Bluefin Resources - Privacy statement

BLUEFIN RESOURCES ("Bluefin Resources") - INTRODUCTION

We understand that privacy is an important issue for individuals. Bluefin Resources believes that due respect for individual privacy not only protects an important personal right but is a powerful tool in the creation of healthy relationships with the individuals with whom we deal - clients, suppliers, candidates and others.

In many respects, as a recruitment firm, Bluefin Resources is in the business of personal information - introducing appropriate candidates to client organisations with the goal of securing employment.

To do this effectively we need to collect a great deal of personal information about candidates. Some of this information will be "sensitive information" as defined in the Privacy Act (see below).

This policy statement outlines our policy on the privacy of personal information and our compliance with the National Privacy Principles ("NPPs") contained in the Privacy Act. Because of the vast array of circumstances which may arise, it is neither possible nor sensible for us to prescriptively map out our exact responses to all privacy issues. Much will depend on the precise circumstances which exist and the nature of the information concerned. Accordingly this policy statement is at best an outline of our approach.

This policy may change over time in accordance with changes in the Privacy Act or our own procedures. Please review this policy statement from time to time.

ACCOUNTABILITY

It is the responsibility of all Bluefin Resources staff and contractors to comply with privacy laws and this policy.

A copy of this policy will be made available to staff and periodic training in privacy compliance will occur.

Bluefin Resources will, wherever commercially and legally possible and appropriate, encourage contractors to comply with this policy. Contractors who display a willingness to do so and a culture of respect for privacy and compliance with privacy laws will be preferred.

Bluefin Resources will regard non-compliance (on the part of its staff) with this policy most seriously. Violation of this policy will lead to disciplinary procedures being imposed, up to and including the possibility of dismissal.

CONSENT AND OUR APPROACH TO IT

In some cases the Privacy Act provides that Bluefin Resources may not collect or make certain use of personal information or disclose it without the consent of the individual.

We will not put undue pressure on an individual to give consent. We will endeavour to ensure that individuals can make an informed decision and that they are not under inappropriate pressure to give consent.

WHAT PERSONAL INFORMATION DO WE NORMALLY COLLECT?

Generally, we will not collect sensitive information from individuals. If it is necessary we will make the individual aware of the purpose of such collection and obtain consent to do so.

Where we obtain information from potential job candidates we will obtain the information which we believe is reasonably necessary to inform our clients of the experience and qualifications of the candidate for the relevant position. This may include personal particulars, job and life histories, leisure activities and other details not specifically or directly related to employment history, so that we can build a profile of the candidate. Sometimes such information is volunteered by candidates and sometimes we may ask for it. Sometimes the information we ask for may be so-called "sensitive information" dealing with a candidate's health status, membership of a professional or trade association or trade union.

If you are a potential candidate we want you to supply only that information that is relevant to your application for the particular job of interest. If you supply such information to us we will infer that you consent to our use of it for that purpose

In other cases we will not normally collect personal information other than an individual's name, job-title, address, phone numbers, facsimile numbers and email addresses. The aforementioned information will normally be collected for the purpose of enabling Bluefin Resources to fulfil its obligations to clients in supplying services or to suppliers who are supplying Bluefin Resources with goods and services.

When collecting personal information we will make the individual aware of Bluefin Resources' identity and how to contact us. The role of Privacy Officer has been created within Bluefin Resources to act as a first contact for individuals concerned about privacy issues. We will also make the individual aware of his/her rights of access to personal information held by Bluefin Resources and the purposes for which the information is collected. We will also advise of the consequences if information is not provided.

We will, wherever possible, collect information direct from the individual in preference to collecting it from other persons because this will make it more likely that the information is correct and that the individual has consented to giving it to us.

In the case of potential job candidates, however, we will in many instances obtain references and referrals from former employees or other referees. This is a routine procedure within a recruitment agency as prospective employers often require confirmation from former employers as to the qualifications and work record of candidates. Where candidates provide the names and contact details of referees in their resumes or in response to our request for them, we assume that the candidate consents to our making contact with that person – and to our obtaining frank and robust views from the nominated person.

OUTSOURCING

From time to time we may also engage external consultants to assist us with our information technology needs. Such external consultants may have access to our database - though they would not take an active interest in the content, this nevertheless amounts to a disclosure of the personal information on the database to them. Wherever possible commercially and legally we will contract with such external consultants on the basis that they will comply with this policy and will not misuse or disclose the personal information to which they may gain access – but we are not responsible for their actions.

