Privacy collection statement
Doctors for Nutrition Limited (ABN 97 626 980 345) (DFN, we, us or our) may collect, use and disclose personal information about you. A worker in this document includes employees, volunteers, employees, candidates for volunteer work, prospective employees, and contractors. An employee in this document is as defined under the Fair Work Act 2009 (Cth) (FW Act).
If you are an employee of DFN, we are required by the Fair Work Act 2009 (Cth) (FW Act) to collect certain information about employees, including name, basis of employment, rate of pay, information about deductions and entitlements, superannuation fund details and information about our payments into that fund, and information relating to an employee’s termination. This information must be retained by DFN for a period of 7 years. This will not apply to all DFN workers, as not all workers are employees.
The handling of some personal information by DFN is exempt from certain obligations under the Privacy Act where it directly relates to a current or former employment relationship, and an employee record held by us (where ‘employee record’ means a record of personal information relating to the employee’s employment). This will not apply to all DFN workers, as not all workers are employees.
Generally, we collect personal information directly from you, however we are also likely to collect personal information about you from referees when they provide references, academic institutions or training and certification providers, providers of licence and background-checking services, recruiters and other service providers who assist in the engagement process, and other publicly available sources such as social media platforms.
We collect and use your personal information for the purposes of engaging you as a worker and facilitating our internal business operations with respect to your engagement.
We are likely to disclose your personal information to our workers, consultants, government departments, and third parties who assist us in operating our business, third parties to whom you have agreed we may disclose your information, or as otherwise required or authorised by law (including regulatory bodies such as WorkSafe). Certain third party service providers are likely to have access to personal information made available via their services. Some third party service providers are located overseas, such as SupporterHub, Monday.com, Slack, and Google who are located in the United States of America, Xero who are located in New Zealand, and Toggl Track who are located in Estonia.
Address: PO Box 285 Curtin ACT 2605
1.1. Doctors For Nutrition Limited (ABN 97 626 980 345) (DFN, we, us or our) may collect, use and disclose personal information about employees, volunteers, candidates for volunteer work, prospective employees, and contractors, which we refer to in this document as ‘workers’.
2.1. The Privacy Act 1988 (Cth) (Privacy Act), and the Australian Privacy Principles (APPs) govern the way in which we must manage your personal information and this policy sets out how we collect, use, disclose and otherwise manage personal information about workers.
2.2. Personal information means information or an opinion about an identified person, or a person who is reasonably identifiable, whether the information or opinion is true or not, and whether it is recorded in material form or not.
2.3. Sensitive information is a subset of personal information and includes information or an opinion about an individual’s racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual orientation or practices, criminal record, that is also personal information, as well as health information about an individual, genetic information about an individual that is not otherwise health information, biometric information that is to be used for the purpose of automated biometric verification or biometric identification, or biometric templates.
3.1. Types of information collected
3.1.1. We may collect and hold personal information about you (that is, information that can identify you) that is relevant to our functions and activities. We will collect your name and contact details. Depending on your potential or actual position with us, we will also generally collect your date of birth, personal information contained within an application and CV/resume, employment history, personal information derived from a reference, personal information derived from an interview, personal information derived through testing (including psychometric or aptitude testing), licences and other certificates and qualifications, and information included in a passport, birth certificate, visa or other documentation demonstrating a worker’s right to work in Australia. If you are a current employee or volunteer, we will also generally collect information during the engagement and on-boarding process, bank account and superannuation fund information, tax file number, wage and entitlement information and other payroll information, drivers licence number, emergency contact information, information relating to your performance or conduct, information relating to your employment, training, disciplining, and resignation/termination, the terms and conditions applicable to you, and photographs, videos, and other recordings. If you are a current employee, we may need additional information for appropriate salary packaging, including evidence of expense payments such as rental agreements, loan agreements, credit card statements, tax invoices and receipts, etc. In addition, we are likely to collect and hold sensitive information about you during your engagement with DFN, including health and medical information, racial or ethnic background, sexual orientation or practices, criminal record and other information provided in a police check, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association or trade union, biometric information, and biometric templates.
3.1.2. We only collect sensitive information about you if you consent to the collection of the information and if the information is reasonably necessary for the performance of our functions and activities. Consent may be implied by the circumstances existing at the time of collection. There may also be circumstances under which we may collect sensitive information without your consent, as required or authorised by law.
3.1.3. We may also collect information through the use of our website and digital platforms, including IP address, geographical location, browser type, user preferences, cookie information and date and time of visit.
3.2. Method of collection
3.2.1. We will generally collect personal information directly from you through a variety of avenues, including any of our standard forms, our volunteer and employment application process, registration and attendance at our workshops and events, via emails or other communications, via phone, in person, via our surveys (where applicable), via our website (including contact forms), and social media accounts.
3.2.2. If we receive unsolicited information about you that we did not request and which is not directly related to our functions or activities, we may be required to destroy or de-identify that information, providing it is lawful and reasonable to do so.
