AJEKA Privacy Policy

Introduction

AJEKA is committed to protecting the privacy of the people we deal with. This policy outlines how we collect, use, disclose, and protect personal information in compliance with the Privacy Act 1988 (Cth) and the Information Privacy Act 2009 (QLD).

Definitions

Personal Information: Information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether true or not, and whether recorded in a material form or not.

Sensitive Information: Information or an opinion about an individual’s racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual orientation or practices, criminal record, or health, genetic or biometric information.

Collection of Personal Information

We collect personal information necessary for the recruitment, employment, and management of our employees, as well as from our website users, customers, suppliers, vendors, and business partners. For our current or prospective employees, this may include:

  • Name, contact details, and date of birth.
  • Employment history and educational qualifications
  • Work performance and use of our IT resources.
  • Tax file number, superannuation details, and other data relevant for payroll.
  • Health information (medical certificates, health, and safety records).

For business partners, customers, suppliers, vendors, and business partners, we may collect:

  • Name and contact details.
  • Use of our IT resources.
  • Data relevant for payment and safety.

Please refer to Privacy, Cookies on our Website for information that we may collect from website users.

Under certain circumstances, we may need to collect additional sensitive information about you. For example, if you apply to work with us, we may conduct background checks including your eligibility to work in Australia, vocational suitability, information that help us to verify your identity, directorship, financial probity, and criminal record checks.

If we collect your sensitive information, it will only be done with your consent, if necessary to prevent a serious and imminent threat to life or health, or as otherwise required or authorised by law. We will respond appropriately to protect the security of this information and we will only use this information in a way that you can expect.

We collect some of this personal information under laws including the Corporations Act, Fair Work Act, Superannuation Guarantee (Administration) Act, and Income Tax Assessment Act.

Why we collect & handle Personal Information

We collect personal information to enable us to:

  • Establish, manage, and maintain our business relationships.
  • Respond to enquiries and requests from individuals and businesses. For example, when customers ask us to respond to tenders, requests for proposals or information, or for reports to be emailed, faxed, or posted.
  • Recruit and consider potential employees or applications for employment with us.
  • Consider a potential contractor’s engagement with us.
  • Open and administer our client accounts during sales and/or the delivery cycle.
  • Manage marketing and sales initiatives such as our publications, information about our service offerings, events, seminars, and other business programs. For example, when customers ask to be on an email or mailing list so that we can send them information about our activities and our publications, e.g., cyber security alerts.
  • Develop, provide, and improve our services and solution.
  • Inform about our services and solutions.
  • Obtain feedback on our services and solutions.
  • Conduct administrative functions.
  • Update our records & keep contact details up to date.
  • Enable you to subscribe to newsletters & mailing lists.
  • Process and respond to privacy questions, concerns & complaints.
  • Fulfil legal obligations.

You are not obligated to provide us with your personal information. Where feasible, we will offer you the option to interact with us anonymously or using a pseudonym. However, if you choose to remain anonymous or do not provide your personal information, we may be unable to deliver our services or interact with you fully.

Use & disclosure of Personal Information

Personal information is used and disclosed for purposes for which it was given to us, including but not limited to:

  • Recruitment and selection processes.
  • Your work with our customers.
  • Marketing purposes.
  • Payroll and superannuation administration.
  • Performance management and professional development.
  • Compliance with legal and regulatory obligations.
  • Workplace health and safety management.

We may disclose personal information to third parties where necessary for the above purposes, such as:

  • Our customers, contractors, and advisors.
  • Payroll processors and superannuation funds.
  • Legal and financial advisors.
  • Regulatory and government authorities.
  • Health and safety consultants.
  • Training and development services.
  • Examples for customer related use cases include:
  • When customers ask to be on an email or mailing list so that we can send them information about our activities and publications.
  • When customers ask us to respond to Tender, Request for Proposal, Request for Information or reports to be emailed, faxed, or posted with contact information.
  • If you are a contact person for one of our customers or suppliers, personal information about you may be used by us in our dealings with the customer or supplier you represent.

