PRIVACY POLICY
Introduction
Remuna Pty Ltd is committed to promoting an organisational culture and maintaining effective systems and processes, which respect and protect the privacy of the Personal Information that we hold. The purpose of this policy is to ensure consistent principles and processes on correct data management procedures on the collection and usage of data and to ensure that all Personal Information is protected against being used for unlawful purposes or purposes for which they were not intended.
Definitions
APP - Australian Privacy Principles as set out in the Privacy Act 1988 (Privacy Act), as amended APP - Australian Privacy Principles as set out in the Privacy Act 1988 (Privacy Act), as amended
Client - A person or organisation using the Company’s professional services
Company - Remuna Pty Ltd
De-identification - Involves removing or altering information that identifies an Individual or is reasonably likely to do so
Individual - Any identifiable person and includes employees, contractors and any member of the public
IT - Information Technology
OAIC - Office of the Australian Information Commissioner
Permitted General Situation - Are those situations in which an exception applies regarding the collection of Sensitive Information, the use or disclosure of Personal Information and the use or disclosure of government related identifiers.
There are five Permitted General Situations that apply to an APP entity that is an organisation:
Lessening or preventing a serious threat to life, health, or safety of any Individual or to public health or safetY
Taking action in relation to suspected unlawful activity or serious misconduct
Locating a person reported as missing
Asserting a legal or equitable claim
Conducting an alternative dispute resolution procesS
Personal Information - All information concerning or relating to any identifiable Individual. This includes personal data held in electronic and manual records.
Privacy Act - Privacy Act 1988 (Cth) and the The Privacy Amendment (Enhancing Privacy Protections) Act 2012 (Cth)
Privacy Officer - Person representing the Company on privacy by managing and maintaining issues of confidentiality.
Sensitive Information - Any information in relation to or an opinion about an Individual’s:
Racial or ethnic origin
Political opinions
Religious beliefs or affiliations
Philosophical beliefs
Membership of a professional or trade association
Membership of a trade union
Sexual preference or practices
Health
Service Providers - Third-party organisations that provide the Company with services such as software products, website hosting, data back-up, security management services, and others.
Privacy Policy
This Privacy Policy details how we protect your privacy and how we comply with the requirements of the Privacy Act and the 13 Australian Privacy Principles (APP). This policy also describes:
who we collect information from;
the types of Personal Information collected and held by us;
how this information is collected and held;
the purposes for which your Personal Information is collected, held, used and disclosed;
how you can gain access to your Personal Information and seek its correction;
how you may complain or inquire about our collection, handling, use or disclosure of your Personal Information;
how that complaint or inquiry will be handled; and
whether we are likely to disclose your Personal Information to any overseas recipients.
1 Collection of Personal Information
We collect and hold Personal Information that is reasonably necessary to provide our services. We may collect information from or about individuals including our Client’s employees and Client contacts.
In most cases, we collect Personal Information about employees and payment recipients directly from the Client that employs the relevant employee.
Where possible, the Company uses specifically designed forms to standardise the collection of Personal Information. However, given the nature of our operations, we often also receive Personal Information by email, letters, reports, through financial transactions and through surveillance activities such as email monitoring.
We may also collect Personal Information from other people or independent sources (e.g. a telephone Directory), however we will only do so where it is not reasonable and practical to collect the information from you directly.
Sometimes we may be provided with your Personal Information without having sought it through our normal means of collection. We refer to this as “unsolicited information”. Where we collect unsolicited information, we will only hold, use and/or disclose that information if we collected it by normal means. If that unsolicited information could not have been collected by normal means, then we will destroy, permanently delete or de-identify the information as appropriate.
2 Type of Personal Information
The kinds of Personal Information we collect and hold is largely dependent upon whose information we are collecting and why we are collecting it, however in general terms; but not limited to, the Company may collect:
General Personal Information including Individual’s name, address, e-mail address, user ID, banking details, date of birth, payroll details, and employment-related information such as salary details, superannuation contributions, Tax File Number, relevant awards and PAYG withholding tax.
Sensitive Information including nationality, country of birth, languages spoken at home, and professional or union memberships.
3 Use of Personal Information
We only use or disclose Personal Information that is reasonably necessary for one or more of our functions or activities (the primary purpose) or for a related secondary purpose that would be reasonably expected by you, or to which you have consented.
Our primary uses of Personal Information include but are not limited to:
providing financial and accounting services;
satisfying our legal obligations including our duty of care obligations;
keeping Clients informed as to their Accounting and Payroll matters;
internal business operations including planning, staff training, systems development, program and service development, marketing, research, and statistical analysis;
managing the Company’s everyday business needs, such as administration, billing, customer service, payment processing and financial account management, account and contract management, support and training, website administration, security and fraud prevention, corporate governance, reporting, and legal compliance;
Company administration including for insurance purposes;
employment of staff;
engagement of contractors.
We only collect Sensitive Information reasonably necessary for one or more of these functions or activities, if we have the consent of the Individuals to whom the Sensitive Information relates, or if the collection is necessary to lessen or prevent a serious threat to life, health or safety, or another Permitted General Situation (such as locating a missing person).
4 Storage and Security of Personal Information
The security of your Personal Information is of the utmost importance to us and we take all reasonable steps to protect the Personal Information we hold about you from misuse, loss, unauthorised access, modification or disclosure.
