Purpose and Introduction
knp Solutions Pty Ltd (ACN 005 533 764) (“knp”) is committed to responsible privacy practices that comply with the Australian Privacy Principles contained in the Australian Privacy Act 1988 (Cth) ("Privacy Act") and other applicable privacy laws.
Who Is Covered By This Policy?
What is Personal Information?
Personal information is information that could identify an individual such as name, address, telephone numbers, date of birth and email address. It includes sensitive information and health information. Information about a company or other entity that does not identify an individual is not personal information.
Sensitive information includes information or an opinion about an individual’s racial or ethnic origin, political opinions, philosophical or religious beliefs or affiliations, membership of a political, trade or professional association or trade union, sexual preferences or practices, criminal record or health information.
Health information includes personal information about an individual’s physical, mental or psychological health or disability.
Application of the Policy
knp will comply with this policy in handling personal information about its customers, contractors, consultants and job applicants.
knp will endeavour to adhere to this policy in relation to personal information of all employees. The degree of compliance depends on knp’s business requirements and regulatory obligations.
knp will comply with this policy in handling health information of employees as well as customers, contractors, consultants and job applicants.
This policy applies to all staff who handle personal information in the course of their jobs.
knp requires that all such staff (including casual and contract staff) comply with this policy at all times and treat the personal information handled in the course of their employment with knp in a respectful way.
knp will refrain from disclosing personal details concerning others and shall collect and handle personal information in accordance with this policy and take reasonable steps to protect any personal information from misuse, loss, unauthorised access, modification and disclosure. This can include measures such as:
storing personal information in locked filing cabinets;
having a clean desk policy;
not allowing others to use your computer passwords.
This list is by no means exhaustive and other security measures taken should be those that are reasonable in the circumstances.
Collection of Personal Information
We will only collect personal information that is necessary for knp’s business functions and activities, or to comply with legal or regulatory obligations. We will collect personal information by lawful and fair means and not in an unreasonably intrusive way.
We may also collect information relating to you from other sources such as your financial planner, and/or lawyer. When we collect any personal information, we will provide the relevant individual with information about:
why knp is collecting personal information;
how to contact knp to gain access to the individual’s personal information ;
the types of organisations (if any) to which knp may disclose the personal information (e.g. payroll processing services);
any law that requires the particular information to be collected; and
the main consequences for failure to provide that information.
In most cases, we will obtain the individual’s consent if we collect sensitive information. Exceptions include where:
the collection is required or authorised by law;
the individual is incapable of giving consent and the collection is necessary to prevent a serious health and safety threat; or
the collection is necessary for defence of a legal claim.
There shall be no direct marketing unless you would normally expect knp to disclose this for that purpose.
We may also collect information to comply with legislative requirements including the Anti Money Laundering and Counter Terrorism Financing Act 2006 and taxation and industrial relations laws.
Use of Personal Information
Personal information will only be used for the primary purpose(s) for which it was collected and in some cases for related secondary purposes.
Where we need to use personal information for purposes other than the primary purpose or a related secondary purpose which an individual would reasonably expect, we will obtain consent where appropriate and necessary. Exceptions to this include where:
the use is required to lessen or prevent a serious and imminent threat to an individual’s life, health or safety, or to public health and safety;
knp suspects fraud or unlawful activity;
the use is necessary to assist a law enforcement agency in its law enforcement functions; or
the use is required or authorised by law.
In such cases (except in cases of emergency, or where the use is required or authorised by law), the use of personal information must be authorised by a Director.
Other than in cases of emergency, sensitive information may only be used and accessed where there is a clear and compelling business or other need to do so and when the use is authorised by a Director.
If you do not provide the relevant information or provide inaccurate or incomplete information, we may not be able to complete the relevant services for you.
Disclosure of personal information to third parties
knp will only disclose personal information to other entities for the primary purpose(s) for which that personal information was collected, or in some circumstances for related secondary purposes which an individual would reasonably expect.
Where knp wish to disclose personal information for purposes other than these purposes, we will obtain consent where appropriate and necessary.
knp are not required to obtain consent where:
the disclosure is required to lessen or prevent a serious and imminent threat to an individual’s life, health or safety, or to public health and safety;
knp suspect fraud or unlawful activity;
the disclosure is necessary to assist a law enforcement agency in its law enforcement functions; or
the disclosure is required or authorised by law.
In such cases (except in cases of emergency, or where the disclosure is required or authorised by law), the disclosure of personal information must be authorised by a Director.
knp will not collect any personal data about you (e.g. your name, address, telephone number or e-mail address) through our websites or otherwise, unless you voluntarily choose to provide us with it (e.g. by registration or survey), provide your consent, or unless we are otherwise permitted by applicable laws and regulations for the protection of your personal data.
The kinds of personal information we collect and hold are information required for us to communicate with you, or to enable you to work with us as a customer, supplier, job applicant or employee, such as your contact and payment details, date of birth or your trading, credit or working history. In some instances sensitive information such as health information may be collected if it is required for us to perform a service , or in the case of a job application, if it is a requirement of the position.
We usually collect personal information directly from you, for example when you complete an application form, deal with us over the phone, send us a letter, use our website, respond to a survey or otherwise through interactions with knp and its affiliated companies or service providers. Sometimes information may be collected from third party agencies that provide credit, compliance and security checks if this information is necessary to enable us to work together.
When we may provide personal information to others
Depending on the nature of your relationship with us, for the purposes listed in the section above we may provide your personal information to:
other knp member firms, including their employees
our professional advisers and specialist consultants
brokers and agents who refer your business to us
any person acting on your behalf, such as your financial advisor, solicitor, settlement agent or administrator
vendors and other third parties who provide services to us, including data processing, audit and quality review activities, and market research agents who assist us to dispose of property or equipment investors, advisers, and trustees
professional associations and organisations your referee (to confirm details about you as part of recruitment activities)
Income Tax Returns that we lodge with the Australian Taxation Office
The entities listed above to whom we may disclose your personal information may be located overseas. We will take reasonable steps to ensure that these overseas recipients maintain the same high standards of protection that we do, and that they comply with the requirements of the Australian Privacy Principles.
The entities to whom we may disclose your personal information (to assist us in providing services to you) may be located overseas.
Protection of Personal Information
knp will take reasonable steps to protect personal information which is handled in the course of your employment from unauthorised access, use, disclosure of alteration.
Only properly authorised employees or contractors are permitted to see or use personal information held by knp and even then only to the extent it is relevant to their roles and responsibilities.
knp will take reasonable steps to ensure that any personal information we collect, use or disclose is accurate, complete and up-to-date in accordance with the National Privacy Principles. If you become aware that any personal information which knp holds is not accurate, you are required to notify the Practice Manager promptly.
Retention and Destruction of Personal Information
We will only keep personal information on file for as long as it is necessary to fulfill business needs or legal requirements. When knp no longer requires the personal information, we will destroy or dispose of it in a secure manner.
Access to and Correction of Personal Information
Individuals other than employees (e.g. customers, job applicants, contractors) may have the right to access any personal information about them which is held by knp. Employees should also generally have this opportunity, but the extent to which access is granted to an employee will depend on the circumstances, business needs and management discretion.
Exceptions to the general right of access to non-employees
Individuals have a right of access to any personal information held about them upon request. There are a number of exceptions to this principle including:
where providing access would pose a serious and imminent threat to the life or health of any individual;
where providing access would have an unreasonable impact upon the privacy of other individuals (this may be relevant where information about other individuals is included on a file);
the request for access is frivolous or vexatious;
the information relates to existing or anticipated legal proceedings where the information would not otherwise be discoverable;
providing access would be unlawful;
denying access is required by law;
providing access would prejudice an investigation of possible unlawful activity; and
providing access would prejudice law enforcement.
Requests for access should be made to the Practice Manager.
If knp refuses a request for access to the personal information, knp will provide the individual with reasons why this is the case. If access is to be denied on any of the grounds listed above, the denial of access must be authorised by a Director.
In cases where knp does not wish to grant direct access to an individual to the personal information held about the individual, then an agreed intermediary may be used to explain that information to the individual.
Correction of Personal Information
Individuals may also request review and to correct their personal information. You will make such correction or, if unsure whether such correction is appropriate, refer to the Practice Manager for guidance. If knp refuses to alter the information, knp will also provide the individual with reasons why this is the case and include a statement about the disputed facts on the individual’s file.
If you have any concerns about the way in which personal information is being handled, or you believe that there has been an interference with the privacy of an individual, please contact a Director.
Complaints will be handled impartially and as promptly as possible in the circumstances. Only those people who are involved in the investigation of the complaint will have access to personal information in relation to the complaint.
Individuals found to have breached this policy will be subject to appropriate disciplinary action, which may include dismissal.
Where a client, job applicant or other individual makes a complaint to knp about their personal information being inappropriately handled, then that complaint should be immediately referred to a Director.
You may contact the knp Privacy officer being Mrs Genny Gullo.