Alliance Australia Privacy Policy
This privacy policy (Privacy Policy) explains how The Trustee For Recruitment Solutions Group Australia Trust (ABN 86 157 291 541) and Heartbeat Nursing Agency Pty Ltd (ABN 49 084 686 760) and Alliance Health Services Group Pty Ltd (ABN 19 100 736 294) (whether we trade under the trading name ‘Alliance’, ‘Alliance Rural & Remote Health', ‘Alliance Nursing’, ‘Alliance Community’, ‘ExtraStaff’, ‘Apprenticeship Careers Australia’, ‘Talent Options’ or another trading name) (collectively, Alliance Australia, we, us or our) handle and manage personal information we collect about you as:
- an individual who is (or is interested in becoming) an Alliance Australia employee or contract worker (Worker) whether you are a:
- a nurse, midwife, support worker, nursing assistant or other healthcare professional (whether or not you are qualified and/or AHPRA-registered yet);
- a sales/marketing, technical/engineering, office support, IT/telecommunications, accounting/finance or other white-collar worker;
- a jobseeker or apprentice; or
- a health, hospitality and support, food manufacturing or civil construction worker;
- a representative of a hospital, clinic, aged care facility, other healthcare or disability services provider, construction company, hospitality company or other employer that engages (or is considering engaging) a Worker (Employer Representative);
- an individual who engages (or is considering engaging) a Worker to work in your residence or other private setting (Private Client); and/or
- a visitor (Visitor) to any of our websites, including those which are accessible at the domain names alliancenursing.com.au, alliancecommunity.com.au, allianceruralremote.com.au, allianceaustralia.com.au, apprenticeshipcareers.com.au, extrastaff.com.au and talentoptions.com.au (together, Website) whether or not you are also a Worker, Employer Representative or Private Client.
Except as expressly noted, this Privacy Policy does not address or affect employee records of our current and former employees which are in most cases exempt from the Privacy Act 1988 (Cth).
Consent to collect your sensitive information: By using the Website and/or providing us with any personal information (whether your own or that of another individual) you agree that you are 15 years of age or older and, if you are providing any of your sensitive information specified in this Privacy Policy, you consent to our collection, use and disclosure of that sensitive information in accordance with and as specified in this Privacy Policy.
If you are under 15 years of age, you cannot use the Website or provide us with any personal information until your parent or guardian agrees to this on your behalf after having read this Privacy Policy.
Other people’s personal information: If you give us the personal information of another person, you agree that you have already told them that you are doing this, shown this Privacy Policy to them and that you have their permission to provide their personal information to us. Where you are providing anyone else’s sensitive information to us you agree that you have obtained their prior consent to: (i) you disclosing it to us; and (b) our collection, use and disclosure of it, in accordance with and as specified in this Privacy Policy.
Residents of the United Kingdom or European Union: If you live in the United Kingdom or European Union (i.e. you are UK/EU Resident) please tell us by using the contact details below in Our contact information. If you are a UK/EU Resident we rely on the bases of: (i) your consent; (ii) contractual obligations placed on us by Federal/State/Territory Government agencies; and (iii) our legal obligations, when we process your personal data. As a UK/EU Resident you also have additional rights, including, subject to certain conditions, to object to and/or restrict our processing of your personal data.
1. What personal information we collect and how
We collect your personal information (including your sensitive information) as noted below in paragraphs 1.1, 1.2, 1.3 and/or 1.4 (as relevant) when:
- you complete an expression of interest, website enquiry, application or registration form (whether online or hard-copy);
- we record the details of and/or take a scan/photocopy of a document demonstrating your qualifications (e.g. a certificate or testamur);
- we record the details of and/or take a scan/photocopy of your photo identification;
- when you register for an event or webinar or give us your business card;
- when you contact us to ask a question or get information (although you can ask some general questions anonymously or using a pseudonym if you wish);
- when you participate in a survey, promotion or competition;
- when you submit personal information via the Website; and
- when someone requests our services on your behalf.
We mostly collect personal information directly from you. However, where it is impracticable to collect your personal information (including sensitive information) from you we may collect it from someone else. For example, where:
- you are a Worker and a Registered Training Organisation (RTO), Employment Service Provider or other referrer provides us with your personal information;
- you are an Employer Representative and your employer and/or a Worker gives us your personal information;
- you are a Private Client and another healthcare professional involved in your care, an Aged Care Assessment Team or Regional Assessment Service, NDIS, government agency, family member, carer, attorney or guardian or other person responsible for your healthcare decisions provides us with your personal information; and
- otherwise as required or authorised by law (e.g. from a regulator or law enforcement body).
