Privacy policy
How do we secure employee data?
At Vista Workforce, we are committed to safeguarding the privacy of our employees' personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles.
This Employee Privacy Policy outlines how we handle, store, and use employee information, ensuring that the highest privacy standards are maintained and that we comply with relevant Australian privacy laws, particularly in relation to Human Resources and Payroll functions.
This policy applies to all personal information collected from current, former, and potential employees and contractors of ZedPlus. It covers the handling of information throughout the employment relationship, including recruitment, active employment, and post-employment phases.
Information we collect
We collect the following types of personal information from employees during the onboarding process:
- Personal identification information: Name, contact details (email, phone number, address), date of birth, government-issued identification numbers (e.g., tax file numbers), and emergency contact details.
- Employment details: Job title, department, employee ID, start and end dates, salary information, and performance data.
- Financial information: Bank account details for salary payments, superannuation information, and tax details.
- Health and safety data: Medical certificates, injury reports, and occupational health data, where required.
- Usage Data: Information about your interactions with company systems, including login details, usage logs, and IP addresses for security and auditing purposes.
How do we use your personal information?
We use your personal information for the following purposes:
- Manage payroll, benefits, and superannuation.
- Ensure compliance with employment laws, health and safety regulations, and taxation requirements.
- Support performance management, training, and development initiatives.
- Provide workplace health and safety services and support.
Disclosure of information
Personal information may be disclosed to:
- Australian Government Authorities: Such as the Australian Taxation Office (ATO), Fair Work Ombudsman, or other regulatory bodies.
- Internal Use: Only authorised personnel within ZedPlus HR and Payroll departments can access employee information.
At ZedPlus, we do not share personal information with external vendors or service providers for payroll or HR services, as these functions are handled internally with secured systems and strict data protection measures in place.
Employee access to personal information
Employees can access and update their personal information by submitting a written request to HR. However, certain employment records may not be accessible under privacy exemptions (e.g., records related to legal proceedings or sensitive workplace investigations). Access to another employee's information is strictly prohibited unless specifically required as part of an employee’s job responsibilities.
How do we secure our employee's personal information?
At ZedPlus, the security of our employees’ personal information is paramount. We employ a range of stringent measures To protect your data from unauthorized access, misuse, or disclosure. The following key areas ensure your data remains secure:
- Encryption and secure transmission: All personal and sensitive data, such as identification numbers and financial details, are encrypted during storage and transmission. We use industry-standard encryption protocols to ensure data is always securely handled.
- Access controls and permissions: Access to employee data is strictly limited to authorised personnel who need this information to perform their roles. We regularly review and update access controls to maintain a high level of data protection.
- Data storage and monitoring: Your information is stored in secure facilities that are protected by physical barriers, advanced security systems, and continuous monitoring. Our IT infrastructure uses firewalls, intrusion detection systems, and other safeguards to prevent unauthorized access.
- Regular audits and risk management: We conduct regular security audits and risk assessments to identify and mitigate any vulnerabilities. These reviews help us stay ahead of potential threats and ensure compliance with applicable regulations.
- Incident response: In the event of a data breach, we have a robust incident response plan in place to quickly contain and address the issue. Affected individuals will be notified promptly, and steps will be taken to prevent future occurrences.
Through these stringent security practices, we demonstrate our commitment to maintaining the highest data protection standards for our employees.
Changes to this privacy policy
We may update this policy from time to time to reflect changes in legal requirements or company practices. Any changes will be communicated to you via email or posted on the employee portal at least 30 days before they take effect.
If you still have questions or concerns about this privacy policy or how your information is handled, please contact the ZedPlus HR department.