These steps include:
Maintaining up-to-date IT and Communication systems, policies and procedures designed to protect Personal Information storage on our systems, including password management.
Maintaining up-to-date Administration and HR systems, policies, procedures, training, and education designed to support this policy.
Maintaining quality Work Processes designed to ensure compliance with this policy.
Restricting access to information on the Company databases on a need-to-know basis with different levels of security being allocated to staff based on their roles, responsibilities and security profile.
Implementing physical security measures around Company facilities to prevent break-ins.
Undertaking due diligence with respect to our third-party Service Providers who may have access to Personal Information, including cloud Service Providers, to ensure as far as practicable that they are compliant with the Australian Privacy Principles or a similar privacy regime.
Personal Information we hold that is no longer needed is destroyed in a secure manner, deleted or de-identified as appropriate.
Our website may contain links to other websites. We do not share your Personal Information with those websites, and we are not responsible for their privacy practices. Please check their Privacy Policies.
5 Personal Information Disclosure
We only use Personal Information for the purposes for which it was given to us, or for purposes which are related (or directly related in the case of Sensitive Information) to one or more of our functions or activities. We may disclose your Personal Information to government agencies, such as the Australian Taxation Office and other governmental agencies as required by law, banks/financial institutions, superannuation funds, health funds, contracted service providers, business partners, and related bodies corporate of the Company only if one or more of the following apply:
you have consented;
you would reasonably expect us to use or disclose your Personal Information in this way;
we are authorised or required to do so by law;
disclosure will lessen or prevent a serious threat to the life, health or safety of an Individual or to public safety;
where another Permitted General Situation exception applies;
disclosure is reasonably necessary for a law enforcement related activity.
We may share Personal Information with our service providers, who are bound by law or contract to protect the Personal Information and only use the Personal Information in accordance with our instructions.
We may disclose Personal Information where needed to affect the sale or transfer of business assets, to enforce the Company’s rights, protect Company’s property, or protect the rights, property or safety of others, or as needed to support external auditing, compliance and corporate governance functions.
We may also disclose Personal Information when required or authorised to do so by law.
We may disclose Personal Information about an Individual to overseas recipients in certain circumstances. We will however take all reasonable steps not to disclose an Individual’s Personal Information to overseas recipients unless:
we have the Individual’s consent (which may be implied); or
we have satisfied ourselves that the overseas recipient is compliant with the Australian Privacy Principles, or a similar privacy regime; or
we form the opinion that the disclosure will lessen or prevent a serious threat to the life, health, or safety of an Individual or to public safety; or
we are taking appropriate action in relation to suspected unlawful activity or serious misconduct.
The collection, use and disclosure of Personal Information may be required or authorised under various Commonwealth and State laws, including:
The Income Tax Assessment Acts
Superannuation Guarantee (Administration) Act 1992 (Cth)
Fair Work Act 2009 (Cth)
Payroll Tax Acts
Long Service Leave Acts
Occupational Health & Safety Acts
Workers Compensation Acts
Tax Agent Services Act 2009 and Tax Agent Services Regulations 2009
Privacy Act 1988 (Cth)
Corporations Act 2001 (Cth)
Anti-Money Laundering and Counter-Terrorism Financing Act 2006 (Cth)
Any secondary legislation pursuant to primary legislation referred to above.
6 Personal Information Quality
We take all reasonable steps to ensure the personal information we hold, use and disclose is accurate, complete and up-to-date. On an ongoing basis, we maintain and update personal information when we are advised by individuals or when we become aware through other means that their Personal Information has changed. Please contact us if any of the details you have provided change. You should also contact us if you believe that the information, we have about you is not accurate, complete, or up to date.
7 Accessing Personal Information
You may request access to the Personal Information we hold about you, or request that we change the Personal Information, by contacting us.
If we do not agree to provide you with access, or to amend your Personal Information as requested, you will be notified accordingly in writing and where appropriate, we will provide you with the reason/s for our decision. If the rejection relates to a request to change your Personal Information, you may make a statement about the requested change, and we will attach this to your record.
How to Contact Us
You can contact us for access or change to your Personal Information by:
Address: PO Box 42, North Perth WA 6906
Email: privacy@remuna.au
Phone: (08) 6462 8800
8 Privacy Complaints
If you wish to make a complaint about a breach of the APP by us, you may do so by providing your written complaint by email, letter, fax or by personal delivery to any one of our contact details as noted below. You may also make a complaint verbally.
If practical, you can contact us anonymously (i.e., without identifying yourself) or by using a pseudonym. However, if you choose not to identify yourself, we may not be able to give you the information or provide the assistance you might otherwise receive if it is not practical to do so.
How to Contact Us
You can contact us about this Policy or about your Personal Information by:
Address: PO Box 42, North Perth WA 6906
Email: privacy@remuna.au
Phone: (08) 6462 8800
The Company’s Privacy Officer will investigate any complaint and will respond within a reasonable time (usually no longer than 30 days), however we may seek further information from you in order to provide a full and complete response. Your complaint may also be taken to the Office of the Australian Information Commissioner (www.oaic.gov.au)
9 Changes to Our Privacy Policy
This Privacy Policy is subject to change at any time. Our most recent policy will always be available on our website http://www.remuna.au/.