1.1 For Workers
If you are a Worker we primarily collect your personal information (including sensitive information) in two stages: (i) when you submit an expression of interest (EOI Stage); and (ii) as part of the background checks we must carry out to process your application to work with us (Application Stage).
At the EOI Stage we collect your personal information (which you may provide to us in your cover letter or CV) including:
- your name, date of birth, country of birth, postcode and gender;
- contact information such as your address, email address and phone number;
- education information including your educational background, qualifications and professional registrations and licences;
- background and profile information including your visa information, employment status, current and past positions, career and school history, responsibilities, references and languages spoken;
- your police check, working with children check and vulnerable people check status; and
- your AHPRA practitioner number
At the EOI Stage and/or Application Stage we collect your personal information about you including:
- identification information including your driver’s licence number and passport number;
- any disability you have;
- citizenship, residency status, ethnicity and language(s) spoken;
- your tax file number; and
- your health information, including medical conditions and previous injuries and, in certain circumstances, your vaccination/immunisation status.
1.2 For Employer Representatives
As an Employer Representative we collect your personal information including:
- your name;
- contact information such as your address, email address and phone number;
- information about your company (which sometimes includes personal information);
- business references (which sometimes include personal information); and
- information about your credit worthiness.
1.3 For Private Clients
As a Private Client we collect your personal information including:
- your name;
- contact information such as your address, email address and phone number;
- references from those who have worked for you (which sometimes include personal information);
- information relevant to the services to be and which are provided to you including your medical history, health concerns, current and/or past services received, information support details, living and healthcare arrangements, government pension or benefits, details of your residence/accommodation arrangements and an assessment of your needs for services; and
- information relating to government funding that we receive in relation to our provision of services to you as a Private Client including your My Aged Care number, NDIS number and Medicare number.
We also collect health information by providing and during the provision of services to you. We record information about the time and place that we provide services to you, the nature of healthcare or disability care services rendered to you and notes that help us to provide, monitor, evaluate and improve those services. This constitutes sensitive information.
1.4 For Visitors
As a Visitor we collect your contact details (i.e. name, email address and phone number) (i.e. your personal information) if:
- you provide to it us via a Website (i.e. entering information into a form or contacting us via a Website);
- you enter and/or participate in a survey or competition of ours; and/or
- if you otherwise contact us by phone, email or mail.
We may also collect your personal information using cookies (explained in the Website analytics and cookies section below).
2. How we use your personal information
2.1 For Workers
We use your personal information to:
- provide you with information about our various products and services;
- give you advice and information about roles, placements, programs and/or services that may be of interest to you;
- support the ongoing administration of a placement you undertake, including testing/assessment, performance appraisals, training, management of complaints and/or legal and regulatory requirements;
- supply products and services to you;
- collect and recover money you owe us;
- verify your identity;
- assist to you get the financial assistance that may be available to you;
- process payments, fees and charges for our programs; and
- administer your account with us and for us to generally undertake our day-to-day business with and related to you.
We use your tax file number to access Government financial programs.
2.2 For Employer Representatives
We use your personal information for the purpose of providing our products and services (including suggestions of Workers) to your employer, in particular:
- information about our products and services; and
- to process payments from and fees and charges for your employer.
2.3 For Private Clients
We use your personal information for the purpose of providing our products and services (including suggestions of Workers) to you, in particular:
- information about our products and services; and
- to process payments from and fees and charges for your employer.
2.4 For Visitors
We use your personal information to:
- respond to your queries and any complaints;
- send you marketing communications as described below in Section 4;
- tailor our products and services to your needs; and
- conduct surveys and competitions.
2.5 For everyone
In addition to the specific information above for Workers, Employer Representatives, Private Clients and Visitors, we will also use your personal information for such other purposes as permitted or required by law.
3. How we share your personal information
3.1 For Workers
If you are a Worker and apply for employment with us, we will share your personal information with your referees and former employers in connection with your application.
We also share your personal information with:
- potential and actual employers who are clients of Alliance Australia;
- our insurers and workers’ compensation bodies for the purposes of coverage and claims administration; and
- relevant regulatory bodies in your industry where relevant.
If the position you are applying for is likely to involve providing disability care, we are required to disclose your personal information to check it against the NDIS worker screening database.
Very rarely, if you are a nurse or support worker and there is a death in your place of work, we may need to provide your personal information to coroners and/or medical examiners.