Personal information about prospective employees will be shared with approved third parties as part of pre-employment checks. With consent, we may exchange your personal information with educational institutions given in your application, your recruiter, background checking services, your professional and industry associations, law enforcement agencies, your referees, as well as our prospective clients.

With your consent we may disclose reasonable information to other employers seeking a reference about you.

Necessary disclosure

If we believe that the use or disclosure of your personal information is reasonably necessary for one or more enforcement related activities, we will make a written note of the use or disclosure. This written note will include details of the personal information involved, the purpose of the use or disclosure, and the entities or individuals to whom the information was disclosed. These notes will be securely stored in our records management system for a period determined by applicable legal and regulatory requirements. The written note will not be disclosed to the data subject unless required by law.

Marketing purposes

We adhere to strict guidelines regarding the use of personal information for direct marketing purposes. Before using or disclosing personal information for direct marketing, we will obtain the individual’s consent, unless the individual would reasonably expect their information to be used for this purpose. Each direct marketing communication sent by us will include a simple and free means for the individual to opt out of receiving future marketing communications. If an individual opts out, we will cease using or disclosing their personal information for direct marketing purposes within a reasonable period. If we disclose personal information to a third party for direct marketing, we will only engage third parties for this purpose where their data handling and privacy policies meet or exceed the expectations outlined in recognised standards, such as ISO 27001. We will not use or disclose sensitive information for direct marketing purposes without the individual’s consent, unless required by law.

Unsolicited Personal Information

If we receive personal information that we did not solicit, we will, within a reasonable period after receiving the information, determine whether we could have collected the information under this policy if we had solicited the information. If we determine that we could not have collected the information and the information, we will, as soon as practicable, and if lawful and reasonable to do so, destroy the information or ensure that it is de-identified. If necessary, we may use or disclose the personal information to make this determination.

Adoption, Use, or Disclosure of Government-Related Identifiers

AJEKA will not adopt, use, or disclose a government-related identifier of an individual as its own identifier, except in situations permitted by other parts of this policy and in conjunction with the Australian Privacy Principles. Government-related identifiers include items such as tax file numbers, Medicare numbers, and driver’s licence numbers. We will only use or disclose such identifiers if it is necessary to fulfill obligations to a government agency or is otherwise required or authorised by law.

Overseas Recipients

We are currently only operating in Australia. However, some of our third parties described above may be in New Zealand, United Kingdom, United States, and other countries.

We may disclose personal information to our related bodies corporate, third-party suppliers and service providers located overseas. Except where specific individual consent has been obtained, we take reasonable steps to ensure that the overseas recipients of your personal information do not breach the privacy obligations relating to your personal information.

For the purposes mentioned above and to an extent that you can expect from us, we may disclose your personal information to entities located overseas, including the following:

  • Our related bodies corporate located in the United Kingdom.
  • Our data hosting and other IT service providers located globally.
  • Our clients and their related entities located in foreign countries, to the extent that we are acting on their behalf or at their direction in using, storing, or collecting your personal information.

How we collect Personal Information

We may collect personal information directly from you or your authorised representative, in ways including:

  • From you directly when you provide details to us. This could be when you contact us by telephone or electronic communications, or you provide us a business card.
  • When you purchase our solutions and services.
  • When you create an account with us.
  • When you visit our offices and fill the visitor entry form.
  • When we process orders and payment transactions.
  • When you get into contact with us, and we respond to your inquiry or request.
  • When obtaining feedback about our solutions and services from you.
  • When you register for our events, workshops, and seminars.

Sometimes and with your consent or in a way that you can expect from us, we collect personal information from a third party, such as our customers or partners, or other third-party companies such as credit reporting bodies, law enforcement agencies, recruitment companies or publicly available sources.

When we collect personal information, we will take reasonable steps to notify you or otherwise ensure you are aware of certain matters. This includes informing you about our contact details, the purposes for which the information was collected, and the main consequences (if any) if the information is not collected. Additionally, we will inform you about any other entities to which the information is usually disclosed, and how you can access and correct your information or make a complaint about a breach as outlined in this document. This notification will occur at or before the time of collection, or as soon as practicable thereafter.

Data Quality

We take steps to ensure that the personal information we collect is accurate, up to date and complete. These steps include maintaining and updating personal information when you advise us that your personal information has changed, and at other times, as necessary. Any changes, relevant omissions, or inaccuracies in your personal information will be updated as soon as practicable.

Data Security

AJEKA takes reasonable steps to protect personal information from misuse, interference, loss, unauthorised access, modification, or disclosure. These steps include:

  • Implementing physical security measures (e.g., locked filing cabinets, secure premises).
  • Employing electronic security measures (e.g., data encryption in transit and at rest, firewalls).
  • Regularly reviewing and updating security practices.

Even though we have taken significant steps to ensure that your personal information is not intercepted, accessed, used, or disclosed by unauthorised persons, you should know that we cannot fully eliminate security risks associated with personal information.

Data Retention & Destruction

AJEKA retains personal information for as long as it is necessary to fulfil the purposes for which it was collected, including to satisfy any legal, regulatory, or reporting requirements. Once personal information is no longer needed, it will be securely destroyed or de-identified. Specific retention periods may vary depending on the nature of the information and the legal obligations associated with it. Individuals can contact the HR department for further details on the retention periods applicable to their personal information.

If AJEKA receives personal information that it did not solicit, we will, within a reasonable period after receiving the information, determine whether it could have collected the information if it had solicited the information. If necessary, we may use or disclose the personal information to make this determination. If we determine that we could not have collected the information, we will, as soon as practicable, and if lawful and reasonable to do so, destroy the information or ensure that it is de-identified.

Privacy & Cookies on our Website

This section applies when you access our website, which can be found under the domain name “AJEKA.com.au”, “AJEKA.com” or “AJEKA.co.uk”.

As you navigate on our website, certain information may be collected passively, including your internet protocol name, browser type, times, and operating system. We may also use session and persistent cookies and navigational data (such as URLs) to gather information regarding the date and time of your visit and the information and services for which you searched and which you viewed. We do not intentionally gather personal information about visitors who are minors.

Our website may use ‘cookies’ from time to time. A cookie is a piece of information that helps our system to identify and interact more effectively with your browser. The cookie allows us to maintain the continuity of your browsing session and remember your details and preferences when you return. You can configure your web browser application to reject cookies. However, as a result some parts of our website may not function as expected.

Access to Personal Information

You have the right to access your personal information and request corrections if the information is inaccurate, out-of-date, incomplete, irrelevant, or misleading. We will respond to the request within a reasonable period of making the request. AJEKA will provide access to the information in the manner requested by the individual, provided it is reasonable and practicable to do so.

AJEKA will take reasonable steps to notify the correction or statement to the entities to which we have disclosed your information. This ensures that any corrections or statements made to personal information are communicated to relevant parties.

If you wish to get access to the personal information we hold about you, or request that we change that personal information, please contact us by email or contact form on our website and we will allow access or make the changes unless we consider that there is a sound reason under the Privacy Act or other relevant law to withhold the information, or not make the changes. We will provide a written notice that sets out the reasons for the refusal and the mechanisms available to complain about it.

Complaints

Please contact us if you believe that your personal information has been handled inappropriately. You can lodge a complaint with the HR department. AJEKA will investigate and respond to complaints in a timely manner. We may request additional details from you regarding your concerns and may need to engage or consult with other parties to investigate and deal with your issue. We may keep records of your request and any resolution.

If you are not satisfied with the outcome, you may escalate the complaint to the Office of the Australian Information Commissioner (OAIC).

Changes to this Policy

AJEKA may update this policy from time to time to reflect changes in legislation or company practices. We will notify you of any significant changes by posting the updated policy on our website. We encourage you to review this policy periodically for the latest information on our privacy practices.

Contact Information

For any questions or concerns about this privacy policy, please contact us via email at hello@ajeka.com.au