1. Sensitive Information
Some of the personal information we retain may be sensitive and may include, but is not limited to:
− information or an opinion about your work performance.
− medical history or condition.
− aptitude test results.
− trade or professional memberships.
− criminal record; and
− financial information, e.g. bank account details and tax file numbers.
In most cases, sensitive information can only be collected with your consent, but we will only collect information that is necessary for the performance of services.
Under no circumstances do we collect or use personal information for the purposes of unlawful discrimination.
2. Website Interactions And AI Tools
When you use our website, we may offer an AI-powered search and chat tool to help visitors find information and navigate our content.
When you interact with this tool, we may collect and process information including:
− questions or queries you submit, including free-text inputs and voice interactions;
− interaction data such as clicks, navigation behaviour and usage patterns; and
− technical or diagnostic information generated through your use of the tool (such as timestamps or session information).
This information is used to:
− provide responses and assist with website navigation;
− monitor performance, accuracy and effectiveness of the tool; and
− improve our digital services and user experience.
You should not enter personal or sensitive information when using this tool. Any personal information collected through these interactions will be handled in accordance with this Privacy Policy and the Australian Privacy Principles.
Interaction data is stored securely and is retained only for as long as reasonably necessary for the purposes outlined above. Data may be deleted or de-identified when it is no longer required.
The AI tool and supporting systems may be provided or hosted by third-party technology partners. In some cases, information may be processed or stored outside Australia. Where this occurs, we take reasonable steps to ensure appropriate privacy and security safeguards are in place consistent with our obligations under Australian privacy law.
Interaction data is not used by us to train artificial intelligence models in a way that identifies individual users.
3. Passive Information Collection
If you browse our website, but don’t register for services or apply for a job, we do not collect information that identifies you personally, though we may collect information related to your visit to our website. This might include things like:
− your geographical location.
− the device or browser you use.
− the manner in which you access our website (i.e. a Google search, direct); and
− the pages where you entered and exited our site.
This information is transmitted to us so we can determine how users are interacting with our services, to assist us with improving our services and to correct any problems that may occur.
4. Personal Information
4.1 How Will We Collect Your Personal Information?
Your personal information can be collected in several different ways including:
− When you send an application to us via e-mail, online or post.
− When we conduct reference and/or police checks.
− When we receive results of medical tests.
− When you submit an application form or your resume through a third-party website.
− When we receive reports about background checks and various other assessments and inductions conducted in the workplace.
− Other information provided to us by you or your employer to assist us to deliver career guidance and outplacement services.
We sometimes collect information from third parties and publicly available sources when it is necessary for a specific purpose such as checking information that you have given us or where you have consented or would reasonably expect us to collect your personal information in this way.
4.2. Why Do We Collect Your Personal Information?
We collect and retain personal information about you, only where it is reasonably necessary and to:
− Assess your suitability for placement into positions.
− Keep records of your work performance and training to improve our ability to more efficiently assess you against future job prospects.
− Support investigations into workplace incidents.
− Assist the Group to comply with statutory obligations including, but not only, payments of taxes, charges and superannuation.
− Carry out any administrative tasks relating to our business.
We only collect personal information that is relevant to the purpose for which it is to be used.
4.3 Sharing Your Personal Data/Use and Disclosure of Personal Information
We will generally use and disclose your personal information for purposes related to the main purpose for which the information was collected, or where you have consented to the use or disclosure.
We may otherwise use or disclose your personal information where required or authorised by law, which may include emergency situations and assisting law enforcement agencies. We will not adopt, use or disclose government related identifiers (e.g. Medicare numbers, Centrelink Reference numbers, Tax File numbers, individual Healthcare identifiers etc) unless required by law.
5. Accessing and Updating Your Personal Information
We will take reasonable steps to ensure that personal information collected is relevant, accurate, up-to-date, and complete. You may access the Personal Information we hold about you and to update and/or correct it, subject to certain exceptions. If you wish to access your Personal Information, please contact the HR Services team, however you are also able to access and update some of your personal information directly via your secure personal access to the Pacific Energy HRIS (Our HRIS).
If an employee believes that the personal information, we hold about them is inaccurate, incomplete, out -of-date, irrelevant or misleading, they can request a correction. We will take reasonable steps to correct the information in a timely manner. Correction request should be made in writing to the Chief Privacy Officer.
To protect your Personal Information, we may, in some circumstances, require identification from you before releasing the requested information. In the event amendment / annotation to your personal information is not granted, we will provide written notice of the reason(s) for refusal.
6. Security Of Personal Information
Irrespective of whether personal information is stored electronically or in hard copy form, we take reasonable steps to protect the personal information we hold from unauthorised access, alternation, disclosure, or destruction such as encryption, access controls, and secure storage solutions.
7. Data Breach Response Policy
In Australia, data breaches of personal information are regulated by the PrivacyAmendment (Notifiable Data Breaches) Act 2017 (Cth) and came into effect on 22nd February 2018.
Most of the personal information retained by the Group, is gathered from Australian residents and the policy is written to comply with the principles in the Australian Privacy Act.
Non-Australian residents who share their personal information with us may have protections available to them, under data protection and privacy laws applicable in their country of residence.
7.1 What is a Data Breach?
A data breach occurs when personal information is lost or subjected to unauthorised access, modification, use or disclosure, or other misuse.
7.2 What is Unauthorised Access?
Unauthorised access of personal information occurs when personal information is accessed by somebody who is not permitted to have access to it. This could include an employee or contractor to whom we have not given permission to access.
7.3 What is Unauthorised Disclosure?
Unauthorised disclosure of personal information occurs when confidential information is disclosed to outside parties in a way that is not permitted under the Privacy Act.
7.4 What is Loss of Information?
Loss of personal information refers to the accidental or inadvertent loss, in circumstances which are likely to result in unauthorised access or disclosure. For instance, an employee leaves personal information on public transport. It could also include the on-line theft of personal information.
7.5 To Whom Do We Report Data Breaches?
We are required to report to the Office of the Australian Information Commissioner (OAIC) any data breach that, in the opinion of a reasonable person, is likely to result in serious harm.
8. Inquiries and Complaints
In the event you are dissatisfied with how we have managed your personal information or consider we have not complied with the Privacy Act and the Australian Privacy Principles notification should be made in writing by email or post to the Pacific Energy Group Chief Privacy Officer (see contact details below).
Email: privacyofficer@pacificenergy.com.au
Address: Pacific Energy Group 110 Daddow Road, KEWDALE, WA