Connexxion takes privacy very seriously. We are committed to complying with the obligations under the Privacy Act in order to protect the privacy of all individuals whose data and information is maintained, used, stored and disclosed. It is Connexxion's policy to respect the confidentiality of information and the privacy of individuals and our customers. Connexxion is bound by the Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (as amended). Any deliberate breach of this policy may result in disciplinary action, which may also lead to dismissal and possible prosecution.
This policy is designed to:
- Clearly communicate the personal information handling practices of Connexxion,
- Enhance the transparency of Connexxion’s operations; and
- Give individuals a more complete understanding of the sort of personal information that Connexxion holds, and the way that information is handled.
Connexxion is committed to being open and transparent about how personal and customer information is managed.
As a Microsoft Gold Partner, Connexxion employees and contractors should be aware that Microsoft collects information and data such as when you create a Microsoft account, administer Connexxion’s licensing account, submit a search query to Bing, register for a Microsoft event, speak a voice command to Cortana, upload a document to OneDrive, purchase an MSDN subscription, sign up for Office 365 or contact them for support. They get some of it by recording how you interact with their products by, for example, using technologies like cookies, and receiving error reports or usage data from software running on your device. They also obtain data from third parties.
Microsoft uses the data we collect to operate our business and provide us the products, which includes using data to improve their products and personalise our experiences. They also may use the data to communicate with you, for example, informing you about your account, security updates and product information. Further information on the Microsoft privacy statement can be found on the Microsoft website.
Types of Information & their Collection
Personal Information is any information or opinions about you. It includes information regarding your contact details, work experience, qualifications, aptitude test results, opinions about your work performance (i.e. references or periodic review records), incidents at the workplace and any other information obtained or received by us in connection with your possible and actual work placements.
Sensitive Information is a special category of personal information under the Australian Privacy Act 1988. It is information or opinions about you, including:
- Membership of a professional or trade association;
- Membership of a trade union;
- Criminal record;
- Health information;
- Racial or ethnic origin;
- Political opinions;
- Membership of a political association;
- Religious beliefs or affiliations;
- Philosophical beliefs; or
- Sexual preferences or practices.
As outlined in the Australian Privacy Act, sensitive information can, in most cases, only be disclosed with your consent.
Connexxion may collect personal or sensitive information about you when:
- You complete one of our application forms or provide any other information in connection with a job application (i.e. resumes and/ or responses to selection criterion);
- We receive any reference about you;
- We receive results of inquiries that we might make of your former employers, work colleagues, professional associations or registration body;
- We receive any complaint or other information from or about you in the workplace;
- We receive any information about any insurance investigation, litigation or professional disciplinary matter, criminal matter, inquest or inquiry in which you were involved;
- We receive any information about a workplace accident in which you were involved; and/ or
- You provide us with any additional information about you.
We gather information about all of our website users collectively, such as what areas users visit more frequently and what services users access the most. We only use such data anonymously and in the aggregate. This information helps us determine what is most beneficial for our users and how we can continually create a better overall website experience for you.
In some instances Connexxion may need specific information from you such as name, address, email address, telephone number, etc. We will collect this information if you apply for a job or sign up to a service via our website. We may also ask you for other information in order to provide you with the best possible service and internet experience.
Purpose and Use
Your personal and sensitive information may be used in connection with:
- Your actual or possible work placement;
- Career guidance or management;
- Your performance appraisals;
- Processes relating to security clearances or police checks;
- Our assessment of your ongoing performance and prospects;
- Any test or assessment (including medical tests and assessments) that you might be required to undergo;
- Our identification of your training needs;
- Informing you of possible work opportunities, relevant candidates or other events such as training or information sessions by direct mail/ email/ SMS or similar;
- Any workplace rehabilitation;
- Our management and resolution of any complaint, inquiry or investigation in which you are involved;
- Any insurance claim or proposal that requires disclosure of your personal or sensitive information;
- Undertaking criminal reference checks;
- For research, development, business systems and infrastructure testing and other business purposes to assist us in providing our services to you; and
- Our direct marketing to you.
If you do not supply Connexxion with the information we seek:
- We may be limited in our ability to supply services to you; and
- We may be limited in our ability to place you in work.
We may disclose your personal information (including to trusted third parties) for the purposes for which it is primarily held or for a related secondary purpose and in some cases we may only disclose information with your consent. Your personal and sensitive information may be disclosed to:
- Potential and actual employers, clients of Connexxion and trusted third parties;
- Connexxion’s employees and potential employers in Australia or internationally regarding possible work placements or to assist us in providing our services to you;
- External providers of on-line training and induction (e.g. mandatory client site inductions or security clearance providers);
- Our insurers;
- A professional association or registration body that has a legitimate interest in the disclosure of your personal and sensitive information;
- A Workers Compensation body; and
- Any person with a lawful entitlement to obtain the information.
We do not disclose information about individual visits to Connexxion’s website.
At Connexxion, we train our staff to respect the confidentiality of customer information and the privacy of individuals. Connexxion regards privacy breaches very seriously and any breach will result in disciplinary action being taken. Such acts will cause an investigation and, dependent upon severity, could result in summary dismissal of the instigator and may lead to criminal prosecution. Connexxion has appointed a Privacy Officer to ensure that our management of personal information is in accordance with this policy and the relevant Privacy Acts.
Storage and Protection
Safeguarding the privacy of your information is important to us, whether you interact with us personally, by phone, mail, over the internet or other electronic medium. We hold personal information in a combination of secure computer storage facilities and paper-based files and other records. Connexxion takes such steps as are reasonable in the circumstances to protect the personal information we hold from misuse, interference and loss, unauthorised access, modification or disclosure. We may need to maintain records for a significant period of time. However, when we consider information is no longer needed, we will remove any details that will identify you or we will securely destroy the records in accordance with Connexxion’s Records Management Procedure.
As a member of the Defence Industry Security Program (DISP) and a provider of services to Defence and other Government departments, Connexxion is obliged to adhere to the Governments data protection Acts. Under the Act we have a responsibility to:
- Obtain and process personal or sensitive data fairly;
- Keep it only for one or more specified and explicit lawful purposes;
- Process it only in ways compatible with the purposes for which it was given initially;
- Keep personal or sensitive data safe and secure;
- Keep data accurate, complete and up-to-date;
- Ensure that it is adequate, relevant and not excessive;
- Retain it no longer than is necessary for the specified purpose or purposes; and,
- Provide a copy of his/her personal data to that individual, on request.
Data relating to individual users of Connexxion services is held by Connexxion for the purpose of service delivery, invoicing, product and business development. Connexxion will not use its customer data for other unrelated purposes without consent unless required to do so by law.
Under the Acts Connexxion is required to ensure that customer data is;
- Relevant, adequate and not excessive;
- Accurate and up to date; and
- Not held for longer than is necessary.
Connexxion will therefore review periodically the customer data it collects in order to ensure that this data is adequate and relevant to the services we provide and is not excessive. We will also make it easy for our customers to let us know of any change in their circumstances so that we can update our records accordingly. All information will be disposed of securely when no longer required in accordance with our records management procedure.
Information Security is a matter of priority for Connexxion as our customers rely on us to look after their information. Data security includes IT and physical security but also refers to the systems, policies and procedures that are necessary in order to guard against loss, damage, destruction of personal data and against inappropriate or unlawful access.
All staff are expected to comply with this Policy when handling personal/customer data. Data security depends very considerably on staff training and awareness.
Connexxion takes such steps as are reasonable to ensure that the personal information it holds and discloses is accurate, up to date and complete. We recognise that information changes frequently with changes of address and other personal circumstances. We generally update your information via email and may ask you to complete a declaration confirming your identity. Please advise us as soon as possible when your personal details change.
Subject to some exceptions that are set out in the Australian Privacy Principles you can gain access to the personal information that we hold about you.
To make a request to access your personal information, you will need to submit a request to Management verifying your identity and specifying what information you require. Management will respond to your request within a reasonable period after the request is made and provide access to the information in the manner requested, if it is reasonable and practicable to do so.
We may impose a moderate charge in providing access. Management will discuss this with you. You should also anticipate that it may take time to process your application for access as there may be a need to retrieve information from storage and review it in order to determine what information is relevant.
If we refuse to provide you with access to your personal information, we will notify you in writing of the reasons for the refusal and the process for escalation regarding this refusal.
You may request that we correct the personal information that we hold about you if you deem it to be inaccurate, incomplete, out-of-date, irrelevant or misleading. We will take reasonable steps under the circumstances to correct the information.
If we refuse to correct your personal information, we will notify you in writing of the reasons detailing our refusal to correct the information and the process for escalation regarding this refusal.
Should we refuse, you may request that we place a statement with the information that it is inaccurate, incomplete, out-of-date, irrelevant or misleading and we will take such reasonable steps under the circumstances to associate the statement with your information. If you wish to exercise your rights of correction you should contact our Privacy Officer. We will not charge you for making the request to correct your information or associating a statement.
As an employee or contracted member of Connexxion’s team you should contact your Manager if you have any feedback relating to this policy or the practices which Connexxion take to maintain, use, store and disclose personal and sensitive information. Should you receive any external feedback you should forward it to your Manager as soon as practicable.
Alternatively, Connexxion has a firstname.lastname@example.org email address. Any feedback that is submitted through this area becomes the property of Connexxion. We may use this feedback, such as success stories or responses to surveys for marketing purposes or to contact you for further feedback on the site.