Privacy Policy – Australia

1. Introduction

We respect the personal information of individuals (employees, Independent Professionals (IPros) and/or contractors), clients and prospective client’s contractors and their right to privacy. Protecting privacy when handling personal information is very important to Entity Solutions and is fundamental to the way the company services everyone.

This Privacy Policy has been developed to outline how Entity Solutions manages personal information. It describes the information that may be collected by Entity Solutions, the choices an individual can make to access and correct their personal information and how Entity Solutions protects and discloses this information.

Personal information is described as information Entity Solutions holds about individuals (employees, IPros and/or contractors), clients and prospective clients contractors from which an identity is either apparent or can be reasonably determined.

Entity Solutions has adopted the 13 Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (Cth). The APPs govern the way in which the company collects, uses, discloses, stores, secures and disposes of personal information. A copy of the APPs may be obtained from the website of The Office of the Australian Information Commissioner at http://www.oaic.gov.au/.

This Privacy Policy applies to online websites operated by Entity Solutions, which is used to1 provide access to information about our services and products; access to ‘Entity Online’ (online Portal service) and 'Entity Mobile' (mobile phone application) which allows users to provide information and conduct certain transactions using electronic means; and internal information management of everyone.

By visiting the website, Entity Online or Entity Mobile of Entity Solutions or otherwise providing us with your personal information, you are accepting the practices of Entity Solutions with respect to the collection, storage and use of personal information.

2. Privacy collection statement

Personal information is collected in accordance with the Privacy Act 1988 (Cth) and may be sought from you when you:

apply for an available position
are requested during an interview
completing forms
request information from Entity Solutions
download certain documents and information
register for a demonstration of certain products or services
sign up or subscribe to a newsletter; or
various forms of business transactions.

Examples of personal information that the company collects, include: names, addresses, email addresses, phone and facsimile numbers, emergency contacts, bank details, superannuation and all information related to remuneration including bonuses and salary sacrificing.

Entity Solutions may also collect statistical information regarding the use of the website or the portal. The information collected includes the visitor’s computer Internet Protocol (IP) address, the date and time of the visit, previous site visited and browser type. This information is collected to provide Entity Solutions with information about the use to help maintain and develop to provide better information to users of the website, Entity Online or Entity Mobile

Entity Solutions’ website and Entity Online use cookies for the purposes of session tracking. However, Entity Solutions does not collect any personal information from the cookies, including any habits when accessing the website or Entity Online.

The personal information collected by Entity Solutions is for the primary purpose of providing services, and product information to individuals (employees, IPros and/or contractors), clients and prospective client’s contractors. The personal information may also be used for the following purposes:

To discharge any statutory or reporting obligations;
To provide information to you about Entity Solutions’ products and/or services;
To contact you and respond to your queries;
To enforce rights and to fulfil obligations under any agreement between Entity Solutions and its clients;
To enforce rights and to fulfil obligations under any agreement between you and Entity Solutions;
To record statistical data for marketing analysis; and
Any other purpose which are permitted under any agreement between you and Entity Solutions.

While Entity Solutions will endeavour to collect personal information directly from you, Entity Solutions may collect some of the personal information indirectly from others, such as the clients or prospective clients of Entity Solutions, or your employer who may be located Australia or internationally.

If at any time you provide personal information about another individual to Entity Solutions you must ensure that the individual has read and understood this policy and separately consented to that personal information being used and disclosed by Entity Solutions for the purpose set out in this policy.

3. Disclosure

Entity Solutions recognises the trust with you to provide personal information, and such personal information will not be disclosed within Australia or internationally except as follows:

To the clients of Entity Solutions (as part of an engagement or prospective engagement in which you are involved or likely to be involved);
On a confidential basis to agents and service providers that Entity Solutions uses in the ordinary operation of its business;
Personal Information that is “Sensitive Information” will not be disclosed without your consent;
To third parties where you consent to the use or disclosure; or
Where required or authorised by law.

Entity Solutions may also use this information for secondary purposes closely related to the primary purpose, in circumstances where it would be reasonable to expect such use or disclosure.

4. Spam Act

When communicating electronically with individuals (employees, IPros and/or contractors), clients and prospective clients contractors Entity Solutions will follow three key elements in order to comply with the Spam Act 2003:

a – Consent

The company will only send commercial electronic messages with the addressee’s consent – either express or inferred consent.

b – Identify

The company will include clear and accurate information about the person or business that is responsible for sending the commercial electronic message.

c – Unsubscribe

The company will ensure a functional unsubscribe facility is included in all commercial electronic messages and deal with unsubscribe requests promptly. Individuals are able to unsubscribe from mailing/marketing lists at any time; by advising Entity Solutions (see ‘Contact the company’ details on page 8 Section 12 of this document), or by following the steps outlined in the email communication.

