The Unipay Unit Trust ABN 43 912 419 502 trading as “Unipay Australia” and having its postal address at P.O. Box 555, Main Beach, Queensland 4217 (“Unipay”, “we”, “our”, “us”) are committed to protecting the privacy of personal information. Personal information is any information or opinion about an identifiable individual and of your employees (“you”, “your”).
The purpose of this policy is to describe how we deal with your personal information, including personal information that is collected from you about your employees. This policy sets out:
i. The kind of information we collect and hold
ii. How we collect and hold personal information
iii. The purposes for which we collect and deal with personal information
iv. Where we disclose personal information
v. How you may access personal information we hold about you
vi. How you may seek correction of any personal information we hold about you
vii. Our procedures for dealing with privacy complaints
This policy covers Unipay and any of its related companies or subsidiaries that are registered in the future in its operations in Australia and New Zealand. You may contact us using the following details:
Mail: Unipay Australia, PO Box 555, Main Beach QLD 4217
Phone: +61 2 9034 6555
Australian Website: www.unipay.com.au
New Zealand Website: www.unipay.nz
The Websites are as follows:
Australian Website: www.unipay.com.au
New Zealand Website: www.unipay.nz
Under the Australian Privacy Act 1988 Cth (Act), we are bound to comply with the Act and the Australian Privacy Principles (APPs), which govern how certain entities handle personal information.
We are also bound to comply with the New Zealand Privacy Act 1993 (NZ Act) which includes the New Zealand Privacy Principles (NZPP) which govern how certain entities handle personal information of New Zealand residents.
For the purposes of this Policy, the Act, the APPs, the NZ Act and the NZPP are called the (Law).
Collecting Personal Information
Client and Customer Information
As a provider of payroll and time management system products including, but not limited to, those products described as “Unipay Payroll”, “ATS Workforce” and “ATS HR Onboarding” as well as software, hardware and other associated products (Products) and as a provider of services in the manner of support and maintenance, upgrades, troubleshooting and other such services to clients (Services), the large majority of Unipay’s clients are corporate.
In order to carry out our various functions to sell the Products and provide the Services to our clients, the personal information we collect includes details about individuals who are our clients and their employees and such details may include for our clients: transactional information, entity name, trading name, ABN, address, accountant’s name, payroll officer’s name, the number of employees, email address, website.
In relation to personal details of an individual such as our client’s employees, information will include, but not be limited to, name, date of birth, contact details and email address of the employee, the next of kin, marital status, driver’s licence details, certifications and qualifications, tax file numbers, date of commencement of employment, wage and salary rates of pay, bank account details, superannuation account details, payslip passwords for the employees to access their payslips, and any similar information (only where such details may need to be accessed to perform the Services in relation to the Products for our clients).
We collect the type of information mentioned above directly from our clients but from no other source. The collection of this personal information is solely for the purposes of assisting our client to operate the payroll and time management system Products properly and to supply the Services (Purposes).
We require our clients to ensure that the information they submit to us is accurate, appropriately authorised and compliant with relevant Laws.
Our client has provided us with authority and consent to collect this personal information about their employees for this Purpose and if you are an employee of one of our clients, you will have provided consent to your employer to provide us with your personal information for these Purposes. Unipay will only use the personal information we store for the Purposes.
From time to time, the Law may require us to collect certain information from a client or individual in order for us to be able to provide that client or individual with a product or service. This includes in circumstances where we are required to identify individuals (which may include account signatories) for the purposes of complying with the Anti-Money Laundering and Counter-Terrorism Financing Act in Australia and the equivalent legislation in New Zealand which is the Anti-Money Laundering and Countering Financing of Terrorism Act 2009.
We may also collect personal information from publicly available sources. For example, we may collect information from online directories, public registers and other websites.
If we do not collect your personal information, we may be unable to provide our clients or you with a product or service. However, if you are an employee of one of our clients and you do not wish Unipay to store your personal information, you must notify your employer immediately and withdraw your consent to Unipay holding that information.
In circumstances where we deal with you as an individual trader who applies for a Product or Service from us, we may collect personal information (such as contact details and financial information) directly from you. In these circumstances, we may also collect your bank account details and Tax File Number (TFN) from you. We request this from anyone setting up an account with us, so that we are able to service that account and those of your employees. It is not compulsory to provide a TFN when requested. However, if you do not provide your TFN, we may be unable to establish an account in your name or we may be unable to pay interest on the account or we may have to deduct withholding tax from your interest payments at the highest applicable rate.
If you are an employer, at times, we might be required to collect personal information about your employees, which we may collect directly from you as a client or from publicly available information. The information that is collected is set out above.
We do not normally collect sensitive information, such as health information, sexual orientation and details about religious and political affiliations. Under the Law, we are able to do so only if that information is reasonably necessary for or directly related to our functions and if you and your employees have expressly consented to the collection of the information.
In providing some of our Services to you, there may be circumstances when sensitive information about you or customers of our clients is disclosed to us. Those clients are required to obtain your consent to the disclosure of their sensitive information.
In circumstances where we receive unsolicited personal information, we will determine whether or not we could have lawfully collected that information in accordance with the Australian Privacy Principles and the New Zealand Privacy Principles. If we determine that we could have, we will handle that information in accordance with this Policy and the Australian Privacy Principles and the New Zealand Privacy Principles, whichever is applicable. This means that you have rights to access, seek correction of and make complaints in respect of our handling of that information in accordance with the procedures set out below.
If practicable, we will deal with you anonymously (or under a pseudonym) if you advise that you do not want to share your name or other personal information with us.
Using these cookies and identifiers enables us to collect information about you. For example, they enable us to collect information about your usage of our Website, your usage of third party websites, your location and IP address.
