SMS Management & Technology Limited, ACN 009 558 865 (the ‘Company’)
- The kinds of information we collect and hold
- How we collect your information
- How we hold and secure your information
- How we use your information
- Disclosing your personal information overseas
- Anonymity and Pseudonymity
- Marketing and privacy
- Managing your personal information
- How can you access your personal information?
- Resolving concerns
- Contact details
This is a company policy of SMS Management and Technology Limited and each of SMS’ 100% owned subsidiaries (together “SMS”, “we”, “our” or “us”) and it applies to all SMS employees, directors and contractors and any other person who is notified that this Policy applies to them.
We are committed to meeting our compliance obligations and protecting personal information. This policy explains how we manage personal information.
We manage personal information as an organisation under the Australian Privacy Principles. Because we are a contracted service provider to a range of Commonwealth, State and Territory government agencies, it sometimes becomes necessary for us to collect and manage personal information as an agency under different privacy arrangements.
This is not a stand-alone document, it is supported by our risk management and compliance frameworks, including operational policies, procedures and processes.
This document has been written to accommodate changes to the Privacy Act 1988 (Privacy Act) introduced via the Privacy Amendment (Enhancing Privacy Protection) Act 2012.
The kinds of information we collect and hold
We only collect personal information that is reasonably necessary for the proper performance of our activities or functions.
The types of personal information we hold includes contact information of employees, work seekers, contractors or clients, and in respect of work seekers and employees other information from your CV including employment history, educational qualifications, languages spoken, professional memberships and accreditations. If you are considered for a particular position, we may also collect references from your nominated referees.
Where necessary for the provision of a service or compliance with lawful authority, we may also collect sensitive information. Examples of sensitive information are health information, immigration status or your criminal records.
How we collect your information
Our approach to collecting personal information is, wherever reasonably possible, to collect information directly from you. Where practical, the purpose for which we collect personal information and the consequences of not providing it will be made clear at the time of collection.
We may collect your information from:
- third parties such as clients (our consulting work may require us to deal with personal information of a client’s customers or employees), work seekers (for example providing details of referees), referees and suppliers (for business-related purposes but may contain some limited personal information such as contact details of the people we deal with);
- our websites. We may collect information you give us when:
- registering or subscribing to our services, newsletters, alumni groups and alerts or requesting further services on any of our websites;
- reporting a problem with our websites or making any enquiry or comment (for example your name and email address will be used to facilitate a response to your request or comment); and
- applying online for a job, you may need to provide information about your education, employment history and accreditations; and
- a range of publically available sources including newspapers, directories, the internet, other service providers and social media sites.
In some areas of our website we may use “cookies” (small data files that are sent to your computer) to improve your experience on our website. However, these are not used to track individuals or record information about you.
It is important that you understand that there are risks associated with use of the Internet and online security and you should take all appropriate steps to protect your personal information. It might help you to look at the OAIC’s resource on Internet Communications and Other Technologies.
Our websites may contain links to other websites. SMS is not responsible for the privacy practices of those other websites.
Sensitive information will only be collected with your consent, except where we are required or permitted by lawful authority to collect sensitive information without consent.
How we hold and secure your information
Personal information is usually held in various mediums such as in hard copy or electronic format, in storage facilities that we own and operate ourselves, or that are owned and operated by our service providers. We take reasonable steps to maintain the security of your information and to protect it from unauthorised disclosures.
How we use your information
Personal information held by SMS will only be used or disclosed for purposes directly related to one or more of our functions or activities in the provision of our services or as otherwise permitted by lawful authority.
We may disclose your information to third parties in the following circumstances:
- with your consent;
- where the disclosure is reasonably expected;
- where we have previously notified you about the use or disclosure; or
- as otherwise permitted or required by a lawful authority. Depending on the circumstances we may use your personal information for a range of difference purposes, including:
- recruitment purposes, internally and as part of our M&T Resources business;
- to provide a product or service to clients and to carry out our obligations arising from any contracts entered into between you and us;
- client and business relationship management;
- to communicate with, and to comply with our legal obligations to, our shareholders and to process payments to them;
- to enable third party service providers to provide us with services such as auditing, legal advice, printing, services relating to our share register, banking, payment, client contact, data processing, data hosting, insurance, litigation support, marketing and security services;
- research, planning, service development, security or risk management;
- direct marketing;
- selling or liquidating any part of our business or assets or buying other businesses or assets; and
- where we are under a legal, regulatory or professional obligation to do so or in order to enforce or apply our terms of business (or other client terms) or to protect the rights and interests, property, or safety of SMS, our clients or others.
Disclosing your personal information overseas
We are a global company and information may be accessed in other offices outside of Australia in Hong Kong, Vietnam, Singapore, Malaysia and Manila.
We use data hosting facilities and third party service providers to assist us with providing our services. As a result, your personal information may be transferred to, and stored at a destination outside Australia including Japan, the European Union and the United States of America. With your consent, we may also provide personal information received from you to KMC MAG Solutions Inc in the Philippines as part of our offshore development services.
Anonymity and pseudonymity
SMS will generally enable you to remain anonymous or use a pseudonym wherever reasonably practicable to do so.
Marketing and privacy
You can opt out of direct marketing at any time by notifying SMS of the desire to unsubscribe. Such requests can be made via email, in writing or by telephone call. Each marketing communication sent by us will contain the details of the opt-out option, which will be honoured.
Managing your personal information
SMS will take reasonable steps to ensure that the personal information we collect, use or disclose is accurate, up-to-date and complete.
When personal information is no longer required, reasonable practicable steps are taken to destroy or de-identify the information in accordance with our Document Retention and Destruction Policy. Where it is not practicable to do so, reasonable steps are taken to protect the personal information against loss, unauthorised access, use, modification or disclosure and against other misuse.
How can you access your personal information?
If you wish to access any of your personal information that we hold or would like to correct any errors in that information, please contact us using the contact details set out below.
You have a right to complain about the handing of your personal information if you think that we have failed to comply with the Australian Privacy Principles (APP) or any binding APP code that has been registered under the Privacy Act. A complaint should first be made to us in writing. We are committed to acknowledging your complaint in a prompt manner and will give you an estimated timeframe for when we will respond to your complaint.
If your compliant is not satisfactorily resolved you may access an external dispute resolution service or lodge a complaint with the Australian Information Commissioner (www.oaic.gov.au).
SMS Management and Technology Limited
Office of the Australian Information Commissioner
Phone: 1300 363 992
Last updated: January 2017