CGH Group Pty Ltd ACN 122 760 427 and its related bodies corporate (collectively referred to as “CGH Group”, “us”, “we” or “our”) are committed to respecting your privacy and we understand how important it is to protect an individual’s personal data and apply high ethical and regulatory standards to the processing of such data (pursuant to the Privacy Act 1988 (Cth) (Privacy Act)).
This policy applies to the handling of information by CGH Group, including the personal information of all candidates, contractors, clients and suppliers. It applies to the collection, updating, use, storage, disclosure and access to personal and sensitive information that can be recorded in any format including, but not limited to, information held in writing, online, digitally or by electronic means, including mobile phones and USB devices. It applies to any information collected via our websites, mobile sites, applications and social media pages (our “Sites”), and via other means.
- Who is the CGH Group?
The CGH Group is comprised of the following related companies:
- CGH Group Pty Ltd;
- CGH Services Pty Ltd;
- Beilby Downing Teal Pty Ltd;
- Rimfire Resources Pty Ltd;
- CoreStaff (being CoreStaff WA Pty Ltd, CoreStaff NSW Ptd Ltd, CoreStaff NT Pty Ltd, CoreStaff QLD Pty Ltd, CoreStaff SA Pty Ltd, CoreStaff TAS Pty Ltd, CoreStaff VIC Pty Ltd); and
- Goal Indigenous Services (being Goal Indigenous Services Pty Ltd, Goal Indigenous Services Australia Pty Ltd, Goal Indigenous Services NT Pty Ltd, Goal Indigenous Services QLD Pty Ltd, Goal Indigenous Services VIC Pty Ltd, Goal Indigenous Services WA Pty Ltd, Goal Workwear Pty Ltd).
The entities within the CGH Group may share personal information between each other in accordance with the Privacy Act. This allows us to achieve the best outcomes for all individuals. We use our broad network of providers to connect you with the widest range of opportunities, candidates and services. As a result, our related bodies corporate within the CGH Group may reach out to you from time to time if we believe they will be able to facilitate the best possible outcome for you.
- What is your personal information?
When used in this policy, the term “personal information” has the meaning given to it in the Privacy Act. Personal information includes information or an opinion about an identified individual, or an individual who is reasonably identifiable. In summary, personal information is any information about you that can be linked to you.
- What personal information do we collect and hold?
The personal information collected may include (but is not limited to) your name, address, telephone number, photo, email address, age or birthdate, a unique site access ID, information from other identification documents (such as drivers licence or passport number), company or educational affiliations, profession or occupation, citizenship and residency, education history, training and qualifications, titles, contact information, information from your CV, employment records, billing information, bank details, tax file number (where permitted by law), opinions of others about your work performance, results of relevant tests and assessments, details of our services you have used or enquired about and other information about you.
Sensitive information is a specific category of personal information. This includes information about you, such as:
- membership of a profession or trade association or of a trade union;
- medical information (including vaccination status);
- racial or ethnic origin; and
- criminal record.
We may need to collect, hold and disclose sensitive information about you in relation to the specific requirements of your placement with our clients or direct engagement by us or to provide you with services. If we do collect, hold and disclose your sensitive information, we will get your consent to the collection and use of this information or otherwise do so in accordance with the Privacy Act.
Where you do not wish to provide us with your personal information, we may not be able to provide you with our services. For example, in providing recruitment services, some of our clients may require certain personal or sensitive information for the purpose of considering candidates for employment or contracting opportunities within their business.
- How do we collect and hold your personal information?
CGH Group collects information only by lawful and fair means and not in an unreasonably intrusive way. Where it is reasonably practical to do so, we will collect your personal information directly from you. We can collect personal information in a variety of ways, including via the CGH Group’s Sites (such as when users register or apply for employment), when you respond to e-mail questionnaires, in-person during conversations and meetings with our representatives, providing a business card, over the phone, by mail or by email.
