fit2work Data Retention Policy

PURPOSE
This policy establishes the retention period of data within fit2work systems owned by Mercury and for which Mercury is responsible for the disposition of deleted data. This includes (but is not limited to) system Customer and User data captured for the purposes of utilising fit2work for Criminal History and other background checks.

APPLICATION
This policy applies to all employees, products, Customers and Users of fit2work.

POLICY
Mercury fit2work creates and collects a vast amount of data, much of which is confidential personal information.
Information collected by Mercury fit2work is used for service provision including client (customer) and consumer (user) support and the application of service. This information is vital to customers and users and must be managed with consideration for its confidentiality and sensitivity.
All information must be managed, stored and disposed according to its classification, business requirements and retention period. Suitable retention periods, storage conditions and the use of recommended disposal methods will ensure that information is managed, protected and accessible across Mercury fit2work.

SCOPE
This policy addresses Customer and User data that has been retained and deleted by and from Mercury fit2work systems for the purposes of Customer and User support and service. This policy does NOT include retention of data records not owned by Mercury.

ROLES

RECORD TYPES
This policy addresses electronic data generated by systems in various formats and systems provided for the Customer and User for the storage of data. Customer and User generated data retention refers to the length of time information is available for access once recorded by Mercury systems.

RECORDS RETENTION
Records are retained in accordance with relevant law including, but not limited to the Privacy Act 1998 and the Australian Privacy Principles.
Data is also retained in accordance with contractual and other legal requirements, including but not limited to the direction of the Australian Criminal Intelligence Commission (ACIC).
NPHC and other fit2work probity data is retained for a period of six years in line with ACIC guidelines and practice.
All uploaded documentation including (but not limited to) signed consent forms and identity documents are destroyed within 12 months of submission to fit2work.

POLICY REVIEW
Mercury Group of Companies Pty Ltd may make changes to this policy from time to time to improve the effectiveness of its operation.

Contact us