Sterling RISQ is committed to safeguarding the privacy of information we receive. Sterling RISQ will collect, use, disclose and store, personal information only in compliance with applicable laws. Sterling RISQ adheres to the requirements of the Australian Privacy Principles (APPs) contained within the Privacy Act 1988. If a specific country’s privacy legislation is more stringent than Australia’s, Sterling RISQ will abide by that legislation.
Sterling RISQ will only collect personal information that is needed for it to operate its business activities effectively. Collected Information may include employment references, civil and criminal records, local language media information, directorship information, directorship disqualification information, property ownership information, credit records, driver’s license offense records, driver’s license verification, education and credential verification, and other background information on you as requested by Sterling RISQ or our clients.
Under the Privacy Act, personal information is defined as: “Information or an opinion, whether true or not, and whether recorded in a material form or not, about an identified individual, or an individual who is reasonably identifiable”.
Sensitive information is a subset of personal information that is generally afforded a higher level of privacy protection. Sensitive information includes information about racial or ethnic origin, political opinions, religious beliefs or philosophical beliefs, membership of a union or professional association, sexual preferences or practices, criminal records and health information.
Sterling RISQ will only collect sensitive information if consent has been provided and the information is reasonably necessary for one or more of Sterling RISQ’s function or activities.
Use & Disclosure
Sterling RISQ will only use or disclose personal information for the purpose(s) originally explained when the information was collected and for any related purpose that would reasonably be expected by both the individual concerned and Sterling RISQ.
If you have provided your personal information in connection with a background screen ordered by Sterling RISQ’s client, Sterling RISQ may use your personal information to perform your background screen for that client. Sterling RISQ also may disclose your information to certain third parties as necessary to conduct the background screening (such as government agencies, law enforcement bodies, public registries, court or tribunal records, ratings agencies, educational institutions, regulatory and licensing bodies, prior employers and other persons or entities that may provide or verify information about you).
We may also disclose your personal information if it is required or authorised by law, where disclosure is necessary to prevent a threat to life, health or safety, or where we are otherwise permitted by the Privacy Act.
Security & Disposal
Sterling RISQ is committed to protecting the personal information that we receive against loss, misuse, and unauthorized access, disclosure, alteration and destruction.
All personal information collected and stored by Sterling RISQ is protected by complex security technologies as well as detailed internal security measures. All databases are protected by secure network links, which are complemented by firewalls, hardware and software encryption, password protection and virus protection. Physical data is always stored in locked cabinets, expired physical data is disposed of into a confidential waste bin/shredded. All our staff are rigorously screened and subject to strict confidentiality undertakings.
Sterling RISQ will take reasonable steps to ensure that the personal information it uses is accurate, complete and up-to-date. If an individual advises Sterling RISQ that personal information held on them is inaccurate, incomplete or not up to date, Sterling RISQ will take reasonable steps to update the information accordingly.
From time to time, Sterling RISQ will need to transfer personal information overseas in order to liaise with verification sources. Sterling RISQ will not transfer personal information overseas without the consent of the individual unless:
- The transfer is necessary for the performance of a contract between Sterling RISQ and the individual, or for the implementation of pre-contractual measures taken in response to the individual’s request.
- The transfer is necessary for the performance or conclusion of a contract between Sterling RISQ and a third party that is in the interests of the individual concerned.
- The transfer is for the benefit of the individual; it is impractical to obtain the individual’s consent and, if it was, the individual would be likely to give it.
- Sterling RISQ has taken reasonable steps to satisfy itself that the recipient of the information will manage the information consistent with this policy.
If Sterling RISQ uses personal information it holds for direct marketing of its products or services, it will always provide the individual the opportunity at the point of first contact and at any time afterwards at the individuals request to decline receipt of any further marketing information.
Access & Correction
Sterling RISQ will allow individuals to have access to their personal information that we hold. If you believe that any personal information Sterling RISQ has collected about you is inaccurate, not up-to-date, incomplete, irrelevant or misleading, you may request for correction (subject to restrictions on such access/alteration of records under the APPs).
