Privacy

Privacy Policy

ABILITY GROUP Pty Ltd (ABILITY GROUP) provides workers compensation, work, health and safety, human resources, physiotherapy and rehabilitation services through its specialist businesses (HEALTH ABILITY, PROHEALTH PHYSIO & PROHEALTH FITNESS).  Any reference to ABILITY GROUP in this policy includes its specialist businesses.

ABILITY GROUP collects and handles personal information in accordance with the Privacy Act 1988 (Cth), including the Australian Privacy Principles (APPs).  Personal information includes information relating to you and your employees. You can see the full text of the NPPs and the Act online at www.privacy.gov.au.

This Privacy Policy explains:

  1. the scope of our Privacy Policy;
  2. what is personal and sensitive information;
  3. why we collect personal information
  4. what personal information we collect
  5. how we collect and use your personal information
  6. how we disclose your personal information
  7. what information is collected from our website;
  8. how we secure and protect your personal information;
  9. if your information is sent overseas;
  10. your right to access your personal information;
  11. your right to correct your personal information;
  12. how we protect the integrity of your personal information;
  13. your right to make a privacy complaint;
  14. how you can contact us regarding privacy concerns.

We reserve the right to review, and if necessary, change this Privacy Policy.  We will post changes to this Privacy Policy on our Website.  This Privacy Policy is on our Website.

Scope

This Privacy Policy governs all personal information collected by and provided to us and must be adhered to by all persons who access, use, process, control or otherwise deal with personal information on our behalf.  This policy applies to independent contractors and job applicants, as well as individuals who provide us with their personal information.

What is personal information?

Personal information is any information that can be used to identify you.  This includes any personal information or opinions about you, whether true or not, no matter how the information or opinions are recorded.  The information may be collected from you directly or provided to us by another party.

Sensitive information is a special category of personal information and includes, but is not limited to, information about your health, race or ethnic origin, political or religious beliefs, membership of a trade union or association, or criminal record. Health information includes personal information collected from you in order to provide a health service.  We generally do not need to collect “sensitive information” (as defined in the Australian Act) about individuals, however we will collect such information from applicants for employment with us.  Where we are at liberty to do so, and it is practicable to do so, we will seek the consent of the individual concerned before collecting their sensitive information and inform them of the purpose at the same time.

Why do we collect personal information?

We collect personal information from you for the following purposes (Primary Purpose):

  1. to lawfully carry out our functions and activities
  2. to deliver the products and services that you requested
  3. on behalf of our clients as part of our services
  4. to provide you with further information about the products and services you requested
  5. to personalise and customise your experiences with us
  6. to help us review, manage and enhance our services
  7. to develop insights used in reports or other content developed by us
  8. to communicate with you; for administration purposes, including charging, billing and collecting debts
  9. to promote and market those of our other products and services which we consider may be of interest to you
  10. when considering making offers to job applicants and prospective employees or for employment purposes
  11. and to receive services from you or the organisation which employs you.

In addition to the Primary Purpose, we may use the personal information we collect, and you consent to us using your personal information to:

  1. provide you with news about any products and services
  2. send you marketing and promotional material that you may be interested in
  3. communicate with you, including by email, telephone and mail
  4. manage and enhance products or your experience on our Website and domains
  5. conduct surveys or promotions
  6. verify your identity
  7. investigate any complaints about, or made by you, or if we have reason to suspect you have breached any relevant terms and conditions
  8. and as required or permitted by any law.

Unless otherwise provided by law, we will not collect, hold, use or disclose sensitive information without your consent.

What personal information do we collect?

The nature and extent of personal information we collect varies depending on your particular interaction with us and the nature of our functions and activities.

Personal information that we commonly collect from you would include (but is not limited to):
your name, position, date of birth;

  1. your address, email address, telephone numbers, gender, driver’s licence number;
  2. your financial information including credit card and banking information,
  3. nature of products or services being sought for the purposes of filling your order;
  4. insurance details, rates and fees; and
  5. your occupation, career history and references.

We also collect information that is not personal information, such as data relating to your activity on our Website.

If you feel that the personal information that we are requesting at any point is not information that you wish to provide, please feel free to raise this with us.

If we are not provided with all the personal information we request, we may be unable to do business with you or others.

How do we collect personal information?

