BOYLAN & ASSOCIATES RECRUITMENT SERVICES
 

Boylan & Associates Pty Ltd — Updated Privacy Policy (2026 Compliant)

(Incorporating 2024–2026 Australian privacy reforms)

1. Introduction

Boylan & Associates Pty Ltd (“we”, “us”, “our”) is committed to ensuring the privacy, integrity and security of the personal information we collect. As a recruitment and employment services firm, we recognise the sensitivity and commercial importance of the information you share with us.

This Privacy Policy explains how we collect, use, store, disclose and protect your personal information in accordance with the Privacy Act 1988 (Cth) and the updated Australian Privacy Principles (APPs), as amended by the Privacy and Other Legislation Amendment Act 2024 (Cth).

These amendments introduced major reforms, including new security obligations, expanded enforcement powers, a statutory tort for serious invasions of privacy, doxxing offences, and transparency requirements for automated decision making. 

2. Application of This Policy

This Privacy Policy applies to:

  • All personal and sensitive information collected during our recruitment and consulting activities;
  • Information collected through our website: www.boylanassociates.com.au;
  • Information collected from candidates, clients, referees, and third party sources necessary for the delivery of our services.

We do not currently operate services that fall under the EU General Data Protection Regulation (GDPR). However, we adopt comparable best practice principles where appropriate.

3. Legal Framework

Our privacy practices comply with:

  • Privacy Act 1988 (Cth) and the Australian Privacy Principles;
  • Privacy reforms introduced via the Privacy and Other Legislation Amendment Act 2024, including:
  • new statutory tort for serious invasions of privacy (commenced 10 June 2025); 
  • strengthened security obligations requiring both technical and organisational measures to protect personal information (from 11 December 2024);
  • automated decision making transparency requirements (commencing 10 December 2026);
  • enhanced OAIC enforcement powers and penalty regime (in effect from 11 December 2024);
  • new criminal offence for doxxing (effective 11 December 2024);
  • new Children’s Online Privacy Code (to be developed by December 2026).

4. Types of Personal Information We Collect

Depending on your interactions with us, we may collect:

  • Personal identification details (name, address, phone number, email);
  • Employment history, CVs, qualifications, certifications;
  • Performance management and employment related records;
  • Sensitive information (e.g., health, diversity information) — only with your express consent;
  • References, background checks, and psychometric results (with prior consent);
  • Website analytics data, device identifiers, cookies and usage statistics.

We may also collect data via Google Analytics or similar tools to improve our services and website experience.

5. How We Collect Personal Information

Direct collection

Through:

  • Candidate registration, interviews, resume submission, assessments;
  • Client focused interactions;
  • Website use, contact forms, and uploaded documentation.

Third party collection (with consent)

We may collect information from:

  • Former or current employers;
  • Educational institutions;
  • Government agencies;
  • Referees;
  • Psychologists or vocational assessors.

Consent will be obtained before collecting sensitive information or conducting third party checks.  

6. Purposes for Collecting and Using Information

We collect and use your information to:

  • Provide recruitment, placement and consulting services;
  • Assess suitability for roles and match candidates with client needs;
  • Conduct background checks and reference validation; 
  • Maintain client and candidate relationship management;
  • Comply with legal obligations;
  • Provide marketing updates, newsletters, job opportunities and service alerts (you may opt out at any time).

Under the 2024–2026 reforms, we will also:

  • Disclose any use of automated decision making processes affecting you, as required by the 2026 commencement of transparency obligations.

7. Website and Device Data Collection

When you visit our website, we may use:

  • Cookies;
  • Analytics tools;
  • Device identifiers;
  • IP logs.

These help improve functionality, customise your experience, and enhance security. You can disable cookies via browser settings.

8. Disclosure of Personal Information

We may disclose personal information to:

  • Clients and employers seeking candidates;
  • Background screening providers;
  • Psychometric or assessment platforms;
  • IT service providers and secure hosting partners;
  • Regulatory authorities where legally required.

Where applicable, we will obtain your consent prior to disclosure unless required by law.

Overseas disclosures

We may store data with overseas service providers. The 2024 reforms introduced a “whitelist” mechanism for countries with adequate protections, though no list has yet been released as at 2026.

9. Data Security and Retention

We implement technical and organisational security measures, as required under the 2024 reforms, including:

  • Secure servers (Australian and overseas hubs);
  • Access controls, encryption and intrusion detection systems;
  • Cybersecurity frameworks consistent with OAIC expectations;
  • Regular risk assessments and privacy impact reviews.

These obligations are mandated under updated APP requirements clarified in December 2024.

Retention and destruction

We retain your records only as long as necessary or as required by law. When no longer needed, records are securely destroyed or anonymised.

10. Data Breaches

In the event of an eligible data breach, we will follow the mandatory Notifiable Data Breach Scheme and cooperate with OAIC requirements, noting that updated enforcement provisions commenced on 11 December 2024 (including infringement notices and compliance directives).

11. Your Rights

You have the right to:

  • Access personal information we hold about you;
  • Request correction of inaccurate information;
  • Request deletion (“right to erasure”) where applicable — reflecting expanded rights under the 2024–2026 privacy reforms;
  • Withdraw consent for certain processing activities;
  • Lodge complaints with us, or with the Office of the Australian Information Commissioner.

Requests will be handled promptly and in accordance with the Privacy Act.

12. Contact Us

The Privacy Officer
Boylan & Associates 
Email: careers@boylanassociates.com.au

13. Feedback

We welcome your feedback on our privacy practices and are committed to ongoing improvement as Australian privacy laws evolve.

Placeholder image

HOME | ABOUT | EMPLOYERS | CANDIDATES | TESTIMONIALS | CONTACT | Copyright © 2025 Boylan & Associates. All rights reserved. | PRIVACY POLICY

Website by Test Pilot.