1. Purpose and scope
Symal respects the privacy of its clients, Employees, perspective employees and all others in which it deals with. This policy describes the types of private data we collect and describes how we use private information, with whom we share it, your rights and choices, and how you can contact us about our privacy practices.
‘APP’ means Australian Privacy Principles.
‘Symal’ means Symal Group Pty Ltd and any other related bodies corporate.
‘Employee’ means a full time, part time, casual or volunteer employee of Symal and includes directors, contractors and agents of Symal.
‘Personal Information’ means information or opinion about an identified individual, or an individual who is reasonably identifiable.
‘Privacy Act’ means the Privacy Act 1988 (Cth) and related regulations as updated and amended from time to time.
|Implementation of policy and processes||Director|
|Complaints regarding privacy||HR Manager|
Assessing and Correcting Personal Information
You may request access to personal information Symal holds about you and you may request corrections be made to that information.
Symal will generally provide you with access to any personal information we hold about you on request. In limited circumstances, however, access may be refused if required or permitted by law. If Symal does not provide you with access, we will explain the reasons for our refusal in writing.
Symal will not charge you for making an application to access your personal information but may charge a reasonable fee to cover the cost of giving access, such as photocopying costs. Symal will advise you if such a charge applies before your request is dealt with.
How Does Symal Secure Personal Information?
Your personal information is held on databases and physical files. Symal takes appropriate technical, organisation and physical measures to keep your personal information secure.
If Symal outsources services involving the use of personal information, it will take steps to ensure the protection of your personal information.
In the course of using our website, you may provide us with personal information. Symal takes all reasonable steps to ensure its security within our own system.
Sending Personal Information Overseas
Before disclosing personal information to an overseas recipient, Symal will take reasonable steps to ensure that the overseas recipient does not breach the APPs in relation to the information.
Symal will be accountable for the overseas recipient’s acts or practices in relation to the information that would breach the APPs.
If an Employee is using company software on a personal or work device for work purposes, Symal may have access to location information which relates directly to an Employee’s employment. Employees will have access to this information kept ensuring transparency. Symal will rectify the information if it is found to be incorrect or incomplete.
This Privacy Complaint Handling Procedure sets out the process Symal will undertake to deal with complaints regarding breaches of Australian privacy law including under the Privacy Act and State and Territory legislation relating to health information.
Any complaints should be made in writing to Symal HR Manager.
Symal will resolve all privacy complaints through this procedure:
Step 1: A privacy complaint is received (Complaint).
Step 2: Within (5) business days following receipt of the Complaint, Symal will send a communication via post, fax or email to the person who made the complaint (Complainant) acknowledging receipt of the Complaint.
Step 3: Following the acknowledgment of receipt of the Complaint (as outlined in Step 2), a Symal investigator will notify the Complainant via post, fax or email, that they have been assigned to investigate the Complaint and commence the investigation.
Step 4: The investigator will investigate the Complaint. During this process, the investigator may request further information from the Complainant.
Step 5: Within thirty (30) business days from the date all information is received, the Investigator will contact the Complainant via post, fax or email, notifying the Complainant of proposed avenues of resolution. The Complainant and the investigator may work together to collaboratively resolve the Complaint to the Complainant’s satisfaction. Symal will notify the individual if additional time is needed to respond due to the complexity of the inquiry.
Step 6: If the Complaint cannot be resolved by the Complainant and the Investigator in accordance with Step 5, then the Investigator will notify the HR Manager (Notification) who will then take steps to resolve the matter.
Step 7: Following receipt of all requested information, the HR Manager will contact the Complainant via post, fax or email, and propose an avenue(s) of resolution.
Step 8: If the Complainant agrees to the proposed avenue(s) of resolution, the Complainant and the HR Manager will work together to close the matter.
Step 9: In circumstances where resolution cannot be achieved in accordance with Steps 1 to 8, the HR Manager will advise the complainant that they may direct their Complaint to the Federal Privacy Commissioner or take independent advice as to their rights.
The Complainant may contact the Federal Privacy Commissioner as follows:
By telephone: 1300 363 992
By writing: Director of Complaints, Office of Federal Privacy Commissioner, GPO Box 5218, Sydney NSW 1042
By email: firstname.lastname@example.org
Employees must comply with the requirements of this policy. Any breach of this policy may result in disciplinary action.
7. Document Review
Symal reserves the right to vary, replace or terminate this policy from time to time.