Privacy Policy and Standard

Cater Care Holdings Pty Ltd and its subsidiaries (Cater Care Group) recognises the need for privacy when it collects, stores, uses (and from time to time discloses) personal information about its employees, customers, suppliers, other people and/or entities we deal with in our business. 

Cater Care Group respects and understands the importance of people’s privacy, as well as the need to handle personal information responsibly and confidentially. 

Consistent with this position, the Cater Care Group aims to protect people’s privacy by implementing and promoting practices which ensure compliance with this Policy and its obligations under the Relevant Legislation. 

Specifically, the Cater Care Group will:  

• Ensure Personal Information is accurate and up to date;  
• Provide access for individuals to any Personal Information the Cater Care Group may hold about them as permitted by law;  
• Only use and/or disclose such Personal Information for the purpose it was collected, unless individual consent is obtained to do otherwise;  
• Apply a high standard of privacy for any Personal Information obtained;  
• Ensure compliance with Relevant Legislation, this Policy, Privacy Standards and any/all other Cater Care Group related documents;
• Endeavour to educate staff/individuals about their rights to privacy.   

Contravention of this Policy, the Privacy Standards, Relevant Legislation and/or any other Cater Care Group related document may result in (which includes but is not limited to):  

• An investigation;  
• Disciplinary action; and/or  
• In serious circumstances, termination of employment. 

The detail of how this Policy is applied, to whom it relates, its application, and the extent of its coverage, is set out below within the Cater Care Group Privacy Standard. 

The Cater Care Group may modify this Policy, a related policy, its Privacy Standard and/or its process documents at any time, with all modifications to take immediate effect, upon the posting of such modifications.

 

CATER CARE GROUP – PRIVACY STANDARD

1. SCOPE

This Privacy Standard applies to:  

• Employees involved in the management of information; 
• Individuals and entities (which include employees, job applicants, contractors, consultants, customers of and suppliers to the Cater Care Group, all visitors to the Cater Care Groups website); and
• Everyone within the Cater Care Group.

The types of activities and information that this Privacy Standard regulates, are those set out within the Relevant Legislation. 

 

2. HANDLING OF PERSONAL INFORMATION

The Cater Care Group may collect, store, use and/or hold Personal Information about:

• Employees;  
• Contractors;  
• Consultants;  
• Customers;  
• Suppliers;  
• Job applicants;  
• Any other people who may come into contact with the Cater Care Group and/or one of Cater Care’s businesses; and/or
• Anyone who visits a Cater Care Group website. 

Personal Information is information and/or an opinion about an individual whose identity is apparent, or can reasonably be ascertained from the information or opinion, and may include Sensitive Information. 

The type of Personal Information that the Cater Care Group may collect includes (but is not limited to) a person’s name, address, contact details, interest in areas of its business, credit information, trading history and/or marketing information. Note: Personal Information is not limited to an individual’s information and may also relate to an entity. 

The Cater Care Group may collect more specific information from employees, contractors, consultants, customers, suppliers and/or other persons who work in Cater Care’s workplaces (which includes but is not limited to their date of birth, bank account details, tax file number and taxation information such as HECS information, work history, health history, emergency contact details, references, superannuation information and contract specific information). 

The Cater Care Group generally only collects Personal Information from its website when it is provided voluntarily by the user/visitor. When an individual visits a Cater Care Group website and/or downloads information from a Cater Care Group website, the Internet Service Provider (ISP) makes a record of the visit/download and records the user’s internet address, domain name and the date/time of the visit to the website/download. 

A Cater Care Group website may provide links to websites operated by third parties, which are not under the control of the Cater Care Group. The Cater Care Group makes no warranties and/or guarantees regarding the accuracy, quality or reliability of any third party material; and the Cater Care Group cannot guarantee that any third party websites will be free from viruses, or that access will be uninterrupted.  

 

3. USE AND DISCLOSURE OF PERSONAL INFORMATION

Cater Care Group uses Personal Information for various business related purposes (e.g. to provide products and/or services, market products, enhance and maintain relationships with members of the public, employees, suppliers and contractors, as well as by providing information). 

Cater Care Group will only use a person’s Personal Information for the Primary Purpose or a reasonably related purpose. The Primary Purpose is the dominant reason for collecting information and will generally be connected to the relationship between the Cater Care Group and the person from whom the information is being collected (e.g. a job applicant, employee, contractor, customer, supplier). 

Cater Care Group will make clear to contractors, suppliers and/or other non-employees the purposes for which it intends to use their Personal Information. 

