1.1 This Policy sets out how Commission Members and Commission staff collect, hold, use and disclose personal information and how individuals may access and correct personal information held by the Fair Work Commission.
2.1 Definitions are set out in the Dictionary in Section 12. Defined terms are indicated in bold the first time they appear in this Policy.
3.1 The Commission is Australia’s national workplace relations tribunal. It is an independent body with power to carry out a range of functions under the Fair Work Act, the Registered Organisations Act and the WHS Act.
3.2 Under ss.589-593 of the Fair Work Act, Commission Members have a broad discretion as to how they conduct proceedings and inform themselves in relation to a matter before them. The Commission is authorised by s.590 of the Fair Work Act to inform itself in relation to any matter before it in such a manner as it considers appropriate, and the Commission may make decisions as to how, when and where a matter is to be dealt with (s.589). Section 577 of the Fair Work Act requires the Commission to perform its functions and exercise its powers in a manner that is fair, just, open and transparent.
3.3 The Privacy Act requires the Commission to comply with the APPs in dealing with personal information. The APPs regulate how agencies collect, hold, use and disclose personal information, and how individuals may access and correct personal information held by agencies.
3.4 The OAIC is established by the Australian Information Commissioner Act 2010 (Cth) and is responsible for providing advice on and conducting investigations under the Privacy Act. The OAIC website contains information and resources about privacy on the Privacy law page.
3.5 In addition, s.72E of the Public Service Act 1999 (Cth) and reg.9.2 of the Public Service Regulations 1999 (Cth) regulate how the Commission can use and disclose the personal information of its employees.
4.1 The Commission collects and handles personal information in exercising its powers and performing its functions and activities. The following list broadly describes the functions and activities for which the Commission collects, holds, uses and discloses personal information:
5.1 The Commission collects personal information for the purpose of performing the functions and activities described in paragraph 4.1.
5.2 The Privacy Act requires the Commission to only collect personal information when it is reasonably necessary for, or directly related to, the Commission’s functions or activities.
5.3 The kinds of personal information the Commission routinely collects in performing its functions and activities include:
5.4 The Commission collects personal information from various sources including documents lodged with the Commission, telephone conversations, emails and from disclosures made during hearings.
5.5 The Commission collects personal information directly from the individual to whom it relates, for example, when the individual:
5.6 The Commission also collects personal information from other persons and sources including where:
5.7 Section 590(1) of the Fair Work Act states that the Commission may 'inform itself in relation to any matter before it in such manner as it considers appropriate'. The nature of proceedings before the Commission means that it is often impracticable or impossible for the Commission to collect personal information about an individual only from that individual. Sometimes the Commission will collect personal information (including sensitive information) about an individual from third parties including other parties or witnesses in a matter. For example, an unfair dismissal application might include personal information about an applicant’s supervisor or co-workers.
5.8 Where the FWC Rules or an approved Commission form requires certain information to be lodged with the Commission, the collection of that information is also authorised by law. For example, where a Commission form requires an applicant to provide specific information about another person (eg the contact details for the respondent), the collection of that information by the Commission is authorised by law.
5.9 Where an individual has appointed a person to represent them in a Commission matter, the Commission will treat the individual as having consented to the Commission’s collection of personal information about the individual from their representative (rather than directly from them).
5.10 Where the Commission is provided with personal information about an individual by a third party (for example, in an application form or a witness statement) the Commission generally will not be able to notify the individual that it has collected their information. As explained in the Privacy Notices attached to the Commission’s forms, parties who provide the Commission with personal information about another individual should provide that individual with a copy of the relevant Privacy notice.
5.11 In managing the Commission’s human resources, sometimes the Commission will collect personal information about Commission staff from third parties including other Commission staff.
5.12 The nature of most of the Commission’s functions and activities is such that participants must provide their name and contact information. For example, the Commission can only deal with an application under the Fair Work Act from an individual if the individual identifies themself.
5.13 However, where it is possible to do so, the Commission allows individuals to interact with it anonymously or by using a pseudonym. For example, if a person contacts the Commission with a general enquiry, the Commission will not require the person to provide their name unless it is needed to adequately deal with their question.
5.14 The Commission’s functions and activities mean that it regularly collects sensitive information. The Commission collects sensitive information where:
5.15 The kinds of sensitive information that may be collected by the Commission include:
5.16 The Commission operates CCTV cameras at most of its premises in courtrooms and public areas such as the registry. Video footage may be recorded of any individual in these areas. This information is collected to ensure the safety and security of the public and Commission Members, staff and facilities.
