Skip to main content

Privacy Policy

Superannuation Compliance Services Pty Ltd

Privacy Policy

This document sets out the policy of Superannuation Compliance Services Pty Ltd (hereinafter referred to as “SCS”) ABN 43110507858 in relation to the privacy and protection of your personal information, including what types of personal information we collect and what we do with such information in performing SCS’s functions and in light of our privacy obligations.

SCS is committed to the protection of the information that it holds about you. This policy sets out the processes that SCS has in place to protect your information. SCS is the entity responsible for ensuring compliance with Privacy obligations.

This policy covers the collection, use, disclosure and security of your information. It also deals with how you can access and correct information that we hold about you and how you can make enquiries or complaints about how we manage the information that we hold about you.

The privacy policy applies to SCS and specifically covers the privacy of personal information held in relation to:

  • Existing, prospective & former employees of SCS
  • Employees and Directors of SCS clients (current & former)
  • Individuals who are SCS clients (current & former)
  • The general public who visit SCS’ website.

Legislative Obligations

SCS is required to comply with the provisions of the Privacy Act 1988, which provide a legislative framework governing the management of personal information.

Availability of Privacy Policy

This Privacy Policy is publicly available on SCS’s website at www.supercompliance.com.au and on the SCS Online training website at www.scsonline.com.au.

A copy of the Privacy Policy may also be requested, free of charge, and will be issued within three days of request.      

   SCS employees should contact their HR Manager

  • Employees and Directors of SCS clients may request a copy of this Privacy Policy by contacting their respective SCS contacts
  • Individuals who are SCS clients may request a copy of this Privacy Policy by contacting their respective SCS contact
  • Contact SCS on (07) 3238 1272 during business hours.
  • Download a copy here.

Collection of personal information

SCS collects personal information for the purpose of providing training, compliance and internal audit services to our clients. At all times we aim to only collect the information we require to carry out a particular function or activity.

SCS may collect your personal information for a variety of purposes including:

  • To administer employment arrangements for employees, including the payment of wages and salary
  • To meet regulatory obligations in the appointment of Directors to Boards
  • To meet & maintain clients’ licensing obligations
  • To establish and administer training profiles for continuing professional development
  • To establish and maintain training records for nationally recognised qualifications
  • To provide training services in accordance with client agreements and compliance requirements.

The types of personal information that SCS may collect about you are:

  • For existing and prospective employees of SCS:
  • your name, contact details, next of kin, bank account details, tax file number, drivers licence details, police and background checks, gender, date of birth, psychometric test results, qualifications, occupation and any health conditions or allergies
  • For employees and Directors of SCS clients, and for individual training clients:
  • your name, date of birth, contact details, bank account details, tax file number, signatures, drivers licence details, bankruptcy and Police checks, qualifications, resumes, details of relevant duties and interests, details of conflicts of interest (if any), details of knowledge and skills, details of fitness and propriety, results of Director and Board evaluations and travel profiles.

SCS may collect Government related identifiers such as your tax file number (TFN), drivers licence and unique student identifier (USI). We will not adopt these as identifiers unless we are authorised under legislation. We will disclose a Government related identifier to a third party in the following circumstances:

  • We are required by legislation for the purposes of taxation administration or other legislative requirements;
  • We are required by a court order; or
  • For enforcement related activities.

 SCS may collect information about you from any of the following:

  • Yourself
  • Your employer
  • Your nominating organisation, or
  • Your administration provider.

SCS will collect information from you through completion of SCS forms.

If you visit SCS’ website, information relating to you that you provide to us directly through our websites or indirectly through the use of our website or online presence such as ‘cookies’.

SCS will only collect information about you where it is fair and lawful to do so. When we collect information from a person or organisation other than yourself, it is done because we are required to under superannuation legislation or Registered Training Organisation (RTO) requirements. We will not collect more information than we need to.

We will not collect information about you in an unreasonably intrusive manner.

We will notify you when we collect information about you. This will be via requesting completion of relevant forms.

From time to time we may receive unsolicited information from you. If this occurs we will:

  • Consider if we can retain it, and
  • If we can retain it, we will hold and archive the information securely in accordance with this Policy.

You have the right to anonymity or the use of a pseudonym when dealing with us. However, if you do this, we will not be able to disclose or discuss personal information we hold in relation to you, as personal identification is required to access personal information.

If you do not provide all of the information required, we may not be able to provide services to you.

Collection of sensitive personal information

At times SCS may be required to collect sensitive information about you. This might include information about your health, racial or ethnic origin, level of spoken English, educational attainments and dietary requirements.

Use & disclosure of personal information

SCS will only use and disclose the information we hold about you for the following purposes (primary purpose):

  • For employees and prospective employees – administering your employment and meeting legislative and regulatory obligations
  • For employees and Directors of SCS clients – administering your training records, and meeting compliance, legislative and regulatory obligations
  • For employees and Directors of SCS training clients – where your employer, fund, sponsoring organisation or administration provider is paying for a training course or ongoing training on your behalf, SCS will provide that party with updates as to your training progress
  • For individuals who are SCS training clients – administering your training records and meeting compliance, legislative & regulatory obligations.

Other than those circumstances outline above, SCS will disclose the information we hold about you, only where we have your consent, for the following purposes (secondary purpose):

  • Information about your training records to a third party
  • Information about your training records to other training providers for Recognition of Prior Learning (RPL) purposes.

SCS will not use your personal information for direct marketing of third party entities. SCS will also not disclose information about you to other organisations for their marketing purposes. If SCS uses or discloses your personal information for law enforcement related activities, we will make a written record of this.

SCS will only disclose your personal information to an overseas recipient if required by legislation.

