Reading time: 4 minutes

Australia’s privacy laws were revamped with the introduction of the Australian Privacy Principles (APPs). As a result, many businesses are asking about whether they owe any privacy obligations to non-employees, including applicants and contractors.

Under what circumstances will the APPs apply to the personal information of non-employees?

Understanding your privacy obligations to non-employees is very important, as the personal information of such persons will not be covered by the exemption that applies to ‘employee records’. This exemption may, however, apply when you are managing the records of a current/former employee.

In regards to the personal information of non-employees, you are required by the APP to do certain things. The following areas ought to be examined:

  1. The terms of your business’ privacy policy;
  2. How you respond to job applications that are sent through; and
  3. How, and in what circumstances, you will send personal information overseas.

The terms of your business’ privacy policy

A privacy policy details your business’ protocol for dealing with the personal information it directly or indirectly collects. Under the APP 1, an organisation is required to:

  • Take reasonable steps to implement practices, procedures and systems to:
  • Make sure you are compliant with the APPs and any registered APP code, such as any principles that are pre-approved by the Privacy Commissioner for a particular organisation;
  • Handle injuries and complaints relating to breach of privacy;
  • Clearly communicate in the privacy policy how the personal information will be used, disclosed, and generally handled; and
  • Ensure that the privacy policy is freely accessible, can be found online (if appropriate) and is available on demand.

Make sure that your privacy policy is compliant with APP 1 by speaking with a small business lawyer. Your lawyer will help to make sure that your privacy policy contains the requisite content and is available and accessible to all non-employees.

Responding to job applications that are sent through

If your business receives any information from job applicants or other persons that is unsolicited, i.e. not invited, there are certain steps your business must take in proving that you did not actively ‘collect’ this information (APP 4).

For instance, someone may apply for a job that doesn’t exist, i.e. you never put an advertisement online for any available position at the business and received applications regardless. This is a common situation that Australian SMEs deal with all the time; we here at LegalVision encounter it almost daily! What should they do with these applications? Where should they be kept, if at all? If you believe that the information is reasonably important for the business’ functions and other activities, it may be permissible to retain the information.

If, however, the information is largely irrelevant and carries no real significance to your business’ functions or activities, you are required by law to do any of the following:

  • Destroy whatever materials that you have which carry the information (paper, text messages, email, etc.); or
  • Take steps to ensure that the identity of the person cannot possibly be ascertained.

If you find that the information is reasonably necessary to your business’ functions or activities and you are not required to destroy it, you must still safeguard the information and only use it for the purposes for which you are allowed under the APPs to use it.

Your privacy obligations when sending personal information overseas

There are certain conditions placed on the lawful disclosure of an individual’s personal information when it is sent to a related body corporate or other third party that is outside of Australia (APP 8.1).

Two conditions apply, including that the business must disclose the information for the same reason it was collected, unless some exception exists or the person has given permission. And secondly, you must be reasonably sure that the third party will not breach the APPs by misusing the person’s personal information.

For example, imagine you run recruitment service and provide an overseas organisation with the personal data of potential candidates so that they can then do all of the reference checks. In this instance, you would need to take steps to ensure that this external, overseas organisation is complaint with the APP.

Don’t forget to provide adequate training to HR and others in managerial positions about handling the personal information of potential employees, volunteers and contractors to avoid breaching the APPs.

Conclusion

If you need to update your Privacy Policy to be in accordance with the APPs, or wish to modify your employment contracts so that your employees are made liable for any personal breaches of the APPs, contact LegalVision on 1300 544 755.

Webinars

The COVID-19 Vaccine Rollout: Considerations for Employers

Thursday 22 April | 11:00 - 11:45am

Online
Are you a business owner or employer? Attend this webinar to learn about what you need to know about the COVID-19 vaccine rollout.
Register Now

How to Recover Unpaid Invoices

Thursday 13 May | 11:00 - 11:45am

Online
What do you do if your customers don't pay your invoices? Attend this webinar to learn about how to recover unpaid invoices.
Register Now

About LegalVision: LegalVision is a tech-driven, full-service commercial law firm that uses technology to deliver a faster, better quality and more cost-effective client experience.

The majority of our clients are LVConnect members. By becoming a member, you can stay ahead of legal issues while staying on top of costs. From just $119 per week, get all your contracts sorted, trade marks registered and questions answered by experienced business lawyers.

Learn more about LVConnect

Need Legal Help? Get a Free Fixed-Fee Quote

If you would like to receive a free fixed-fee quote or get in touch with our team, fill out the form below.

  • 2020 Excellence in Technology & Innovation – Finalist – Australasian Law Awards 2020 Excellence in Technology & Innovation Finalist – Australasian Law Awards
  • 2020 Employer of Choice – Winner – Australasian Lawyer 2020 Employer of Choice Winner – Australasian Lawyer
  • 2020 Fastest Growing Law Firm - Financial Times APAC 500 2020 Fastest Growing Law Firm - Financial Times APAC 500
  • 2020 AFR Fast 100 List - Australian Financial Review 2020 AFR Fast 100 List - Australian Financial Review
  • 2020 Law Firm of the Year Finalist - Australasian Law Awards 2020 Law Firm of the Year Finalist - Australasian Law Awards
  • Most Innovative Law Firm - 2019 Australasian Lawyer 2019 Most Innovative Firm - Australasian Lawyer