Your Privacy is Important to us
2. AJ Grant Group is bound by the Australian Privacy Principles (‘APP’) contained in the Privacy Act 1988 (Cth)
What kind of personal information does AJ Grant Group collect?
4. The type of information AJ Grant Group collects and holds includes (but is not limited to) personal information, including financial and other sensitive information, about:
4.1. Contact information of Policy Holder or Clients such as full names, postal addresses, email addresses, residential and/or business addresses;
4.2. Limited financial information of Policy Holder or Clients;
4.3. Job specific financial arrangements and policy details of the Policy Holder or Client/s;
4.4. Details of an insurance claim made by a Policy Holder or Client;
4.5. Personal information provided by an insurer;
4.6. Access information for job sites;
4.7. Financial and taxation details of employees, contractors and sub-contractors;
4.8. Personal contact details of employees, contractors and sub-contractors; and
4.9. Competitive quotes and referrals.
Personal information you provide:
5. AJ Grant Group will generally collect personal information held about an individual or company by way of forms filled out both electronically and in written form by employees, clients, contractors and sub-contractors or occasionally, the information may be given orally.
Personal information provided by insurers or third parties:
6. In some circumstances AJ Grant Group may be provided with personal information about an individual or Policy Holder or Client from an insurer or third party, for example a report provided by an assessor, auditor or specialist contractor/service provider.
Exception in relation to employee records:
How will AJ Grant Group use the personal information you provide?
8. AJ Grant Group uses personal information it collects in the following areas from you for:
Policy Holder or Clients and Insurers:
9. We collect, hold, use and disclose your personal information where it is reasonably necessary for, or directly related to, one or more of our functions or activities.
10. In relation to personal information of Policy Holder or Clients, AJ Grant’s primary purpose of collection is to enable it to provide building services to the- Policy Holder or Client.
11. The purposes for which AJ Grant Group uses personal information of Policy Holder or Clients include:
11.1. day-to-day administration;
11.2. management of claim information in the BuildPRO job management system;
11.3. site access and performance of services supplied to the Policy Holder or Client or Client;
11.4. progress checks and payments for services provided; and
11.5. to satisfy legal obligations AJ Grant Group may owe to an insurer or the Policy Holder or Client
12. Personal information about a Policy Holder or Client may be required, in order to arrange services or continue services.
13. If AJ Grant Group receives unsolicited personal information, it will determine if it could have collected the information and if the information is not of the type it could have collected will, if lawful, destroy the information except if it contained in a Commonwealth record.
Job applicants, employees, contractors and sub-contractors:
14. In relation to personal information of job applicants, employees, contractors and sub-contractors, AJ Grant Group’s primary purpose of collection is to assess and (if successful) to engage the applicant, employee, contractor or sub-contractor, as the case may be.
15. The purposes for which AJ Grant Group uses personal information of job applicants, employees, contractors and sub-contractors include:
15.1. in administering the individual’s employment or contract, as the case may be;
15.2. for taxation and insurance purposes; and
15.3. to satisfy the legal obligations of AJ Grant Group, for example, in relation to WHS.
Who might AJ Grant Group disclose personal information to?
16. AJ Grant Group may disclose personal information, including sensitive information, held about an individual and/or Policy Holder to:
16.1. an insurer;
16.2. government departments;
16.3. medical practitioners;
16.4. people providing services to AJ Grant Group including subcontractors;
16.5. Law enforcement agencies where AJ Grant Group has reason to suspect unlawful activity or misconduct of a serious nature that relates to the business of AJ Grant Group;
16.6. after hours call centre;
16.7. financial and credit institutions including, but not limited to, credit card companies;
16.8. in order to prevent a serious threat to life, health or safety of an individual or public safety;
16.9. anyone you authorise AJ Grant Group to disclose information to; and
16.10. anyone to whom we are required to disclose the information to by Law
Management and security of personal information
17. AJ Grant Group respects the confidentiality of personal information and the privacy of individuals.
18. AJ Grant Group has procedures in place to protect the personal information it holds from misuse, interference and loss, unauthorised access, modification or disclosure by use of various methods including locked storage of paper records and password access rights to computerised records.
19. People providing services to AJ Grant Group including contractors and subcontractors agree not to disclose any personal information of Policy Holder, Clients or individuals provided by AJ Grant Group to them without first obtaining the written consent of AJ Grant Group.
How does AJ Grant Group deal with sensitive information?
20. ‘Sensitive information’ means: information relating to a person’s racial or ethnic origin, political opinions, religion, trade union or other professional or trade association membership, philosophical beliefs, sexual orientation or practices or criminal record, that is also personal information; health information and biometric information about an individual.
21. Sensitive information will, unless you agree otherwise, be used and disclosed only for the purpose for which it was provided or a directly related secondary purpose or where the use or disclosure of the sensitive information is allowed by Law
Access and correction of personal information
22. Under the APP an individual has the right to obtain access to any personal information which AJ Grant holds about them and to advise AJ Grant Group of any perceived inaccuracy.
23. There are some exceptions to these rights set out in applicable legislation. You should refer to this legislation for further information on your rights.
24. To make a request to access or update any personal information please contact AJ Grant Group in writing. You may be required to verify your identity and will be required to specify what information or correction you require. AJ Grant Group may charge a fee to cover the cost of verifying your application and locating, retrieving, reviewing and copying any material requested. If the information sought is extensive, AJ Grant Group will advise the likely cost in advance. If we cannot provide you with access to that information, we will provide you with written notice explaining the reasons for the inability.
Sending information overseas:
25. AJ Grant Group will not send personal information about an individual outside Australia without:
a) obtaining the consent of the individual (in some cases this consent will be implied); or
b) otherwise complying with the APP or other applicable privacy legislation.
26. AJ Grant Group may also store personal information in the ‘cloud’ which may mean that it resides on servers which are situated outside Australia.
Enquiries and complaints:
27. If you would like further information about the way AJ Grant Group manages the personal information it holds or wish to complain that you believe that AJ Grant Group has breached the APP please contact our office during normal office hours.
28. AJ Grant Group will investigate any complaint and will notify you of its decision in relation to your complaint as soon as practicable.
Privacy Breach Identification, Investigation and Resolution:
Step 1: Contain
– E.g. Stop any unauthorised practice immediately; recover records; shutdown system that was breached
Step 2: Assess
– What specific type of personal information was involved in the breach
– What were the specific circumstances of the breach – cause/extent
– The nature of any harm to individual/s affected by the breach and any remedial action that can be taken
Step 3: Notify
– Determine if the breach complies with the legislative requirement to notify the appropriate Government Agency.
– Determine if there is a requirement to notify the individual/s affected
Step 4: Review
– Once steps 1-3 are completed a review will be conducted to identify any required changes and a prevention plan put in place to prevent similar incidents in the future
– An audit will be conducted to ensure the prevention plan is in place
– Employee training will be implemented if required
You understand and will abide by the Confidentiality Policy. Should you commit any violation of this policy, disciplinary action and/or appropriate legal action may be taken.
You have read and understood the policy and are aware that any amendments to this document will be made available to staff via SharePoint.
Managing Director | AJ Grant Group