CloudApps Consulting is committed to ensuring your privacy. As a leading supplier of Cloud based ERP professionals, CloudApps makes use of personal information to conduct our business. We ensure this is always treated with the utmost confidentiality and security. The following policy explains how we manage your personal and sensitive information in accordance with the Privacy Act 1988 and Australian Privacy Principles.
1. INTRODUCTION
We manage personal information in accordance with the Privacy Act 1988 and Australian Privacy Principles and the Information Privacy Principles (IPP) contained in the Privacy Act 1993 in New Zealand. This condensed policy applies to information collected by CloudApps Consulting. You can read parts of our full policy and obtain more information by following the links.
We only collect information that is reasonably necessary for the proper performance of our activities or functions.
We do not collect personal information just because we think it could be useful at some future stage if we have no present need for it.
We may decline to collect unsolicited personal information from or about you and take steps to purge it from our systems.
By following the links in this document, you will be able to find out how we manage your personal information as an APP Entity under the Australian Privacy Principles (APPs).
You will also be able to find out about the information flows associated with that information.
If you have any questions please contact us
1.1. APP Entity
CloudApps manages personal information, as an APP Entity, under the Australian Privacy Principles (APPs).
Because we are a contracted service provider to a range of Commonwealth, State and Territory government agencies, it sometimes becomes necessary for us to collect and manage personal information as an Agency under different privacy arrangements.
If you wish to know whether this applies to you, please contact us.
1.2. Information Flow
When we collect your personal information:
we check that it is reasonably necessary for our functions or activities as an SAP resourcing and recruitment company
we check that it is current, complete and accurate. This will sometimes mean that we have to cross check the information that we collect from you with third parties
we record and hold your information in our Information Record System. Some information may be disclosed to overseas recipients
we retrieve your information when we need to use or disclose it for our functions and activities. At that time, we check that it is current, complete, accurate and relevant. This will sometimes mean that we have to cross check the information that we collect from you with third parties once again – especially if some time has passed since we last checked
subject to some exceptions, we permit you to access your personal information in accordance with APP:12 of the (APPs)
we correct or attach associated statements to your personal information in accordance with APP:13 of the (APPs)
we destroy or de-identify your personal information when it is no longer needed for any purpose for which it may be used or disclosed provided that it is lawful for us to do so. We do not destroy or de-identify information that is contained in a Commonwealth Record.
2. KINDS OF INFORMATION THAT WE COLLECT AND HOLD
Personal information that we collect and hold is information that is reasonably necessary for the proper performance of our functions and activities as a Cloud based ERP resourcing and recruitment company, and is likely to differ depending on whether you are a Workseeker, a CloudApps contractor, a Client or a Referee.
2.1. For Workseekers
The type of information that we typically collect and hold about Workseekers is information that is necessary to assess amenability to work offers and work availability; suitability for placements; or to manage the performance in work obtained through us and includes:
Personal contact details – phone, address and email(s)
Employment history
Qualifications
Proof of ability to work in Australia
2.2. For Speller International Contractors
The type of information that we typically collect and hold about CloudApps Contractors is information that is necessary to manage the presentation and delivery of our services and includes:
Personal contact details – phone, address and email(s)
Employment history
Qualifications
Proof of ability to work in Australia
Banking details
Date of birth
Superannuation fund (including fund number)
Tax file number
2.3. For Clients
The type of information that we typically collect and hold about Clients is information that is necessary to help us manage the presentation and delivery of our services and includes:
Office Contact details – phone, address, email(s)
Job Employer – company and job title
2.4. For Referees
The type of information that we typically collect and hold about Referees is information that is necessary to help to make determinations about the suitability of one of our Workseekers for particular jobs or particular types of work and includes:
Contact details – phone, email(s)
Employer details – company and job title
3. PURPOSES
The purposes for which we collect, hold, use and disclose your personal information are likely to differ depending on whether you are a Workseeker, a CloudApps contractor, a client or a referee.
3.1. For Workseekers
Personal information that we collect, hold, use and disclose about Workseekers is typically used for:
work placement operations;
recruitment functions;
statistical purposes and statutory compliance requirements
3.2. CloudApps contractors
Personal information that we collect, hold, use and disclose about CloudApps contractors is typically used for:
contract management;
payroll functions;
marketing services to you;
statistical purposes and statutory compliance requirements
For Clients
Personal information that we collect, hold, use and disclose about Clients is typically used for:
client and business relationship management;
recruitment functions;
marketing services to you;
statistical purposes and statutory compliance requirements;
For Referees
Personal information that we collect, hold, use and disclose about Referees is typically used for:
confirming identity and authority to provide references;
Workseeker suitability assessment;
recruitment functions;
The section below is relevant to our use and disclosure of your personal information; as is the section on information on Overseas Disclosures.