5. Anonymity

Subject to an agreement to the contrary, you are not required to provide Entity Solutions with your personal information. However, the services and products offered by Entity Solutions rely on such information. If you do not provide your personal information, then Entity Solutions may not be able to engage you or provide services to you.

6. Security of Personal Information

Personal information is stored in a manner that reasonably protects it from misuse, loss, unauthorised access, modification or disclosure. The information is stored on secure servers, at a data warehouse, onsite, or at an eternal archiving facility. Entity Solutions employees are obliged to respect the confidentiality of any personal information held by Entity Solutions.

However, security of communications cannot be guaranteed, and therefore absolute assurance that information will be secure at all times cannot be given. To the extent permitted by law, Entity Solutions does not accept responsibility for events arising from unauthorised access to personal information.

When personal information is no longer needed for the purpose for which it was obtained, the company will take reasonable steps to destroy or permanently de-identify personal information. However, most of the personal information is or will be stored in files which will be kept by the company for a minimum of seven (7) years.

External Service Provider

The websites, Entity Online and Entity Mobile of Entity Solutions and its electronic mail servers may be managed by a third party hosting service provider. When you access the websites, portals or mobile application of Entity Solutions or transmit electronic mail to Entity Solutions, you may be communicating with a third party’s server that maybe located outside of Australia.

Entity Solutions and links to other websites

The Entity Solutions’ website may contain links to other websites. These link sites are not under the control of Entity Solutions. Entity Solutions is not responsible for the information handling practices, conduct or the content of those sites.

Unsolicited personal information

If Entity Solutions receives personal information that the company did not solicit the company will as soon as possible but only if lawful to do so, destroy the information or ensure that the information is de-identified.

7. Access to Personal Information

Entity Solutions will, upon request, and subject to applicable privacy laws, provide individuals (employees, IPros and/or contractors), clients and prospective client’s contractor’s access to personal information held by Entity Solutions. If making a request, we ask that the type/s of personal information requested is clearly listed in writing and sent to your relevant Entity Solutions representative or by contacting the Entity Solutions’ Data Protection Officer (see ‘Contact the company’ details on page 9 Section 13 of this document).

The company will deal with the request in a reasonable timeframe and in most instances within 30 days of receipt of a request. In order to protect personal information, Entity Solutions will require identification before releasing such information. Personal information sought by spouses or other family members requires written authority by the individual the information is being sought for prior to making such a request. If the evidence is insufficient Entity Solutions may deny the request.

Entity Solutions will not charge for lodging a request, but may recover reasonable costs incurred in supplying the information.

Exceptions:

The right to access personal information is not absolute. In certain circumstances, the law allows the company to refuse a request for information, such as circumstances where:

Access would pose a serious threat to the life or health of any individual;
Access would have an unreasonable impact on the privacy of others;
The request is frivolous or vexatious;
The information relates to a commercially sensitive decision making process;
Access would be unlawful; or
Access may prejudice enforcement activities, a security function or commercial; negotiations

8. Freedom of Information Laws

In addition to Privacy Laws, individuals may have rights to access their personal information contained in certain company documents. Details on how to apply for access to these documents are contained in the Freedom of Information Act 1982 (FOI Act).

9. Quality of Personal Information

It is an important part of providing services to our clients that personal information is up to date. The APP provides guidance that the company takes reasonable steps to make sure that personal information is accurate, complete and up-to-date.

It is important that individuals advise Entity Solutions at the earliest opportunity, of any changes to personal information so that the Entity Solutions’ records can be updated. This can be done by contacting your relevant Entity Solutions representative or by contacting Entity Solutions’ Data Protection Officer (see ‘Contact the company’ details on page 8 Section 12 of this document).

10. Consequences of Breach of Privacy and Personal/Sensitive Information

Individuals (employees, IPros and/or contractors) are expected to act a manner consistent with the matters set out in this policy where they have responsibility for personal information. Failures to do so may be subject to disciplinary action, and may result in warning letter, demotion or termination depending on the level or seriousness of the breach.

If anyone suspects or is aware of a breach of privacy, you have an obligation to report this breach to the Entity Solutions’ Data Protection Officer so immediate action can be taken to eradicate the situation. Contact details of the Privacy Officer are provided in Section 13 of this document.

11. Privacy/Data Protection Obligations

Individuals (employees, IPros and/or contractors) are expected to act a manner consistent with the matters set out in this policy, where they have responsibility for personal information.

