Privacy Policy

1. Purpose

‍This Policy outlines Payroll Metrics’ ongoing obligations in respect of how Personal Identifiable Information (PII) is managed. Payroll Metrics has adopted the Australian PrivacyPrinciples (APPs) contained in the Privacy Act 1988 (Cth) (the PrivacyAct). The APPs govern the way in which employee PII is collected, used, disclosed, stored, secured and disposed of.

‍2. Scope
‍
‍PII is information that identifies an individual. Payroll Metrics’ software, operated by its customers, collects PII for the sole purpose of calculating earnings, tax and superannuation contributions for customers’ employees in accordance with Australian workplace laws.

‍3. Policy
‍
3.1. Security of Personal Information

PII is to be:

• stored in a manner that protects it from misuse and loss and from unauthorised access, modification or disclosure.
• classified as Confidential Information in Payroll Metrics’ Data Classification Policy,  (Section 2.5).
• removed from desks, computer screens, and common areas unless it is currently in use.
• is required to be stored under lock and key.
• transmitted using strong encryption, regardless of whether suchtransmission takes place inside or outside the company’s network.
• must not be left on voicemail systems, either inside or outside the company’s network, or otherwise recorded.
• destroy or permanently de-identify when it is no longer required for thepurpose for which it was obtained. Destruction to be undertaken in accordancewith the Treatment of Confidential Information Policy (Section 2.6).
• removed from desks, computer screens, and common areas unless it is currently in use.
• subject to the provisions of Payroll Metrics’ Back up Policy (Section 2.7).

3.2 Access to Personal Information

‍Payroll Metrics employees may request access to their PII by requesting a Director to provide the requested information. Payroll Metrics customers and their employees access their employees’ PII through the use of Payroll Metrics payroll software application:

• for administrators, through the administrator interface
• for employees via the employee self-service portal and through the mobileapp, PayBiz

The Quality and Information Security Management System (Q&ISMS), comprising both Standards, confirms Payroll Metrics’ commitment to ensuring its systems are appropriately deployed and maintained.

Employees are educated to understand their obligations to both quality management and information security management. Payroll Metrics commits to continuous improvement, meeting requirements, and seeks to ensure that customer expectations are an integral part of every program.

Access via the software to PII via these interfaces is controlled by user login and password plus, two factor authentication for access via the self-service portal or, a personal Identification code for access via the mobile app. Payroll Metrics employees do not respond to requests from customers or their employees for PII.

3.3  Disclosure of Personal Information:

PII may be disclosed in the following circumstances:

• to third parties where the individual consents to the use or disclosure; and
• where required or authorised by law