We mainly help to recruit and place Australian Workers into roles in Australia. However, on rare occasions we also recruit Australian Workers for work with Private Clients overseas. In those circumstances, we will send your personal information (including sensitive information) overseas. Likely countries to which we may share your personal information include New Zealand, the United Kingdom and Ireland.
3.2 For Private Clients
If you are a Private Client and receive or express interest in receiving services from us, we will share your personal information (including sensitive information), as is reasonable and appropriate for your care, with:
- your doctor, medical specialist or other healthcare professional involved in your care;
- government agencies which provide subsidies and benefits, including My Aged Care, Centrelink, Medicare, the Department of Social Services (DSS), the National Disability Insurance Agency (NDIA) and the Department of Veterans’ Affairs (DVA);
- your attorney, guardian or other person responsible for your healthcare decisions;
- your family members and carers, unless you tell us not to; and/or
- a hospital or aged care facility if you are referred for respite or higher levels of care.
We sometimes recruit and place overseas Workers in Australia. In those circumstances, we may send personal information about you as an Australian Private Client overseas so the overseas Worker knows about the Private Client for whom they may wish to work. Likely countries to which we may share your personal information include New Zealand, the United Kingdom and Ireland.
3.3 For everyone
In addition to the specific information above for Workers and Private Clients, we also share your personal information with our owner, NSW Business Chamber Limited (ABN 63 000 014 504) (Business NSW) and its related entities (together Business NSW Group) for the purpose of identifying other products and services that may be relevant to you and contacting you about them. Please read Business NSW’s privacy policy, accessible at https://www.mybusiness.com.au/privacy-policy for more information as to how it handles your personal information.
We also share your personal information (and, where relevant, sensitive information) with:
- our professional advisors (e.g. accountants, auditors and lawyers);
- persons you have authorised to receive information we hold about you (including our business partners and sponsors); and
- other entities as required or authorised by law to do so, including Services Australia (including Centrelink), the Australian Taxation Office and State and Territory government agencies and:
- our professional advisors (e.g. accountants, auditors and lawyers);
- persons you have authorised to receive information we hold about you (including our business partners and sponsors); and
- other entities as required or authorised by law to do so, including Services Australia (including Centrelink), the Australian Taxation Office and State and Territory government agencies and:
- where there is an immediate risk of harm to a person;
- as an ‘approved provider’ under the Aged Care Act 1997 (Cth); and
- as an NDIS provider.
We may also disclose your personal information to verify your identity using Government databases.
A number of third party service providers support us in providing services to you and we will share your personal information (and sensitive information if required) with them to assist us to perform one or more of the purposes set out in this Privacy Policy and, in particular:
- our technology, data processing, contact centre, archival, delivery, banking, payments, marketing research, content production, mail-out, marketing and advertising service providers (specifically, RDB, Procura, JobReady, Hubspot, Google, Survey Monkey and Active Campaign), so they may provide us with those services; and
- Australian Postal Corporation and National Australia Bank Limited which together operate the ‘SecurePay’ service and Ezi Management Pty Ltd, which provides the ‘Ezidebit’ service. SecurePay and Ezidebit are payment gateways which support online credit card processing on our Website.
We only share personal information to third parties we have a binding agreement with. We make sure those third parties take your privacy as seriously as we do.
All of our third party service providers are headquartered or have their data centres located in Australia and the United States.
4. Marketing communications
Our Website offers functionality allowing you to opt in to receive marketing communications relevant to you. We will only send you marketing communications that you have chosen to receive and by the means (e.g. email) that you choose to receive them. If you change your mind you can unsubscribe by clicking the ‘unsubscribe’ link at the bottom of the email or replying ‘STOP’ to an SMS message.
5. Updating and/or accessing your personal information
Subject to certain exemptions, you have the right to ask what personal information we hold about you and request access to and/or correction of your personal information at any time by contacting us using the contact details below in Our contact information. There is no charge for making such a request but we may charge a reasonable fee for providing access to your personal information. We will respond to your request within 30 days of receiving it. If we will not or cannot fulfil your request for any reason we will write back to you and explain why and how you may complain about our decision.
Under privacy legislation in some States/Territories, where you request us to and we update health records about you we are still required to retain the old and/or inaccurate information even though it has been replaced or updated with new and/or accurate information.
We take reasonable steps to ensure the accuracy of your personal information before we use it. To help us do this, please tell us immediately if your personal information changes.
