The HR Dept Northern Beaches Sydney Privacy Notice 

In the HR Dept Australia we want to get to know you, but we want you to know that we are committed to protecting and respecting your privacy. This Privacy Notice explains how and why we use your personal data, to make sure you stay informed and can be confident about entrusting us with your data.

Your Privacy Dashboard

 

We are HR Dept Northern Beaches Sydney, part of a franchise company called The HR Dept (also known as “HR Dept Network” or just “HR Dept”).

Here is a short summary of how we process and protect your data and respect your privacy.

Types of data we collect When and how we collect data How we use your data
  • Contact details 
  • Business information 
  • Account information 
  • Financial information 
  • Data that identifies you and other people 
  • Data on how you use HR Dept services 

We collect data from people browsing our website,  chatting to us online, on social media or on the phone.

Sometimes you provide us with data, sometimes data about you is collected automatically or provided to us by another organisation. Here is a visual representation that explains when and how we do this.

  • To provide you with services to help businesses prevent people problems 
  • To keep HR Dept Australia & HR Dept Network running 
  • To help us improve HR Dept Australia & HR Dept Network  
  • To give personalised licensee, client and customer support and information 
  • To send you marketing messages (but only if you tell us to) 
Third Parties who process your data Know your rights We use cookies

The following are some of the services that help us keep HR Dept Network running by storing or processing your data: 

  • Infrastructure: Microsoft  
  • Communications: Microsoft 
  • Analytics: Google Analytics 
  • Integrations: (by your request) Facebook 
  • Sector specialist Partners such as legal, insurance and commercial 

Your rights include: 

  • Accessing information we hold on you 
  • Having your data corrected 
  • Opting out of marketing communications 
  • Porting your data to another service 
  • Being forgotten by HR Dept Australia & HR Dept Network 
  • Complaining about us 
  • Why? We use necessary cookies to run and improve the service to you 
  • Our third-party service providers use cookies too, which they control 
  • You can turn off cookies but this will mean, for example, that we can’t recognise you online or resolve issues as efficiently 

 

About this privacy notice

In compliance with data protection regulations, this privacy policy explains what personal information we collect from you when you visit our website, interact with us or use our services.

We are committed to processing personal information in ways that comply with our legal and regulatory obligations, and to being clear with you about what we do with your personal information.

We are committed to protecting and respecting your privacy and we do not share personal information with other companies for marketing purposes.

 

Who are we?

The HR Dept Northern Beaches Sydney is part of a group company called The HR Dept Group Ltd.

The HR Dept operates as a franchise, which means that HR Dept offices around the UK and Ireland are individual registered companies operating under licence to use The HR Dept brand and resources. We refer to this as The HR Dept.

In this Privacy Policy, whenever you see the words ‘we’, ‘us’, ‘our’ it refers to The HR Dept.

How can you contact our team?

Telephone: 0345 208 1120

Email: info@hrdept.co.uk

Post:

Our responsibilities and role in your privacy

If you are an HR Dept customer or Licensee, are an organisation that receives HR support from us, if you use or supply us with products or services, enquire about our services, take part in our market research activities, interact with us online, email, live chat, call or write to us, or just visit our website, this Privacy Policy applies to you.

Due to the nature of our business, sometimes we may act as a data controller, sometimes we act as a data processor.

Where we act as the ‘data controller’ of your personal data, this means we determine how and why your personal data is processed and this privacy notice will apply to you.

Where we act as the ‘data processor’ of your personal data (for example, if your employer uses the services of The HR Dept) this means we are acting on their behalf and processing your personal data under their instructions, and we would recommend you review their data privacy information; it is likely that they are the data controller and will be best placed to help.

If you are an employee of The HR Dept current team customer, job applicant or previous team customer we have created specific policies for you, and they will have been made available to you at the appropriate point in time.

We are registered as a data controller at the UK Information Commissioner’s Office under number Z9156222.

The type of personal information we collect and where it comes from

In line with the expectations of the Data Protection Act (2018) and the GDPR regulations, we only collect necessary information that is required to allow us to promote and deliver our services fairly and effectively.

