People and Culture Privacy Policy

Introduction

Gold Corporation (trading as The Perth Mint ABN 98 838 298 431) (us, we, our) is committed to protecting the privacy of your (you, your) Personal Information. This People and Culture Privacy Policy (Privacy Policy) has been developed in accordance with the Commonwealth Privacy Act 1988 (Privacy Act), including the Australian Privacy Principles, and the Privacy Amendment (Notification of Data Breaches) Act 2017. Together, we refer to applicable pieces of legislation as “Privacy Law”.

This Privacy Policy applies to how we collect, hold, use and disclose Personal Information and provides information on how we deal with your Personal Information as prospective, current or past employees.

We will comply with this Privacy Policy in respect of information provided to us by persons under the age of 18 years. Those persons must obtain the consent of a parent or guardian prior to provision of their information and the parent or guardian will be responsible for appropriately supervising the provision of any information.

By providing your Personal Information to us, you consent to the collection, storage, use and disclosure of your Personal Information in accordance with this Privacy Policy and as otherwise permitted under Privacy Law.

We may at any time vary the terms of this Privacy Policy to reflect changes to privacy legislation, technological changes, company policy and feedback. We will endeavour to notify you of any variations to this Privacy Policy, but you should check this Privacy Policy regularly so that you are aware of any variations made.

Scope

This Privacy Policy applies to all prospective, current and past Gold Corporation employees, independent contractors, Board members, peers, agents, third party suppliers and contractors who provide services to Gold Corporation.

It does not apply to information classified as an Employee Record. Notwithstanding anything contained in this Privacy Policy, the handling of an employee record by Gold Corporation is exempt from the Australian Privacy Principles where it directly relates to a current or former employment relationship between you and Gold Corporation.

We endeavour to be transparent in the way we handle Personal Information. While we may be exempt from complying with the Australian Privacy Principles in relation to Employee Records, we will endeavour to handle the Personal Information of our employees in the same manner we would handle other Personal Information.

This Privacy Policy does not apply to the handling of Personal Information with respect to customers or visitors to our website and in relation to the use of our products or services. For this information, please refer to our main Privacy Policy at www.perthmint.com/privacy-policy.

Collecting Personal Information

We collect Personal Information that is reasonably necessary for us to conduct our business, including to properly manage our business affairs, the employment of staff, engagement with independent contractors, Board members, peers, agents, third party suppliers and contractors, and to comply with our legal and regulatory obligations. We will collect your Personal Information if you apply to be employed by or otherwise engaged to provide services to Gold Corporation. We collect Personal Information for the purposes of conducting background checks and considering suitability of prospective employees, entering into formalised agreements with employees and contractors, providing services and benefits to our employees and administering programs (including training).

Sensitive Information may be collected where you have given express consent for us to do so and the information is reasonably necessary for us to provide our services, functions or activities, or where otherwise permitted under Privacy Law including, for example, where required or authorised under Australian law or for the establishment, exercise or defence of a legal claim.

The types of Personal Information we collect and store may include the following:

  • your name;
  •  current address;
  • telephone number;
  • email addresses;
  • other forms of identification, i.e. driver’s license, passport;
  • resume containing employment history and employment status;
  • qualifications
  • correspondence;
  • health or medical information;
  • psychometric or performance evaluations;
  • your tax file number;
  • financial information such as a bank account number and superannuation details;
  • engagement, training, disciplining, performance, conduct, resignation or termination;
  • terms and conditions of employment, including hours of work and salary or wages;
  • personal details and emergency contact details;
  • union membership or membership of a professional or trade association; and
  • other information that you may provide.

If we are unable to collect Personal Information we reasonably require, we may not be able assess an application you submit or proceed with formal engagement or employment.

We may collect your Personal Information in a number of ways:

  • online application for a position;
  • through our website;
  • by email;
  • written correspondence;
  • in person;
  • through third parties (recruitment agencies or referrals);
  • via external providers of employment fitness for work assessments;
  • via external providers of testing;
  • via external agencies providing criminal record information;
  • via external agencies confirming professional/trade qualifications or memberships;
  • over the telephone (such as reference checks); and
  • your online presence.

