Murumal Pty Ltd (Murumal) is committed to maintaining the privacy and confidentiality of personal information. Murumal adheres to the Australian Privacy Principles (“APPs”) under the Privacy Act 1988 (Cth) (“Privacy Act”) when collecting, using, disclosing, securing and providing access to personal information.
This policy details the practices we have adopted to protect your privacy so that you can feel confident about how we manage the personal information you entrust to us.
We collect personal information (including contact name, telephone number, address, email address, occupation, education and qualifications etc) in a range of contexts:
- when entering into relationships with new clients
- when individuals apply directly for employment with us
- when individuals register online for employment with us
- when the information is required as part of a contract essential to the provision of a business service
When and Why do we Collect Personal Information?
We collect your personal information when either:
- you provide it to us,
- your current or prospective employer provides it to us,
- The Australian Government provides it to us.
- you are applying to work with one of our clients, or are providing information in relation to someone applying to work for one of our clients,
- you or your company are one of our service providers,
- you make a complaint, comment or ask a question of us,
- you work for us or have applied to work for us,
- you have been in contact with us for another reason in relation to the above.
We will notify you about the collection of personal information at or before the time we collect it, or if that is not practicable, as soon as practicable after personal information about you has been collected.
What do we do with Personal Information?
We may use personal information:
- to enable us to provide capability and services to our clients
- to deliver services in accordance with Australian government policies such as the Government Protective Security Policy Framework (PSPF)
- to assess suitability for an individual’s employment on behalf of one of our clients
- to communicate information about our services to you
- for our internal administrative, planning, product development and research requirements
- to consider the suitability of applicants for employment with us
Disclosure of Personal Information to Third Parties
We may disclose your personal information to third parties for a number of purposes including:
- To provide services to our clients e.g. (Reference checking, criminal history checking, other background checking)
- To provide technical assistance in the use of our services and platforms
- To conduct surveys, to improve our performance and provide quality assurance (basic information only contact details and service used only)
- Other purposes as permitted or required by law
As part of the provision of services, we may outsource some of our functions to third parties which may involve the disclosure of personal information. These third parties will not be permitted to use the information for purposes other than for which the information is disclosed. Some examples of these third party’s include:
- Government departments such as The Australian Criminal Intelligence Commission (ACIC), Australian Securities and Investments Commission (ASIC), Australian Financial Security Authority (AFSA)
- Our Technology Service Providers
- Document Verification Service providers
Apart from this, your personal information is never shared, sold, rented or otherwise disclosed except if required by law or with your consent.
At any time you may opt-out of receiving any communications from us (other than as required for the operation of our business e.g. regarding payment of accounts).
What do we do to Safeguard Personal Information?
We will take all reasonable steps to maintain the security of any personal information we receive. We use a variety of secure techniques to protect your information, including:
- An Information Security Policy structure spanning the entire business
- Secure IT infrastructure
- locked file cabinets of sturdy construction,
- encryption of data and connection through digital certificates.
We have internal policies in place supporting the management of personal information and these are included into the standard training programs to ensure they are followed
We will only keep your personal information when we consider it necessary for one of the purposes you have disclosed it. If we consider that it is no longer necessary to keep your personal information, we will take reasonable steps to destroy or de-identify your personal information.
Access and Correction
On request, you may access any personal information we hold about you at any time. Murumal is not required to give you access to the personal information to the extent that:
- Murumal believes that giving access would pose a serious threat to the life, health or safety of any individual, or to public health or public safety; or
- Giving access would have an unreasonable impact on the privacy of other individuals; or
- The request for access is frivolous or vexatious; or
- The information relates to existing or anticipated legal proceedings between Murumal and you, and would not be accessible by the process of discovery in those proceedings; or
- Giving access would reveal the intentions of Murumal in relation to negotiations with the individual in such a way as to prejudice those negotiations; or
- Giving access would be unlawful; or
- Denying access is required or authorised by or under an Australian law or a court/tribunal order; or
- Both of the following apply;
- Murumal has reason to suspect that unlawful activity, or misconduct of a serious nature, that relates to Murumal’s functions or activities has been, is being or may be engaged in;
- Giving access would be likely to prejudice the taking of appropriate action in relation to the matter or
- Giving access would be likely to prejudice one or more enforcement related activities conducted by, or on behalf of, an enforcement body; or
- Giving access would reveal evaluative information generated within Murumal in connection with a commercially sensitive decision-making process.
Murumal will respond to any request for access to personal information within 30 days after the request is made.
If your personal information changes or if you no longer require our services, we will take reasonable steps to correct, update or remove the personal data you have provided to us
We will respond to any request for access to, or correction of, your personal information as soon as practicable after the request is made.
Suspected Privacy Breaches
Suspected breaches are handled in accordance with the Privacy Act. If you suspect your information has been breached, please contact us via the details below.
Alternatively if you would like to make a complaint about a breach of the Australian Privacy Principles you can contact us via the details below. You can also make a complaint to the Office of the Australian Information Commissioner on 1300 363 922 or via their website.
Disputes in Relation to Personal Information
If you disagree with any personal information we hold and wish to dispute it’s accuracy you can contact us through the contact details below and we will address the issue to the best of our ability.
Where the dispute is in relation to the content of a Criminal History Check you will be asked to complete a specific form and this will be onforward to the Australian Criminal Intelligence Commission to review and provide a response.
We will inform you of the outcome of the dispute as soon as practicable.
Websites operated by us may contain links to other sites operated by third parties. We make no representations or warranties as to the privacy practices of any third-party site and are not responsible for the privacy policies of other sites.
We may change this policy from time to time and will notify you by posting an updated version of this policy on this website. This document represents our policy as at 21 March 2019.
Murumal PO Box 140
FYSHWICK ACT 2609