The HR Dept may collect and process information about you from several sources or processes which are outlined here:

  • When you use our website or subscribe to our newsletter.
  • When information is received through networking activity by a staff member of any business in The HR Dept about yourself or your company, and where it is understood there is a legitimate interest in you receiving HR services from The HR Dept. The data controller would be the business within The HR Dept you provided the information to, and The HR Dept Ltd is a sub-processor.
  • When your company or employing company enters into a client agreement with a business in The HR Dept and provides information about you to that HR Dept business for the purposes of receiving HR services. In this case, only information about you that is relevant to the delivery of these services should be shared by your employer with The HR Dept. The data controller for this information is your company or employing company. The business within The HR Dept you provided the information to, and The HR Dept Ltd, are sub-processors.
  • When you submit personal information, a CV or other application information to an HR Dept office for the purposes of recruitment, that HR Dept office’s registered limited company is the data controller. That HR Dept office will process your information in accordance with the purpose for which it was submitted only. For the purposes of recruitment on behalf of one of its clients, that HR Dept office will share with its recruiting client only the appropriate data necessary for the purposes of undertaking the recruitment application for which you submitted your data. From time to time, HR Dept offices may use recruitment companies or similar third parties to support them with recruitment activity. In such circumstances, the data privacy notice for the third-party recruitment company will be available through their own website.
Why we have your personal information

 

We collect and process your data for different reasons in different circumstances, but we’ll only collect and process your data where we have a legal basis for doing so. Our purposes and legal basis for using each type of data are set out below. 

Personal information is provided to us in a number of ways and depends on your relationship with us. Personal data may be provided to us by our corporate clients who subscribe to our services, or it may be provided to us directly, for example if you are a HR Dept Network Licensee.  

A small amount may also come from publicly available sources: e.g. Australian Securities & Investments Commission (ASIC), company websites etc.  

We then process it for one of the following reasons: 

  • To manage our relationship with you 
  • To respond to your enquiries  
  • To manage the services we provide to you 
  • To take pre-contractual and contractual steps with you 
  • To comply with our legal obligations as a business 

Here are some further examples of how we use your personal data:  

  • To analyse website usage so we can determine how we can make improvements and if you subscribe to our newsletter, to email you about other directly related products and services we think may be of interest to you based on our understanding of your legitimate interest. 
  • To personalise your repeat visits to our website. 
  • If you submit your information on a contact form with interest in accessing HR services through the HR Dept Network, we will pass on your information to one of our HR Dept Offices for them to get in touch with you. 
  • To survey contacts about activity directly related to our marketing activity, service delivery or directly related projects undertaken by us. 
  • To provide outsourced HR services to your company or employing company in line with client agreements made with an HR Dept Office. 
  • To provide you with information about our services. If you provide your contact information to us through this website, we would consider this to mean you have a legitimate interest in our services, and that you are happy to be contacted in relation to those services. 
  • For survey/research material relating to the HR Dept Network’s own services. 
  • To enable us to comply with our policies and procedures and enforce our legal rights, or to protect those rights of our employees and clients. 
  • To protect against fraud and other risks to our business. 
  • To assess a job application, you submit and assess any information you provide as part of that application. 

If you provide your information to us through this website, we  consider this to mean you have a legitimate interest in our services, that you are happy to be contacted in relation to those services, and that you are happy for us to share this with our relevant partners as outlined below in order for our services to be delivered to you.  

We will not use your personal information for direct marketing if you only provide it to us in connection with a job application to work for us. 

Can you opt-out of marketing? 

The HR Dept Network does not wish to undertake marketing activity towards those who do not wish to receive it, and we will always comply with a request from you to opt-out of marketing. 

You can: 

  • Use the ‘opt-out’ or ‘unsubscribe’ link in any HR Dept Network related marketing communication if you do not wish to be contacted with any such communications. 
  • Request directly by email if you do not wish to be contacted with any marketing communications. 

Where we process your personal data so you cannot be identified anymore 

We may anonymise and aggregate any of the personal data we hold (so that you can no longer be identified by it). 

We may use anonymised and aggregated information for purposes that include testing our IT systems, research, data analysis, improving our site, apps and developing new products and services. 