Generally, personal information is collected by us from a variety of sources, including when dealing with clients, when dealing with individuals, undertaking marketing initiatives, or when recruiting.

For example, we may collect personal information from you in the following circumstances:

  1. we are contacted about our products and services, in person, over the telephone or over the internet
  2. we negotiate and enter into business transactions
  3. we provide products and services
  4. we receive an application for employment
  5. or we respond to an inquiry, where we consider personal details are required or appropriate to fulfil the query

Personal information may be provided by you using our Website or by telephone, business cards, contracts, applications, competition entries, survey entries, mail or email, registration forms, face-to-face or in writing, whether verbally, in hard copy or electronic format.

Where possible, we collect your personal information directly from you. In some circumstances we may obtain personal information from a third party.

If you provide personal information about another person to us, we require that you:

  1. inform that person you have done so and provide them with a copy of this policy
  2. confirm to us that you have that person’s consent to provide such information for the purpose specified.

If we receive unsolicited personal information about you that we could not have collected in accordance with this Privacy Policy and the Privacy Act, we will within a reasonable period, destroy or de-identify such information received.

How do we use your personal information?

We will only use and disclose your personal information:

  1. for purposes which are related to the Primary Purpose
  2. or if we otherwise get your consent to do so, in accordance with this Privacy Policy and the Privacy Act.

We will not use your personal information for any purpose for which you would not reasonably expect us to use your personal information. Additionally, we will not disclose your sensitive information without your consent, unless there is a need to disclose such information in accordance with the Privacy Act or to comply with any other regulatory requirement.

Marketing

We may use personal information to advise the individual concerned of new services and marketing initiatives that we think may be of interest to them. This may include special product offerings, sale brochures, catalogues and general information about ABILITY GROUP. Those who prefer not to receive information about our products or services can contact our Privacy Officer to be removed from the relevant circulation list. Contact details for our Privacy Officer appears at the end of this policy.
We never disclose personal information to a party outside of ABILITY GROUP for the purposes of allowing them to direct market their products or service on an individual, unless that individual has expressly consented to that kind of disclosure.

We may require written confirmation of a request to be removed from our circulation list.

When do we disclose your personal information?

For the purposes referred to above in this Privacy Policy, you acknowledge and agree that we may disclose personal information and you consent to us disclosing such personal information to:

  1. our Affiliated Entities
  2. Insurers & brokers
  3. third parties engaged by us to perform functions or provide products or services on our or their behalf such as mail outs, marketing or advertising
  4. third parties that sponsor or promote us
  5. from unauthorised access of the information you provide, your referees and former employers
  6. credit agencies
  7. our professional advisors such as our lawyers
  8. persons authorised by you to receive information held by us
  9. and any persons as required or permitted by any law.

Our Website

Our websites include:

www.abilitygroup.com.au

We handle information received from visitors to our website as follows.

To ensure we are meeting the needs and wants of our website users, and to develop our online services, we collect information by using cookies.

Cookies are unique identification numbers like tags that are placed on the browser of our website users. The cookies do not in themselves necessarily identify users personally, but are linked back to a database record about the user/session. No personal information is stored within the cookie without your authorisation that this is to occur (for example, accessing an authorised user account through our website is your authorisation for us to link your user/session with personal information we collect about you).

We use cookies to track use of our website, and to compile statistics on visits to the site in an aggregated form and log anonymous information such as:

  1. the address of a user’s server
  2. a user’s top-level domain (such as .com. or .au)
  3. the date and time of a user’s visit
  4. the pages a user accessed and downloaded
  5. the search engine a user used
  6. what type of browser was used

When a user visits our site, a cookie may be placed on their machine. Where a user has visited us before the cookie may be read each time they re-visit the site.

In the case of users who are authorised by a client of ABILITY GROUP to receive our online services, we link your use of our online services back to personal information about you held in our records. We do this so we can record your use of our services and report back to our client who authorised you to use our services.

We do not use this technology to access any other personal information of a user in our records, except for users who are authorised by a client of ABILITY GROUP to receive our online services, and a user cannot be personally identified from a cookie.

ABILITY GROUP may use your IP address to assist in the diagnosis of problems with our server and to administer and monitor the use of our site. Except for users who are authorised by a client of ABILITY GROUP to receive our online services, this provides broad demographic information only and statistical input for onward development of the site.