Data integrity (quality)

SCS tries to ensure that the information that we hold about you is accurate, complete and up to date.

We will do this by applying periodic checks for data quality, and updating information where required. We may also request that you review information we send you, so you can advise of any changes to personal information.

Data security

SCS will ensure that the information that we are required to hold about you in order to meet regulatory requirements is securely stored and is protected from misuse, interference and loss, or from unauthorised access, modification or disclosure.

We will do this by ensuring comprehensive policies and controls are in place relating to data security. This includes both comprehensive IT security arrangements as well as appropriate physical security arrangements. In combination, this will protect the security of personal information we hold.

If SCS has determined that we no longer need the information about you, we will either securely archive or destroy the information, depending on the circumstances or policy to which the information relates. You are entitled to access the information that SCS holds about you.

Eligible data breach notification

When SCS becomes aware of a breach of data security (ie. unauthorised disclosure, access or loss) in respect of your personal information, it will implement processes to assess the impact of the data breach.

In accordance with the requirements of the privacy legislation, SCS will report eligible data breaches to the Office of the Australian Information Commissioner (OAIC) and affected individuals as soon as practicable after SCS becomes aware that there are reasonable grounds to believe that there has been an eligible data breach.

Eligible data breach notification

When SCS becomes aware of a breach of data security (ie. unauthorised disclosure, access or loss) in respect of your personal information, it will implement processes to assess the impact of the data breach.

In accordance with the requirements of the privacy legislation, SCS will report eligible data breaches to the Office of the Australian Information Commissioner (OAIC) and affected individuals as soon as practicable after SCS becomes aware that there are reasonable grounds to believe that there has been an eligible data breach.

Access and Correction of information

You are entitled to access the information that SCS holds about you.

If you want to check that your personal details are correct or to see what personal information SCS holds about you, you may request access to this information at any time.

Requests for information may be addressed in person, via the telephone, via email, or a copy of the information can be sent by post.

In relation to employees, to correct your details, completion of an SCS form may be required. In relation to Directors, updated information may be supplied via email, hard copy documentation, or advised at meetings.

For security reasons, SCS will not give any information over the telephone unless the person making the enquiry is able to answer appropriate security questions to confirm their identity.

Written requests for information must be signed by you.

SCS is not obliged to give you certain information if it:

  • Is confidential
  • Relates to another person.

If you request access, SCS will respond to your request within a reasonable period (30 days) after you make the request. SCS will endeavour to respond to such requests at the earliest opportunity.

We must give you access in the manner you requested, except where it is unreasonable or impracticable to do so.

The APP regime provides that requests for access to personal information may be denied in limited circumstances. If SCS refuses access (for example, giving access would have an unreasonable impact on the privacy of other individuals), we must advise in writing of:

  • The reasons for the refusal except to the extent that, having regard to the grounds for the refusal, it would be unreasonable to do so, and
  • The mechanisms available to complain about the refusal, and
  • Any other matters prescribed by the regulations.

SCS will not charge you a fee for making a request or accessing information held about you. However, we may charge a fee for reprinting certificates issued by SCS as a Registered Training Organisation (RTO).

SCS may correct the information we hold about if you if we believe it is inaccurate, out of date, incomplete, irrelevant or misleading. We may do this by applying internal procedures to update information.

If SCS corrects information that we hold that we have also given to a third party (under approved means), if you request it, we will also ask that entity to correct the information held about you.

The APP regime provides that SCS may refuse to correct the information we hold about you in limited circumstances. If we do that, we will advise you of:

  • The reasons for the refusal except to the extent that, having regard to the grounds for the refusal, it would be unreasonable to do so, and
  • The mechanisms available to complain about the refusal, and
  • Any other matters prescribed by the regulations.

If SCS refuses to correct, you have the right to ask us to associate with the information a statement that you believe the information is inaccurate, out-of-date, incomplete, irrelevant or misleading. SCS must then take such steps as are reasonable in the circumstances to associate the statement in such a way that will make the statement apparent to users of the information.

SCS will respond to your request within a reasonable period (30 days) and we will not charge you for the making of the request, correcting the personal information or for associating the statement with the personal information. SCS will endeavour to respond to such requests at the earliest opportunity.

Our complaints handling process

SCS takes complaints about privacy breaches seriously. We have established an internal complaints process which will consider any complaints made about breaches of privacy and attempt to resolve them promptly.

The internal complaints process is free to access.

If you have a complaint about a possible breach of privacy, then you should first contact the relevant Complaints Officer below, using any of the following methods.

  • SCS employees and prospective employees – Manager, Human Resources
  • Employees and Directors of SCS Clients – General Manager

In writing

PO Box 10654

Brisbane Adelaide Street QLD 4000

In person

Level 2, West Tower

410 Ann Street

Brisbane QLD 4000

By phone

07 3238 1272

By email

privacy@supercompliance.com.au


If you are not happy with a privacy issue and wish to make a complaint, you can do so in writing, over the phone or in person at the SCS office. SCS will address your concerns and try to resolve them quickly. SCS aims to resolve any complaints as soon as possible but no longer than 30 days from the time of receipt.

If you are not satisfied with how we have handled your complaint, you may complain directly to the Office of the Australian Information Commissioner (OAIC). The OAIC has the power to investigate and resolve privacy complaints and may make a determination in respect of complaints. 

You will not be charged a fee to make a complaint to the OAIC. Go to oaic.gov.au/Privacy/Privacy Complaints/Making a privacy complaint for more information. Contact details of the OAIC are:

In writing

GPO Box 5218 Sydney NSW 2001

In person

Level 3, 175 Pitt Street, Sydney NSW 2000

By phone

1300 363 992

By fax

+61 2 9284 9666

By email

enquiries@oaic.gov.au

 

February 2018