Cater Care Group will only use Personal Information for purposes other than the Primary Purpose or a reasonably related purpose, if the relevant person’s consent is obtained, or if it is otherwise entitled to do so under the Relevant Legislation. 

Depending on the product and/or service concerned, Personal Information may be disclosed to: 

• Entities within the Cater Care Group;
• Service providers and specialist advisers to the Cater Care Group (whom have been contracted to provide administrative and/or other services); 
• Insurers, credit providers, courts, tribunals and regulatory authorities, as agreed and/or authorised by law; 
• Credit reporting, reference agencies and/or insurance investigators; 
• Any relevant authority that is entitled to receive it; and/or 
• A person and/or entity as authorised by an individual. 

Cater Care Group requires that any organisations (outside the Cater Care Group), who, as a result of their relationship with the Cater Care Group, handle and/or obtain Personal Information, must comply with the Relevant Legislation. 

In some cases, if an individual does not provide the Personal Information that the Cater Care Group has requested, the Cater Care Group may not be able to provide them with the relevant product and/or service. 

If an individual provides the Cater Care Group with Sensitive Information, it will be used and/or disclosed only for the purpose for which it was provided and/or another directly related purpose, unless the individual agrees otherwise, or unless use and/or disclosure of this information is allowed and/or required by law. 

If you use a Cater Care Group website, the Cater Care Group may utilise “cookies” which enables the Cater Care Group to monitor traffic patterns, trends and/or to serve you more efficiently if you revisit a Cater Care Group website.  A cookie does not identify you personally, but may identify your internet service provider or computer. We may gather your IP address as part of our business activities and to assist with any operational difficulties or support issues with our services. This information does not identify you personally.

In some cases, cookies may enable the Cater Care Group to aggregate certain information with other Personal Information (which we may have collected and/or hold about you). The Cater Care Group extends the same privacy protection to Personal Information (whether gathered via cookies and/or from other sources) as detailed within this Privacy Policy. Note: You may set your browser to notify you when you receive a cookie and this will provide you with an opportunity to either accept or reject it in each instance. In the event that you disable cookies, you may not be able/permitted to access certain areas of Cater Care Groups websites and/or take advantage of the improved web site experience that cookies offer.

Presently, the Cater Care Group only operates within Australia and deals predominately with customers and suppliers that operate in Australia. The Cater Care Group almost, entirely stores Personal Information in systems that are not accessible outside Australia, but the Cater Care Group cannot warrant that the providers of such systems a) limit access to Personal Information to only their users/employees that are residents in Australia and/or b) do not store this information on infrastructure hosted or supported outside of Australia.

The Cater Care Group may also use cloud-based service providers who use assets located in other countries to manage our data.

We will not disclose your personal information to an overseas recipient without taking reasonable steps to ensure that the overseas recipient will not breach the Relevant Legislation.

 

4. STORAGE OF PERSONAL INFORMATION 

Cater Care Group will make every effort to ensure that any Personal Information it holds is protected from misuse and/or unauthorised access, modification or disclosure, including by the implementation and enforcement of various security measures. In the event of any unauthorised access to Personal Information, Cater Care Group will comply with the notification requirements of the Notifiable Data Breach Scheme (2018) and the Relevant Legislation. However, the Cater Care Group will not be responsible for any consequences arising out of unauthorised access to Personal Information. 

The Internet is not a secure environment. If an individual uses the Internet to send Cater Care Group any information, including their email address, it is sent at their own risk. 

Cater Care Group may destroy or permanently de-identify Personal Information as required by the Relevant Legislation. Where the Cater Care Group holds Personal Information that is no longer required, the Cater Care Group may destroy such Personal Information or remove such details that may identify an individual. 

 

5. ACCURACY OF PERSONAL INFORMATION

Cater Care Group seeks to ensure that the Personal Information it holds is accurate and up-to-date. Cater Care Group realises that this information may become out of date (for example due to a change of address and/or other personal circumstances). As such, the Cater Care Group encourages people to update and/or correct any Personal Information that the Cater Care Group may hold about them. 

 

6. DISCLOSURE IN ACCORDANCE WITH THE PRINCIPLES

There are certain specified exceptions to the application of the Relevant Legislation including the Australian Privacy Principles (or their relevant replacement). 

Cater Care Group is exempt from complying with the Australian Privacy Principles in certain situations, which include:  

• Employee Records: Cater Care Group can use and/or disclose information contained in Employee Records where it is directly related to the employment relationship. This applies to current and former employees. In the event that the Cater Care Group discloses Personal Information regarding employees to a third party, the third party will be bound by the Relevant Legislation.  
• Use in legal proceedings: where Cater Care Group has collected information for a purpose other than the Primary Purpose, it can use and/or disclose Personal Information, where it reasonably believes that the use and/or disclosure is reasonably necessary for the preparation, or conduct of legal proceedings before any court and/or tribunal, or implementation of the orders of a court and/or tribunal.   