If an Individual suspects or becomes aware of a breach, they also have an obligation to report this immediately to Entity Solutions’ Privacy/Data Protection Officer. Failure to comply will be subject to disciplinary action, and may result in warning letter, demotion or termination depending on the level or seriousness of the breach.

12. Procedure

If Individuals (employees and/or contractors) become aware of a breach of personal data, they have an obligation to report this breach to the ES Privacy/Data Protection Officer immediately.

An Individual can also make a complaint if they feel their personal data has been handled inappropriately by ES and is in breach of its obligations under the Act. In the first instance, any concern or complaints must be directed to ES Data Protection Officer in writing.

ES will investigate the complaint and/or concern and take necessary steps to rectify the matter.

Please contact the ES Data Protection Officer via the following means:

Emailing: compliance@entitysolutions.com.au or
Calling: +61 (03) 9600-0333; or

Writing:
Legal & Compliance
Entity Solutions Group
Level 24, 150 Lonsdale Street
Melbourne VIC 3000

13. Policy Updates

This Privacy Policy may change from time to time. Entity Solutions’ Privacy Policy is available at the Entity Solutions offices, intranet, portal or website. Entity Solutions reserves the right to make changes to this Privacy Policy from time to time as business or technical needs require

Privacy Policy – New Zealand

1. Introduction

We respect the personal information of employees, IPros and/or contractors and their right to privacy. Protecting privacy when handling personal information is very important to Entity Solutions and is fundamental to the way Entity Solutions services its employees IPros, and/ or contractors. This Policy has been developed to outline how Entity Solutions manages personal information.

This Privacy Policy applies to the management of staff, services and products offered online and websites operated by Entity Solutions. Entity Solutions also uses the internet to provide access to ‘Entity Online’ (online Portal service) and ‘Entity Mobile’ (mobile phone application) to allow users to provide information and conduct certain transactions using electronic means.

Entity Solutions has adopted the 12 Privacy Principles (PPs) contained in the Privacy Act 1993 The PPs govern the way in which Entity Solutions collects, uses, discloses, stores, secures and disposes of personal information.

A copy of the PPs may be obtained from the website of the Office of the Privacy Commissioner at www.privacy.org.nz

By visiting the website or portals of Entity Solutions or otherwise providing us with your personal information, you are accepting the practices of, Entity Solutions with respect to the collection, storage and use of personal information

2. What personal information and how is it collected?

Personal information means information Entity Solutions holds about an identifiable individual. Examples of personal information that Entity Solutions collects, include: names, addresses, email addresses, phone, facsimile numbers, emergency contacts, bank details, superannuation and all information related to remuneration including bonuses and salary sacrificing.

This information may be sought from you when you:

Attend interviews;
complete forms;
Request Information from Entity Solutions;
Download certain documents and information;
Register for a demonstration of certain products and services; and
Sign up or subscribe to a newsletter.

If at any time you provide personal information about another individual to Entity Solutions then you must ensure that the individual has read and understood this policy and separately consented to that personal information being used and disclosed by Entity Solutions for the purpose set out in this policy.

Website, Entity Online and Entity Mobile

Entity Solutions may collect statistical information regarding the use of the website Entity Online and Entity Mobile. The information collected includes the visitor’s computer Internet Protocol (IP) address, the date and time of the visit, previous site visited and browser type. This information is collected to provide Entity Solutions with information about the use, to help it maintain and develop the website Entity Online and Entity Mobile to provide better information to users.

Entity Solutions’ website Entity Online and Entity Mobile use cookies for the purposes of session tracking. However, Entity Solutions does not collect any personal information from the cookies, including any habits when accessing the website, portal or Entity Online.

3. Use and disclosure of personal information

Entity Solutions collects personal information for the primary purpose of providing services, and in managing Employees, and IPros and or contractors. This includes the following:

To discharge any statutory or reporting obligations;
To provide information to you about Entity Solutions’ products and /or services;
To contact you and respond to your queries;
To enforce rights and to fulfil obligations under any agreement between Entity Solutions and its clients;
To enforce rights and to fulfil obligations under any agreement between you and Entity Solutions;
To record statistical data for marketing analysis; and
Any other purpose which are permitted under any agreement between you and Entity Solutions

Entity Solutions recognises the trust with which you and provide personal information, and such personal information will not be disclosed except as follows:

To the clients of Entity Solutions (as part of an engagement or prospective engagement in which you are involved or likely to be involved);
On a confidential basis to agents and service providers that Entity Solutions uses in the ordinary operation of its business;
To third parties where you consent to the use or disclosure; and
Where required or authorised by law

Entity Solutions may also use this information for secondary purposes closely related to the primary purpose, in circumstances where it would be reasonable to expect such use or disclosure.

