Policy Overview 
Icon Developments (the “Company”) is committed to protecting the privacy and personal information of its employees.

The Company understands that personal information concerning employees and others working for the Company is confidential and will only be used for purposes which are reasonably necessary and appropriate for business operations.

Purpose 
This policy (Policy) describes how the Company and its related entities will comply with its obligations under relevant privacy legislation as outlined by Australian Privacy Principles and legislation, in relation to employees and prospective employees.

Scope 
This Policy applies to all employees, prospective employees, and those performing services on behalf of the Company and its subsidiaries.

Responsibilities 
All employees and anyone working for the Company must comply with the requirements of this Policy at all times.

Managers and Supervisors are responsible for ensuring that everyone who works for them understand:

  • this Policy and how personal, sensitive and confidential information should be treated; and,
  • how to record and maintain information in compliance with this Policy

Human Resources is responsible for general education concerning the contents of this Policy

Executives are responsible for formal authorisation of this Policy.

Definitions 
In this Policy “personal information” is information or an opinion about an identified individual, or an individual who is reasonably identifiable whether the information or opinion is true or not and whether the information or opinion is recorded in a material form or not.

Policy Guidelines 
The Company will collect the following information and manage it in compliance with this Policy:

  • Employees and Prospective Employees
    Information collected about employees, including information collected during the recruitment process, includes: name and address, date of birth, phone/email contacts, employment history, nationality and citizenship status, qualifications/industry memberships, relevant health and welfare information related to your intended or current position and next of kin.

Additional information may also be collected for regulatory purposes, such as taxation, superannuation, gender and diversity reporting, etc.

Employee information will be updated on an ongoing basis throughout employment.

  • Client/ contractor
    From time to time the Company may receive personal information about a client or contractor’s employees. This information is provided only as it relates to the contract and may include name, phone/email contacts, qualifications/industry memberships and health and welfare information related to intended work on a Company site or contractually required.

The same principles apply to holding, releasing information and complaints management as stated in this Policy.

If an employee is not sure whether information is confidential or personal, they must check with their Manager or Supervisor.

Employees (including managers and supervisors) found to have engaged in conduct that is contrary to this Policy or relevant privacy legislation may be subject to disciplinary action up to and including termination of employment.

Collection 
The Company will only collect personal information where it is reasonably necessary for its functions or activities. It will only collect personal information that is sensitive information (such as health or criminal history information) with your consent.

Personal information the Company may collect and retain ordinarily includes:

  • information about your identity or personal circumstances, including your name, address, contact details, email address, gender, marital status, occupation, driver’s license and date of birth;
  • standard employee and employment history information; and
  • bank account and superannuation fund details.

The Company will only collect personal information through lawful and fair means and may be collected from a number of sources. Ordinarily, the Company collects personal information directly from you or your authorised representatives.

The Company may also collect personal information about you through third parties such as:

  • publicly available sources;
  • your agents or legal representatives; and
  • government agencies.

Ordinarily the way in which the Company collects personal information and the sources from which it collects depends on how you interact with the Company. The Company may collect personal information through completed forms, contracts, applications and other documents. It may also collect such information from your communications, interactions and transactions with the Company, whether in person, by mail, email or facsimile, via telephone (including conversations between you and Company representatives), using the Company website including on line transactions, providing feedback, participating in interviews, completing on line forms, or other such means of communication as may be used.

Handling and storage 
The Company will take steps to hold and store personal information in a manner which is secure and protected from unauthorised access. Most personal information retained by the Company is ordinarily stored electronically on computer systems, drives and databases or physically on hard copy files and registers.

The Company takes reasonable steps to protect the personal information it holds against misuse, loss and unauthorised access or disclosure. These steps include restricting physical access to such records and password protection for electronic systems. The Company will also endeavour to ensure that its staff and agents are properly trained in securely dealing with personal information.

The Company will take reasonable steps to securely destroy or de-identify personal information when reasonably no longer needed.

Generally, the Company will collect, hold, use and disclose personal information
about you for purposes in relation to the carrying out of its business, including:
processing and assessing your application for employment;

  • supplying services to you;
  • providing and administering employer records;
  • dealing with enquiries and seeking and dealing with feedback and complaints;
  • sending information requested by you;
  • internal management, business development, training and quality control purposes;
  • as part of a sale or acquisition or potential acquisition of our business;
  • any other business-related purpose;
  • other purposes as agreed by you from time to time;
  • complying with our legal and regulatory obligations; and
  • as otherwise required or authorised by law.

