Privacy
Privacy Policy
Last updated: 25 June 2026. This policy is provided in draft for Australian legal review and should be confirmed by a lawyer before you rely on it.
Gorman Greene Pty Ltd (ABN 75 695 805 531) (“Gorman Greene”, “we”, “us”, “our”) provides evidence-led recruitment for senior delivery leadership. We handle personal information in accordance with the Privacy Act 1988 (Cth) and the 13 Australian Privacy Principles (APPs). Because our work involves handling and disclosing personal information about individuals as part of a commercial service, we treat ourselves as bound by the APPs regardless of our turnover.
Whose information this covers
This policy covers two groups: candidates we assess or hold in our network, and client and business contacts (hiring sponsors, decision-makers and referees). Candidate and applicant information — resumes, references, transcripts and assessment records — is fully covered by the APPs. The “employee records” exemption does not apply to candidates, and we do not treat it as if it does.
What we collect
From candidates: identity and contact details; professional history, resume and work examples; your responses during assessment and the reasoning you share; availability, notice period and remuneration expectations; right-to-work status; qualifications; and information from referees you nominate. We collect only what is reasonably necessary to assess you for a specific role.
Sensitive information (for example, criminal history or health information relevant to the inherent requirements of a role) is collected only with your consent and only where it is genuinely required for the engagement.
From clients and contacts: name, organisation, role, contact details, and the details of the engagement and the role being calibrated.
We collect mainly directly from you. Where we collect from another source (such as a referee you have nominated, or a public professional profile), we do so transparently and in line with the APPs.
How we tell you about collection
At or around the time we collect your personal information, we take reasonable steps to make you aware of why we are collecting it, how we will use it, and who we may share it with. Where we collect new information later for a new purpose, we tell you again.
How we use it
We use personal information to calibrate and assess candidates against specific roles, to produce evidence briefs, to deliver our services to the engaging employer, to conduct reference checks, and to manage our relationship with you. We do not use your information for an unrelated purpose, and we do not use candidate information for secondary marketing, without your consent.
Consent and your control
Candidate participation is on the basis of informed, specific and withdrawable consent. We disclose a candidate’s identity to an employer only with that candidate’s consent, and only where an engagement warrants it. You may withdraw consent, and you may ask to access, correct or contest the information and assessment records we hold about you.
Assessment, our internal score, and automated decisions
Our assessment is practitioner-led: the judgements that matter are made by a person, not a machine. Any internal scoring we use is a private triage aid for our own practitioners, is never the sole basis of a decision about you, and is never shared with clients. We do not use substantially automated decision-making to make decisions that significantly affect you. If that ever changes, we will disclose it in this policy.
Artificial intelligence
Candidate documents and personal information are never used to train, and are never exposed to, public artificial intelligence systems.
Referees and references
We verify material claims with referees you nominate. We do not guarantee a referee’s anonymity or that their comments will remain confidential, because you may be entitled to request access to the information we hold, including reference information.
Who we share it with
We disclose personal information only as needed to provide our services — for example, to the employer engaging us (with candidate consent), to service providers who help us operate under confidentiality obligations, or to a payroll or on-hire partner where a contract engagement requires it — and where we are required or authorised by law (for example, to verify right to work, or in response to a court order). We do not sell personal information.
Overseas service providers
We design our core candidate systems to keep candidate data within Australia. Some supporting services we use (for example, website hosting, email, scheduling or analytics) may store or process information outside Australia. Where that is the case we take reasonable steps to ensure your information is handled appropriately, and we do not represent that all of our data is hosted within Australia.
Security
We take reasonable technical and organisational steps to protect personal information from misuse, interference, loss and unauthorised access, including access controls and limiting access to those who need it. No system is perfectly secure, but we treat candidate data as confidential and hold it accordingly.
Data breaches
We comply with the Notifiable Data Breaches scheme. If a data breach is likely to result in serious harm, we will notify the affected individuals and the Office of the Australian Information Commissioner (OAIC) as required.
How long we keep it
We retain personal information only for as long as it is needed for the purposes described above or as required by law, and then take reasonable steps to de-identify or securely destroy it. You may ask us to remove information we hold about you, and we will do so unless we are required to keep it.
Access, correction and complaints
To access or correct your information, or to make a privacy complaint, contact us at privacy@gormangreene.com.au. We will respond within a reasonable time. If you are not satisfied with our response, you may contact the OAIC at oaic.gov.au.
Other laws that apply to our work
Depending on the engagement, other laws may apply to how we handle your information, including the Migration Act 1958 (Cth) (right-to-work verification), the Spam Act 2003 (Cth) (electronic marketing and unsubscribe), anti-discrimination laws, and state or territory employment-agent and labour-hire licensing requirements. We comply with these where they apply to us.
Changes to this policy
We may update this policy from time to time. The current version will always appear on this page.