Privacy Policy 

  1. Introduction 

We manage personal information in accordance with the Privacy Act 1988 and Australian  Privacy Principles.  

You can request a copy of our full policy, or just read the parts that interest you by following  the links in this document. Some links will take you to external sites. We only collect  information that is reasonably necessary for the proper performance of our activities or  functions.  

We do not collect personal information just because we think it could be useful at some  future stage if we have no present need for it. 

We may decline to collect unsolicited personal information from or about you and take steps  to purge it from our systems. 

We manage personal information according to our usual information flow. There may  sometimes be departures from our usual information flow. 

By following the links in this document, you will be able to find out how we manage your  personal information as an APP Entity under the Australian Privacy Principles (APPs).  

You will also be able to find out about the information flows associated with that information. 

1.1.APP Entity 

HiTalent Recruitment manages personal information, as an APP Entity, under the Australian  Privacy Principles (APPs). 

Because we may sometimes work as a contracted service provider to a range of  Commonwealth, State and Territory government agencies, it might become necessary for us  to collect and manage personal information as an Agency under different privacy  arrangements.  

If you wish to know whether this applies to you, please contact us by emailing  hello@hitalent.com.au 

1.2.Information Flow 

When we collect your personal information: 

• we check that it is reasonably necessary for our functions or activities as a  employment agency or on hire firm. 

• we check that it is current, complete and accurate. This will sometimes mean that we  have to cross-check the information that we collect from you with third parties; 

• we record and hold your information in our Information Record System BullhornAstute and Referoo. Some information may be disclosed to overseas recipients 

• we retrieve your information when we need to use or disclose it for our functions and  activities as an employment agency or on-hire firm. At that time, we check that it is  current, complete, accurate and relevant. This will sometimes mean that we have to  cross-check the information that we collect from you with third parties once again - especially if some time has passed since we last checked. 

• subject to some exceptions and conditions, we permit you to access your personal  information in accordance with APP:12 . 

• we correct or attach associated statements to your personal information in  accordance with APP:13. 

• we destroy or de-identify your personal information when it is no longer needed for any  purpose for which it may be used or disclosed provided that it is lawful for us to do so.  We do not destroy or de-identify information that is contained in a Commonwealth  Record. 

2. Kinds of information that we collect and hold 

Personal information that we collect and hold is information that is reasonably necessary for  the proper performance of our functions and activities as an employment agency or on hire firm and is likely to differ depending on whether you are: 

• a Workseeker

• a Client  

• a Referee 

2.1.Workseekers 

The type of information that we typically collect and hold about Workseekers is information  that is necessary to assess amenability to work offers and work availability; suitability for  placements; or to manage the performance in work obtained through us and includes: 

• We collect information about you and the interactions you have with us via phone,  email, our websites, apps or other mobile applications 

• Identity, contact details, gender, nationality and right to work in Australia  • Employment history and referees 

• Qualifications, tickets or licences 

• Location and location of work required  

• Organisation preferences  

• Salary expectation and type of work  

• Probity documents, such as Australian Police Checks, Working with Children Checks,  NDIS Checks and International Police Check  

2.2.For Clients 

The type of information that we typically collect and hold about Clients is information that is  necessary to help us manage the presentation and delivery of our services and includes:  

• roles, reporting lines, inter-personal communication, and cultural fit requirements within  your organisation; 

• business, social, or personal interests about which we may be able to provide news and  information; 

• celebration milestones and dates, preferred social media contact channels, etc that you  choose to share with us. 

2.3.For Referees 

The type of information that we typically collect and hold about Referees is information that  is necessary to help to make determinations about the suitability of one of our Workseekers  for particular jobs or particular types of work and includes: 

• your name; 

• your relationship with and knowledge and opinions of our Candidate as relevant to  the reference we are seeking; 

• other background and contextual information as relevant to the reference we are  seeking. 

• your contact details for follow up (if necessary); 

• confirmation of your identity and authority to provide a reference (if necessary).

3. Purposes 

The purposes for which we collect, hold, use and disclose your personal information are  likely to differ depending on whether you are: 

• a Workseeker 

• a Client  

• a Referee 

The following sections are also relevant to our use and disclosure of your personal  information:

• Our Policy on Direct Marketing 

• Overseas Disclosures 

3.1.For Workseekers 

Information that we collect, hold, use and disclose about Workseekers is typically used for: 

• work placement operations; 

• recruitment functions; 

• statistical purposes and statutory compliance requirements; 

3.2.For Clients 

Personal information that we collect, hold, use and disclose about Clients is typically used  for: 

• client and business relationship management; 

• recruitment functions; 

• marketing services to you; 

• statistical purposes and statutory compliance requirements; 

3.3.For Referees 

Personal information that we collect, hold, use and disclose about Referees is typically used: • to confirm identity and authority to provide references; 

• for Workseeker suitability assessment; 

• for recruitment functions; 

3.4.Our Policy on Direct Marketing 

We may use your personal information to directly market our services, or the services of  other businesses with whom we work cooperatively. You can see a list of the  businesses with whom we work on our website  

We do not obtain customer lists from third parties for marketing purposes. 