Employees, IPros, and/or contractors are able to unsubscribe from mailing/marketing lists at any time; by advising Entity Solutions (see “Contact Entity Solutions” details in Part 12 of this document), or by following the steps outlined in the communication.

4. Unsolicited Electronic Messages Act 2007

When communicating electronically with Employees, IPros and/or contractors, Entity Solutions will follow three key elements in order to comply with the Unsolicited Electronic Messages Act 2007:

a – Consent

Entity Solutions will only send commercial electronic messages with the addressee’s consent. Consent may be either express or inferred consent.

b – Identify

Entity Solutions will include clear and accurate information about the person or business that is responsible for sending the commercial electronic message.

c – Unsubscribe

Entity Solutions will ensure a functional unsubscribe facility is included in all commercial electronic messages, and deal with unsubscribe requests promptly.

5. Anonymity

6. Security of Personal Information

Personal Information is stored in a manner that reasonably protects it from misuse and loss and from unauthorised access, modification or disclosure. The information is stored on secure servers. Entity Solutions employees are obliged to respect the confidentiality of any personal information held by Entity Solutions.

When Personal Information is no longer needed for the purpose for which it was obtained, Entity Solutions will take reasonable steps to destroy or permanently de-identify Personal Information. However, most of the Personal Information is or will be stored in files which will be kept by Entity Solutions for a minimum of seven (7) years.

External Service Provider

The websites and portals of Entity Solutions and its electronic mail servers may be managed by a third party hosting service provider. When you access the websites or portals of Entity Solutions or transmit electronic mail to Entity Solutions, you may be communicating with a third party’s server that maybe located outside of New Zealand or Australia. Entity Solutions and links to other websites

The Entity Solutions website may contain links to other websites. These link sites are not under the control of Entity Solutions. Entity Solutions is not responsible for the information handling practices, conduct or the content of those sites. Entity Solutions is not responsible for the information handling practices, conduct or the content of those sites.

7. Access to Personal Information

Entity Solutions will, upon request, and subject to applicable privacy laws, provide employees IPros and/or contractors access to personal information held by Entity Solutions. If making a request, we ask that the type/s of information requested is clearly listed.If information is urgently required a request should state this together with the reasons for urgency.

Entity Solutions will deal with the request in a reasonable timeframe, and in most instances within 20 working days of receipt of a request. In order to protect personal information, Entity Solutions may require identification before releasing such information.

Entity Solutions will not charge for lodging a request, but may recover reasonable costs incurred in supplying the information

Exceptions:

The right to access personal information is not absolute. In certain circumstances, the law allows Entity Solutions to refuse a request for information, such as circumstances where:

Access would pose a serious threat to the life or health of any individual;
Access would have an unreasonable impact on the privacy of others;
The request is frivolous or vexatious;
The information relates to a commercially sensitive decision making process;
Access would be unlawful; or
Access may prejudice enforcement activities, a security function or commercial; negotiations

8. Maintaining the quality of personal information

It is an important part of providing services to our employees, IPros and/or contractors, that Personal Information is up to date

It is important that Employees and IPros advise Entity Solutions at the earliest opportunity, of any changes to Personal Information so that Entity Solutions’ records can be updated.

9. Consequences of breach of privacy and personal/sensitive information

Employees, IPro’s and/or contractors are expected to act a manner consistent with the matters set out in this policy where they have responsibility for personal information. Failures to do so may be subject to disciplinary action, and may result in termination depending on the level or seriousness of the breach.

If anyone suspects or is aware of a breach of Security/Privacy information, you have an obligation to report this breach to the Data Protection Officer so immediate action can be taken to eradicate the situation. Contact details of the Data Protection Officer are provided in Section 11 on page 15 of this document.

10. Privacy/Data Protection Obligations

Individuals (employees, IPros and/or contractors) are expected to act a manner consistent with the matters set out in this policy, where they have responsibility for personal information.

11. Procedure

If Individuals (employees and/or contractors) become aware of a breach of personal data, they have an obligation to report this breach to the ES Privacy/Data Protection Officer immediately

ES will investigate the complaint and/or concern and take necessary steps to rectify the matter.

Please contact the ES Data Protection Officer via the following means:

Emailing: compliance@entitysolutions.com.au or
Calling: +61 (03) 9600-0333; or

Writing:
Legal & Compliance
Entity Solutions Group
Level 24, 150 Lonsdale Street
Melbourne VIC 3000

12. Policy Updates

This Privacy Policy may change from time to time. Entity Solutions’ Privacy Policy is available at the Entity Solutions offices or on the Entity Solutions Intranet. Entity Solutions reserves the right to make changes to this privacy policy from time to time as business or technical needs require. The amended policy will be posted on Entity Solutions’ intranet