We may also collect, use, disclose and hold Personal Information that you provide to us about other individuals (e.g. name, contact details and email address of referees and emergency contact details). We rely on you to inform those individuals that their Personal Information is being provided to us and that they may contact us for further information.  

Storage and security

We hold Personal Information in several ways, including in electronic databases or files, emails, and in paper files held in secured drawers and cabinets. Paper files may also be archived in boxes and stored offsite in secure facilities. Our policy is to take reasonable steps to:

  • make sure that the Personal Information that we collect, use and disclose is accurate, up to date, and complete (and in the case of use and disclosure) relevant; and
  • protect the information that we hold from misuse, interference and loss and from unauthorised access, modification or disclosure.

The steps we take to secure the Personal Information we hold include security (such as encryption, firewalls, anti-virus software, login and password protection), secure office access, personnel security, and training and workplace policies.

If we no longer need your Personal Information, and unless required to be retained by law (including under the Fair Work Act 2009 (Cth)), we will take reasonable steps to destroy or de-identify your Personal Information after twelve (12) months of receiving it. If you wish to have your application maintained within our systems for future use beyond this twelve (12) month period you should let us know by emailing HR@perthmint.com. Gold Corporation will keep any Employee Records it holds confidential to the maximum extent required by law.

Notwithstanding the reasonable steps we will take to secure your Personal Information, there is a risk that breaches may occur. We have established procedures in place to investigate whether a data breach has occurred and if notification or other action is required under Privacy Law requirements.

If you reasonably believe that there has been unauthorised use or disclosure of your Personal Information, please contact our Privacy Officer.

Use and disclosure of information

The Personal Information we collect relates to your prospective or current engagement with Gold Corporation.

We will use and/or disclose your Personal Information for the purpose it was collected. We may use your Personal Information to provide you with information related to your prospective or current engagement with Gold Corporation, to verify your identity, process an application you submit and manage our relationship with you. We may send this information via post, telephone or any form of electronic communication. We may also use any email address or other Personal Information you provide to us for this purpose. We may also use and/or disclose your Personal Information for other purposes which you consent to or which are required or permitted by law. This may include for a secondary purpose that is related to a purpose for which we collected it, and for which you would reasonably expect us to use or disclose your personal information. For example, we may be required to disclose employee Personal Information to comply with our contractual obligations to government entities.

By registering a profile on our recruitment database, you are opting to receive email notifications of employment positions that we consider match the personal preferences you selected. You can tell us if you do not want to receive such information by emailing HR@perthmint.com.

We collect Personal Information as part of our recruitment process, and may also collect Personal and Sensitive Information as a result of carrying out pre-employment screening checks, including:

  • confirmation of education and/or previous employment details;
  • reference checks;
  • professional / trade association memberships;
  • directorship;
  • company checks;
  • VEVO checks;
  • CME (The Chamber of Minerals & Energy) clearances;
  • psychometric testing; and
  • employment assessment of fitness for work.

On occasion, we may disclose Personal Information to other persons including:

  • organisations that we engage with to conduct business, research or analysis;
  • organisations that we have contracted to provide services to you (i.e. superannuation, workers compensation, employee assistant program and salary continuance providers);
  • organisations with which we have negotiated with on your behalf (i.e. corporate discounts for private medical insurance or health services, as part of the agreed terms of that negotiation);
  • our professional advisors (i.e. auditors and lawyers); and
  • government and regulatory authorities (as required or authorised by law).

We take reasonable steps to ensure that any third parties we use are bound by privacy obligations in relation to your Personal and Sensitive Information. In the event of a security incident involving unauthorised access, use or disclosure of Personal Information involving a third party with whom we have shared Personal Information, we will work cooperatively with them to protect the Personal Information that we have shared with them.