3.5 Our Policy on Direct Marketing
Personal information used for direct marketing purposes is managed directly and by a third party marketing solutions company. Customer lists are obtained through CloudApps own collection of information and not provided to third parties for their own marketing purposes.
Customer lists are shared with the marketing solutions company via password protected software for upload into the email marketing service database, also password protected.
All direct marketing is undertaken with compliance to the requirements of the anti-spam legislation and recipients can unsubscribe at any time.
4. HOW YOUR PERSONAL INFORMATION IS COLLECTED
The means by which we will generally collect your personal information are likely to differ depending on whether you are a Workseeker, a CloudApps contractor, a Client or a Referee.
We sometimes collect information from third parties and publicly available sources when it is necessary for a specific purpose such as checking information that you have given us or where you have consented or would reasonably expect us to collect your personal information in this way.
Sometimes the technology that is used to support communications between us will provide personal information to us. Refer to the section in this policy on Electronic Transactions and also the section on Photos & Images.
4.1. For Workseekers
Personal information will be collected from you directly when you fill out and submit one of our application forms or any other information in connection with your application to us for work.
We may also collect personal information about you from a range of publicly available sources including newspapers, journals, directories, the Internet and social media sites. When we collect personal information about you from publicly available sources for inclusion in our records we will manage the information in accordance with the APPs.
4.2. For Clients
Personal information about you may be collected when you provide it to us for business or business related social purposes.
We may also collect personal information about you from a range of publicly available sources including newspapers, journals, directories, the Internet and social media sites. When we collect personal information about you from publicly available sources for inclusion in our records we will manage the information in accordance with the APPs and our Privacy Policy.
4.3.For Referees
Personal information about you may be collected when you provide it to us in the course of our checking Workseeker references with you and when we are checking information that we obtain from you about Workseekers.
We may also collect personal information about you from a range of publicly available sources including newspapers, journals, directories, the Internet and social media sites. When we collect personal information about you from publicly available sources for inclusion in our records we will manage the information in accordance with the APPs and our Privacy Policy.
4.4. Photos & Images
We will not request that you supply photographs, scan photo ID, or capture and retain video image data of you in cases where simply sighting photographs or proof of identity documents would be sufficient in the circumstances.
4.5. Electronic Transactions
Sometimes, we collect personal information that individuals choose to give us via online forms or by email, for example when individuals:
ask to be on an email list such as a job notification list;
register as a site user to access facilities on our site such as a job notification board;
make a written online inquiry or email us through our website;
submit a resume by email or through our website;
apply for one of our jobs listed on a jobboard.
For CloudApps Contractors, we also collect personal information via our online timesheets system, Astute Payroll, which is managed by password protection. You can view their privacy policy here.
It is important that you understand that there are risks associated with use of the Internet and you should take all appropriate steps to protect your personal information. It might help you to look at the OAIC’s resource on Internet Communications and other Technologies.
You can contact us <link to contact page x> by land line telephone or post if you have concerns about making contact via the Internet.
4.6. Electronic Transactions and IT Systems
CloudApps has implement practices, procedures and systems to ensure compliance with the Australian Privacy Principles. All of CloudApps IT Systems are protected by passwords, including;
Computer access
Email – in office and via mobile access
Fasttrack – database system which includes call and message logs
Astute Payroll – online timesheet management system
MYOB – accounting software
Banking institutions
Website
General information about website use is gained collectively, such as which pages users visit more frequently and what services users access the most. Data is only used anonymously and in the aggregate. This information helps us determine what is most beneficial for our users, and how we can continually create a better overall website experience for you.
5. HOW YOUR PERSONAL INFORMATION IS HELD
Personal information is held in our Information Record System until it is no longer needed for any purpose for which it may be used or disclosed at which time it will be de-identified or destroyed provided that it is lawful for us to do so.
We take a range of measures to protect your personal information from:
misuse, interference and loss; and
unauthorised access, modification or disclosure.
5.1. Our Information Record System
Our Information Record System enables us to securely store information in both hard copy and electronic format.
Hard copy – items that we require a hard copy of such as contracts and insurances are stored in locked facilities onsite at CloudApps.
Electronic format – all devises that store personal including on portable electronic devices are all password protected.
5.2. Information Security
Your personal information is protected by our Information Security System. Internal staff policies that protect information include:
Staff training
Staff disclosure policy
Need-to-know and authorisation policies
Password protection
Policies for laptop, mobile phone and portable storage device security
Culling procedures including shredding and secure disposal of personal information
6. DISCLOSURES
We may disclose your personal information for any of the purposes for which it is primarily held or for a lawful related purpose.