3.3. Purpose of collection
3.3.1. We will collect, use, and hold your personal information if it is reasonably necessary for or directly related to the performance of our functions and activities and for the purposes of:
(a) providing information, resources, goods and services to you or someone else on your behalf;
(b) facilitating our internal business operations, including:
(i) establishing our relationship with you;
(ii) the fulfilment of any legal requirements;
(iii) maintaining and managing the engagement of a worker, and terminating that engagement;
(iv) analysing our business operations and worker needs with a view to developing new or improved business operations;
(v) sharing information about you with other workers, as required for our internal business operations or otherwise with your consent; and
(vi) contacting you to provide a testimonial for us.
4. Use and disclosure
4.1. Generally, we only use or disclose personal information about you for the purposes for which it was collected (as set out above). We may disclose personal information about you to:
(a) our workers, consultants, and other parties who require the information to assist us with facilitating our internal business processes, providing you with information, resources, goods and services, and with establishing, maintaining, managing, or ending our relationship with you;
(b) government departments and agencies, such as the Australian Taxation Office;
(d) third parties to whom you have agreed we may disclose your information or where the information was collected from you for the purposes of passing it on to the third party; and
(e) any other entity as otherwise permitted or required by law, including regulatory bodies such as WorkSafe.
4.2. We may expand or reduce our business and this may involve the sale and/or transfer of control of all or part of our business. Personal information, where it is relevant to any part of the business for sale and/or transfer, may be disclosed to a proposed new owner or newly controlling entity for their due diligence purposes, and upon completion of a sale or transfer, will be transferred to the new owner or newly controlling party to be used for the purposes for which it was provided. Additionally, in circumstances of a business sale or transfer, we are required under the FW Act to transfer employment records for each employee transferring to the new employer on request by the new employer. This will not apply to all DFN workers, as not all workers are employees.
4.3. Sensitive information (including health or medical information) is only used and disclosed for the purposes for which it was collected, unless your further consent is obtained, or otherwise as permitted or required by law. If we use your sensitive information for internal research or statistical purposes, we will de-identify the information first.
5.1. We store your personal information in different ways, including in paper and in electronic form. The security of your personal information is important to us. We take all reasonable measures to ensure that your personal information is stored safely to protect it from interference, misuse, loss, unauthorised access, modification or disclosure, including electronic and physical security measures.
5.2. Personal information collected is hosted on third party data servers which may be located outside of Australia. We take reasonable steps to ensure any third party data storage suppliers we partner with have appropriate cyber and physical security controls in place.
5.3. Where personal information held is no longer necessary for our operations, DFN deletes information or permanently de-identifies it, subject to specific laws in respect of data retention.
6. Access and correction
6.1. You may access the personal information we hold about you, upon making a written request. We will respond to your request within a reasonable period. We may charge you a reasonable fee for processing your request (but not for making the request for access). For security reasons, you will be required to put your request in writing and provide proof of your identity.
6.2. Subject to our obligations under the FW Act (with respect to current and former employees), we may decline a request for access to personal information in circumstances prescribed by the Privacy Act, and if we do, we will give you a written notice that sets out the reasons for the refusal (unless it would be unreasonable to provide those reasons), including details of the mechanisms available to you to make a complaint.
6.3. Employee records prescribed by the FW Act must be made available to an employee or their representative upon request. These employee records include general employment details, pay records, records relating to leave entitlements, records relating to superannuation contributions, records relating to individual flexibility arrangements, records relating to guarantees of annual earnings, and termination of employment records. Under the Fair Work Regulations 2009 (Cth), we must make a copy of an employee record available in a legible form for inspection and copying on request by an employee or former employee to whom the record relates. If the employee record is kept at the premises at which the employee works or the former employee worked, we will make a copy available at the premises within 3 business days after receiving a request, or will post a copy of the employee record within 14 days after receiving a request. If the employee record is not kept at the premises, we will, as soon as practicable after receiving a request, make a copy available at the premises or post a copy of the employee record to the employee or former employee. This paragraph will not apply to all DFN workers, as not all workers are employees.
6.4. It is essential that the information contained in our records is accurate, complete, and up to date. If, upon receiving access to your personal information or at any other time, you believe the personal information we hold about you is inaccurate, incomplete or out of date, please notify us immediately. We will take reasonable steps to correct the information so that it is accurate, complete and up to date.
6.5. If we refuse to correct your personal information, we will give you a written notice that sets out our reasons for our refusal (unless it would be unreasonable to provide those reasons), including details of the mechanisms available to you to make a complaint.
7. Complaints and feedback
Address: PO Box 265 Curtin ACT 2605
7.2. For more information about privacy in general, you can visit the Office of the Information Commissioner’s website at www.oaic.gov.au.
7.3. If after this process you are not satisfied with our response, you can submit a complaint to the Office of the Information Commissioner, Australia. To lodge a complaint, visit the ‘Complaints’ section of the Office of the Information Commissioner’s website, located at http://www.oaic.gov.au/privacy/privacy-complaints, to obtain the relevant complaint forms, or contact the Information Commissioner’s office.
8. Changes and updates