Privacy Policy

Purpose
This Policy defines Mobo Groups commitment to the privacy of personal information we collect, store, use and disclose.

This Policy is supported by the requirements of the:

Privacy Act 1988
Australian Privacy Principles
Mobo Group Code of Conduct
NDIS Code of Conduct
NDIS Practice Standards
NDIS Quality & Safeguarding Guidelines
Information Sharing Guidelines

The non-provision of personal information may mean that Mobo Group are unable to provide the goods,
services or employment being sought.

Scope
This policy is relevant to any person who provides or discloses personal information to Mobo Group.

Definition
Personal information is defined as any ‘information or an opinion about an identified individual, or an
individual who is reasonably identifiable:

whether the information or opinion is true or not; and
whether the information or opinion is recorded in a material form or not’

De-Identified Personal Information is defined as personal information that is no longer about an identified individual or an individual who is reasonably identifiable
Security of Personal Information is the protection of personal information from misuse or interference or loss, as well as unauthorised access, modification of disclosure

Types of personal information we collect

Website Access
If you access our website, we may collect information about how you have used our website.
If you contact us for any reason, we may collect your name, contact number, email address, suburb.

Employment or Seeking Employment
We may collect and hold information about:

Your name or previous names
Your address
Your date of birth
Your next of kin
Your contact details
Your education
Your unique student identifier
Your employment history
Your photograph, video records and audio recordings of you
Your tax file number
Your bank account details
Your Centrelink reference number
Your licence details
Your vehicle registration details
Your reference check information
Your medical condition(s) – should you choose to disclose these
Assistance provided to you by government funding as it relates to providing services to you
How you use Mobo Group technology and internet services.

Customers or Prospective Customers

We may collect and hold information about:

Your name
Your company name
Your address/your company address
Your telephone number

Personal and/or sensitive information about individuals will only be collected if that information is necessary for primary business functions and activities.

Mobo Group will only use or disclose Government related identifiers of individuals where this is reasonably necessary to enable us to carry out our functions and fulfil our obligations.

How we might collect personal information
We may collect personal information:

Directly from you
From third parties who you have authorised to provide us with information
From third parties who provide services to Mobo Group
From publicly available sources
From advocates or family members who represent you directly:
- Any information collected from a third party reasonable steps will be taken to ensure the
  individual is made aware of the details.

Where un-solicited personal information is received, Mobo Group will destroy the information unless the
information has or could have been reasonably solicited from the individual or their representative.

Why we might collect, hold, use or disclose personal information

We may collect personal information for a number of reasons including:

Providing you with goods or services
Providing you with information about our goods or services
Internal business and administrative purposes
Providing you with marketing material and communicating with you generally
Assessing you application for employment
Providing you with training
Reporting to Government Agencies as required by law or funding arrangement
For performance review purposes
For the investigation of a complaint or allegation made by or against you
For the investigation of an incident you were involved in, witnesses or affected by
For Corporate Governance, auditing and record keeping

Security of personal information
Records may be held in hard copy or electronic format.
All personal information held in hard copy will be stored in secured lockable filing cabinets.
All personal information held in electronic format is stored securely using file access controls.

Security of electronic data is supported by

Sophos Endpoint Agent
Annual cyber security audits

Anonymity and Pseudonymity

Individuals have the option of dealing anonymously or by pseudonym however Mobo Group may not provide those options where it is impracticable to deal with individuals who have not identified themselves.

Disclosure of personal information
If we collect personal information we may:

Use and disclose that information, including to a third party for any purpose outlined in the policy including, lawyers, auditors, accountants, education providers, service providers.
Provide information to third parties upon official request or as required to provide services to you
- law
- government agencies, or
- law enforcement agencies.
Publish photographs of you that have been taken in the course of your work with Mobo Group (as long as you have a signed media consent form)
Ask you from time to time to confirm that information is up to date, accurate and relevant

Where personal information about a service user is to be shared for any reason, the Information Sharing Guidelines Appendix will be followed.

Access to personal information

Persons may request personal information in accordance with the Freedom of Information Act 1991 and the Privacy Act 1988.

Application for information must be:

In writing: and
Specify that the request is made under the Freedom of Information Act; and
Contain information reasonably necessary to enable the information being requested to be identified; and
Specify where the information should be forwarded by providing an Australian address.

The Privacy Act requires that we give you access to your personal information on request, however it does set out circumstances in which we may refuse you access or decline to correct your personal information. Non-provision of information will only occur if the circumstances outlined in the Privacy Act are met.

If we refuse to give you access to your personal information, we will provide you with a written response
outlining our reason for refusing your request.

Privacy Breach

Any employee who breaches this procedure will be subject to disciplinary action, up to and including
termination.

If a person who has provided personal information to Mobo Group feels that Mobo Group has breached this privacy policy or the Privacy Act 1988, they should refer to the Complaints and Grievance Procedure.

Where data breaches have occurred or are alleged to have occurred, Mobo Group will conduct an
investigation into the root cause and resolve as soon as reasonably practicable. Following investigation, any person whose personal information has or may have been breached, will be informed.

References