Data Protection Policy

Preferred Insurance Staffing recognizes the importance of safeguarding personal data and respecting individuals’ privacy rights. This Data Protection Policy outlines our commitment to protecting personal data in accordance with various data protection laws and regulations, which may include but are not limited to:

• The Privacy Act in Australia

This policy establishes the framework for how we collect, process, store, and manage personal data responsibly and in compliance with these laws.

RESPONSIBILITIES

EMPLOYEES

All employees are responsible for ensuring the proper handling of personal data in their day-to-day activities. They must adhere to this policy and report any data protection concerns to the DPO.

CONTRACTORS AND THIRD PARTIES

Contractors and third parties engaged by the Company are also responsible for adhering to this policy and for ensuring the proper handling of personal data in their activities on behalf of the Company. They must comply with applicable data protection laws and regulations and report any data protection concerns to the DPO.

DATA PROTECTION OFFICER (DPO)

The Company has appointed a Data Protection Officer Marc David Oanzon – IT Manager who is responsible for overseeing data protection matters, ensuring compliance with applicable laws, conducting regular audits or reviews of data processing activities, and acting as a point of contact for data subjects and regulatory authorities.

DATA COLLECTION AND PROCESSING

LAWFUL PROCESSING

The Company will only collect and process personal data when it has a lawful basis to do so, including but not limited to:

• The consent of the data subject
• Contractual necessity
• Legal obligation
• Legitimate interests
• The protection of vital interests

TRANSPARENCY

Data subjects will be informed of the purposes for which their data is collected and processed, including the lawful basis for processing, at the point of data collection or before, and their rights in relation to their data.

CONSENT

Where consent is required for processing personal data, Preferred Insurance Staffing will obtain explicit and freely given consent from data subjects. Consent will be obtained through clear and easily accessible means, and records of consent will be maintained.

DATA SECURITY

DATA BREACH RESPONSE

A data breach is defined as any unauthorized access, disclosure, or acquisition of personal data that compromises its confidentiality, integrity, or availability. In the event of a data breach, the Company will promptly:

• Assess and mitigate the impact of the breach
• Notify affected data subjects in a timely manner, providing details of the breach and actions they can take to protect themselves
• Notify relevant regulatory authorities where required by applicable law

DATA BACK-UP

Data processed inside the company are encrypted, back-up and secured online cloud using Microsoft 365. No data are saved locally or on the hard drive.

DATA SUBJECT RIGHTS

Data subjects have the following rights regarding their personal data:

• Right to Access: Data subjects can request access to their personal data.
• Right to Rectification: Data subjects can request corrections to their personal data.
• Right to Erasure: Data subjects can request the deletion of their personal data.
• Right to Data Portability: Data subjects can request the transfer of their personal data.
• Right to Object: Data subjects can object to the processing of their personal data.
• Right to Restriction of Processing: Data subjects can request the restriction of processing under certain circumstances.

To exercise these rights, data subjects can contact the Data Protection Officer at the contact information provided below.

CONTACT INFORMATION

Data subjects can contact the Data Protection Officer at:

Paulene T. Brito
+617 2102 4200 Ext. 03
paulene@preferredvirtualstaffing.com