Under the Australian Privacy Principles, the Cater Care Group must not disclose Personal Information unless it believes, on reasonable grounds, that it meets the criteria stipulated in the Relevant Legislation. For example, the Cater Care Group may disclose Personal Information, if the disclosure is authorised by the individual concerned, necessary for the conduct of proceedings and/or to avoid prejudice to the maintenance of the law, or the information is to be used in a form in which the individual concerned is not identified. 

 

7. ACCESS

Individuals may obtain access to any Personal Information which the Cater Care Group holds about them, unless one of the exceptions in the Relevant Legislation applies. 

To make a request to access information that the Cater Care Group holds about them, individuals should contact Cater Care Group in writing. Cater Care Group will require individuals to verify their identity and to specify what information they require. 

If an employee of the Cater Care Group has a complaint about the use of their Personal Information, they should follow the process set out in the Grievance Manager Procedure.

Any other individuals or entities with a complaint should contact the Cater Care Group in writing. Cater Care Group’s contact details are:

Director of Legal & Risk

Cater Care  

Level 4, 20 Charles Street,

Parramatta NSW 2150

Email: privacy@catercare.com.au 

Web address: http://www.catercare.com.au  

If a complaint has not been handled satisfactorily, it can be escalated to the Office of the Australian Information Commissioner. More information on lodging a complaint is available at oaic.gov.au/privacy/privacy-complaints.

The Cater Care Group is entitled to refuse a request to access Personal Information in particular circumstances, such as where providing access would be unlawful or would have an unreasonable impact on the privacy of other individuals. 

 

8. DIRECT MARKETING MATERIALS

Cater Care Group may send marketing communications about products and/or services. These communications may be sent in various forms, including mail, SMS or email, in accordance with Relevant Legislation.

If you receive communications from the Cater Care Group that you believe have been sent to you, other than in accordance with this Policy, or in breach of any law, please contact us at privacy@catercare.com.au .

Instructions for opting out will typically be included somewhere on the communication. You can also opt out of receiving marketing communications at any time by emailing privacy@catercare.com.au .

 

9. RECRUITMENT

If you apply for employment at the Cater Care Group, the Cater Care Group will collect personal information from you (such as resumes, references, certificates, etc). This Personal Information may be shared with any recruitment agency assisting the Cater Care Group with its recruitment process.

If your application is not suitable to the Cater Care Groups current requirements, but the Cater Care Group feels that there may be a position in the future for you with us, we will keep a record of your application and may contact you again if a suitable position becomes available.

 

10. NON-PERSONAL INFORMATION

You acknowledge and agree that the Cater Care Group is free to use and publish any information that you provide to the Cater Care Group or post on any Cater Care Group websites (on a non-confidential basis).

 

11. DEFINITIONS

These definitions have the same meaning in the Related Documents. 

“Disclosure” refers to the process of making information accessible to third parties and releasing the subsequent handling of such information from Cater Care Group’s effective control.

“Employee Records” are records of Personal Information relating to the employment of the employee. This may include information about the employee’s health, terms and conditions of employment, training, any disciplinary action taken, resignation or termination of employment personal and emergency contact details, leave records, taxation, superannuation or banking details and the employee’s salary or wages. 

“Primary Purpose” is the dominant reason for information being collected and will generally be connected to the relationship between Cater Care Group and the person from whom the information is being collected (for example job applicant, employee, contractor, customer, supplier). 

“Personal Information” is information and/or an opinion about an identified individual or an individual who is reasonably identifiable (including Sensitive Information), whether true or not and whether recorded in a material form or not.

“Relevant Legislation” includes:  

Privacy Act 1988 (Cth) including the Australian Privacy Principles, 

and any replacement or variation of these and any other relevant legislation affecting Personal information. 

“Related Documents” means any relevant policy, standard or procedure that is applicable. 

“Sensitive Information” is information or opinion about an individual’s racial or ethnic origin, political opinions, membership of a political association, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual preferences or practices, criminal record and/or health, genetic or biometric information. 

 

12. CONTACT POINT

If you have any queries or complaints regarding this Policy, or if you wish to obtain contact details for your local privacy regulator to lodge a complaint, please contact the Director Of Legal & Risk at privacy@catercare.com.au.