Our Commitment to your Privacy
The Finite Group respects your privacy and is committed to managing personal information in accordance with the Australian Privacy Principles (APP) contained in the Privacy Act 1988 in Australia; and by the Information Privacy Principles (IPP) contained in the Privacy Act 1993 in New Zealand (Privacy Legislation).
This policy explains how the Finite Group handles personal information relating to individuals, including our candidates, contractors, clients and website users. This policy explains:
- the kinds of information collected and held by the Finite Group;
- how and why the information is collected, held, processed, used and disclosed;
- how you may access information held about you, including to correct it; and
- how you can complain about a breach of the Privacy Legislation.
This policy applies to all Finite Group operations in Australia and New Zealand and to all users of our services and to all visitors to our website.
In this policy, the expressions “the Finite Group” “us”, “we” and “our” includes:
- Finite Group APAC Pty Ltd, ABN 43 085 406 300, trading as Finite Recruitment and Rowben Consulting;
- FinXL Professional Services Pty Ltd, ABN 74 104 804 793, trading as FinXL IT Professional Services, XL Digital and Southern Cross Computing;
- Finite Group NZ Limited, trading as Finite920;
- FinXL Professional Services NZ Limited, trading as FinXL IT Professional Services and XL Digital; and
- any of their related bodies corporate/related companies (from time to time), including Allermuir Holdings Pty Ltd, ABN 29 104 800 482; and
- their respective officers, employees, contractors, consultants, agents or representatives (from time to time).
The expression “personal information” has the meaning given to it in the Privacy Legislation and is generally used in this policy to refer to information or an opinion about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion. In Australia, references to personal information may include sensitive information.
Type of information we collect
When you visit our website, communicate with us (including by phone or in person) or request a service from us, we may collect:
- your name and other unique identifiers;
- your work history, goals and preferences, including your CV, current and previous employers/roles, position, skills, qualifications, experience, references/recommendations, job requirements etc;
- contact details, including telephone number, postal and email address, details of social media profiles;
- any other information relating to you which you may provide or permit others to provide or which is publicly/freely available.
If you become a worker (i.e. a contractor or employee) or a client or agent for the Finite Group, you will be required to provide additional personal and financial information (such as date of birth, visa information, bank details, Tax File Number (Australia) or IRD Number (NZ), next of kin/family details etc) for the purpose of engaging with you and processing/administering pay/fees. This information is generally held in a secure system to which access is limited. We will also collect information relating to the services you provide to our clients and your performance of those services.
In some cases, we may collect sensitive information about you (including health information) if it is relevant to the services that we provide to you or to others (including your ability to perform a role or WHS considerations). If required for safety purposes or to satisfy a client’s requirements, we may obtain from you a copy of your Covid-19 vaccination certificate or related medical information (including details of any medical exemption etc). In this regard, you consent to us collecting, storing and using that sensitive information in accordance with this policy and providing a copy to the client where required. This sensitive information will be stored securely by us in confidential files that can only be accessed by authorised users and we will not provide it to any third party, other than the client or as agreed.
Method of collection
We may collect personal information from you in a variety of ways including (without limitation):
- when you complete forms, questionnaires, surveys or send emails;
- when you enter information into our website or through cookie collection; and
- when we speak to you on the phone/video call or in person.
Sometimes we collect information from third parties and publicly available sources when it is necessary for a specific purpose (such as checking information that you have given us) or where you have consented or would reasonably expect us to collect your personal information in this way. In particular, we may collect personal or sensitive information about you when we receive:
- any reference about you;
- results of inquiries that we might make of your current/former employers/principals, work colleagues, professional associations or registration body;
- the results of any competency or medical test or any background check, including credit and criminal record checks;
- any complaint or other information from or about you in the workplace;
- any information which connects you to an insurance investigation, litigation or proceedings, disciplinary matter relating to registration or professional associations, criminal matter, inquest, inquiry or similar; and
- any information about a workplace accident or incident in which you are involved (including as a witness or related party).
