Privacy Policy

Last updated: 1st Nov 2025

YOUR PRIVACY

ProbityPeople Pty Ltd (ABN 51050096485) ("ProbityPeople", "we", "us", "our") is strongly committed to protecting your privacy as a customer, supplier, applicant, and online visitor to our website. We use the information we collect about you to maximise the services that we provide to you. Information security and privacy is at the forefront of everything ProbityPeople does. We respect the privacy and confidentiality of the information provided by you and adhere to the Australian Privacy Principles.

ProbityPeople operates and processes all applications such as obtaining, handling, using, disclosing, storing, destruction and de-identifying of personal information in compliance with the relevant privacy legislation and principles in Australia. This Privacy Policy relates to how we collect and handle personal information which we collect from you as a customer, supplier, applicant, online visitor to our website, digital services, or any member of the public who would have correspondence with us through social media or any other form of communication.

Please read our Privacy Policy below.

WHAT PROBITYPEOPLE DOES

ProbityPeople processes pre and post employment background screening checks for individuals directly, or for individuals looking for employment with other organisations. This generally involves the secure exchange of your personal information as highlighted in this policy.

Every business user or individual applicant is required to log in to a secure online portal to request orders or complete details for background screening checks. During the process of background checks being ordered or processed, the following procedure is likely, but not limited to occur:

Personal information such as contact details and user-generated passwords is obtained to create a secure online account
Depending on the type of background screening check, whether criminal background, financial history, career and education history, qualifications and memberships, entitlement to work etc., further personal information would be collected to:
- Verify the identity of the applicant
- Confirm accuracy of information provided
- Retrieve historical financial data against an individual
- Retrieve employment references
- Verifying legitimacy of qualifications, memberships and more
- Process various background screening verifications
Your personal information will likely be passed onto well-protected sources such as the Australian Criminal Intelligence Commission (ACIC), credit agencies or other government or police agencies in different jurisdictions. To complete these checks these sources may pass personal information on to other sources.
These sources will also likely share further personal detail back to ProbityPeople to confirm results, verifications, references etc.
Outcomes will then be shared back to either the business user or individual applicant depending who initiated the process through the secure online portal
Depending on the type of result or personal information that ProbityPeople receives, we will then choose to either maintain or destroy certain records to comply with agreements, legislations, and the law
To ensure we meet regulatory obligations, ProbityPeople's online portals may also track and record communication or user activity experience and correspondence securely

INFORMATION WE COLLECT FROM YOU

In the course of your visits to our website or use of our products and services, we may from time to time obtain the following information about you, for example: contact details, date of birth, copies of your identity documents, current or previous addresses, career and education history, qualifications, memberships, references, financial information, criminal history, or any information regarding any services ordered through ProbityPeople, credit card details (not stored), billing address, geographic location, IP address, survey responses, support queries, blog comments and social media handles (together "Personal Data").

The Personal Data we collect from you will only be necessary information depending on the nature of your interaction. It would be used to provide our services to you such as criminal background history checks, financial checks, educational and qualification checks, work rights checks and any other services we offer on www.probitypeople.com.au. We will only collect your Personal Data lawfully, respectfully and in a fair manner. We will collect your Personal Data and information directly from you when you create an account, order checks, complete checks, enter into an agreement with us or when you communicate with us. This information will be recorded, collected, and held in relation to your transaction with us.

We may also collect information about your transaction history with ProbityPeople, your browsing behaviour on our website (see information about 'cookies' in the section below) and record your interaction with us via email and telephone for security, training and dispute resolution purposes.

Depending on the products or services that are being provided your personal information may also be collected from other sources, such as:

Third party suppliers including but not limited to providers of criminal background history checks, credit agencies, law enforcement agencies, education providers, regulatory and licensing bodies, professional organisations or psychometric assessment providers
Partner organisations
Current or previous employers
Current or previous educational institutes

Any sensitive personal information that we collect from you for the purposes of the services ordered from ProbityPeople will be obtained with your permission and consent, except where it is otherwise allowed by law.

Legal Basis for Processing. ProbityPeople will collect, use and exchange your information only if we have a valid and lawful reason to, such as to:

Verify your identity and accuracy of information
Manage our communication and relationship with you such as providing our products and services to you
Review and assess your application for our products and services
Minimise misuse or loss of data, and reduce risks and protect against fraud
Comply with laws, obligations and provide assistance to regulatory, government and law enforcement authorities
Manage our business and improve our service to you
Processing your information to fulfil a contracted agreement with yourself or to comply with the law
Processing your information to fulfil ProbityPeople or a third party's legitimate interest. Where there is a good reason to protect your personal information, the legitimate interest can be overridden
You have provided consent for us to process your personal data

Information About Persons Under 18

Our services are not generally directed to persons under 18 and we do not knowingly collect Personal Data from anyone under 18. When ProbityPeople are required to collect personal information of persons under 18, we will seek parent or guardian consent prior to doing so. If you are the parent or guardian of a child and you believe they have provided us with Personal Data without your consent, then please contact us. You can review, correct, update, or delete your Personal Data by either logging into your account and making the changes yourself or contacting us directly to do so.