In some circumstances, this information may enable us to identify who you are. For example, if you provide personal information on the Unipay Website and if we send a cookie to your browser, we may be able to determine how you personally use our Website and other websites.
Otherwise, if the information we collect is not personal information, we will use that information as we see fit.
There are ways you can clear cookies or identifiers from your browser and block cookies or identifiers from being used. Please refer to the security settings for your browser.
Use and Disclosure of Personal Information
Use of Personal Information
We may use the personal information we collect:
For details on the Products and Services we provide, please visit our websites (www.unipay.com.au and www.unipay.nz).
There are certain laws that require us to keep certain types of information for a period of time. Subject to those requirements, we will take such steps that are reasonable in the circumstances to destroy (or make anonymous) any personal information we hold once we no longer need that information. When we destroy personal information, we do so using secure destruction facilities.
Disclosure of Personal Information
Some of the third parties listed above, such as some outsourced service providers, may be overseas, such that your details may be sent to countries other than Australia or New Zealand.
We maintain robust physical, electronic and procedural safeguards to protect the personal information we hold from loss, unauthorised access, modification and disclosure. These include procedures for ensuring physical security and computer system and network security. For example, appropriate locks and security systems are installed at our premises where we store personal information and the networks we use are protected by firewalls that undergo penetration testing at regular intervals.
Authorised Unipay personnel are provided with access to personal information only as necessary to perform their roles and these personnel have agreed to ensure the confidentiality of the information they handle. Staff also undertake privacy training at regular intervals.
Our systems and procedures undergo regular internal audits in order to identify risks to information security so that we can take reasonable steps to mitigate and eliminate any such risks.
Access to and correction of personal information
Access to Personal Information
With some exceptions, if we hold personal information (including any credit-related personal information) about you, you have the right to find out what that information is and request us to correct or update the information if necessary.
Please contact us using the contact details set out in the Introduction section of this policy if you would like to find out what information we hold about you. Before considering whether we can grant you access, we will need to verify your identity.
There may be circumstances when we are unable to let you know what information we hold about you. For example, we will be unable to grant access where to do so would violate the privacy of another individual. We may also be unable to grant you access if we cannot verify your identity.
Circumstances where we are unable to verify your identity may include where you have a customer relationship with one of our clients (such as a credit union or other financial institution or other organisation), rather than us, meaning that we may not be in a position to reliably verify your identity.
In the circumstances above, we will write to you to explain the reason and, if possible, we will endeavour to assist you in finding another way to access your information. Where applicable, this may involve us referring you to our client with whom you have a relationship.
Otherwise, we will grant you access within a reasonable period of time after you request the information. This will usually be within 30 days of your request. If reasonable and practicable, we will provide you with access in the manner you requested. We may charge you a fee for that access, but under the Law we are not permitted to charge an excessive fee.
Correction of Personal Information
Please contact us using the details set out in the Introduction section of this policy if you think that any of the information we hold about you is incorrect or out-of-date. If you request us to correct any of your information, we will respond to your request within a reasonable period of time and we will not charge you for correcting or updating your information.
If your request relates to financial personal information that we hold, we will notify you of our decision on correcting the information within 5 business days of the decision. Where we are satisfied that the relevant personal information is inaccurate, out-of-date, incomplete, irrelevant or misleading, we will take reasonable steps to correct the information within 30 days of your request, or such other period of time that you agree to.
You may also request that we notify another relevant organisation (for example, an outsourced service provider mentioned above) to whom we have disclosed your personal information in circumstances where we correct that information. In that case, we will take steps (if reasonable) to notify that organisation of the correction so that it may also update its own records.
Similarly, if you are an employee of one of our clients and if you request that employer corrects its records about you, you may also request that your employer notifies us of the correction so that we may update our own records that may contain personal information about you. For this reason, if you do not have a customer relationship with us and if you are an employee of one of our clients we encourage you in the first instance to contact that entity with whom you have the relationship.
In circumstances where we refuse to correct or update your personal information as you request, we will write to you to explain the reasons for the refusal (if reasonable) and provide details to you about how you may complain about the refusal.
Although we take every reasonable care to ensure the privacy of your personal information, there may be circumstances when you have a concern or complaint.
If you have a complaint that relates to any personal information we hold about you, please contact the relevant Unipay team or department you have dealt with in the first instance. Otherwise, please contact Unipay’s Complaints Management Handling Representative. The Representative may be contacted using the following details:
Mail: Head of Operations & Customer Service Unipay Australia, PO Box 555. Main Beach QLD 4217
Phone: (+61) 2 9034 6555
Where possible, we will endeavour to resolve your complaint within 5 business days of receiving your complaint. However, where that is not possible, we will acknowledge receipt of your complaint within 5 business days and advise you of our estimate of how long it will take to resolve your concern. We will then investigate the complaint and advise you of the outcome in writing.
If you are not satisfied with the resolution of your complaint and you are a resident of Australia, you may contact the Office of the Australian Information Commissioner (“OAIC”). The OAIC may be contacted using the following details:
Phone: 1300 363 992
Fax: (+61) 2 9284 9666
Mail: Office of the Australian Information Commissioner, GPO Box 5218, Sydney NSW 2001
If you are not satisfied with the resolution of your complaint by Unipay and you are a resident of New Zealand, you may contact the New Zealand Ombudsman using the following details:
Mail: The Ombudsman, PO Box 10152, Wellington 6143, New Zealand
Phone: 008 802 602
Alternatively, you may contact the New Zealand Privacy Commissioner using the following details:
Mail: Privacy Commissioner, PO Box 10-094, The Terrace, Wellington 6143, New Zealand
Office: Level 8, 109-111 Featherston Street, Wellington 6143, New Zealand
Phone: 008 803 909