Where it is unreasonable or impracticable to collect personal information directly from you, we may also collect personal information about you from other sources within our organisation, such as our employees. We may also collect personal information from publicly available sources and third parties including (but not limited to):
- our service providers;
- business affiliates;
- clients; and
- other third parties such as employers and persons nominated by you as referees, credit agencies or government agencies.
When providing our labour hire services, we will routinely collect information about our staff from the organisations in which they are working. This may include, for example, the exchange of information about skills, performance or training.
Similarly, when providing recruitment services, we will routinely collect personal information from our clients about the candidates that they assess and hire.
If we collect personal information about you from a third party, we will, where appropriate, request that the third party inform you that we are holding such information, how we will use and disclose it, and that you may contact us to gain access to and correct and update the information.
- For what purposes do we collect, hold, use and disclose your personal information?
We collect personal information about you so that we can perform our business activities and functions and to provide the best possible quality service to you. We collect, hold, use and disclose your personal information for the following purposes:
- to offer and provide our services to you and or our employer clients, including to fulfil your requests for information and employment or contracting opportunities and to manage the recruitment process for third parties and ourselves;
- to assess your suitability for employment or contracting opportunities;
- to identify, assess and facilitate your training needs;
- to manage our client and business relationships;
- to conduct performance appraisals in relation to work placements and provide assessments and other consulting services;
- to provide you important work-related information including workplace health and safety, work rosters and other information relating to your engagement by CGH Group;
- to manage our own workplace health and safety obligations;
- to undertake tests, assessments or checks (including medical tests, criminal record checks and psychometric testing);
- to perform statistical analyses of user behaviour in order to measure interest in specific areas and articles posted on our Sites. The e-mail addresses provided at registration allow us to send e-mails to individuals based on the areas of interest that they may indicate during the employment registration process;
- to communicate with you, send communications requested by you, answer enquiries and provide information about existing or new services;
- to provide your updated personal information to our related bodies corporate, our clients, contractors or service providers if such disclosure is required to administer our business so that we can provide our services to you;
- to update our records and keep your records up to date;
- to manage and administer our services, including account keeping procedures;
- to process and respond to any complaint, investigation or inquiry in which you are involved;
- to identify or manage any insurance claim or proposal in which CGH Group is involved by virtue of your current or previous work placements;
- to meet our legal obligations as an employer and labour hire provider;
- to comply with any other law, rule, regulation, lawful and binding determination, decision or direction of a regulator, or in cooperation with any governmental authority of any country;
- to otherwise manage our business; and.
- for other related purposes which we believe you would reasonably expect.
We may also use or disclose your personal information for related purposes where we believe that you would reasonably expect this to occur.
We will not use or disclose your personal information for any other purpose unless you have consented to that use or disclosure, or the relevant use or disclosure is otherwise permitted by the Australian Privacy Principles or some other law.
- To whom do we disclose your information?
In providing recruitment services and labour hire services, we routinely disclose personal information about candidates and employees to our clients.
We may also disclose your personal information to:
- your referees;
- your education or training providers for the purpose of verifying your academic and professional qualifications;
- our employees and related bodies corporate;
- contractors, service providers and other trusted third parties where such disclosure is required to administer our business functions or to provide our services to you. This includes (but is not limited to) web hosting providers, cloud service providers, IT systems administrators, mailing houses, couriers, payment processors, data entry service providers, electronic network administrators, debt collectors, insurers, professional advisors such as accountants, solicitors, business advisors and consultants, and medical providers for the purpose of conducting medical and psychometric tests;
- other organisations for the purpose of recommending and facilitating courses or programs through which you can upgrade your skills and undertake further training;
- any other organisation with your express consent or otherwise for a purpose that is authorised, permitted or reasonably necessary in accordance with the Privacy Act; and
- should we intend to merge with, or sell the majority of our assets or equity to a third party, personal information may be disclosed to that third party.
If we disclose information to a third party, we generally require that the third party protect your information to the same extent that we do. We may also release your information when appropriate or necessary to comply with the law, enforce our site policies, or protect ours or others’ rights, property, or safety.