Data sharing 

Sometimes we might share your data with third parties as part of an essential element of the service we provide. We also use third parties to help us host our infrastructure and applications, communicate with customers, power our systems and emails etc as we believe they are the best in their field at what they do. 

This could include: 

  • Service providers we use for specific purposes, such as for our IT systems.   
  • Regulatory authorities, law enforcement agencies and courts.  
  • Our professional advisors 
  • Our Insurance brokers, Insurers and specialist employment law firms to manage policies and support and/or defend any claims 
  • If we choose to sell, transfer, or merge parts of our business or our assets. Alternatively, we may seek to acquire other businesses or merge with them 

 

Reasons for processing your personal information 

The purposes we rely on for the processing your personal information are:  

  • Your consent. This means that you have given clear consent for us to process your personal data for a specific purpose. You can change your mind though. If you have previously given us consent to process your data for a specific purpose you can freely withdraw such consent at any time. You can do this by emailing us or unsubscribing where appropriate. If you do withdraw your consent, and if we do not have another legal basis for processing your information, then we will stop processing your personal data. If we do have another legal basis for processing your information, then we may continue to do so subject to your legal rights. Please note, where you update your consent directly with us, this change may take up to 7 days to take effect. 
  • We have a contractual obligation- We process your personal data where is necessary for a contract that you have with us, or because we have asked you to take specific steps before entering into that contract. 
  • We have a legal obligation – We process your personal data because we need to comply with a legal or regulatory obligation, or for the establishment, exercise or defence of legal claim. 
  • We have a vital interest – If we need to process the personal data to protect someone’s life. The processing must be necessary. If we can reasonably protect the person’s vital interests in another less intrusive way, we will not rely on this basis. 
  • We have a legitimate interest – We may use your personal information if we consider it necessary for our legitimate business interests, or the legitimate interests of a third party, so that we can operate as an efficient and effective business and a responsible organisation. This is subject to ensuring that those interests are not outweighed by your own rights and interests in relation to the relevant personal data and to that end where we wish to use legitimate interest we will carry out legitimate interest impact assessment for each of these.   
Where we process your personal data so you cannot be identified anymore

We may anonymise and aggregate any of the personal data we hold (so that you can no longer be identified by it).

We may use anonymised and aggregated information for purposes that include testing our IT systems, research, data analysis, improving our site, apps and developing new products and services.

Data sharing

Sometimes we might share your data with third parties. This could include:

  • Service providers we use for specific purposes, such as for our IT systems.
  • Regulatory authorities, law enforcement agencies and courts.
  • In the event of a sale of all or a part of our business, the buyer and its professional advisers.

Under the UK General Data Protection Regulation (UK GDPR), the lawful bases we rely on for processing this information are:

  • Your consent. Where consent has been given, you are able to remove your consent at any time. You can do this by contacting us
  • We have a contractual obligation
  • We have a legal obligation
  • We have a vital interest
  • We have a legitimate interest
Third party (Sub-Processor) organisations

 

    For our general day-to-day data processing activities, we use third party organisations to help us administer and monitor the services we provide:  

    • For the provision of IT and software services to enable the management of our customers, staff and office administration.  
    • For financial accounting. 
    • To share newsletters, promotional detail, industry news or other information that may be of interest to you. 
    • To help us improve our services. 
    • For the administration of our website and customer interactions.   
    • For any legal guidance in the provision of our services.  

     

    Access to your personal information is only allowed when required by the law or is required as part our fulfilling our service obligations.  We do not, and will never, sell your personal information to other third parties.  

    International transfers of data
    Where we have partners and service providers based outside of Australia (e.g. Microsoft for our IT Services or the HR Dept Limited in the UK), your personal data may be accessed or otherwise processed in other countries. We have implemented measures and safeguards to ensure that any transfer of data is compliant with the relevant data protection legislations. Please contact us if you wish to know more. 
    Keeping your information correct
    We are committed to keeping your information up to date. If you believe that we have made an error, then please contact us as we have outlined below, and we will use reasonable endeavours to correct it. 
    Keeping your information safe and secure

    We are committed to keeping personal information secure to protect it from being inappropriately or accidentally accessed, used, shared or destroyed, and against it being lost. We endeavour to ensure that our suppliers take similar steps to keep your data secure. We take organisational measures to keep information secure and provide regular training for staff on data protection.  

