1. Purpose

The purpose of the Policy is to ensure that all personal, employee, client and business information handled by the Company is managed ethically, lawfully, and in accordance with:

• The Fair Work Act 2009 (Cth)
• The National Employment Standards (NES)
• The Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs)
• Human Rights and Equal Opportunity Principles; and WorkSafe Australia guidelines regarding the safe and respectful management of information.

The Company is committed to protecting the privacy of employees, clients, and stakeholders, and to ensuring confidentiality in all business operations.

2. Scope

This Policy applies to all employees, contractors, consultants, and temporary workers of the Company. It covers all forms of personal and confidential information — whether oral, written, electronic, or visual — obtained in the course of employment or business operations.

3. Policy Statement

The Company values trust, integrity, and respect. Protecting private and confidential information is essential to maintaining ethical standards, legal compliance, and the wellbeing of our employees and clients.

All employees are required to handle information responsibly and must not access, use, share, or disclose any confidential or personal information unless authorised or legally required to do so.

Failure to comply with this Policy may result in disciplinary action, up to and including termination of employment, and, where applicable, legal proceedings.

4. Legislative Framework

This Policy is guided by the following legislation and principles:

• The Fair Work Act 2009 (Cth)
• The National Employment Standards (NES)
• The Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs)
• Equal Opportunity Act 2010 (Vic) and equivalent state-based laws
• Australian Human Rights Commission Act 1986 (Cth)
• Work Health and Safety Act 2011 (Cth)
• WorkSafe Australia – Code of Practice: Managing the Work Environment and Facilities

5. Definitions

Personal Information: Information or an opinion (whether true or not) about an individual whose identity is apparent or can reasonably be ascertained — e.g., name, address, employment records, or contact details.

Confidential Information: Any information belonging to the Company, clients, or employees that is not publicly available and that provides a competitive, commercial, or operational advantage.

Sensitive Information: Includes health information, criminal history, racial or ethnic origin, political opinions, or membership of professional or trade associations.

6. Principles of Privacy and Confidentiality

The Company commits to the following principles:

1. Fairness and Transparency Information will be collected, used, and stored fairly and transparently, consistent with the Australian Privacy Principles (APPs).
2. Lawful Purpose Information will only be collected for legitimate business, legal, or employment-related purposes.
3. Respect and Human Rights Handling of information will uphold the Human Rights Principles of privacy, dignity, and respect for all individuals
4. Equality and Non-Discrimination Information will never be used to discriminate against individuals based on gender, race, disability, religion, or other protected attributes under Equal Opportunity laws
5. Work Health and Safety Information management will ensure the safety and psychological wellbeing of employees in accordance with WorkSafe Australia standards.

7. Employee Responsibilities

All employees are required to:

• Sign and adhere to a Confidentiality Agreement as a condition of employment;
• Maintain strict confidentiality regarding all business, client, and personnel information
• Protect confidential documents and data from unauthorised access or disclosure;
• Use information only for legitimate business purposes; and
• Immediately report any suspected data breach or unauthorised disclosure to their manager or Human Resources.

Employees who are unsure of their obligations must seek guidance from their manager or HR before sharing any information.

8. Handling Confidential Information

Employees must take reasonable precautions to protect confidential and personal information, including but not limited to:

• Discussing confidential matters only with authorised personnel who have a legitimate business need to know;
• Avoiding discussions about work or clients in public spaces; Securing all confidential materials in access restricted and password-protected systems;
• Ensuring that computer screens and documents are not visible to unauthorised persons;
• Using encrypted or secure systems when transmitting sensitive information electronically;
• Supervising visitors to ensure they do not access confidential material;
• Shredding or securely disposing of physical documents no longer required; and
• Being mindful of wearable devices or digital assistants that may record or transmit information inadvertently

9. Examples of Confidential Information

Examples of confidential or sensitive information include, but are not limited to:

• Client personal or business data;
• Employee pay and personnel details;
• Financial information and accounting records
• Company strategies, tenders, and proposals;
• Proprietary systems, software, and trade secrets;
• Marketing and business development plans;
• Product formulas or manufacturing processes;
• Inventions, intellectual property, and creative works;
• Legal correspondence or investigations; and
• Conversations, emails, or records containing confidential content.

10. Use and Disclosure of Information

Personal and confidential information may only be used or disclosed:

• For legitimate business purposes consistent with the purpose for which it was collected;
• When required by law, court order, or regulatory authority;
• With the individual’s consent; or
• When necessary to protect the safety, rights, or property of the Company, its employees, or clients

Unauthorised use or disclosure of such information is strictly prohibited.

11. Data Storage and Security

The Company ensures that all information is securely stored and protected against loss, misuse, or unauthorised access.

• Electronic information is stored in password-protected systems with restricted access.
• Physical records are stored in secure cabinets or rooms accessible only to authorised personnel.
• Confidential information transmitted electronically must be encrypted or sent via secure channels.
• Personal data will be retained only for as long as necessary to meet legal, operational, or contractual requirements.

12. Breach of Confidentiality or Privacy

Breach of this Policy includes:

• Unauthorised disclosure or sharing of confidential information;
• Accessing confidential information without legitimate need;
• Failure to secure personal or Company data; or
• Using confidential information for personal gain.

Such breaches may result in disciplinary action, including termination of employment, and may lead to civil or criminal liability under the Privacy Act 1988 (Cth).

13. Work Health and Safety Considerations

Maintaining confidentiality also supports a psychologically safe and respectful workplace under WorkSafe Australia Principles.

Employees must handle sensitive information — especially relating to health, personal status, or disciplinary matters — discreetly and empathetically to prevent emotional or psychological harm.

14. Equal Opportunity and Non-Discrimination

The Company ensures that confidential information is never used to discriminate against employees or clients based on protected characteristics under the Equal Opportunity Act 2010 (Vic) or the Fair Work Act 2009 (Cth). Any discriminatory misuse of private or confidential data will be treated as serious misconduct

15. Reporting Concerns

Employees who become aware of:

• A potential breach of confidentiality;
• Misuse of private information; or
• Unauthorised data access or sharing

must report the matter immediately to their Manager, Human Resources, or the Executive Management Team.
Reports will be investigated confidentially and without retaliation.

16. Review and Amendment

Any amendments must be approved by the Executive Management Team to ensure ongoing compliance with privacy, employment, and safety legislation.

17. References

• Fair Work Act 2009 (Cth)
• National Employment Standards (NES)
• Privacy Act 1988 (Cth) and Australian Privacy Principles (APPs)
• Work Health and Safety Act 2011 (Cth)
• Equal Opportunity Act 2010 (Vic) and related state legislation
• Australian Human Rights Commission Act 1986 (Cth)
• WorkSafe Australia – Code of Practice: Managing the Work Environment and Facilities