We do not sell, trade, or barter your personal information to outside parties.
- Personal information about employees
The personal information that we collect about our employees and prospective employees may include, in particular, sensitive information. For example, prospective employees may need to obtain a security clearance or provide a criminal history search for some roles. We may collect personal information about our employees and prospective employees, as part of their application and during the course of their employment, either from them or in some cases from third parties (as outlined above at paragraph 4).
Under the Privacy Act, personal information about our current or former employees may be held, used or disclosed by us in any way that is directly connected to the employment relationship. We handle information about our employees in accordance with legal requirements and our applicable policies in force from time to time.
- Are cookies and IP addresses used?
We may collect certain information when you visit our Sites. For example, our servers receive and record information about your computer, device and browser including potentially your IP address, browser type, and other software or hardware information.
If you use a mobile or other device to access our Sites, we may collect a unique device identifier assigned to that device, location data, or other transactional information from that device.
Our Sites use a variety of technologies to assess how our sites are used, to personalize your experience and to deliver online content tailored to your interests, such as internet tags and cookies.
Cookies are small text files that are placed on your computer or other web-accessing devices by our websites. These cookies allow us to distinguish you from other users of the websites, and to enhance the websites and your experience when you browse the websites. If you do not wish to receive cookies, you can set your browser to refuse them. However, a user who does not accept the cookie from our Sites may not be able to access certain areas and may limit your use of our Sites and some of our services.
In administering our Sites and diagnosing potential system problems, we also log all IP addresses that access our Sites. For information on cookie settings of your internet browser, please refer to your browser’s help function.
- Our Security Measurement
Personal information collected by us is held in secure physical and electronic data systems, including on our intranet system, in cloud storage, and in some cases, records on third party servers, which may be located overseas.
We want your personal data to remain as secure as reasonably possible. We will maintain the levels of protection of your personal data in accordance with data protection laws and use all available technical resources to prevent the loss, misuse, interference, and unauthorized access, modification or disclosure of your data. This also applies to disposal of personal information.
Access to personal information is limited to only those employees of CGH Group who need such access to do their job, including to provide you with recruitment and labour hire services. Physical, electronic and managerial procedures have been employed to safeguard the security and integrity of your personal information.
The security measures we use to protect all personal data are designed to meet or exceed industry standards to prevent intruders from gaining access, however you should be aware that no security measure is guaranteed to be 100% secure and you should always take appropriate security measures to protect your personal data, including ensuring that you have up-to-date antivirus software.
We may be legally required to maintain some of your records for a significant period of time. We will take reasonable steps to destroy or de-identify personal information once it is no longer needed for a valid purpose or required to be kept by law.
- Direct Marketing Materials
We may send you direct marketing communications and information about services and promotions, either from us or from third parties, that we consider might be of interest to you. These communications may be sent in various forms, including mail, SMS, fax and email in accordance with applicable marketing laws, such as the Spam Act 2003 (Cth). If you indicate a preference for a method of communication, we will endeavour to use that method wherever practicable to do so.
Provided that you have not unsubscribed or otherwise opted out, we may use your information for direct marketing:
- where you have agreed to receive direct marketing from us; or
- where you have engaged with us directly, and we consider that you would reasonably expect to receive direct marketing from us.
We may utilise the services of third parties to assist us with undertaking our direct marketing activities. However, we will not otherwise disclose your personal information to third parties for marketing purposes without your consent.
At any time, you may opt out of receiving marketing communications for us by contacting us (see paragraph 15) or by using opt out facilities provided in the marketing communications.
Note that if you opt-out of direct marketing messages from us, we may still communicate with you from time to time for other purposes, including where we:
- respond to any correspondence you send us;
- are engaging with you in respect of any recruitment process in which you have agreed to participate; or
- are legally required to provide you with notice of certain matters.
- How can I access, change, and/or delete information?
You may request access to any personal information we hold about you at any time by contacting our Privacy Officer. Where we hold information that you are entitled to access, we will try to provide you with a suitable means of accessing it (for example, by mailing or emailing it to you).