    However, we understand that even the best laid plans can sometimes go wrong, and therefore we have developed and rehearsed a breach management process. In the unlikely event that we, or one of our partners or suppliers, accidently compromise the confidentiality, integrity or availability of your data, then we will endeavour, where required, to notify you, and other relevant parties such as the OAIC. We will do this by informing you via the contact details that we have recorded for you.  

    How long we keep your data

    We will only store your personal data for as long as is necessary to fulfil the purposes outlined in this Privacy Notice or for as long as we reasonably consider necessary to establish, exercise or defend our legal rights.  

    This means that your data will be retained in line with statutory and regulatory requirements. For example, we retain details on services and products delivered for a minimum period of 6 years post the end of the transaction. 

    The HR Dept Network must retain some information for periods in line with regulatory or legislative requirements. If there is no regulatory or legal requirement to retain your information, the criteria used to determine these retention periods includes: 

    • To comply with the minimum regulatory retention requirements as set in law. 
    • To comply with the statutory retention periods for accounting records, as set by the appropriate laws 
    • Where our retention periods are not governed by legislation, our retention policy is based on commercial justifications, which have been set in accordance with the principle of retaining personal data for no longer than is necessary for the purposes for which it is processed. These include: 
    • To enable us to provide you with our products and services. 
    • To allow us to resolve any disputes or complaints. 
    • For the detection and prevention of fraud. 
    Keeping your information accurate

    If you believe any information held by the HR Dept is incorrect and wish to amend it, please contact us. 

    Links to other websites
    Our website may contain links to other external websites of interest. However, you should note that we do not have any control over these other websites. Once you have used any of these links to leave our site, we cannot be responsible for the protection and privacy of any information which you provide whilst visiting these sites and such sites are not governed by this privacy statement. 
    Your data protection rights

     

    Under the Privacy Act, you have a right to ask for access to a copy of your personal information the HR Dept Network holds about you.  You can also ask us to change or complete any inaccurate or incomplete personal information the HR Dept Network holds about you. 

    Please see the section at the end of this Privacy Policy about how to contact us in order to make such a request. 

    We’ll try to respond to all requests within one month. If your request is complex or if you make lots of requests, we may extend our time to respond – if this is the case, we’ll let you know. 

    The Office of Australian Information Commissioner (OAIC) website has some useful information on your data protection rights 

    Please contact us if you wish to make a request. 

     

    Who to contact

    Our Australia contact details 

    Office: The HR Franchise Group Pty Ltd, Level 17, The Ark, Coca Cola Place, 40 Mount Street, North Sydney, NSW 2060.  

    Tel: 1800-473378 

    Email:  pia.engstrom@hrdept.com.au  

     

    Our UK office contact details for The HR Dept Limited 

    Registered Office: The HR Dept. Ltd, First Floor, 3 Brook Office Park, Emersons Green, Bristol, BS16 7FL 

    Tel: 0345 208 1120 

    Email:  dataprotection@hrdept.co.uk 

    Company number: 04479417 

    Making a complaint

    If you have any concerns about our use of your personal information, you can make a complaint to us using the contact details above. We would ask that if you do wish to do this that you please tell us first so that we have a chance to address your concerns.  

    If you are not satisfied with our response or you are unhappy with how we have used your data, you can also complain to the Office of Australian Information Commissioner by calling 1300 363 992 or sending an email to enquiries@oaic.gov.au. 

    Document History

    Date this Privacy Notice was last reviewed: September 2023 

    Looking for expert HR support?

    We can help you focus on your business by taking care of all your human resources needs.

    Let us know how we can help or ask about our free initial HR review.

    Preventing People Problems

    Subscribe to our monthly newsletter

    Office Address: Upper Ground Floor 55 Brisbane Street Surry Hills NSW 2010 ABN: 26 874 011 369

    Copyright © 2017 - 2022 HR Franchise Group Pty Ltd trading as The HR Dept Australia