USE OF ARTIFICIAL INTELLIGENCE AND AUTOMATION

ProbityPeople may use automated tools or systems, including those that incorporate artificial intelligence or machine learning ("AI Systems"), to assist in performing certain elements of the Services, including validation, classification, identity matching, and document verification.

Human Oversight and Control

AI Systems are tested for accuracy and fairness before deployment
AI Systems do not make final determinations about applicants without human review
All automated outputs are subject to human oversight and verification
You may request information about the automated tools used in your screening where applicable and permissible

Automated tools are used only as decision-support mechanisms and remain subject to human oversight. You have the right to request human review of any automated decision that affects you.

HOW WE USE YOUR INFORMATION

Personally Identifiable Information: We use the information we collect to deliver our services to you and give you a better experience, including: communicating with you, providing technical support, notifying you of updates and offers, sharing useful content, measuring customer satisfaction, diagnosing problems and providing you with a personalised website experience. Marketing communications are only sent to you if you have requested or subscribed to them. You can opt out of our marketing communications at any time by unsubscribing or emailing us your mailing preferences at enquiries@probitypeople.com.au and your request will be actioned immediately.

Non-Personally Identifiable Information: We also use the information we collect in aggregated and anonymised forms to improve our services, including: administering our website, producing reports and analytics, advertising our products and services, identifying user demands and assisting in meeting customer needs generally. Any information you choose to make publicly available, such as blog comments and testimonials on our website, will be available for others to see. If you subsequently remove this information, copies may remain viewable in cached and archived pages on other websites or if others have copied or saved the information.

HOW LONG YOUR INFORMATION IS KEPT

ProbityPeople will keep your information for as long as necessary to fulfil the purposes for which it was collected, comply with our legal and regulatory obligations, resolve disputes, and enforce our agreements.

Specific Retention Periods:

Customer business records: Retained indefinitely while you remain a customer of ours
Australian Criminal History Checks: Destroyed after 12 months in accordance with ACIC requirements
Identity Documents (for criminal checks): Stored for 12 months and deleted within 15 months in accordance with ACIC requirements
Other verification checks: Retained as per relevant regulatory and contractual requirements, typically 7 years for business records
Transaction records: Maintained for 7 years to comply with taxation and business record requirements

Internal research, data analytics, your requests or feedback, and technical requirements may also influence how long ProbityPeople may keep your personal data. You have the right to request deletion of your Personal Information, subject to our legal and regulatory obligations. Please see the "Accessing Your Personal Information" section below for information on how to make such requests.

When we are disposing of any information or data, responsible steps and measures will be in place to destroy or de-identify any data in accordance with our data destruction procedures and applicable law.

STORAGE AND SECURITY OF YOUR INFORMATION

ProbityPeople will use all reasonable means to protect the confidentiality of your Personal Data while in our possession or control. All information we receive from you, whether hard-copy or electronic records are stored and protected on our secure servers from unauthorized use or access. Credit card information is encrypted before transmission and is not stored by us on our servers.

Information Security Management

ProbityPeople maintains ISO 27001 certified information security practices and implements comprehensive security controls across our technical infrastructure, physical premises, and operational procedures.

Technical Infrastructure

ProbityPeople's server is hosted securely behind leading firewall and site monitoring tools preventing various cyber-attacks
Leading malware detection technology is used to detect and mitigate possible malware from the server
All check processes must be maintained via probitypeople.com.au, which is securely hosted on a private server
Only authorised and required users will have access to applicant details
Results are only securely shared via individual sign-in accounts which have strong password protection requirements
ProbityPeople enforces secure socket layer (SSL) and Transport Layer Security (TLS) connections for every page of our website and back end application processes
No sensitive personal data or materials is transferred on an unsecured mechanism such as email
All company servers and all documents are stored and shared via an encrypted server which has two-factor authentication enabled
Individual sign-in accounts with access privileges is required to access our third-party suppliers and only compliance team members will be granted access
All access requests are logged for further auditing. Email alerts are in place to notify the server admin
Antivirus and server protection software are installed on all devices to secure the endpoint
Operating systems and application patches must be applied on the server and endpoint on a weekly basis
Critical server software and application patches are installed as soon as they become available ensuring data security
Access to server infrastructure is strictly monitored and role-based access control mechanism is used to prevent unauthorised access to confidential personal data
Two-factor authentication is also used to further restrict the unauthorised access to the server

On-Site Security

Access to ProbityPeople offices, sensitive areas, and document storage spaces are fully controlled by employee security passes, safety cameras, alarms and building guards
Management of physical and electronic documents as well as disposal of these documents are also controlled by trained management staff

