Privacy Statement

Introduction

This policy deal with the issues of privacy and how it relates to the performance of work by PerSec Solutions (PerSec) personnel. Privacy is a critical element in the daily operations of PerSec. A breakdown in privacy could be extremely detrimental to PerSec’s viability as a security clearance assessment and pre-employment screening agency.

Responsibility

The protection of a person’s privacy is every employee’s responsibility. All employees of PerSec have a responsibility to familiarise themselves with this policy. Remember ignorance is no excuse especially when it comes to the protection of a person’s privacy.

Collection and storage of information

The privacy of client and vettee information is important to PerSec. As part of our business, we deal with and collect personal information, as defined in the Privacy Act 1988 (C'th). We only use or disclose this personal information as described in this Privacy Policy.

All personal information that is obtained is only kept on PerSec premises until the completion of the relevant personnel security clearance assessment investigation. It is then returned to the relevant Department/Agency for permanent custody and storage. All computer records are deleted within three (3) months of the completion of the personnel security clearance assessment by PerSec. We take all reasonable steps to ensure that the information we collect:

• if used, is accurate, complete and up-to-date;
  
• is protected from misuse, loss or unauthorised access or disclosure;

We only collect information required under the guidelines contained in the Commonwealth Protective Security Manual 2000 (PSM). We collect information that may be sensitive information, as defined under the Privacy Act. Sensitive information that we collect will be information required under the provisions of the PSM.

We collect personal information directly from the person to whom the information applies in the form of a security clearance assessment pack, over the telephone or in person or from other written correspondence or via electronic means. On occasions, we will need to collect personal information about a person from third parties, such as previous employers, referees, or other parties. Whenever we collect this information from a third party, it will be with the consent of the person to whom the information applies or where that consent is not required, we will inform that person that we have collected the information as soon as possible after collection.

As a general rule the collection of information will be necessary for us to provide a service to our clients. Without the information, we are unable to provide that specific service or to continue a relationship with our clients. Additionally, the purposes for which we will generally collect and use personal information will include:

• complying with legislative and regulatory requirements;
  
• considering requests made to us by clients;
  
• managing our rights and obligations in relation to our clients;

We maintain strict procedures and standards and take all reasonable care to prevent unauthorised access to, and modification and disclosure of, personal information. PerSec undertakes the following activities to protect the confidentiality and security of records.

The office area is monitored after hours and on weekends.

Sensitive records are stored in locked filing cabinets when not in use.

Staff have a clear desk policy whereby all sensitive or personal records are removed from work areas and secured prior to leaving the office.