Our commitment to privacy
Directors Australia Pty Ltd is committed to protecting your privacy and ensuring that “personal information” is handled responsibly. We are also committed to being open and transparent about our management and use of personal information.
The Privacy Act 1988 (Cth) (Act), governs the collection, storage, handling, use and disclosure of personal information. This policy is developed in accordance with the Act, and the Australian Privacy Principles (APPs) contained in the Act. While we are not legally required to comply with the Privacy Act other than when we are conducting activities which involve providing services to the Commonwealth Government under a contract, we seek to operate in accordance with the Act.
This policy outlines how we manage personal information in the course of providing our services. We are committed to taking reasonable steps to implement practices, procedures and systems to securely handle personal information, in particular, in relation to its collection, storage, handling, use and disclosure.
Personal information is defined in the Act and is information or an opinion about an individual that can be used to identify or reasonably identify an individual whether the information or opinion is true or not, and whether the information or opinion is recorded in material form or not.
Personal information that is ‘sensitive’ (a term also defined in the Act), including information regarding a person’s health or ethnic origin, is not generally collected by us. However, if the collection of such information is required by law or necessary to perform our services, we will require the relevant person’s consent to collect this.
The type of personal information we collect about individuals typically includes their name and contact details, date of birth, place of birth, career history, qualifications, education, Australian residency/visa status, criminal history, individual performance as a director, and professional associations and memberships.
Due to the nature of our services, in most cases it is not possible for us to give individuals the opportunity to engage with us on an anonymous basis or using a pseudonym unless required by law.
We will only collect personal information that is necessary to perform our services. Failure by an individual to provide the information sought by us may not enable us to complete the specific service requested or assist individuals with their search for a board position.
Collecting and using personal information
The collection of an individual’s personal information will assist us in delivering our professional services. We collect and use personal information for various purposes predominantly including:
- employing staff and contractors
- roviding consulting services (board advisory, governance and director recruitment)
- providing career guidance to individuals
- informing individuals of relevant director vacancies
- informing companies and individuals of our services, events and opportunities, and
- undertaking quality management activities including feedback surveys.
We may collect personal information in various ways including:
- directly from an individual approaching us with respect to the provision of our services (board advisory, governance and director recruitment)
- through one of our consultants engaging with a potential or current client or candidate
- through an individual’s use of our on-line directors’ database, or
- in response to a Directors Australia advertisement or search relating to a director vacancy.
In providing personal information to us, an individual consents to Directors Australia storing this information on its hard copy systems and servers.
We may also need to obtain further personal information about an individual from an external third party such as a regulator, referee, professional association and/or educational institution as part of delivery of our services.
We may destroy or de-identify personal information that is no longer reasonably required in the provision of services.
We may use personal information about individuals for the purpose of direct marketing provided that individuals consent to their personal information being used in this way. Our direct marketing activities may include advising individuals of new services being offered by us or potential board roles being handled by us.
Individuals can opt out of receiving direct marketing from us by contacting the Privacy Officer in writing or, if applicable, by using the unsubscribe link in an email or newsletter.
Disclosing personal information
We may use and disclose personal information to third parties for the purposes it was collected and in managing storage of data on our server. These purposes could include our engagement with:
- potential boards/employers
- an individual’s nominated referees
- a third party provider for the purpose of conducting credential checks on a candidate
- an educational organisation and/or professional association to the extent necessary to verify an individual’s qualifications, and
- a regulator or law enforcement entity.
We will not disclose an individual’s personal information to a client or other third party or conduct referee and credential checks without their consent unless otherwise required by law.
Access and correction
We seek to ensure that the personal information we hold is current. If an individual establishes that their personal information held by us is not accurate, complete or up to date we will take reasonable steps to correct our records and notify any other entity to which this information had previously been disclosed if requested by the individual.
If an individual has created a director profile via registration through our directors’ database, they are able to update their personal information directly into our database.
We may contact individuals from time to time to check that their personal information is still accurate.
Security and cross border disclosure
To prevent any unauthorised access to personal information, we have installed computer and network security systems. We hold electronic personal information in secure computer storage. As far as possible, we use data hosting facilities within Australia. In this regard, we use Microsoft Office 365. Microsoft Office 365 data storage location details can be found at the below website.
We do not enter into contractual arrangements with overseas third-party service providers which involve the disclosure of personal information to overseas recipients.
We store hard copies of personal information in secure locations.
Only our authorised staff have access to candidates’ personal information whether held electronically or in hard copy.
Data breach response plan
We have a data breach response plan which outlines how information security incidents are to be managed and reported.
Accessing or amending your personal information
Subject to some exceptions set out in the Act, individuals can gain access to the personal information that we hold about them. Such requests should be made directly to our privacy officer.
Individuals can at any time unsubscribe from our direct marketing or information services. Our newsletters contain an ‘unsubscribe’ link for this purpose.
Any request to access an individual’s personal details, change any personal details or any other privacy complaints or enquiries, should be directed to our Privacy Officer.
The Privacy Officer will take seriously and review all complaints. Where appropriate, we may refer complaints to a qualified, independent third party for review and assessment to ensure an unbiased, ethical and transparent process in relation to complaints resolution.
Ms Kerryn Newton, Privacy Officer
PO Box 3018, South Brisbane BC, QLD 4101
Phone – 07 3221 5107