Disclosure of Personal Information 
The Company will ordinarily only disclose personal information for the purposes specified above, being the purpose in which it was collected, or for related purposes which might be reasonably expected, unless we otherwise obtain your consent.

In using your personal information for the purposes set out above, the Company may disclose your personal information to third parties as is reasonably necessary as part of doing business, including:

  • authorised employees and representatives, related entities and agents;
  • any third-party supplier, contractor or service provider;
  • Company payment system operators or providers used to operate the Company’s business and information systems;
  • the Company’s insurers, accountants, consultants, auditors, solicitors and other professional advisors;
  • your legal representatives or any person acting on your behalf, including your solicitor or accountant; and
    any State or Commonwealth agencies;

The Company may also disclose personal information to third parties with your express or implied consent, when required or authorised by law or to a law enforcement agency where reasonably necessary. Where we disclose personal information to a third party, and whilst we will attempt to ensure that all personal information is used appropriately, we cannot be held responsible for any loss, theft or misuse of such information by a third party.

The Company will take reasonable endeavours to ensure that the third party to which your personal information is disclosed has appropriate measures in place to protect the information.

Electronic systems 
If you use or browse the Company website or use a related service such as email, then the Company may collect and retain your personal information. In addition to collecting and retaining this personal information which you expressly disclose to the Company through the website or intranet (such as via an online form), personal information may also be collected and retained through “cookies” or by various server systems.

Personal information which may be contained or stored in cookies and server log files may include information such as: your username, address of user’s server, your ISP, the top level domain of your ISP, your IP address, your geographic location, the time and date of your visit, your web browser and operating system, the search engine you used, the pages you viewed and other software and hardware attributes.

Such information may be retained and used for analytical, business development and internal management purposes.

The Company’s website relies on the use of “cookies1” in order to provide various functionality to you. A “cookie” is essentially a piece of data that is sent to your computer and which may be temporarily stored.

The use of “cookies” allows us to help recognise you and allows us to personalise your user. We may use cookies to collect information about how you browse or use the Company website, and which can also identify you.

If you have any concerns about the use of cookies and do not wish to accept their use, then you can adjust the settings on your browser to not accept them. Please be aware that the website may not function as intended if cookies are disabled.

The Company’s website/s may contain links to third party websites. The Company does not warrant or guarantee anything contained on those websites. The Company is also not responsible for any loss or damage which may occur by visiting these links. These websites are not subject to this Policy and you should review those websites to view the privacy policies applicable to them.

From time to time, data containing personal information may be stored on systems external to the Company, including on public or private hosting or clouds. Although reasonable steps will be taken to protect the personal information, the Company will not be responsible for any loss, misuse, unauthorised modification, access or disclosure of such personal information.

Electronic correspondence received by the Company including emails may be examined and filtered for security purposes.

Accessing or correcting your personal information
You may access the personal information that is held by the Company about you by making a reasonable request for copies of the personal information that is retained.

If the Company refuses such a request, it will provide you with the reason(s) in writing. Such grounds upon which a request may be refused include:

  • giving access would have an unreasonable impact on the privacy of other individuals;
  • the request for access is frivolous or vexatious;
  • the information relates to existing or anticipated legal proceedings between the Company and the individual, and would not be accessible by the process of discovery in those proceedings;
  • giving access would reveal the intentions of the Company in relation to negotiations with the individual in such a way as to prejudice those negotiations;
  • giving access would be unlawful;
  • denying access is required or authorised by or under an Australian law or a court/tribunal order;
  • the Company reasonably believes that giving access would pose a serious threat to the health or safety of any individual, or to public health or public safety;
  • giving access would be likely to prejudice one or more enforcement related activities conducted by, or on behalf of, an enforcement body; or
  • giving access would reveal evaluative information generated within the entity in connection with a commercially sensitive decision-making process.

The Company will take reasonable steps to make sure that the personal information it collects, uses or discloses is up-to-date and complete.

In the event of inaccuracy, error or omission, upon request made in writing, the Company will take reasonable steps to correct such information within a reasonable time period.

Complaints 
If you believe a breach of the Australian Privacy Principles has occurred or your privacy has otherwise been infringed, you are entitled to make a complaint to us.
If you wish to make a complaint, it must be made in writing and sent to a Company Executive or Human Resources.

Further References 
All relevant Company policies
Australian Privacy Principles: https://www.oaic.gov.au/individuals/privacy-fact­sheets/general/privacy-fact-sheet-17-australian-privacy-principles