5.17 Commission hearings and determinative conferences are generally audio recorded. Major cases may also be video recorded and live-streamed on the Commission’s website. Private hearings and other conferences may also be audio recorded in some instances (however confidential conciliations are generally not recorded). Personal information collected in recordings may include personal and sensitive information about the parties to the matter, witnesses and third parties.
5.18 This information is collected to make an accurate record of the Commission proceedings and, where appropriate, to facilitate the preparation of transcript.
5.19 To lodge an application over the telephone or via email, a party must provide their name, address, telephone number, fax number (if any) and email address. These details are required so that the Commission can send relevant documents and information to the party.
5.20 If payment of an application fee is required, payment can be made over the telephone using the secure credit card payment facility. The Commission provides the person’s credit card details to the Commission’s credit card service provider to process the transaction, but does not retain the credit card details required to carry out the transaction. The information required to carry out the transaction may be retained by the third party to facilitate future transactions including refunds or to meet legal obligations. Transactions are processed using industry standard encryption protocols.
5.21 Where payment is made by methods other than credit card, the Commission retains the name and address of the payer and the associated Commission matter number, for the purposes of processing refunds.
5.22 Applications lodged via the Commission’s website are secured using industry standard encryption and security protocols.
5.23 To lodge applications online, a party must provide their name, telephone number, postal address and email address. These details are required so that the Commission can send relevant documents and information to the party.
5.24 If a person chooses to pay an application lodgement fee using the secure credit card payment facility, they are asked to provide credit card details. The party provides this information to the Commission’s credit card service provider to process the transaction. The information required to carry out the transaction is entered by the party directly into the third party’s secure payment site, and may be retained by the third party to facilitate future transactions including refunds or to meet legal obligations. Transactions are processed using industry standard encryption protocols.
5.25 The person’s contact information is kept by the Commission to process transactions. It will not be published or passed onto any other third parties. The Commission does not retain any credit card information from the online payment process.
5.26 If a person does not wish to provide personal details over the internet, documents can be lodged in person or mailed to the Commission.
5.27 Where the Commission’s website allows a person to make comments, submit a question or give feedback, the Commission will collect the person’s name, email address, phone number, State/Territory location and any other personal information contained in the comments, question or feedback. The Commission may use the contact details to respond to the person.
5.28 The Commission uses cookies on its website to see patterns in usage of its website. A cookie is a small text file the Commission’s server puts on the person’s hard drive, that shows that the person has visited the website more than once. Cookies ‘remember’ the person’s browser between page visits.
5.29 When a person visits the Commission’s website, the Commission also records the following anonymous information about the visit for statistical purposes:
5.30 The Commission maintains and monitors online security systems to ensure a secure online environment and that the personal information of people using the Commission’s website is appropriately protected during transmission.
5.31 When a person is using the Commission’s website, the Commission provides encrypted connections between the browser running on the person’s computer and the Commission’s online site or services that use third party validated certificates. The encryption process the Commission uses is Secure Socket Layer (SSL).
5.32 Sometimes personal information is not sought by the Commission but is sent to the Commission by either the individual or a third party without prior request. Where unsolicited information is received, the Commission will, within a reasonable period, determine whether that information is reasonably necessary for, or directly related to, one or more of the Commission's functions or activities. If not, the Commission will, as soon as practicable, destroy or de-identify the information, subject to the requirements of the Archives Act 1983 (Cth) in relation to Commonwealth records. If the information does relate to one or more of the Commission's functions or activities, the Commission will notify the individual of the purpose of collection and its intended uses and disclosures according to the requirements of the APPs, unless it is impractical or unreasonable to do so.
6.1 The Commission uses and discloses personal information for the primary purpose for which it was collected. For example, the Commission will usually disclose the personal information it collects from a party to a matter to any other party (or their nominated representatives) for the purpose of dealing with the matter. If a party fails to send copies of material lodged with the Commission (such as emails, correspondence and documents) to the other parties to the matter, the Commission will usually forward copies to the other parties.
6.2 The Privacy Act permits the Commission to use or disclose personal information for another purpose (a secondary purpose) in specified circumstances, including where:
6.3 The Commission publishes on its website lists for hearings and conferences on the current day and following six days (hearings lists). Hearings lists generally include the names of any individual parties, the type of application, matter number and time and date of the proceedings. Not all cases or case details may be listed on the Commission's website. For more information about non-publication orders see paragraph 6.13 below.
6.4 Details of hearings and conferences held at Commission premises are generally published on the hearing screens at the relevant Commission registry on the day.