You may choose not to consent to direct marketing from us simply by letting us know by  text message, phone call, or email. 

We aim to observe the requirements of anti-spam legislation and would provide an  effective means for unsubscribing from any marketing that would be considered to be  spam. 

4. How your personal information is collected

The means by which we will generally collect your personal information are likely to differ  depending on whether you are: 

• a Workseeker 

• a Client  

• a Referee 

We sometimes collect information from third parties and publicly available sources when it is  necessary for a specific purpose such as checking information that you have given us or  where you have consented or would reasonably expect us to collect your personal  information in this way. 

Sometimes the technology that is used to support communications between us will provide  personal information to us. 

4.1.For Workseekers 

Personal information will be collected from you directly when you fill out and submit one of  our application forms or any other information in connection with your application to us for  work. 

We may also collect personal information about you from a range of publicly available  sources including newspapers, journals, directories, the Internet and social media sites.  When we collect personal information about you from publicly available sources for inclusion  in our records we will manage the information in accordance with the APPs and our Privacy  Policy.  

Photos & Images 

We will not request that you supply photographs, scan photo ID, or capture and retain video  image data of you if simply sighting photographs or proof of identity documents would be  sufficient in the circumstances. 

4.2.For Clients 

Personal information about you may be collected: 

• when you provide it to us for business or business related social purposes; 

We may also collect personal information about you from a range of publicly available  sources including newspapers, journals, directories, the Internet and social media sites.  When we collect personal information about you from publicly available sources for inclusion  in our records we will manage the information in accordance with the APPs and our Privacy  Policy.  

4.3.For Referees 

Personal information about you may be collected when you provide it to us:

• in the course of our checking Workseeker references with you and when we are  checking information that we obtain from you about Workseekers; 

We may also collect personal information about you from a range of publicly available  sources including newspapers, journals, directories, the Internet and social media sites.  When we collect personal information about you from publicly available sources for inclusion  in our records we will manage the information in accordance with the APPs and our Privacy  Policy.  

4.4. Electronic Transactions 

Sometimes, we collect personal information that individuals choose to give us via online  forms or by email, for example when individuals: 

• ask to be on an email list such as a job notification list; 

• register as a site user to access facilities on our site such as a job notification board; • make a written online enquiry or email us through our website; 

• submit a resume by email or through our website; 

• use web-based application and placement management apps to submit identification  documents, receive job offers, undertake inductions, or upload time sheets etc.  

Some apps might invite you to use your social media log-in details (e.g.; Facebook or  Google log-in user names and passwords). 

It is important that you understand that there are risks associated with use of the Internet  and you should take all appropriate steps to protect your personal information. It might help  you to look at the OAIC's resource on Social Media & Online Privacy. 

You can contact us by land line telephone or post if you have concerns about making  contact via the Internet.  

See also the following topics: 

• Social Networks and Web Searches 

• Resume harvesting and job matching software 

• Browsing 

• Cookies 

• Web Bugs 

• Cloud Computing Services 

• Uploading photographs 

• Emails 

• Call and message logs 

• Teleconferences and Video conferences 

• Database 

• Mobile Access 

• Paperless Office 

• Biometric technology (e.g. face and voice recognition)

• Interoperations – e.g., relevantly to how personal information that you control is  processed by SaaS and PaaS providers 

5. How your personal information is held 

Personal information is held in our Information Record System Bullhorn, Astute and  Referoo until it is no longer needed for any purpose for which it may be used or disclosed at  which time it will be de-identified or destroyed provided that it is lawful for us to do so. 

We take a range of measures to protect your personal information from: 

• misuse, interference and loss; and 

• unauthorised access, modification or disclosure. 

5.1.Our Information Record System 

Information is stored electronically through Cloud storage.  

5.2.Information Security 

We take information security and privacy seriously and have the following staff policies and  practices in place: 

• Staff training 

• "Clean desk" procedures 

• Need-to-know and authorisation policies 

• Social Media policy 

• Cyber security policy 

• Password protection 

• Policies on laptop, mobile phone and portable storage device security; • Culling procedures including shredding and secure disposal etc. 

5.3.Data Breach Notifications & Response 

In the event of a data breach, we would respond by measures appropriate to the nature and  seriousness of the breach and the size and resources of our organisation taken in  accordance with the four steps set out in the OAIC’s data breach notification guidance and  advice.  

6. Disclosures 

We may disclose your personal information for any of the purposes for which it is primarily  held or for a lawful related purpose

We may disclose your personal information where we are under a legal duty to do so.  Disclosure will usually be:

• internally and to our related entities 

• to our Clients 

• to Referees for suitability and screening purposes. 

• to our contracted service providers, insurers, professional advisors and others with a  proper interest in receiving your personal information for a lawful related purpose. 