We may disclose your personal information where we are under a legal duty to do so.
Disclosure will usually be:
internally and to our related entities
to our Clients
to Referees for suitability and screening purposes.
6.1. Related Purpose Disclosures
We outsource a number of services to contracted service suppliers (CSPs) from time to time. Our CSPs may see some of your personal information. Typically, our CSPs would include:
Software solutions providers;
.T. contractors and database designers and Internet service suppliers;
Legal and other professional advisors;
Insurers, insurance brokers, loss assessors and underwriters;
Superannuation fund managers;
Background checking and screening agents;
Australian Taxation Office
State Government Payroll Tax bodies
Worksafe Australia
We take reasonable steps to ensure that terms of service with our CSPs recognise that we are bound by obligations to protect the privacy of your personal information and that they will not do anything that would cause us to breach those obligations.
6.2. Cross-Border Disclosures
Your personal information will not be disclosed to overseas recipients unless you are applying for a position in New Zealand. If you are applying for a New Zealand position, we will obtain your authority to disclose relevant information in relation to your application.
7. ACCESS & CORRECTION
Subject to some exceptions set out in privacy law, you can gain access to your personal information that we hold.
Important exceptions include:
evaluative opinion material obtained confidentially in the course of our performing reference checks; and access that would impact on the privacy rights of other people. In many cases evaluative material contained in references that we obtain will be collected under obligations of confidentiality that the person who gave us that information is entitled to expect will be observed. We do refuse access if it would breach confidentiality.
For more information about access to your information see our Access Policy.
For more information about applying to correct your information see our Correction Policy.
7.1. Access Policy
If you wish to obtain access to your personal information you should contact our Privacy Coordinator. You will need to be in a position to verify your identity.
You will receive a response in 5 working days regarding the access of your personal information. If you are unhappy with the response provided by us, please refer to our Complaints Procedure.
7.2. Correction Policy
If you find that personal information that we hold about you is inaccurate, out of date, incomplete, irrelevant or misleading, you can ask us to correct it by contacting us.
We will take such steps as are reasonable in the circumstances to correct that information to ensure that, having regard to the purpose for which it is held, the information is accurate, up to date, complete, relevant and not misleading.
If we have disclosed personal information about you that is inaccurate, out of date, incomplete, irrelevant or misleading, you can ask us to notify the third parties to whom we made the disclosure and we will take such steps (if any) as are reasonable in the circumstances to give that notification unless it is impracticable or unlawful to do so.
You will receive a response in 5 working days regarding the correction of your personal information. If you are unhappy with the response provided by us, please refer to our Complaints Procedure.
8. COMPLAINTS
You have a right to complain about our handling of your personal information if you believe that we have interfered with your privacy.
COMPLAINTS PROCEDURE
If you are making a complaint about our handling of your personal information, it should first be made to us in writing.
You can make complaints about our handling of your personal information by contacting us, attention The Privacy Coordinator:
In Writing to: Suite 69-70, Level 3, 255 Drummond Street, Carlton VIC 3053
By email: admin@cloudappsconsulting.com.au
You can also make complaints to the Office of the Australian Information Commissioner.
Complaints may also be made to RCSA, the industry association of which we are a member.
RCSA administers a Code of Conduct for the professional and ethical conduct of its members.
The RCSA Code is supported by rules for the resolution of disputes involving members.
NOTE: The Association Code and Dispute Resolution Rules do NOT constitute a recognised external dispute resolution scheme for the purposes of the APPs; but are primarily designed to regulate the good conduct of the Associations members.
When we receive your complaint:
We will take steps to confirm the authenticity of the complaint and the contact details provided to us to ensure that we are responding to you or to a person whom you have authorised to receive information about your complaint;
Upon confirmation we will write to you to acknowledge receipt and to confirm that we are handling your complaint in accordance with our policy.
We may ask for clarification of certain aspects of the complaint and for further detail;
We will consider the complaint and may make inquiries of people who can assist us to established what has happened and why;
We will require a reasonable time (usually 30 days) to respond;
If the complaint can be resolved by procedures for access and correction we will suggest these to you as possible solutions;
If we believe that your complaint may be capable of some other solution we will suggest that solution to you, on a confidential and without prejudice basis in our response;
If the complaint cannot be resolved by means that we propose in our response, we will suggest that you take your complaint to any recognised external dispute resolution scheme to which we belong or to the Office of the Australian Information Commissioner.