Introduction
Larter Consulting (referred to as “Larter”) is dedicated to safeguarding personal and organisational information, and respecting the privacy of individuals and the organisations we work with.
We have adopted the Australian Privacy Principles (APP’s) contained in the Privacy Act 1988 (Cth) (the Privacy Act). The National Privacy Principles (NPP’s) govern the way in which we collect, use, disclose, store, secure and dispose of Personal Information.
A copy of the Australian Privacy Principles may be obtained from the website of the Office of the Australian Information Commissioner at https://www.oiac.gov.au.
What is personal information?
Personal information refers to any information that can identify you as an individual. This Privacy Policy outlines how we manage and protect your personal information in relation to Larter’s business activities such as education and training, events, client services and on websites, applications and communications that provide a link to this Privacy Policy.
Scope
This Policy applies to all personal, health or sensitive information about individuals collected, used, stored, disclosed, shared and destroyed by Larter, regardless of the format of the information (recorded or not recorded, in hard-copy or electronic format, in printed, audio, or visual form, web-based or on social media, or in any conversation or discussion).
Definitions
“Larter associates” refers to employees, directors and sub-contractors or partners of Larter Consulting.
“Confidentiality” is a separate legal concept to privacy. Confidentiality applies to information given to a person or organisation under an obligation not to disclose that information to others unless there is a statutory requirement or duty of care obligation to do so. Confidentiality also applies to organisational information, which is not to be used or disclosed by, staff, sub-contractors without authorisation.
“Privacy” refers to keeping certain personal information free from public knowledge and attention and to having control over its disclosure and use.
Information we collect
Larter collects personal information during its business activities, including when providing some client services. Personal information is also collected when individuals register as a subcontractor, or apply for jobs, sign up for Larter newsletters, email us, and/or register for training and events. The personal information collected may vary and can include information provided by you such as your name, mailing address, e-mail address, telephone number, fax number, social media account details and background information required to apply for a job.
Use of information
Personal information
Larter uses your personal information to fulfill your requests for information, process your requests to participate in education, training and events, distribute e-newsletters to you, recruit and evaluate job applicants, comply with all applicable laws, and accomplish other purposes you may initiate or request. Personal information collected may also be used for secondary purposes closely related to the primary purpose in collecting the information, in circumstances where you would reasonably expect such information to be disclosed.
Sensitive information
Sensitive information is defined in the Privacy Act to include information or opinion about such things as an individual’s racial or ethnic origin, political opinions, membership of a political association, religious or philosophical beliefs, membership of a trade union or other professional body, criminal record or health information.
Larter will only use Sensitive information:
- For the primary purpose for which it was obtained
- For a secondary purpose that is directly related to the primary purpose
- With your consent; or where required or authorised by law.
Our website and social media accounts do not collect personal or Sensitive information about your online activities. Therefore, we do not change our information collection/use practices in response to “do not track” signals from web browsers.
Disclosure of personal information
Larter will not intentionally disclose/transfer (and will take reasonable steps to prevent unauthorised/accidental disclosure of) your personal information to any third parties without your consent, or as otherwise permitted by law, with one exception – sharing your personal information with third party service providers who perform recruitment services on our behalf.
In addition we may disclose information about you:
- If required by law/legal process; To law enforcement authorities/government officials;
- When we believe disclosure is necessary/appropriate to prevent physical harm/financial loss/in connection with an investigation of suspected/actual illegal activity;
- To protect our property/services/legal rights;
- To prevent fraud against Larter/subsidiaries/affiliates/business partners;
- To support auditing/compliance/corporate governance functions; or
- To comply with all applicable laws.
Links to third party sites
Larter may provide links to third party websites/information as a service to users. If you use these links, you will leave Larter sites. Such links do not constitute or imply endorsement or recommendation by Larter of the third party/third party website/information contained therein and Larter shall not be responsible nor liable for your use thereof. Such use shall be subject to terms of use/privacy policies applicable to those sites.
Security
Larter has implemented generally accepted standards of technology and information security to protect personal and organisational information from loss, misuse, alteration or unauthorised destruction. We have a Transmission and Storage of Identifiable Information policy to protect misuse or loss of, or theft of, personal information. Where authorised, third party service providers (e.g. bookkeepers) are provided access to personal information, and they are required to treat that information as confidential.
Authorisation from Larter’s Managing Director must be obtained for any storage of personal health information/medical records, and be de-identified. Staff and contracted subcontractors must store all information on the secure Larter server Google Drive File Stream protected by 2-step verification and server-side file encryption.
If clients send information marked Confidential it is to be stored on the secure Larter server Google Drive File Stream in a folder called ‘Confidential’. This folder will be deleted upon conclusion of the project.
Larter staff must not store identifiable information on individual computers.
If authorisation has been provided by Larter’s Managing Director to store identifiable information, it must be stored on a hard drive that is kept in an office (not online, not on laptops) and locked in a secure place in non-work hours. Access to such information is to be limited to people with a genuine business need to access such information.
Larter sub-contractors may store information on their individual computers/portable devices if they are password protected and kept secure.
If a laptop/portable device which contains identifiable information is lost/stolen, this must be report to the Managing Director immediately, even if the information was password protected.
If there is a need to transfer identifiable information, then care must be taken to send it securely via a secure web portal with information encrypted via password in Microsoft Office Word or Excel and files must be removed from the devices promptly once the transfer is complete.
Information retention
Larter retains personal information, as necessary, for the duration of the relevant business relationship. We may also retain personal information for longer than the duration of the business relationship should we need to retain it to protect ourselves against legal claims, use it for analysis or historical record-keeping or comply with our information management policies and schedules. If you request that we delete your personal information Larter will make reasonable attempts to delete all instances of the information in their entirety. For requests for access, corrections or deletion please refer to the “Your Rights” section of this Privacy Policy.
Your rights
If permitted by law, you may request to access, review, modify or delete the personal information we have collected about you. You may also request a copy of this information and have any inaccuracies corrected. In some cases, you may ask us to stop processing your personal information.
To make such a request or discuss how we process your personal information, please contact us at larter@larter.com.au. We will verify your identity to protect your privacy and security before granting access to your personal information. We will promptly investigate and respond to your requests as required by law.
Additionally, if allowed by local law, you may file a complaint with a competent information protection authority.
Unsubscribe
If you have registered for Larter e-newsletter or alerts or receive invitations from Larter and prefer not to receive future email communications from us, please email larteradmin@larter.com.au with the title STOP.
Consent – changes to privacy policy
By using our site, you agree to our collection, use and storage of your personal information as described in this Privacy Policy and on our sites. We may update this Privacy Policy from time to time and will notify you of any changes by updating it here. If we make significant changes that increase our rights to use previously collected personal information, we will seek your consent through an email or by prominently displaying the information on our Sites.
Privacy policy complaints or enquiries
If you have any questions or complaints about our Privacy Policy or the use of, storage or privacy of your personal information, please reach out to us at larteradmin@larter.com.au.