6.1.Related Purpose Disclosures 

We outsource a number of services to contracted service suppliers (CSPs) from time to  time. Our CSPs may see some of your personal information. Typically, our CSPs would  include: 

• Software solutions providers; 

• I.T. contractors, database designers and Internet service suppliers; 

• Legal and other professional advisors; 

• Insurance brokers, loss assessors and underwriters; 

• Superannuation fund managers; 

• Background checking and screening agents; 

• Payroll solution providers 

We take reasonable steps to ensure that terms of service with our CSPs recognise that we  are bound by obligations to protect the privacy of your personal information and that they will  not do anything that would cause us to breach those obligations. 

6.2.Overseas Recipients 

Some of your personal information is likely to be disclosed to overseas recipients. 

The likely countries, type of information disclosed, and recipients are indicated, so far as is  practicable, in the following table: 

Country 

Type of Information 

Likely Recipients

United Kingdom and America 

All personal data held by us 

IT Personnel and  

Contractors of our  

technology providers who  may access data for  

maintenance and software  upgrade purposes



We cannot guarantee that any recipient of your personal information will protect it to the  standard to which it ought to be protected. The costs and difficulties of enforcement of  privacy rights in foreign jurisdictions and the impracticability of attempting to enforce such  rights in some jurisdictions will mean that in some instances, we will need to seek your  consent to disclosure. 

7. Access & Correction

Subject to some exceptions set out in privacy law, you can gain access to your personal  information that we hold.  

Important exceptions include: 

• Evaluative opinion material obtained confidentially in the course of our performing  reference checks; and access that would impact on the privacy rights of other people.  

In many cases evaluative material contained in references that we obtain will be collected  under obligations of confidentiality that the person who gave us that information is entitled to  expect will be observed. We do refuse access if it would breach confidentiality. 

For more information about access to your information see our Access Policy. For more information about applying to correct your information see our Correction Policy. 

7.1.Access Policy 

If you wish to obtain access to your personal information you should contact our Privacy Co ordinator. You will need to be in a position to verify your identity. 

Consistently with guidance and advice provided by the OAIC, we may impose a charge  (provided it is not excessive) for retrieving and providing access to your personal  information. Any such charge would be calculated having regard to: 

• our staff costs in searching for, locating and retrieving the requested personal  information, and deciding which personal information to provide to you; 

• our staff costs in reproducing and sending the personal information; 

• the costs of postage or materials involved in giving access  

• the costs associated with using an intermediary – e.g., where access might be granted  indirectly or to paraphrased information. 

In determining the amount to charge, we would consider:  

• our relationship with you; 

• any known financial hardship factors; 

• any known adverse consequences for you if you do not get access to the personal  information. 

7.2.Correction Policy 

If you find that personal information that we hold about you is inaccurate, out of date,  incomplete, irrelevant or misleading, you can ask us to correct it by contacting us. 

We will take such steps as are reasonable in the circumstances to correct that information to  ensure that, having regard to the purpose for which it is held, the information is accurate, up  to date, complete, relevant and not misleading. 

If we have disclosed personal information about you that is inaccurate, out of date,  incomplete, irrelevant or misleading, you can ask us to notify the third parties to whom we 

made the disclosure and we will take such steps (if any) as are reasonable in the  circumstances to give that notification unless it is impracticable or unlawful to do so. 

8. Complaints 

You have a right to complain about our handling of your personal information if you believe  that we have interfered with your privacy. 

8.1.Complaints procedure 

If you are making a complaint about our handling of your personal information, it should first  be made to us in writing. 

You can make complaints about our handling of your personal information to our Privacy Co ordinator, whose contact details are lauren@hitalent.com.au 

You can also make complaints to the Office of the Australian Information Commissioner through the Commission’s website and the means set out there. 

Complaints may also be made to RCSA the industry association of which we are a member. 

RCSA administers a Code of Conduct for the professional and ethical conduct of its  members.  

The RCSA Code is supported by rules for the resolution of disputes involving members. 

NOTE: The RCSA Code and grievance intervention rules do NOT constitute a  recognised external dispute resolution scheme for the purposes of the APPs; but are  primarily designed to ensure the good professional conduct of the Association’s  members. 

When we receive your complaint: 

• We will take steps to confirm the authenticity of the complaint and the contact details  provided to us to ensure that we are responding to you or to a person whom you have  authorised to receive information about your complaint; 

• Upon confirmation we will write to you to acknowledge receipt and to confirm that we  are handling your complaint in accordance with our policy. 

• We may ask for clarification of certain aspects of the complaint and for further detail; 

• We will consider the complaint and may make inquiries of people who can assist us to  established what has happened and why; 

• We will require a reasonable time (usually 30 days) to respond;

• If the complaint can be resolved by procedures for access and correction we will  suggest these to you as possible solutions;  

• If we believe that your complaint may be capable of some other solution we will suggest  that solution to you, on a confidential and without prejudice basis in our response; 

If the complaint cannot be resolved by means that we propose in our response, we will  suggest that you take your complaint to any recognised external dispute resolution scheme  to which we belong or to the Office of the Australian Information Commissioner.