To make a request to access or correct personal information, please contact your CGH Group representative or our Privacy Officer using the details provided below (see paragraph 15). We will then contact you to request sufficient information to allow us to confirm your identity. To obtain access to your personal information:
- you will have to provide proof of identity. This is necessary to ensure that personal information is provided only to the correct individuals and that the privacy of others is protected;
- CGH Group requests that you be reasonably specific about the information you require; and
- after assessing your request, CGH Group may propose to charge you a reasonable administration fee, which reflects the cost to us for providing access in accordance with your request.
We will give you access to your personal information to the extent required or authorised by law and take reasonable steps to correct personal information where necessary and appropriate. On the rare occasions when we refuse access, we will provide you with a written notice stating our reasons for refusing access.
If you believe that the personal information we hold about you is incorrect, incomplete or inaccurate, you may request us to amend it by contacting our Privacy Officer using the details provided below (see paragraph 15). We will consider if the information requires amendment. If we do not agree that there are grounds for amendment, we will add a note to the personal information stating that you disagree with it and provide you with a written notice stating our reasons for refusing.
We will respond to all requests for access to or correction of personal information within a reasonable time.
- What happens if there is a privacy or data breach?
If any personal information has been lost or subjected to unauthorised access, use, modification, disclosure or other misuse (Data Breach), CGH Group will take all necessary steps to contain the Data Breach, rectify the Data Breach and prevent the Data Breach from occurring in the future.
Pursuant to the Notifiable Data Breaches (NDB) scheme, CGH Group will notify individuals whose personal information is involved in a suspected or known Data Breach where it is likely to result in serious harm and provide recommendations about the steps that individuals should take in response. In this context, serious harm refers to serious physical, psychological, emotional, financial or reputational harm to an individual or individuals. CGH Group will manage all Data Breaches in accordance with the Privacy Act.
CGH Group will review the incident to determine possible causes of the breach and revise its internal policies and/or procedures to prevent reoccurrence. Possible actions will include updating policies and procedures relating to records management, updating the CGH Group’s Data Security and additional staff training on privacy.
- Links to third party sites
Our Sites may contain links to third party websites as a service to our users. We make no representations or warranties in relation to the privacy practices of any third party website and we are not responsible for the privacy policies or the content of any third party website. We encourage you to review and understand the privacy policies of the relevant third parties before providing any information to them.
- Overseas disclosure
Personal information used and stored by CGH Group is primarily hosted in Australia. From time to time, we may store your personal information on servers in overseas web hosting facilities such as cloud-based storage services, which may involve disclosing your information to the operators of those services. It is not practicable to list every country in which overseas recipients may be located but such countries are likely to include the United States of America, member countries of the European Union, Canada, New Zealand, Singapore, Hong Kong, India, China and countries within the Asia Pacific region. We may seek your consent to such disclosure, in which case Australia Privacy Principle 8.1 will not apply. We will otherwise take reasonable steps to ensure that any overseas recipient will deal with such personal information in a way that is consistent with the Australian Privacy Principles.
If applicable, we may also disclose your personal information to overseas recipients for the purpose of seeking and facilitating employment or contracting opportunities. We will only do so with your instruction and consent.
- Contacting Us
CGH Group Privacy Officer
Address: GPO Box 1113 Darwin NT 0801
Telephone: 08 8942 6666
We will treat your requests or complaints confidentially and respond within a reasonable period.
If you are dissatisfied with the handling of your complaint, you may contact the Office of the Australian Information Commissioner:
Office of the Australian Information Commissioner
Telephone: 1300 363 992
Address: GPO Box 5288 Sydney NSW 2001
- Changes to this Privacy Notice
We reserve the right to change or add to this Privacy Notice from time to time and will post any revisions on this Site. We will indicate at the bottom of the Privacy Notice when it was most recently updated. We encourage you to check back often to review the latest version.
Privacy Notice Effective Date: 10th January 2024