Data Sovereignty and Storage

All of ProbityPeople's operational data and customers' personal data is held securely in Australian data centres
ProbityPeople will not transfer Personal Information outside of Australia unless: (a) the recipient is subject to laws substantially similar to the Privacy Act; (b) the transfer is necessary for performing the Services and is covered by contractual protections; or (c) the Applicant or Customer consents to the transfer
You may request confirmation of the jurisdiction(s) in which data is hosted or processed
All ProbityPeople's Consultants are fully trained prior to managing and processing checks from our operation centres

Security Management and Training

All policies, standards and procedures are set out by senior management
Senior management forms part of our Security Management team and are responsible for measuring and monitoring ProbityPeople's operational staff and departments
Prior to commencing employment, all employees must read and sign all company policies
All employees undergo full training to access the company's resources including how to safely access and manage stored data and personal information

Data Breach Notification

In the event there is an Eligible Data Breach (as defined in the Privacy Act 1988 (Cth)) of our security and your Personal Data is compromised, we will notify you within 72 hours in compliance with the applicable law. An Eligible Data Breach occurs when:

There is unauthorised access to or unauthorised disclosure of personal information, or a loss of personal information, that an entity holds
This is likely to result in serious harm to any of the individuals to whom the information relates
The entity has not been able to prevent the likely risk of serious harm with remedial action

If we are required to notify you of a data breach, we will provide information about:

The identity and contact details of ProbityPeople
A description of the data breach
The kinds of information concerned
Recommendations about the steps you should take in response to the data breach

We will also notify the Office of the Australian Information Commissioner (OAIC) of any Eligible Data Breach as required by law.

SHARING YOUR INFORMATION WITH THIRD PARTIES

Your Personal Data details are only disclosed to third party suppliers when it is required by law, for professional services you have purchased, for payment processing or to protect our copyright, trademarks and other legal rights. To the extent that we do share your Personal Data with a service provider, we would only do so if that party has agreed to comply with our privacy standards as described in this privacy policy and in accordance with applicable law. Our contracts with third parties prohibit them from using any of your Personal Data for any purpose other than that for which it was shared.

When providing our professional services to you, depending on the service you have purchased or the reason for your interaction with ProbityPeople, we may share your personal information with the following third parties:

Third party suppliers including but not limited to providers of criminal background history checks, credit agencies, law enforcement agencies, education providers, regulatory and licensing bodies, professional organisations, or psychometric assessment providers
Partner organisations
Current or previous employers
Current or previous educational institutes
Service suppliers such as marketing and IT support, auditors, insurers and re-insurers

In some instances, ProbityPeople may be compelled to disclose your information to various authorities if required by law. For the purposes of completing a check or service for you, we may also be required to share your personal information with entities overseas. ProbityPeople may use an agent or supplier who may be based overseas to conduct checks and verifications which require international sources. This may include but is not limited to, criminal background history checks, references, education and qualification verifications, financial checks etc.

Your personal information will not be disclosed to international suppliers and entities unless we have received your consent to do so or it is otherwise permitted by law. ProbityPeople will only complete commercial transactions and work with organisations who also have robust processes and procedures in place for handling secure and personal information which adheres to ProbityPeople's policies.

Vendor Security Assessment: All third-party service providers who handle personal information on our behalf undergo security assessments to ensure they maintain appropriate security measures and comply with privacy requirements.

DISCLOSURE OF YOUR INFORMATION

ProbityPeople may from time to time need to disclose certain information, which may include your Personal Data, to comply with a legal requirement, such as a law, regulation, court order, subpoena, warrant, in the course of a legal proceeding or in response to a law enforcement agency request. We may also use your Personal Data to protect the rights, property, or safety of probitypeople.com.au, our customers or third parties.

If there is a change of control in one of our businesses (whether by merger, sale, transfer of assets or otherwise) customer information, which may include your Personal Data, could be transferred to a purchaser under a confidentiality agreement. We would only disclose your Personal Data in good faith and where required by any of the above circumstances.

ACCESSING YOUR PERSONAL INFORMATION

Every individual applicant or business user has access to their own secure online portal. This is where you can access, manage, and update your personal information such as your name, address, contact details etc. Personal information which has been submitted as part of a background screening check may or may not be amended or updated depending on the nature of the check.

Amending or updating your personal details generally does not incur a fee, however if it relates to information which has already been processed for a check, then a re-processing fee or small administration fee may be involved. Should there be a fee involved, this would be communicated with you prior to any updates.

In most cases, when information is related to your personal details, you will be given full access via your secure online portal, however if it involves commercially sensitive information, or information regarding a third party or organisation then ProbityPeople may reserve the right to reject your access or only give you access to certain information.

