint, such as what happened, when they became aware of it, and who was involved;
- outline the impact the event has had on them; and
- include details of what they would like to see happen to resolve their Complaint.
Importantly, we can only accept Complaints from the individual involved, or their authorised representative. If the Complaint is acting on behalf of another person, they must provide satisfactory evidence of their authority to do so.
The Privacy Officer will aim to acknowledge the Complaint within 5 working days of receiving it.
In order to properly and efficiently respond to a Complaint,the Privacy Officer may also seek further information from the Complainant (if necessary).
The Privacy Officer will investigate the Complaint. This may involve obtaining further information from the Complainant, speaking with the relevant staff members, reviewing relevant documents or files, and obtaining technical or legal advice.
How long it takes for the Privacy Officer to investigate your Complaint and respond to you will ultimately depend on the nature and complexity of the issues involved. However, it is anticipated that in most cases, the duration of the investigation will not exceed 30 days of the Complaint and all subsequently requested information being received. If the investigation is likely to take longer than 30 days, the Privacy Officer will notify the Complainant.
Resolving a complaint
The Privacy Officer will make an assessment of the Complaint following an investigation and make a decision, including any appropriate remedy.
The Privacy Officer will write to the Complainant to inform them of the outcome of the investigation.
Remedies may include an explanation, an apology, a correction, system improvements, or a combination of these.
If a Complaint is dissatisfied with the outcome of a Complaint or the responses provided, they may wish to contact the Office of the Australian Information Commissioner (OAIC). More information about the OAIC and how to lodge a Complaint can be found on the OAIC website.
Recording and monitoring
All Complaints are to be recorded in the Privacy Complaints Register. This includes all Complaints received in writing, and those received verbally but documented by a Gatehouse representative.
Any action taken pursuant to receipt of a complaint, and its resolution, are also to be recorded. The Privacy Officer will monitor privacy complaints and determine if system or process improvements are required.
A Complaint may alert Gatehouse to a system or process failure that requires correction to ensure that people’s personal information and privacy is protected. When considering improvements the Privacy Officer will act to prevent recurrence of any breaches and will promote continuous improvement of Gatehouse’s privacy practices.
Any improvement considerations will include policy and process reviews, practice reviews, and training.
Policy last updated September 2021.