Purpose of collection
We collect and hold personal information that is reasonably necessary for the proper performance of our functions and activities (as an employment/recruitment agent and/or a provider of services in labour hire/payroll/contractor management/managed services and/or a provider of professional/IT consultancy services and solutions), including:
- offering and administering the services we provide to our clients, workers and candidates/job seekers;
- meeting client requirements and complying with our obligations to clients, workers and candidates/job seekers;
- researching and developing business systems and infrastructure testing to assist us in providing our services;
- conducting marketing, including direct marketing to candidates, workers, clients, people in our database and users of our website etc;
- updating our records and keeping our database up to date;
- monitoring, auditing and managing usage of our website; and
particularly in relation to candidates:
- processing job applications;
- obtaining references;
- undertaking criminal and other background checks (including credit checks for positions in NZ where required)
- conducting tests/assessments (including medical tests and assessments);
- making placements and entering into contracts.
particularly in relation to workers:
- setting them up in our systems and administering their pay, entitlements and/or fees and meeting our tax, superannuation, reporting and related obligations;
- conducting performance appraisals and assessing ongoing prospects;
- providing career guidance or management and identifying training/development needs;
- managing and resolving complaints, claims, inquiries or investigations involving workers;
- obtaining insurance or making/assessing an insurance claim or assisting with insurance investigations;
- conducting workplace rehabilitation or managing return to work or WHS obligations.
The information we collect about you is likely to vary depending on whether you are a candidate, a worker, a client or a referee etc.
We might, from time to time, let you know about news, special offers, products and services that you might be interested in. These communications may be provided in various forms (including by post, SMS, email, telephone or online) in accordance with applicable marketing laws, such as the Australian Spam Act 2003. If you indicate a preference for a method of communication, we will endeavour to use that method whenever practical to do so.
By using our website and/or disclosing your personal information to us, you will be deemed to consent to us notifying you about our products and services, notifying you of job opportunities and providing market insights and updates. We will use your personal information to engage in marketing unless you tell us otherwise. You can contact us via the details set out below to update your marketing preferences at any time. Our email marketing communications will also include an “unsubscribe” link.
Inability to collect
In most cases, you will be required to identify yourself when you deal with us and provide relevant personal information. If you choose not to provide this, we may not be able to:
- provide our services to you or accept you as a client, worker or candidate (including finding suitable work for you);
- provide you with our publications, brochures and newsletters or connect with you on certain platforms; or
- tailor the content of our website to your preferences, meaning your experience of our website may not be as relevant, enjoyable or useful.
Disclosure of personal information
We may disclose your personal information to our employees, contractors, consultants and agents for the proper performance of our functions and activities (see ‘Purpose of collection’ above). We share information amongst the Finite Group companies in Australia and NZ. We may also disclose your personal information to certain third parties, such as:
- clients/potential clients of the Finite Group and their representatives/agents;
- referees and former employers/principals for the purpose of checking employment history/background and references/recommendations;
- external providers of on-line training and induction - eg for mandatory on-line WHS Induction (such as Workpro);
- background, criminal record, credit or visa checking agencies;
- professional associations/registration bodies with a legitimate interest;
- a workers’ compensation body/insurer (or their rep/agent) regarding insurance cover/claims; and
- any person with a lawful entitlement to obtain the information.
To our contracted service providers:
We outsource a number of services to contracted service providers (“CSPs”) from time to time and we may provide your personal information to them to allow them to supply their services to us. Typically, our CSPs would include:
- Software/IT/Cloud storage solutions providers;
- finance/accounting solutions providers;
- Legal and other professional advisors;
- Insurers, insurance brokers, loss assessors and underwriters;
- Superannuation fund managers;
- Background checking and screening agents;
- Providers of WHS–related services (including safety assessors/return to work providers);
- Our CRM/candidate database provider (currently Mercury XRM* – https://mercuryxrm.co.uk/privacy-policy/);
- Providers of CV parsing and CV preparation (currently Daxtra and WizardSoft/RecruitWizard* - https://recruitwizard.com/privacy-policy/). A candidate’s personal information contained in their profile may be shared with other recruitment agencies to which the candidate has previously provided his/her CV;
- Providers of electronic signature software (currently DocuSign* -https://www.docusign.com.au/company/privacy-policy).