WHAT WE DO (AND WILL NOT DO) WITH PERSONAL INFORMATION WE COLLECT

Clients, suppliers, business partners etc - We will collect personal information mainly to enable us to contact our clients, suppliers, business partners and others with whom we have business relationships.

This will enable us to fulfil our commitments and responsibilities to them. This will also enable us to perform our contractual obligations, to monitor and administer our contracts and their fulfilment.

We also collect personal information to enable us to carry out marketing initiatives, including direct marketing.

Job Candidates - we will collect information for the purposes of contacting them and also primarily for the purpose of building a profile and disclosing their information to clients as potential employers.

Sale of Personal Information

We will never sell personal information to third parties, other than ordinarily in the course of referring our clients to candidates we feel are appropriate to their needs, or unless we do so in the context of a sale of our business or a part of it.

ACCURACY OF YOUR PERSONAL INFORMATION

It is our policy to ensure that when personal information is collected from an individual it is accurately recorded. This is the responsibility of all staff involved in the collection and recording of such information.

We will encourage our contacts to let us know if they become aware of inaccuracies in the information we retain. Individuals have a qualified right of access to the personal information held by Bluefin Resources and will have the opportunity to correct any inaccuracies (as to which, see below).

We will respond promptly to any request for correction of data and will act quickly to correct data that is discovered to be inaccurate.

SECURITY OF YOUR PERSONAL INFORMATION

It is not appropriate in this policy to provide specific details of security measures adopted by Bluefin Resources to protect personal information held by it. To do so could compromise those security measures.

Bluefin Resources will use an appropriate combination of:

• physical measures including physical barriers;
• alarm systems;
• and access technology; and
• administrative protocols, to exclude unauthorised persons or intruders from gaining access to information.

To maintain the integrity of information, Bluefin Resources has acquired and will continue to acquire (within its means) up-to-date computer virus prevention technology and makes use of other appropriate technology, such as password security protocols and "fire-walls" to exclude unauthorised access or hacking into its computer system.

Where a facsimile transmission is to be sent containing sensitive personal information, it is our policy to contact (usually by telephone) the individual prior to sending it.

YOUR ACCESS AND CORRECTION RIGHTS

The Privacy Act requires Bluefin Resources to provide individuals access to the personal information which Bluefin Resources holds about them - unless Bluefin Resources is entitled under the Privacy Act or other legislation to deny access or provide an explanation for a decision instead. This qualified right of access will be advised when personal information is collected.

When requesting access to personal information, Bluefin Resources requires use of a written request form, which can be obtained by contacting our Privacy Officer (see below).

Bluefin Resources will respond to requests for access as soon as possible and will acknowledge the request within 14 days and deal with it within 30 days or earlier. Though we may ask, we will not require an explanation of why as a pre-requisite to giving access. We will not charge a fee for access but we may seek recovery of any actual costs to us of providing access.

USE OF GOVERNMENT IDENTIFIERS

Bluefin Resources may collect them but we will not use government identifiers such as tax file numbers or Medicare numbers as a means of identifying a person from whom the identifier has been collected.

CONTACTING BLUEFIN RESOURCES AND COMPLAINTS

If an individual:

• has an enquiry about our information management or privacy procedures;
• wishes to request access to personal information;
• wishes to see a copy of this policy document; or
• wishes to make a complaint about our handling of personal information
that person can contact our Privacy Officer by the following means:

Phone: (02) 9270 2671
Fax: (02) 9241 5982
Email: karen@bluefinresources.com.au
Postal Address Level 40, Australia Square, 264-278 George Street, Sydney

Complaints will be dealt with by the Privacy Officer or in his absence, by a person nominated by him/her.

We require that complaints be made in writing. This will allow us to deal with complaints in a professional, sensitive and consistent manner and to properly address the issues raised in the complaint.

We will acknowledge receipt of a request within 14 days of receiving it and we will respond within 30 days of receipt, assuming that we are able to investigate the necessary facts in that time. We will let you know if it is likely to take much longer.

The Privacy Officer will keep a register of complaints and their outcomes. This will not be made publicly available since that may breach the privacy of the individuals named.

The Privacy Officer will determine in the case of each complaint (if any) whether the complaint demonstrates a systemic or chronic compliance problem and will make recommendations to the management of Bluefin Resources as to how to address/rectify such issues if they are identified.