Contact information resulting from use of the above services is collected for the purpose of sending information to the requestor. In addition, we may follow up to check that the information has been received and / or that the requestor has not encountered problems with any of the documentation or software received or downloaded. Further, the contact information may be used by ABILITY GROUP only, to make the requestor aware of new or updated information on ABILITY GROUP’s products and services. Such mailings offer an opt-out response mechanism enabling removal from our e-mail lists.

ABILITY GROUP reserves the right to use any ideas, concepts or know-how that are sent to us via our website, for any purpose whatsoever

Security

The protection of personal information is a priority for us. We are committed to maintaining:

  1. safeguards to protect personal information against unauthorised use
  2. disclosure, access, alteration, destruction and accidental loss
  3. all personal information we hold is dealt with in accordance with the NPPs industry standards for the security and protection of information
  4. personal information is stored securely, and access is restricted to authorised personnel only
  5. our computer systems require access passwords, and these are kept secure by our personnel
  6. and internal policies on management of personal information, and staff training to ensure compliance with these policies.

You acknowledge that the security of communications sent by electronic means or by post cannot be guaranteed. We cannot accept responsibility for misuse, loss or unauthorised access to your personal information where the security of information is not within our control.  If you suspect any misuse or loss of your personal information, please contact us immediately.

We will take reasonable steps to destroy or de-identify any personal information held by us if we no longer need to hold the information for the purpose it was collected, and we are not otherwise required by law to retain the information.

Do we send information overseas?

ABILITY GROUP stores personal information within Australia and to keep our prices low we may use specialist third parties to provide secure storage facilities. We may transfer personal information overseas, for example:

  1. for the purposes of data storage
  2. to give effect to a request to open a new client account
  3. or to amend existing accounts.

Except as otherwise indicated in this policy, we will not otherwise transfer your personal information outside Australia unless:

  1. we reasonably believe that the recipient of the information is subject to legal obligations that uphold principles for the protection and fair handling of personal information that are substantially similar to the principles contained in the NPPs or IPPs (as the case may be) and this policy
  2. we are given consent by the individual concerned to do so, expressly or by implication
  3. we are contractually required to do so
  4. or the transfer is for the benefit of the individual concerned and it is not practicable for us to obtain their consent and if they were able to grant consent, they would be likely to give it.

In this instance we will advise the individual concerned to whom their information has been disclosed as soon as practicable.

Access to your personal information

We will generally allow an individual access to any personal information that we hold about them on request – subject to any Restrictions on Access.  We will try to give the individual concerned access in a form and manner that suits their needs.

Contact our Privacy Officer if you wish to request access to your personal information in our records. You are required to put your request in writing and provide proof of your identity. Contact details for our Privacy Officer appear at the end of this policy.

You may not be allowed access to personal information we hold where access would reveal evaluative information generated by us in connection with a commercially sensitive decision-making process.  Instead, we may give you an explanation for the decision, rather than direct access to the information.

If we have given you such an explanation and you believe that direct access to the evaluative information is necessary to provide a reasonable explanation of the reasons for the decision, we will, at your request, review the decision. Personnel other than the original decision-maker will conduct the review.

Wherever direct access by you is impractical or inappropriate, we should consider together whether the use of a mutually agreed intermediary would allow sufficient access to meet both our needs and concerns.

We are not obliged to allow access to your personal information if:

  1. we reasonably believe that giving access would pose a serious threat to the life, health or safety of any individual, or to public health or public safety
  2. giving access would have an unreasonable impact on the privacy of other individuals
  3. the request for access is frivolous or vexatious
  4. the information relates to existing or anticipated legal proceedings between you and us and would not ordinarily be accessible by the discovery process in such proceedings
  5. giving access would reveal our intentions in relation to negotiations with you in a way that would prejudice those negotiations
  6. giving access would be unlawful
  7. denying access is required or authorised by or under an Australian law or a court/tribunal order
  8. we have reason to suspect that unlawful activity, or misconduct of a serious nature relating to our functions or activities has been, is being or may be engaged in and giving access would be likely to prejudice the taking of appropriate action in relation to the matter
  9. giving access would be likely to prejudice one or more enforcement related activities conducted by, or on behalf of, an enforcement body
  10. or giving access would reveal internal evaluative information in connection with a commercially sensitive decision-making process.