6.5 The Commission will not acknowledge receipt of an unfair dismissal, unlawful termination, anti-bullying or general protections application to the public, unless and until the matter is published on its website hearings list.
6.6 Commission hearings are generally open to the public. Information disclosed during a hearing will include the names and other personal information of parties, witnesses and other third parties.
6.7 Where a transcript of a hearing is produced, the Commission will generally publish the transcript on the Commission’s website.
6.8 The Commission will not publish transcripts of hearings at first instance in relation to unfair dismissal, unlawful termination, anti-bullying or general protections applications. If such matters are appealed, the transcript of appeal proceedings may be published. The Commission will not publish transcripts of hearings to the extent that they are subject to confidentiality or non-publication orders (see paragraph 6.13 below).
6.9 Commission conferences are generally conducted in private and any transcript will not be published.
6.10 In general, the Commission is required under s.601 of the Fair Work Act and s.337K of the Registered Organisations Act to publish Commission decisions, including Commission decisions made following a determinative conference. Commission decisions may include personal information, including information disclosed during the hearing and in documents before the Commission. The Commission also publishes enterprise agreements approved by the Commission (usually the copy of the agreement lodged with the approval application (including the signature page)), together with any undertakings accepted by the Commission in approving the agreement.
6.11 The Commission publishes decisions and enterprise agreements electronically on its website and online databases. The Commission does not give a general consent to the contents of these databases being indexed by other websites and search engines. The Commission attempts to prevent such indexing by placing these databases outside the permitted scope of web ‘crawlers’, ‘robots’ and ‘spiders’ that adhere to the voluntary Standard for Robot Exclusion.
6.12 The Commission provides Commission decisions to the Australian Legal Information Institute website. Some decisions may also be reported, republished or linked on other websites, in the media or in workplace relations publications. The Commission does not control the content of other websites and cannot prevent Commission decisions from being indexed by other websites or search engines.
6.13 One exception to the requirement for the Commission to publish a decision made under the Fair Work Act is where the Commission has made a confidentiality or non-publication order. Sections 593(3) and 594(1) of the Fair Work Act provide that, if it is satisfied that it is desirable to do so, the Commission may make orders for a hearing to be held in private or orders prohibiting or restricting the publication of:
6.14 Once issued, Commission decisions can only be varied or removed from the Commission website in the limited circumstances provided by the Fair Work Act.
6.15 The Commission also routinely publishes other documents which may contain personal information. These include:
6.16 A party to a hearing or their nominated representative may request access to an audio recording of the hearing via the Commission’s EAP. This allows parties or their nominated representatives to review an accurate and authorised record of proceedings.
6.17 Access to an audio recording is at the Commission’s discretion. A party who requests access must agree to the Commission’s Audio recordings terms of use. Where access is granted, the party will be able to stream the audio recording using a media player on the EAP website.
6.18 The Commission records voicemail messages, and records some calls to the Commission for training purposes.
6.19 Personal information may also be accessed by Commission Members or staff on a confidential basis for professional development purposes, conducting research projects related to the Commission’s functions, or in order to identify improvements to Commission processes and procedures.
6.20 The Commission provides personal information collected in audio and video recordings of hearings to its monitoring and transcription service provider so the provider can prepare a transcript of the hearing (if ordered) and make audio recordings available to parties via the EAP. The Commission also provides personal information collected in requests to access audio recordings or transcripts to the provider, to process the request.
6.21 The Commission uses other service providers to assist it in carrying out its functions and activities. These include external legal advisers, translators, interpreters and information technology (IT) providers. The Commission discloses personal information to IT providers that host the Commission's website servers, manage the Commission's IT and store the Commission's information (including human resources information). The Commission requires its service providers to protect the confidentiality of any personal information disclosed to them for the purpose of providing the services.
6.22 The Commission may disclose documents on case files in accordance with its Access to case file documents policy. This Policy sets out when access may be granted to documents on a Commission case file to the parties to the matter or to non-parties.
6.23 Access to documents on a case file is at the discretion of the Commission. Access to documents on open Commission matters is subject to the consent of the presiding Member.
6.24 Under the Privacy Act, disclosure of personal information for a secondary purpose is permitted if the disclosure is required or authorised by or under an Australian law or a court or tribunal order. Under ss.589-593 of the Fair Work Act, Commission Members have a broad discretion as to how they conduct proceedings and inform themselves in relation to a matter before them.
6.25 The Commission may be required or authorised by or under law or by a court or tribunal order (including the Commission’s own order) to disclose personal information it has collected. This includes where the Commission is required to comply with a subpoena, notice to produce or other court order, or where the disclosure is authorised pursuant to the Fair Work Act or Registered Organisations Act.