Disclosure of personal information overseas

We may disclose your Personal Information to third party service providers who are located overseas. For example, information we collect may be held in a cloud-based server overseas. Unless you provide your consent or an exception under Privacy Law applies, we can only disclose your Personal Information to an overseas third party in certain circumstances, including if you provide your consent, we have taken reasonable steps to ensure that the overseas third party does not breach the Australian Privacy Principles or the overseas recipient is bound by a similarly stringent privacy protection regime.

Access, accuracy and correction - information

You must ensure that the Personal Information held about you by the Gold Corporation is accurate. If your Personal Information changes you should amend the information or notify Gold Corporation as soon as possible to update it. If your Personal Information is inaccurate, incomplete or out of date and you request its correction, we will take reasonable steps to correct it within a reasonable period of time, subject to any exemptions allowed under the Privacy Law.

You have the right to request access to your Personal Information that we hold. We will take reasonable steps to give you access to the information within a reasonable period of time from receipt of your request, subject to any exemptions allowed under the Privacy Law. For example, we will not provide you with access to the extent it would be illegal to do so or, unless required otherwise by law, your request is frivolous or vexatious or it would have an unreasonable effect on the privacy of others. If access is refused, we will give you a notice explaining our decision to the extent practicable and your options to make a complaint.

To request access to or correction of your Personal Information please contact our Privacy Officer. We will require you to verify your identity and to specify what information you require. If a fee is charged for providing access, you will be advised of the likely cost in advance.

Notifiable data breaches

Gold Corporation subscribes to and has implemented clear procedures for the management and notification of data breaches in order to comply with the Privacy Amendment (Notifiable Data Breaches) Act 2017 (an amendment to the Privacy Act) effective 22 February 2018.

Contact us and complaints

Please contact us if you have any queries about the Personal Information that we hold about you or the way we handle that Personal Information.

You can complain to us about how we have collected or handled your Personal Information. We will investigate your complaint and we endeavour to respond within a reasonable period of receiving your complaint or within timeframes designated by Privacy Law.

Our contact details are below:

The Perth Mint
Attention: The Privacy Officer
Reply Paid 6297 PO Box 6297 East Perth WA 6892 Australia
Call Monday to Friday, 8.30am - 4pm (AWST)

If you contact us and are not satisfied with our response you may refer your complaint to the Office of the Australian Information Commissioner (www.oaic.gov.au):

Office of the Australian Information Commissioner
GPO Box 5218 Sydney NSW 2001

Last updated August 2021

Definitions

Australian Privacy Principles means the principles under the Privacy Act 1988 (Cth) by which relevant entities, including Gold Corporation, must collect, use and disclose Personal Information.

Employee Record has the meaning given to that term in section 6 of the Privacy Act 1988 (Cth) and in relation to an employee, means a record of Personal Information relating to the employment of the employee. Examples of Personal Information relating to the employment of the employee are health information about the employee and Personal Information about all or any of the following:

                     (a)  the engagement, training, disciplining or resignation of the employee;

                     (b)  the termination of the employment of the employee;

                     (c)  the terms and conditions of employment of the employee;

                     (d)  the employee’s personal and emergency contact details;

                     (e)  the employee’s performance or conduct;

                      (f)  the employee’s hours of employment;

                     (g)  the employee’s salary or wages;

                     (h)  the employee’s membership of a professional or trade association;

                      (i)  the employee’s trade union membership;

                      (j)  the employee’s recreation, long service, sick, personal, maternity, paternity or other leave;

                     (k)  the employee’s taxation, banking or superannuation affairs.

Notifiable Data Breach (refer Annexure) means a data breach that is likely to result in serious harm to any of the individuals to whom the information relates. It occurs when Personal Information held by Gold Corporation is lost or subjected to unauthorised access, modification, disclosure, or other misuse or interference.

Personal Information means any information or an opinion about an identified individual, or an individual who is reasonably identifiable, (including you):

  • whether the information or opinion is true or not; and
  •  whether the information or opinion is recorded in a material form or not.

Sensitive Information includes, but is not limited to, information or an opinion about your racial or ethnic origin, political opinions, religious beliefs, philosophical beliefs, membership of a trade union, sexual preferences, criminal record, health information or genetic information.