*Although your data is stored in Australia/NZ, it may be accessed overseas by our CSPs.
To potential business partners:
If we merge, combine or divest a part of our business or acquire part of another business (or as part of a due diligence exercise in contemplation of the above), we may also pass on your details to the business with whom we are proposing to transact, noting that we will have a non-disclosure agreement in place to cover such information and to ensure they are complying with the Privacy Legislation.
We take reasonable steps to ensure that terms of service with our CSPs and our clients and partners recognise that we are bound by obligations to protect the privacy of your personal information and that they will not do anything that would cause us to breach those obligations.
Data security and quality of information
We take care to collect and record accurate, up to date and complete personal information.
Personal information may be stored electronically or in hard copy. However, personal information is usually stored in secure electronic files on the Finite Group’s internal systems or in secure cloud systems managed by/for the Finite Group.
We will take reasonable steps to protect the personal information which we hold from misuse or loss and from unauthorised access, modification or disclosure. If required by relevant legislation, we will notify you of a data breach which could cause you significant harm. The Finite Group has a data breach response plan in place to deal with such situations.
Your personal information may be stored for many years. When personal information is no longer needed by the Finite Group (and the Finite Group is not legally required to retain it), we may take reasonable steps to destroy or de-identify the information.
Terms of Website Use
When you visit our website we may send a ‘cookie’ to your computer. This is a small data file stored by your computer to help improve functionality or tailor information to provide visitors to our website with more relevant pages. We may also analyse website traffic to identify what visitors find most interesting so we can tailor our website accordingly. For more details, please contact the Privacy Officer and review our T&Cs for Website Use (available on our websites).
As our website is linked to the internet, and the internet is inherently insecure, we cannot provide any assurance regarding the security of transmission of information you communicate to us online. We also cannot guarantee that the information you supply will not be intercepted while being transmitted over the internet. Accordingly, any personal information or other information which you transmit to us online is transmitted at your own risk.
Changes to this policy
Opt-Out, Access, Correction, Complaints and Further Information
Please contact us on the details below if you:
- wish to opt-out of consenting to direct marketing by the Finite Group;
- wish to have access to the personal information which we hold about you;
- consider that the personal information which we hold about you is not accurate, complete or up to date;
- wish to complain about a breach of the Privacy Legislation; or
Where we hold information that you are entitled to access (and we note there are some limitations under the APPs and IPPs), we will try to provide you with suitable means of accessing it (for example, by posting or emailing it to you). We may charge you a reasonable fee to cover our administrative and other reasonable costs in providing the information to you. You should anticipate that it may take time to process your application for access as there may be a need to retrieve information from storage and review it in order to determine what information is relevant/accessible.
There may be instances where we cannot grant you access to the personal information we hold. For example, if granting access would interfere with the privacy of others or if it would result in a breach of confidentiality or legal professional privilege. In particular, we will refuse access to evaluative material where it has been obtained on a confidential basis in the course of our performing reference checks. Where we are unable to provide access to personal information about you, we will give you written reasons for our refusal.
If you believe that any personal information that we hold about you is incorrect, incomplete or inaccurate, then you may request that we correct it. We will consider if the information requires correction. If we do not agree that there are grounds for correction, then you may request that we add a note to the personal information stating that you disagree with it.
We aim to respond to any complaints made by you by investigating them and responding to you within a reasonable period of time (and in any event, within the time required by the Privacy Legislation, if applicable). We will treat your complaint confidentially. Please note that, to the extent that it is practicable to do so, you do not have to identify yourself and/or you may use a pseudonym when dealing with us in relation to a particular privacy matter. If you are not satisfied with our response to your complaint, in Australia you can contact the Australian Information Commissioner (OAIC); or in New Zealand you can contact the Office of the Privacy Commissioner.
Contact Details for Privacy Officer: