Reading time: 4 minutes

Australia’s privacy laws were revamped with the introduction of the Australian Privacy Principles (APPs). As a result, many businesses are asking about whether they owe any privacy obligations to non-employees, including applicants and contractors.

Under what circumstances will the APPs apply to the personal information of non-employees?

Understanding your privacy obligations to non-employees is very important, as the personal information of such persons will not be covered by the exemption that applies to ‘employee records’. This exemption may, however, apply when you are managing the records of a current/former employee.

In regards to the personal information of non-employees, you are required by the APP to do certain things. The following areas ought to be examined:

  1. The terms of your business’ privacy policy;
  2. How you respond to job applications that are sent through; and
  3. How, and in what circumstances, you will send personal information overseas.

The terms of your business’ privacy policy

A privacy policy details your business’ protocol for dealing with the personal information it directly or indirectly collects. Under the APP 1, an organisation is required to:

  • Take reasonable steps to implement practices, procedures and systems to:
  • Make sure you are compliant with the APPs and any registered APP code, such as any principles that are pre-approved by the Privacy Commissioner for a particular organisation;
  • Handle injuries and complaints relating to breach of privacy;
  • Clearly communicate in the privacy policy how the personal information will be used, disclosed, and generally handled; and
  • Ensure that the privacy policy is freely accessible, can be found online (if appropriate) and is available on demand.

Make sure that your privacy policy is compliant with APP 1 by speaking with a small business lawyer. Your lawyer will help to make sure that your privacy policy contains the requisite content and is available and accessible to all non-employees.

Responding to job applications that are sent through

If your business receives any information from job applicants or other persons that is unsolicited, i.e. not invited, there are certain steps your business must take in proving that you did not actively ‘collect’ this information (APP 4).

For instance, someone may apply for a job that doesn’t exist, i.e. you never put an advertisement online for any available position at the business and received applications regardless. This is a common situation that Australian SMEs deal with all the time; we here at LegalVision encounter it almost daily! What should they do with these applications? Where should they be kept, if at all? If you believe that the information is reasonably important for the business’ functions and other activities, it may be permissible to retain the information.

If, however, the information is largely irrelevant and carries no real significance to your business’ functions or activities, you are required by law to do any of the following:

  • Destroy whatever materials that you have which carry the information (paper, text messages, email, etc.); or
  • Take steps to ensure that the identity of the person cannot possibly be ascertained.

If you find that the information is reasonably necessary to your business’ functions or activities and you are not required to destroy it, you must still safeguard the information and only use it for the purposes for which you are allowed under the APPs to use it.

Your privacy obligations when sending personal information overseas

There are certain conditions placed on the lawful disclosure of an individual’s personal information when it is sent to a related body corporate or other third party that is outside of Australia (APP 8.1).

Two conditions apply, including that the business must disclose the information for the same reason it was collected, unless some exception exists or the person has given permission. And secondly, you must be reasonably sure that the third party will not breach the APPs by misusing the person’s personal information.

For example, imagine you run recruitment service and provide an overseas organisation with the personal data of potential candidates so that they can then do all of the reference checks. In this instance, you would need to take steps to ensure that this external, overseas organisation is complaint with the APP.

Don’t forget to provide adequate training to HR and others in managerial positions about handling the personal information of potential employees, volunteers and contractors to avoid breaching the APPs.


If you need to update your Privacy Policy to be in accordance with the APPs, or wish to modify your employment contracts so that your employees are made liable for any personal breaches of the APPs, contact LegalVision on 1300 544 755.


Day in Court: What Happens When Your Business Goes to Court

Thursday 2 June | 11:00 - 11:45am

If your business is going to court, then you need to understand the process. Our free webinar will explain.
Register Now

How to Manage a Construction Dispute

Thursday 9 June | 11:00 - 11:45am

Protect your construction firm from disputes. To understand how, join our free webinar.
Register Now

Startup Financing: Venture Debt 101

Thursday 23 June | 11:00 - 11:45am

Learn how venture debt can help take your startup to the next level. Register for our free webinar today.
Register Now

About LegalVision: LegalVision is a commercial law firm that provides businesses with affordable and ongoing legal assistance through our industry-first membership.

By becoming a member, you'll have an experienced legal team ready to answer your questions, draft and review your contracts, and resolve your disputes. All the legal assistance your business needs, for a low monthly fee.

Learn more about our membership

Need Legal Help? Submit an Enquiry

If you would like to get in touch with our team and learn more about how our membership can help your business, fill out the form below.

Our Awards

  • 2020 Innovation Award 2020 Excellence in Technology & Innovation Finalist – Australasian Law Awards
  • 2020 Employer of Choice Award 2020 Employer of Choice Winner – Australasian Lawyer
  • 2020 Financial Times Award 2021 Fastest Growing Law Firm - Financial Times APAC 500
  • 2020 AFR Fast 100 List - Australian Financial Review
  • 2021 Law Firm of the Year Award 2021 Law Firm of the Year - Australasian Law Awards
  • 2022 Law Firm of the Year Winner 2022 Law Firm of the Year - Australasian Law Awards