Privacy and data collection policy
We are committed to protecting your privacy
We will protect your privacy and manage and use your personal information responsibly, openly and transparently. We collect, store, handle, use and disclose personal information in accordance with the Privacy Act 1988 (Cth) (Act) and the Australian Privacy Principles (APPs).
What is personal and sensitive information and what do we collect from you?
Personal information is defined in the Act and is information or an opinion about an individual that can be used to identify or reasonably identify an individual whether the information or opinion is true or not, and whether the information or opinion is recorded in material form or not. The personal information that we may collect from you may include:
- Name
- Contact details
- Date and place of birth
- Identification documents
- Career history
- Education history and qualifications
- Australian residency / visa status
- Professional memberships and associations
- Financial history
- Individual performance as a board director
- Referee name and contact details
- Blue card details
- Director Identification Number
- If applicable, employment related financial information, for example tax file number, Australian business number
- Your image (if attending a Directors Australia event).
We may collect sensitive personal information (a subset of personal information) from you with your consent, including:
- Criminal history
- Certain professional memberships and associations
- Race or culture, including whether First Nations
- Religion.
We may also request further personal information about you from an external third party such as a regulator, referee, professional association and / or educational institution.
How we collect information about you
We may collect personal information from you if you:
- contact us directly or via the website about our services
- respond to one of our advertisements
- complete an online survey
- attend one of our events
- participate in our social media or
- from publicly available information.
We will delete and destroy any unsolicited personal information unless it is relevant to our professional services and we could have collected that information in accordance with this policy.
What do we do with your personal information?
We will only collect, hold, use and disclose personal information that we reasonably need to deliver our professional services to:
- employ staff and contractors
- provide advisory services (board and governance advice, board performance evaluations, director performance appraisals, Company Secretary support and Nominations Committee membership)
- provide director recruitment services
- inform you about our services, events and opportunities, including director vacancies
- undertake advocacy and research
- develop, improve and promote our business and services, and
- engage with third party service providers (eg IT system providers) to deliver our professional services.
We may need to disclose your personal information to third parties including:
- the board on which you sit
- potential boards / employers
- your nominated referees
- a third-party provider to conduct credential checks
- an educational organisation and/or professional association to verify your qualifications, and
- a regulator or law enforcement entity.
We will not use or disclose your personal information for any other purpose unless:
- you consent, or
- you would reasonably expect us to use or disclose the information for another purpose that is directly related to our professional services, or
- we are required or authorised by law and/or under the Act and APPs.
The Privacy Officer will review and authorise any such release of personal information.
You can request to engage with us anonymously or using a pseudonym.
In most cases we will not be able to deliver our professional services if you have not identified yourself or have not provided the personal information we request. The Privacy Officer will consider and respond to any such requests.
How we store and protect your personal information
We store information primarily in electronic format and occasionally in hard copy.
We take reasonable steps to protect your personal information as far as practicable by:
- storing information on secure servers and in locations accessible only to authorised persons
- requiring all staff to complete appropriate training
- conducting periodic internal privacy and security assessments
- requiring our contractors and service providers to only use or disclose personal information to provide our professional services.
We will destroy or de-identify personal information that we no longer need to provide our professional services.
Overseas data retention
We currently use systems that store data in Australia and Singapore and may store data in other overseas countries. We take reasonable steps to protect personal information by preferring service providers who store data in Australia or in countries with a similar privacy regime and through contracts that require appropriate standards of privacy.
When you provide personal information to us, you agree to us storing the information in appropriate hard copy and our electronic system and servers.
Web analytics and cookies
We use software such as Google analytics to collect data about how you interact with our website. The sole purpose of collecting this data is to improve your experience of our site.
We may use cookies to monitor usage and improve the functionality of our website. You are able to block the cookies if you wish.
How we let you know about our services and opportunities
We may use your personal information to directly market our professional services to you, including new service offerings, potential board vacancies and career opportunities.
You can unsubscribe using the link in the relevant email or newsletter and remove yourself from our directors’ database, emails and other services by contacting us on [email protected] or by phone: 1300 890 267.
What happens if there is a data breach?
If a data breach occurs, we will do everything possible to mitigate the risk of damage and, if required, notify you and the Privacy Commissioner.
We have a data breach response plan that we will follow if there is an information security incident.
How to access and correct your personal information
You can update your director profile by contacting us on [email protected] or by phone: 1300 890 267. We may also contact you to check the accuracy of the information we have about you.
If you want to access and/or ask us to correct your personal information, please contact our CEO, Kerryn Newton, who is also the Privacy Officer:
Email: [email protected]
Phone: 1300 890 267
Post: PO Box 3018, South Brisbane, Qld, 4101
We may ask you to verify your identity before we act. We will take reasonable steps to correct your personal information and notify anyone else to whom the information was disclosed.
Inquiries and complaints
If you have an inquiry or complaint please contact our Privacy Officer, who will respond to you and investigate any complaints within 30 days.
Where appropriate, we may refer complaints to a qualified, independent third party for review and assessment.
If you are unhappy with our response or believe your complaint is unresolved you can contact the Office of the Australian Information Commissioner (www.oaic.gov.au).
Notice under the Fair Trading Act 1987 and Regulations
The Fair Trading Act 1987 and Regulations apply in Australia, and require us to provide the following statement:
As an employment placement service provider:
- We do not charge job seekers a fee for the purpose of finding that candidate employment
- We do not engage in any misleading or deceptive conduct including activities such as advertising a position as being available when we know no such position exists
- We do not knowingly give misleading information to a candidate about the nature of a position
- We will comply with all relevant legislative requirements.
Any job seeker who believes that we have acted inappropriately while providing employment placement services should contact the Office of Fair Trading in their relevant state.
DATA COLLECTION NOTICE
We collect personal information from you so that we can deliver our professional services, including providing advisory and director recruitment services, developing, improving and promoting our services, events and opportunities, and employing staff and contractors.
By law you do not have to give us your personal information. However, if you do not, we may be unable to deliver our professional services to you. We collect your personal information via the website, online surveys, social media and when you engage with us directly.
We will only hold, use and disclose personal information that we reasonably need to deliver our professional services. We may disclose your personal information to third parties including relevant boards, nominated referees, regulators, service providers and organisations that undertake probity checks. We will not use your personal information for any other purpose unless you consent, you would reasonably expect us to disclose the information for another purpose or we are required by law.
We may need to store your personal information with data storage services located in Australia, Singapore and other countries. We are reasonably satisfied your data is stored in countries that have similar privacy protections to Australia.
To access or update your personal information, or for more information on our privacy obligations, ask to speak to our Privacy Officer or email: [email protected]