If you think information ProbityPeople has about you is incorrect, contact us and we will investigate and, if necessary, correct it. If you believe that the information received by ProbityPeople from another source is incomplete, incorrect or misleading, we may need to refer you to the source to ask for a review.

Your Rights:

Access: Request access to all personal information ProbityPeople has about you
Correction: Request correction of inaccurate or incomplete information
Deletion: Request deletion of your personal information (subject to legal retention requirements)
Restriction: Request restriction of processing if certain grounds apply
Data Portability: Receive your personal data in a commonly readable format such as a spreadsheet or document upon request

Please send your request to enquiries@probitypeople.com.au. We will respond to your request within 30 days.

PROBITYPEOPLE AND GDPR

The European Union General Data Protection Regulation (the GDPR) contains data protection requirements that apply to the processing of personal data of individuals in the European Union. ProbityPeople's services and operations comply with the GDPR requirements and additional information and your rights as EU residents are covered in this policy.

In adherence to the requirements of the GDPR, EU Citizens who are residents in the EU will have rights to the following either through your individual secure portal which you will have password access to or by written request to enquiries@probitypeople.com.au:

Access or request for all personal information ProbityPeople has about you
Update inaccurate or incomplete information
Request for your personal information or data to be deleted
Request for ProbityPeople to restrict or stop processing your data if certain grounds apply
Receive your personal data in a commonly readable format such as a spreadsheet or word document upon request

The above are requirements of the GDPR which relate to ProbityPeople. Upon request of any of the above, ProbityPeople will endeavour to complete the request within 30 days.

MODERN SLAVERY ACT 2018 COMPLIANCE

ProbityPeople is committed to conducting business ethically and with integrity. We do not tolerate modern slavery or human trafficking in our operations or supply chain. We warrant that neither ProbityPeople nor any of our officers, employees, agents or subcontractors have engaged in any conduct that would constitute an offence under the Modern Slavery Act 2018 (Cth). We require our third-party suppliers to uphold similar standards.

COOKIES AND PIXELS

A cookie is a small file placed in your web browser that collects information about your web browsing behaviour, your internet protocol (IP) address and how you arrived at the website. Use of cookies allows a website to tailor its configuration to your needs and preferences. Cookies do not access information stored on your computer or any Personal Data (e.g. name, address, email address or telephone number).

Most web browsers automatically accept cookies, but you can choose to reject cookies by changing your browser settings. This may, however, prevent you from taking full advantage of our website. Our website uses cookies to analyse website traffic, provide social media sharing and liking functionality and help us provide a better website visitor experience. In addition, cookies and pixels may be used to serve relevant ads to website visitors through third party services such as Google Adwords and Facebook Adverts. These ads may appear on this website or other websites you visit.

For more information about how to manage cookies, please visit www.aboutcookies.org or www.allaboutcookies.org.

LINKS TO OTHER WEBSITES

ProbityPeople's website may contain links to other websites through hyperlinks or through an Automated Platform Interface (API). These links are owned and operated by third parties and are not subject to ProbityPeople's privacy policy. Please be aware that ProbityPeople are not responsible for the privacy practices of these websites and have no control over their content. We encourage our users to be aware, when they leave our website, to read the privacy statements of each website that collects personally identifiable information. This privacy policy applies solely to information collected by this website.

CHANGES TO THIS PRIVACY POLICY

As we plan to ensure our privacy policy remains current, this policy is subject to change. We may modify this policy at any time, in our sole discretion and all modifications will be effective immediately upon our posting of the modifications on this website or notifying you by other means. Please return periodically to review our privacy policy. Your continued use of our services after any changes indicates your acceptance of the updated Privacy Policy.

CONTACT US AND FEEDBACK

ProbityPeople values our customers, applicants, and suppliers, and welcome any feedback that may help us improve the services we offer. If you have any questions or concerns at any time about our privacy policy or the use of your Personal Data, please contact us:

Email: support@probitypeople.com.au

Data Protection Officer: support@probitypeople.com.au

Security Incident Reporting: webmaster@probitypeople.com.au

Postal Address:

ProbityPeople Pty Ltd
GPO Box 4849
Sydney NSW 2001
Australia

We will respond to your enquiry within 48 hours. When you provide your feedback or complaint, we will always aim to be fair and handle it in a responsive, friendly, and professional way. We will try our best to evaluate and understand your feedback or investigate any concerns. We will keep a record of your feedback, ensure you are kept updated on the evaluation or solution and make all possible efforts to advise you of an outcome within 30 days of when feedback has been provided or as soon as possible. If we cannot respond within this timeframe, we will ensure to update you with a reason.

If you are not satisfied with our response to your feedback or complaint, then you can refer to:

Office of the Australian Information Commissioner (OAIC)

Website: https://www.oaic.gov.au
Email: enquiries@oaic.gov.au
Phone: 1300 363 992