This notice and information applies across all websites that we own and operate and all services we provide, including our online and mobile HRIS services products, and any other apps or services we may offer (for example, events or training). For the purpose of this notice, we refer to the services we provide as our ‘services’.
When we say ‘personal data’ we mean identifiable information about an individual, like their name, email, address, telephone number, bank account details, payment information, support queries, community comments and so on. If a person can’t be identified (for example, when personal data has been aggregated and anonymised) then this notice doesn’t apply.
We may need to update this notice from time to time. Where a change is significant, we will inform those users that may be affected that we have an obligation to inform – usually by sending an email.
Last Updated: 16 March 2021.
When we refer to ‘we’ (or ‘our’ or ‘us’), that means:
Our Head Office is in Sydney, Australia, but we operate and have offices across Australia and NewZealand. Address details for all HR Assured offices are available on our Contact Us pages.
FCB Group FCB Group assists many businesses with their employment and human resources needs including around hiring, managing and exiting of their staff and core legal compliance requirements.
Unlike most other providers, our clients can access our services and solutions in a range of ways by engaging one of our 5 divisions which includes a 24/7 advice helpline, cloud technology platform and visa & migrations services.
With offices in Sydney, Melbourne, Brisbane, Auckland and Wellington, we provide Australian and New Zealand businesses with employment related legal advice, HR consulting, migration, services and technology solutions.
For small-to-medium size businesses, we are able to provide a complete workplace relations solution that helps reduce the costs and risks associated with managing people, freeing management to focus on growth. Most importantly, we can offer this package for a low-cost monthly fee.
We take the privacy of data that we hold seriously, and ensure everything is done with the utmost:
The technologies, policies and procedures we have in place to achieve these principles are outlined in “ Appendix 1 – Security Mechanisms & Policies”.
The data we may collect falls into three categories:
If you wish to opt out of our tracking of our service usage and website tracking, you can do so by limiting advertiser tracking in your browser.
We primarily use personal data to deliver our services to you and your staff. We also use this data to:
We undertake to only communicate with the users of our services where their access to our services puts them in a position of that communication being meaningful. Users also have the option to opt out or unsubscribe from these types of services.
We will only disclose your personal data with third parties:
When we share your data to third parties, we will undertake a review of the laws, policies and procedures in place with those parties prior to sharing your data to ensure your data is protected by that provider as we would protect it ourselves.
A list of third-parties to which data may be shared is included in “Appendix 2 – Third Party Service Providers”.
The length of time we keep your personal data depends on what it is and whether we have an ongoing business need to retain it to provide you with a service you’ve requested or to comply with applicable legal or record keeping requirements.
We retain your personal data while we have a relationship with you and for a period of time afterwards where we have an ongoing business need to retain it, in accordance with our data retention policies and practices. Following that period, we’ll make sure it’s deleted or anonymised.
HR Assured is committed to meeting the standards for privacy protection as outlined in the:
HR Assured is committed to ensuring its compliance with the Australian Privacy Principles and New Zealand Information Privacy Principles as it relates to both data provided directly to HRA Cloud by users and businesses in order to deliver our services, as well to the data we process on behalf of those businesses relating to their workers. This commitment includes meeting our obligations under the Australian Notifiable Data Breach scheme in Australia and mandatory data breach reporting provisions in New Zealand.
Both HR Assured and the organisation for which HRA Cloud is providing services are acting as Entities within the APP and IPP frameworks, and as such have obligations relating to that role.
While HR Assured will maintain its obligations under the Privacy Act Cth,1988 and APP as well as the NZ Privacy Act 2020 and IPP, clients must ensure their compliance relating to data processed by HRA Cloud, including:
HR Assured is committed to ensuring its compliance with the APP and IPP as it relates to both data provided directly to HRA Cloud by users and businesses in order to deliver our services, as well to the data we process on behalf of those businesses relating to their workers. This commitment includes following the guidelines set out in the Privacy Commissioners guidelines for data breaches.
Both HR Assured and the organisation for which HRA Cloud is providing services are acting as Agencies within the APP and IPP framework, and as such have obligations relating to that role.
While HR Assured will maintain its obligations under Privacy legislation, clients must ensure their compliance relating to data processed by HRA Cloud, including:
Under the GDPR, an organisation which processes personal data (the “processor”) on behalf of another organisation (“the controller”) require a written agreement between the two specifying certain minimum provisions.
In using HRA Cloud, we are the controller of certain information that we receive directly from our users (business details, usernames and passwords). Our customers are controllers (and HRA Cloud is a processor) of the personal data that those users enter into the system on behalf of or relating to your workers (employees, volunteers, candidates, etc). As controllers, responsibility for the correct and appropriate collection and use of information processed by HRA Cloud is the responsibility of the customer managing that data.
HR Assured will to the extent we are able assist the controller in ensuring compliance with their obligations under the GDPR by providing the relevant information to the controller upon reasonable request. This includes providing access to relevant data not readily available to the controller through HR Assured’s services, or providing information relating to HRA Cloud’s architecture and security mechanisms.
IIf you believe that a HRA Cloud user or business has provided your personal information to us via our websites or services, you should contact that user or business for any questions you may have around their entry, use and retention of that data.
While HRA Cloud may act as the custodian of your information as an employee, candidate, volunteer, or other relationship with a business, that particular business is responsible for providing you access with the relevant information from our systems, and for ensuring the accuracy of that information.
You are able to opt-out of our electronic marketing communications by following the instructions included in each of those communications to unsubscribe.
If you have any questions or concerns on any of this information, please send an email to PrivacyOfficer@hrassured.com.au and we’ll work with you to resolve your query.