Sterling RISQ reserves the right to levy a reasonable charge to meet the costs of providing access to personal information.
To request access to personal information, please contact our Privacy Officer at firstname.lastname@example.org or in writing to:
The Privacy Officer
101 Thomson Road
#10-01 United Square
The Privacy Officer
Suite 902, Level 9
50 Berry St
North Sydney 2060
When you elect to contact us with a comment or request for information, Sterling RISQ may preserve the details you have input and make it available to the appropriate Sterling RISQ staff member for the relevant action to be taken.
If you are concerned that we have not complied with your legal rights or applicable privacy laws, you may bring a complaint internally through our complaints process or you may decide to make a formal complaint with the Office of the Australian Information Commissioner (OAIC) in Australia or Personal Data Protection Commissioner (PDPC) in Singapore.
We will deal with complaints as follows:
Step 1: Write to us
If you would like to make a complaint, you should let us know by contacting our Privacy Officer at email@example.com advising the following:
- Your full name,
- Your date of birth,
- Your contact phone number
- Detailed description of the complaint
- Any supporting documents
Step 2: Investigation
Your complaint will be investigated by our Privacy Officer.
We aim to acknowledge receipt of all complaints within 48 hours, and resolve all complaints within 30 working days. This may not be possible in all circumstances depending on the contents of the complaint. In this situation, we will respond to your complaint in a reasonable time.
Step 3: Contact OAIC or PDPC
We expect our procedures will deal fairly and promptly with your complaint. If you are not satisfied with our response to your complaint, in Australia you can contact the Office of the Australian Information Commissioner (OAIC); or in Singapore you can contact the Personal Data Protection Commissioner (PDPC).
Disputing Your Criminal Background Check Results (Australia – ACIC)
Can I Dispute The Contents Of My Police Check?
If you believe that the information returned on your police check is incorrect please contact us at firstname.lastname@example.org or on 02) 9392 8866 for assistance.
Please note that the dispute process can take between 4-21 business days
What is a nationally coordinated criminal history check?
A nationally coordinated criminal history check (police check) is a collation of police and conviction history information about an individual that has been determined releasable by Australia’s police agencies and made available to you by the ACIC. The police check involves processing an individual’s biographic details, including name and date of birth, against information held by the ACIC through the National Police Checking Service Support System (NSS)
Police checks are important because they help protect the community by providing police and conviction information to inform decision making. Police checks are used by many organisations to minimise the risk of employing or granting an entitlement to an unsuitable person.
Police checks are valid at the time the information is released by police and should not be relied upon outside this release period.
How long is a police check valid for?
Results of police checks have no set expiry date. They are point-in-time checks, meaning that the results only reflect police records on the date they are released by each police agency. Decision makers are responsible for determining how long police checks are to be accepted as ‘valid’, based on their own risk management strategy and assessments.
Police checking time frames
The Service aims to process 95 per cent of standard police checks within 14 business days, noting that:
- the majority (around 70 per cent of all checks submitted) are completed within 2-4 business days
- up to 30 per cent may be referred to one or more police agencies and can take longer than 10 business days to be returned, because of the check’s complexity.
When can a follow up be made?
You may initiate a check follow-up if you are concerned about how long it is taking to finalise a police check.
Before you initiate a check follow-up you must:
- wait the required 14 business days
- ensure no Requests for Further Information (RFIs) are waiting for your response
How is a police check processed?
Police checks are used by many organisations to minimise the risk of employing or granting an entitlement to an unsuitable person.
Sterling RISQ’s Website
Reading or downloading materials from Sterling RISQ’s website(s) will not identify you personally. Our Web servers automatically collect the domain names or IP address from which you accessed our site, the date and time you accessed each page on our website, the URL of and webpage from which you accessed our site (“the referrer”) and the web browser you are using and the Sterling RISQ web pages you accessed. Sterling RISQ uses this information to measure the use of and to improve the content of our Web site.