Swordfish Computing is committed to protecting personal information and this policy outlines our ongoing obligations to you in respect of how we manage your Personal Information. We have adopted the Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (Cth) (the Privacy Act). The APPs govern the way in which we collect, use, disclose, store, secure and dispose of your Personal Information. A copy of the Australian Privacy Principles may be obtained from the website of The Office of the Australian Information Commissioner at OAIC.
What is Personal Information?
Personal Information is information or an opinion that identifies an individual. Examples of Personal Information we collect includes names, addresses, email addresses and phone numbers.
What Personal Information do we collect?
Swordfish Computing collects personal information you provide to us or that is obtained via interviews, correspondence, telephone, email, via our website, from other publicly available sources and from third parties. This may include (but not be limited to):
- Personally identifiable (employee) information / HR records including: name, gender, date of birth, address, email address, phone number, tax file number, bank details, superannuation details, next of kin details, professional qualifications, health conditions, disabilities, past employment data.
- Personal details required for employment screening including: resume, citizenship details, passport details, driver’s licence details.
- Results of checks performed as part of employment screening including: referee checks, employment history checks, police and bankruptcy checks, security clearance checks.
- Managing security clearances.
- Personal details (including name, phone number, address and email address) are collected via our website when an enquiry or job application is made.
Where reasonable and practicable to do so, we will collect your Personal Information only from you. However, in some circumstances we may be provided with information by third parties. In such a case we will take reasonable steps to ensure that you are made aware of the information provided to us by the third party.
Why do we need Personal Information?
Swordfish Computing requires Personal Information for business related purposes including actions such as (but not limited to):
- Pre-employment processes (e.g. considering, assessing and responding to job applications).
- Satisfying internal and security related audit requirements.
- Performing contract, payroll, leave and general HR related functions.
- Managing security clearances.
- Providing a safe working environment (e.g. details such as emergency contacts, health conditions, allergies are kept on file to protect our employees for health and safety reasons).
- Complying with laws and regulations.
Sensitive Information is defined in the Privacy Act to include information or opinion about such things as an individual's racial or ethnic origin, political opinions, membership of a political association, religious or philosophical beliefs, membership of a trade union or other professional body, criminal record or health information.
Swordfish does not intentionally collect Sensitive Information, however if required, Sensitive Information will be used by us only:
- For the primary purpose for which it was obtained.
- For a secondary purpose that is directly related to the primary purpose.
- With your consent; or where required or authorised by law.
Disclosure of Personal Information
Your Personal Information may be disclosed in a number of circumstances including the following:
- Internally within Swordfish, where such disclosure is necessary to provide you with our services, to manage our business, or for security purposes.
- With cloud services that are used for Swordfish business and security purposes.
- With third parties who help manage our business and deliver services. These third parties have agreed to confidentiality restrictions and use any personal information we share with them or which they collect on our behalf solely for the purpose of providing the contracted service to us.
- If, in the future, we sell or transfer some or all of our business or assets to a third party, we may disclose information to a potential or actual third-party purchaser of our business or assets.
- With our regulators, to comply with all applicable laws, regulations and rules, and requests of law.
Security of Personal Information
Your Personal Information is stored in a manner that reasonably protects it from misuse and loss and from unauthorised access, modification or disclosure. Swordfish, as far as reasonably practicable, stores Personal Information only within Australia and utilises cloud services that are accredited with acceptable quality and security standards, and can ensure data-residency is restricted to Australia.
Destruction of Personal Information
When your Personal Information is no longer needed for the purpose for which it was obtained, we will take reasonable steps to destroy or permanently de-identify your Personal Information.
Access to your Personal Information
Swordfish Computing respects the right of individuals to access and control their personal data. You may access the Personal Information we hold about you and to update and/or correct it, subject to certain exceptions. If you wish to access your Personal Information, please contact us in writing.
Swordfish Computing will not charge any fee for your access request, but may charge an administrative fee for providing a copy of your Personal Information.
In order to protect your Personal Information we may require identification from you before releasing the requested information.
Maintaining the Quality of your Personal Information
It is an important to us that your Personal Information is up to date. We will take reasonable steps to make sure that your Personal Information is accurate, complete and up-to-date. If you find that the information we have is not up to date or is inaccurate, please advise us as soon as practicable so we can update our records and ensure we can continue to provide quality services to you.
- Email: email@example.com
- Post: Swordfish Computing, PO Box 278, Rundle Mall Adelaide, SA 5000
If you believe your privacy has been compromised, please contact us immediately via the email or postal address provided. A member of our team will get in touch within 5 business days.
If you believe that we have not dealt with your concerns you may lodge a complaint with the Australian Privacy Commissioner or the Telecommunications Industry Ombudsman:
- Post: GPO Box 5218 Sydney NSW 2001
- Telephone: 1300 363 992
- Email: firstname.lastname@example.org (preferred)
Do you care about securing Australia's future?