5.1 For UK/EU Residents
Subject to certain conditions, you have the right to request that we erase your personal information by contacting us using the contact details below in Our contact information.
6. Security of your personal information
We take reasonable steps to protect the security of your personal information.
6.1 Storing your personal information
We store your personal information on our RDB, Procura, JobReady, Kentico, HubSpot, Interact and Active Campaign systems.
If you are a Private Client and we provide aged care services to you, we are required by law to keep certain records for three to four years which will likely include personal information about you.
6.2 Transmitting your personal information
Unfortunately, no data transmission over the internet can be guaranteed to be 100% secure. As a result, while we take reasonable steps to protect your personal information including the use of encryption of in-transit data and at rest (i.e. once we receive it), regular software patching and logging of system access we cannot guarantee or warrant the security of any personal information you transmit via the internet.
7. Website analytics and cookies
Whenever you visit a Website our systems will automatically record and we can see certain technical information including your IP address. Most of this technical information is not personal information.
Information may be collected through the use of “cookies” on our Website. Cookies are small text files that a website can use in order to recognise visitors who revisit a website so as to facilitate their ongoing access to and use of the website. They enable usage behaviour to be tracked and aggregate data to be compiled that would facilitate more targeted advertising and improved content. Typically, cookies involve the assigning of a unique number to the visitor. You can prevent the use of cookies by setting up your web browser to block them.
We use cookies for the following purposes:
- supporting the functionality of the Website;
- marketing, including understand how advertisements should be targeted; and
- understanding how you use the Website so we can improve its usability.
8. If you have a privacy complaint and procedures that we follow
8.1 How to make a privacy complaint
If you wish to make a complaint about an alleged breach of this Privacy Policy or the Privacy Act 1988 (Cth) by us that has impacted you as an individual you can contact us using the contact information in Section 9 (Our contact information) below.
8.2 Information to include in your privacy complaint
You will need to provide us with sufficient detail regarding your complaint and any supporting evidence in order for us to investigate your complaint. We prefer complaints in writing but also note other ways you can complain to us below. We suggest, however that if you make a complaint it should:
- explain what happened, when and how it came to your attention;
- refer to specific breaches of one or more of the Australian Privacy Principles; and
- outline the outcome you seek.
8.3 What Alliance Australia will do on receipt of your privacy complaint
On receiving a verbal complaint, the Privacy Manager will encourage you to submit the complaint in writing. If you do not want to, the Privacy Manager will record your verbal complaint in writing and take your contact details.
Our Privacy Manager will investigate the issues and determine the steps to be taken to resolve the complaint. We will confirm receipt of your privacy complaint within 5 business days of receiving it. We will also notify you in writing if we require any additional information and also of the outcome of our investigation within 20 business days of receiving your privacy complaint. If we have not finished investigating your privacy complaint within 20 business days we will give you an update on the progress of the investigation (and the estimated time by which we will complete our investigation and notify you of our decision) within 20 business days.
Our Privacy Manager will also:
- document the investigation process in writing;
- provide you with information on how to make a complaint to the Australian Information Commissioner (OAIC) if you are not happy with the outcome of our investigation; and
- liaise with other people as required to investigate and respond to the complaint.
8.4 What to do if you are not happy with the outcome of Alliance Australia's investigation
If you are not happy with the outcome of our investigation of or a decision in relation to your complaint, you may complain to the OAIC whose contact details (and further information) can be obtained from the OAIC website at www.oaic.gov.au.
8.5 For UK/EU Residents
If you are not happy with the outcome of our investigation of or a decision in relation to your complaint you may complain, in the United Kingdom, to the Information Commissioner’s Office (ICO) whose contact details (and further information) can be obtained from the ICO website at ico.org.uk/make-a-complaint or, in the European Union, the relevant supervisory authority.
9. Our contact information
Any queries about this Privacy Policy, correction or access requests or privacy complaints should be addressed to:
Privacy Manager
Alliance Australia
Level 7, 8 Chifley Square
Sydney, NSW 2000 Australia
info.privacy@allianceaustralia.com.au
02 9466 4222
10. Changes to this Privacy Policy
We may, from time to time, update this Privacy Policy so please ensure you read it periodically to check for any changes. If any changes are significant or substantial we will either let you know in writing or post a message to that effect on our Websites.
Your continued use of any Website, requesting or continued use of our services or the provision of your further personal information after this Privacy Policy has been revised will be your deemed acceptance of the revised Privacy Policy.
This Privacy Policy was last revised on 3 July 2023.