If you make a request for access to personal information, we will:

  1. respond to your request within a reasonable period
  2. and if reasonable and practicable, give access to the information in the manner requested.

If we refuse to give access to the personal information because of an exception or in the manner requested by you, we will give you a written notice that sets out at a minimum:

  1. our reasons for the refusal (to the extent it is reasonable to do so)
  2. and the mechanisms available to complain about the refusal.

We reserve the right to charge you reasonable expenses for providing access to personal information, for example, a fee for photocopying any information requested by you.
Nothing in this Privacy Policy replaces other informal or legal procedures by which you can be provided with access to personal information.

An individual will incur no charges for lodging a request to access personal information. However, we may levy a reasonable charge for providing the access.  We will provide an estimate of any charge on request, or if it appears to us that the work will be onerous or otherwise warrants a charge.

Correction of your personal information

We request that you keep your personal information as current as possible.  If you feel that information about you is not accurate or your details have or are about to change, you can call us on 02 9098 5500 and we will correct or update your personal information

If you make a request to correct your personal information, we will:

  1. respond to your request within a reasonable period
  2. and if reasonable and practicable, correct the information in the manner requested.

If we refuse a request to correct personal information, we will:

  1. give you a written notice setting out the reasons for the refusal and how you may make a complaint
  2. and take reasonable steps to include a statement with your personal information we refuse to correct.

We reserve the right to charge you reasonable expenses for making a correction to your personal information, for example, a fee for photocopying relevant information.
Nothing in this Privacy Policy replaces other informal or legal procedures by which you can correct personal information.

Integrity of your personal information

We will take reasonable steps to:

  1. ensure that the personal information that we collect is accurate, up to date and complete
  2. ensure that the personal information that we hold, use or disclose is, with regard to the relevant purpose, accurate, up to date, complete and relevant
  3. and secure your personal information while it is being held by us.

We will take reasonable steps to protect personal information from:

  1. misuse, interference and loss
  2. and unauthorised access, modification or disclosure.

Complaints

If you have a complaint about how we collect, use, disclose, manage or protect your personal information, or otherwise consider there may be a breach of the Privacy Act or the APPs, please contact us in writing.

We treat all complaints seriously and intend to resolve your complaint within a reasonable timeframe, usually 14 days or otherwise as soon as practicable.  However, in some complex cases, resolution may take longer.

Once the complaint has been received, we will try to resolve the matter in a number of ways:

  1. Request for further information: We may request further information from you.  You should be prepared to provide us with as much information as possible, including details of any relevant dates and documentation.  This will enable us to investigate the complaint and determine an appropriate solution.  All details provided will be kept confidential.
  2. Discuss options: We will discuss options for resolution with you and if you have suggestions about how the matter might be resolved you should raise these with our Privacy Officer. The person to contact is our Privacy Officer, whose contact details appear at the end of this policy.
  3. Investigation:  Where necessary, the complaint will be investigated.  We will try to do so within a reasonable time frame.  It may be necessary to contact others in order to proceed with the investigation.  This may be necessary in order to progress your complaint.
  4. Conduct of our employees: If your complaint involves the conduct of our employees we will raise the matter with the employees concerned and seek their comment and input in the resolution of the complaint.

If this process does not result in an outcome that is satisfactory to you, you may contact the Privacy Commissioner’s Office. Where appropriate, we will work together with the relevant Privacy Commissioner’s Office to resolve the issues between us. Further information about privacy and your rights in Australia can be obtained at the Australian Privacy Commissioner’s website at www.privacy.gov.au. The contact details for the Australian Privacy Commissioner’s Office are as follows:

Street address:  Level 8, Piccadilly Tower, 133 Castlereagh Street Sydney NSW 2000.
Telephone  1300 363 992 (for the cost of a local call anywhere in Australia)
TTY  1800 620 241
Post  GPO Box 5218, Sydney NSW 1042
Facsimile  +61 2 9284 9666
E-mail  privacy@privacy.gov.au

Contact Information

If you wish to access any personal information that we hold about you, have a query about this policy, or would like to meet with our Privacy Officer to pursue any question, comment or concern, please contact our Privacy Officer in Australia as follows:

help@abilitygroup.com.au

ABILITY GROUP, 92A Longueville Road, Lane Cove NSW 2066 Australia

+ 61 2 9098 5500