6.26 The Commission will disclose personal information it has collected when it notifies the Australian Building and Construction Commission of applications and the outcomes of applications made to the Commission under the Fair Work Act or the Fair Work (Transitional Provisions and Consequential Amendments) Act 2009 (Cth) which relate to a building industry participant or building work.
6.27 This notification is required by s.112 of the Building and Construction Industry (Improving Productivity) Act 2016.
6.28 The Commission will disclose personal information it has collected where disclosure is required or authorised by the FOI Act. For more information on disclosure under the FOI Act, see the Commission’s Freedom of Information web page.
6.29 The Commission will disclose personal information it has collected if it is required to notify the Australian Information Commissioner about the loss or unauthorised access to or disclosure of personal information held by the Commission which is likely to result in serious harm to affected individuals.
6.30 The Commission may disclose personal information about a member of Commission staff, including where:
7.1 The Privacy Act permits the collection, use and disclosure of personal information in a number of permitted general situations, including where:
7.2 For example, a permitted general situation may arise where a telephone call to the Commission is recorded because the caller threatens to harm themselves or another person.
8.1 The Commission may disclose personal information to overseas recipients to perform its functions or activities (see Section 6 above). Generally, information will only be disclosed overseas where:
8.2 Where the Commission discloses personal information to a third party service provider located overseas, generally one of the following will apply:
9.1 The Commission holds personal information in a range of paper-based and electronic records, including cloud computing. All information held by the Commission must be retained and disposed of in accordance with the Australian Government's information management regime, including the Archives Act 1983 (Cth), Records Authorities and General Disposal Authorities. This ensures personal information is held securely.
9.2 The Commission's networks and website have security features in place to protect the information that the Commission holds from misuse, interference and loss from unauthorised access, modification or disclosure. The Commission takes steps to protect the security of the personal information it holds from both internal and external threats by:
9.3 Hard copy records stored on Commission premises are secured to restrict access to Commission Members, staff and authorised personnel. Archived files are held in secure storage in onsite and contracted off-site locations.
9.4 Electronic information is stored securely and access is restricted and monitored on an ongoing basis. The Commission adheres to the Australian Government’s Protective Security Policy Framework, which includes requirements with respect to information security. Further information about the Commission’s online security systems is at paragraphs 5.22 to 5.31 above.
10.1 Members of the public may seek access to their personal information held by the Commission and can also apply to amend or annotate their personal records under the Privacy Act or the FOI Act.
10.2 If a person wishes to access or correct their personal information under the Privacy Act, they should send a written request to:
Privacy
Email: privacy@fwc.gov.au
Post: GPO Box 1994, Melbourne VIC 3001
10.3 The request should include the person's name, contact details, proof of identity and the relevant matter number (if any), and should explain what information the person is seeking to access or have corrected. The Commission will respond to access or correction requests under the Privacy Act within 30 days after the request is made. There is no charge for making such a request.
10.4 Under APP 13, the Commission is required to take such steps (if any) as are reasonable to correct personal information it holds about an individual to ensure, having regard to the purpose for which the information is held, that information is correct. However, Commission documents are generally Commonwealth records that can only be destroyed or altered in accordance with s.24 or s.26 of the Archives Act 1983 (Cth). For example, Commission staff cannot make corrections to personal information contained in documents lodged in a Commission proceeding or Commission decisions or orders.
10.5 In some circumstances, the Commission may decide that it is reasonable to associate a statement with a Commonwealth record stating that the record contains incorrect personal information and including the correct personal information or a reference to where it is held.
10.6 If the Commission refuses a request to access or correct personal information under the Privacy Act, the individual will be given a written notice explaining why the request was refused and how the individual can make a complaint about it.
11.1 Any concerns or complaints regarding privacy should firstly be made in writing to the Commission using the contact details below:
Privacy
Email: privacy@fwc.gov.au
Post: GPO Box 1994, Melbourne VIC 3001
11.2 For more information on the Commission’s general complaints procedure, please refer to the Commission’s Complaints & feedback webpage.
11.3 If a complainant is not satisfied with the Commission’s response to their privacy complaint they can make a complaint to the OAIC. Details of how to make an OAIC complaint can be found on the How do I make a privacy complaint? page on the OAIC's website.
12.1 In this Policy and in the Privacy Act:
Personal information means information or an opinion about an identified individual, or an individual who is reasonably identifiable:
Sensitive information means:
that is also personal information, or
12.2 In this Policy: