Privacy Policy

Privacy Policy

REMSMART Privacy Policy


  1. Purpose of the policy

    REM-SMART Pty Ltd (ACN 630 578 933) (REMSMART, we and us) is a subscription-based remuneration survey platform for a variety of sectors including the resources and energy sector, and the rail industry. REMSMART provides remuneration data to subscribers for a variety of remuneration aspects including base salary, benefits, rosters and incentive pay. REMSMART is committed to protecting the privacy of personal information obtained through its operations as a professional services firm. REMSMART is bound by the Privacy Act 1988 (Cth) (Privacy Act), and the Australian Privacy Principles (APPs) .

    The purpose of this policy is to inform people of:

    • how and why we collect, use, hold and disclose your personal information;
    • how we keep personal information and personal data secure, accurate and up-to-date; and
    • how an individual can access and correct their personal information and personal data.

    You consent to us collecting, holding, using and disclosing your personal information that is collected in accordance with this policy.


  2. The kinds of personal information we collect and hold

    What is personal information?

    Personal information is any information or an opinion (whether true or not) relating to an identified individual or which can be used to reasonably identify that individual.

    Why do we collect your personal information?

    REMSMART collects personal information about you and your interactions with us, when you purchase any of our remuneration services, visit our website or otherwise interact with our platforms and services. We collect, hold and use your personal information to the extent it is reasonably necessary for, or directly related to, the following purposes:

    • To provide you with products and services, and manage enquiries from you or our clients, including remuneration advisory services, marketing services and human resources support.
    • To contact you and respond to your enquiries or complaints, or update you on our services that may interest you;
    • Comply with our legal obligations;
    • To provide you with access to:
      • www.remsmart.com.au (Website)
      • The ‘REMSMART’ online remuneration portal (Portal)
      • Any other supporting or future software products offered by REMSMART (Software).
      • data collection and surveys.
    • To provide accurate market insights using the data combined with a number of various data filters.

    What information do we collect and hold?

    REMSMART does not collect any personal information other than information reasonably necessary for, or directly relating to, the Primary Purposes for which REMSMART has been engaged or may be engaged, or its other functions and activities. REMSMART also collects personal information that is reasonably necessary for, or directly related to those purposes.

    We collect information about you and how you access, use and interact with the REMSMART Portal which may include the following types of personal information:

    • Company ID
    • Gender
    • Year of birth
    • Role title
    • Start date of employment position
    • Salary breakdown.

    REMSMART may also collect certain information that is not directly and specifically provided by you by using tools such as google analytics. This information may include information, such as an IP address, browsing pattern on the site, click stream, and the status of cookies placed on a computer.


  3. How we collect personal information

    REMSMART may collect personal information that has been directly provided to us by you when you interact with us, log on to our platforms, email us, or sign up to our subscriptions.

    We may also collect information that is provided to us by third parties such as our clients or prospective clients, suppliers, our employees, or is otherwise available in the public domain.

    To ensure the protection of information during transmission, we employ encrypted channels and secure protocols like HTTPS. Our data capture process is fortified with multiple layers of encryption, including AES-256 encryption for the encrypted and password-protected data collection kit. Real-time threat detection is also implemented to enhance security during data capture. These multi-layered security measures provide an additional layer of defence for maintaining the integrity and confidentiality of the data.

    Cookies

    The Website uses cookies to identify site users and interests and to track usage of the site. Cookies are small pieces of text stored on a computer that help us to know which browser the operator is using, where they have been on the site and any web sites to which they may link in order to use some of our features. By acceptance of our cookie, the user will be permitted access to certain pages of the site without having to log in each time they visit. A user who does not accept the cookie from the site may not be able to access certain areas of the site.

    We also log IP addresses, or the location of computers on the internet to help diagnose problems with our server and to administer the site. If the user prefers not to accept a cookie, they can set their web browser to warn them before accepting any cookies. Alternatively, they can refuse all cookies by turning them off in their web browser.

    If REMSMART collect details about you from someone else, we will whenever reasonably possible, make you aware that we have done this and why, unless special circumstances apply, including as described in this clause below.

    Unsolicited information

    In the event REMSMART collects personal information from you, or a third party, in circumstances where we have not requested or solicited that information and it is determined by REMSMART (in its absolute discretion) that the personal information is not required, we will destroy the information or ensure that the information is de-identified. 


  4. How we use your personal information

    REMSMART may use and disclose your personal information for it to carry out REMSMART’s Primary Purposes to customers as set out above.

    As well as the abovementioned purposes, the Primary Purpose includes providing our survey services, compiling data and salary survey sets, facilitating our internal business processes, communicating with clients, prospective clients and other external parties, providing ongoing marketing information about our products and services, complying with our legal obligations and dealing with enquiries and complaints.

    In certain circumstances, the law may permit or require us to use or disclose personal information for other purposes (for instance where a client would reasonably expect us to and the purpose is related to the purpose of collection).

    Sensitive information

    Sensitive information is a type of personal information.  It means information or opinion about an individual’s racial or ethnic origin, political opinions, membership of a political organisation, religious beliefs or affiliations, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual orientation or practices, criminal record, health information about an individual, genetic information, biometric information that is to be used for the purpose of automated biometric verification or biometric identification or biometric templates.

    We attempt not to collect sensitive information about our clients or prospective clients, however that may not always be possible. If any of our clients or prospective clients elects to provide us with any sensitive personal information, we will take all reasonable steps to ensure that the sensitive information is securely protected.

    In the event we propose to use such personal information other than for the reasons set out in this policy, we will first notify you or seek your consent prior to such use.


  5. Disclosure of Personal Information

    Who do we disclose your personal information to, and why?

    REMSMART may disclosure personal information where it is necessary to support the delivery of our Primary Purposes or other reasons including to:

    • third party service providers utilised in connection with any administrative matters and service providers (including IT service providers and consultants) who assist REMSMART in providing or marketing our services; and
    • third parties in connection with the sale of any part of REMSMART’s business or services.

    We may also use or disclose your personal information and in doing so we are not required to seek your additional consent:

    • when it is disclosed or used for a purpose related to the Primary Purposes of collection detailed above and you would reasonably expect your personal information to be used or disclosed for such a purpose;
    • if we reasonably believe that the use or disclosure is necessary to lessen or prevent a serious or imminent threat to an individual’s life, health or safety or to lessen or prevent a threat to public health or safety;
    • You have expressly consent to the disclosure or the consent may be reasonable inferred in the circumstances;
    • We are otherwise permitted to disclose the information under the Privacy Act;
    • if we have reason to suspect that unlawful activity has been, or is being, engaged in by you; or
    • if it is required or authorised by law.

    Should it be necessary for REMSMART to forward personal information to third parties outside the firm, we will make every effort to ensure that the confidentiality of the information is protected.

    In the event we propose to disclose such personal information other than for the reasons set out in this policy, we will first notify you or seek your consent prior to such disclosure.

    If the ownership or control of all or part of our business changes, we may transfer your personal information to the new owner.

    Overseas disclosures

    We do not disclose your information overseas, and such we are unlikely to disclose your personal information outside of Australia.

    We note that REMSMART is a platform operating online that can be accessed from various countries via an Internet connection, it is not possible to say there is zero chance of disclosure of information overseas.

    By submitting your personal information to REMSMART, you expressly agree and consent to the disclosure, transfer, storing or processing of your personal information outside of Australia.  In providing this consent, you understand and acknowledge that countries outside Australia do not always have the same privacy protection obligations as Australia in relation to personal information.

    The Privacy Act 1988 requires us to take such steps as are reasonable in the circumstances to ensure that any recipients of your personal information outside of Australia do not breach the privacy principles contained within the Privacy Act 1988.  We acknowledge the importance of protecting personal information and have taken reasonable steps to ensure that your information is used by third parties securely and in accordance with the terms of this Privacy Policy.

    If you do not agree to the disclosure of your personal information outside Australia by REMSMART, you should (after being informed of the cross border disclosure) tell REMSMART that you do not consent. To do this, either elect not to submit the personal information to REMSMART after being reasonably informed in a collection notification, or please contact us via the details set out at Section 10.


  6. Direct marketing

    We will use your information to offer you product and services that may interest you. You give your express and informed consent to us using your personal information provided to us where that information relates to the provision of services to you or marketing activities to provide you with information and to tell you about our products, services or events or any other direct marketing activity (including third party products, services, and events) which we consider may be of interest to you, whether by post, email, SMS, messaging applications and telephone (Direct Marketing Communications).

    If you have provided inferred or implied consent (e.g. not opting out where an opt-out opportunity has been provided to you) or if it is within your reasonable expectation that we send you Direct Marketing Communications given the transaction or communication you have had with us, then we may also use your personal information for the purpose of sending you Direct Marketing Communications which we consider may be of interest to you.

    If at any time you do not wish to receive any further Direct Marketing Communication, you may ask us not to send those to you or disclose your information to other organisations for that purpose by using the “unsubscribe” facility in the Direct Marketing Communications to opt out.


  7. How we store and hold your personal information

    Once we collect your personal information, we will either hold it securely and store it on infrastructure owned or controlled by us or with a third party service provider who have taken reasonable steps to ensure they comply with the Privacy Act.

    REMSMART will take all reasonable steps to protect against the loss, misuse and/or alteration of the information under its control, and that the information it holds is accurate, complete and up to date including through appropriate physical and electronic security strategies.

    We implement and maintain processes and security measures to protect personal information which we hold from misuse, interference or loss, and from unauthorised access, modification or disclosure. These processes and systems include:

    • a Two-factor authentication (2FA). This robust security measure provides an additional layer of verification beyond the traditional password, bolstering the protection of sensitive and personal information;
    • Authorised REMSMART personnel are provided access to personal information who are trained in security policies , and these employees are required to treat this information as confidential;
    • Monitoring and regularly reviewing our practise against our own policies and against industry best practice.

    Our policy is that all electronic records are only stored within Australia whenever this is commercially feasible. If this ceases to be the case, we will take reasonable steps to inform you of the change.


  8. Accuracy and correction of personal information

    REMSMART will take all reasonable steps to make sure that any personal information collected, used or disclosed is accurate, complete and up to date. As the accuracy of personal information largely depends on the information that you provide to us, we request that you advise us of any errors in or updates require to your personal information.

    If you believe that the information we hold about you is inaccurate, incomplete, irrelevant, misleading or out of date, you may contact us using the details set out in section 11 and we will update the relevant information accordingly. We will take reasonable steps to correct the information we hold and information held by any third party to whom we disclosed the information.

  9. Access to personal information

    You have the right to request access to any personal information that we may hold about you by contacting us on our details set out below.

    There are some circumstances where we are not required to give you access to your personal information. If we do refuse your request, we will provide you with a written notice that sets out the reasons (unless it would be unreasonable to provide them to you).

    Subject to our right to refuse access, REMSMART will provide you with a report that lists any personal information that we may hold about you.

    REMSMART will do its best to support that request if it is feasible to do so under the circumstances. We will respond to your requests to access or correct personal information in a reasonable time.

  10. Contact and complaints

    If you wish to contact us to make an enquiry about your personal information at REMSMART, want to update your registration information, or if you have a complaint about the way in which we have handled any privacy issue, please contact us in writing at: info@remsmart.com.au

    REMSMART has effective systems and processes in place to resolve privacy complaints. All complaints will be resolved within 30 calendar days of receipt, unless you have agreed to a longer timeframe in writing.

    You can make a formal complaint by lodging a complaint to the REMSMART Complaints team at info@remsmart.com.au and we will acknowledge your complaint within 1 business days of receipt, or as soon as reasonably practicable.  We will then investigate the complaint and consult with any relevant third parties in order to appropriately resolve your complaint. All complaints will be recorded on the REMSMART Complaints Register, along with the actions taken to address and resolve these complaints

    In order to resolve a complaint, we:

    1. will liaise with you to identify and define the nature and cause of the complaint;
    2. may request that you provide the details of the complaint in writing;
    3. will keep you informed of the likely time within which we will respond to your complaint; and
    4. will inform you of the legislative basis (if any) of our decision in resolving such complaint.

  11. Privacy Breaches

    Under the Privacy Act, REMSMART has an obligation to report privacy breaches when a data breach is likely to result in serious harm to an individual. If you are affected by a potential privacy breach, REMSMART will notify the you as well as the Office of the Australian Information Commissioner (OAIC) and advise you of the unauthorised access, and the recommended next steps.

    If you are not satisfied with the way in which we have handled a privacy issue, you may approach an independent advisor or contact the Office of the Australian Information Commissioner (OAIC) (www.oaic.gov.au).


  12. Changes to this policy

    We reserve the right to modify our policy as our business needs require from time to time. We will take reasonable steps to notify you of such changes (whether by direct communication or by posting a notice on our website).  If you do not agree to our continued use of your personal information due to the changes in our policy, please cease providing us with your personal information and contact us