Acceptable Use Policy (Australia)

Create a comprehensive Data Protection Policy for an Australian organisation. Compliant with the Privacy Act 1988 (Cth) and the 13 Australian Privacy Principles (APPs). Covers data collection, use, storage, disclosure, access rights, and breach notification.

Obtain valid consent for the collection and use of personal information in Australia. Compliant with the Privacy Act 1988 (Cth), Australian Privacy Principles, and the Notifiable Data Breaches scheme. Covers data use, storage, third-party sharing, and withdrawal of consent.

An Australian Workplace Code of Conduct is a formal employer document that sets out the standards of professional behaviour, ethical conduct, and workplace values expected of all workers. It provides a clear framework for decision-making in situations that are not always expressly covered by other workplace policies, and establishes the consequences for falling below the required standards. A Code of Conduct is one of the most fundamental documents in any Australian employer's suite of workplace policies. The legal foundation for a Workplace Code of Conduct in Australia rests on the employer's implied common law right and contractual right to issue lawful and reasonable directions to employees. A direction is lawful if it does not require an employee to do something unlawful, and reasonable if there is a legitimate business justification for it. The Fair Work Act 2009 (Cth) is central to the enforcement and legal effect of a Code of Conduct: under ss 387 and 388, the Fair Work Commission will consider, when assessing whether a dismissal for a Code breach was unfair, whether the employer had a valid reason for the action, whether the employee was notified of that reason, whether the employee was given an opportunity to respond, and whether dismissal was proportionate to the conduct in question. The Australian Public Service (APS) Code of Conduct established under the Public Service Act 1999 (Cth) ss 13 and 15 provides a widely referenced model for conduct standards in the public sector. While this model is specific to Commonwealth public servants, the conduct categories it employs — honesty, respect, diligence, care of Commonwealth resources, compliance with laws, and avoidance of conflicts of interest — reflect the conduct standards expected across Australian workplaces generally and are the basis for private sector codes of conduct throughout Australia. A well-structured Code of Conduct addresses a comprehensive range of conduct obligations: honesty and integrity in dealings with the organisation and its stakeholders; respectful treatment of all persons, including the prohibitions on bullying, harassment, and discrimination under the Sex Discrimination Act 1984 (Cth), Racial Discrimination Act 1975 (Cth), Disability Discrimination Act 1992 (Cth), and Age Discrimination Act 2004 (Cth); confidentiality obligations and privacy compliance under the Privacy Act 1988 (Cth) and the Australian Privacy Principles; responsible use of organisational property and resources; compliance with all applicable laws and professional obligations; responsible use of social media; avoidance of conflicts of interest; and proper handling of gifts, benefits, and hospitality. The Code should also address outside employment (secondary employment), which is increasingly common in the modern workforce. While the Fair Work Act 2009 (Cth) limits the extent to which employers can prohibit outside employment, reasonable restrictions connected to genuine business interests — such as those that address conflicts of interest, confidentiality, or performance impacts — are permissible. Conflicts of interest and gifts management are particularly important for organisations operating in regulated industries such as financial services (where the Corporations Act 2001 (Cth) ss 181–183 impose specific duties on directors and officers), healthcare, government contracting, and professional services. Robust disclosure and management processes for conflicts of interest and gifts help organisations maintain integrity and comply with applicable regulatory requirements. The bribery and corruption provisions of the Criminal Code Act 1995 (Cth) apply to all organisations operating in Australia. The Code of Conduct should make clear that offering or accepting bribes — whether in the form of cash, gifts, or other benefits — to improperly obtain or retain business is unlawful and will result in immediate disciplinary action, including referral to law enforcement authorities. This Workplace Code of Conduct is suitable for Australian businesses of all sizes and industries. It should be incorporated by reference into all employment contracts, acknowledged in writing by all workers upon commencement and following any amendment, and enforced consistently and in accordance with procedural fairness principles under the Fair Work Act 2009 (Cth).

An Australian Whistleblower Policy is a formal document that explains to employees, officers, contractors, and other eligible persons how they can report suspected misconduct or wrongdoing, and what legal protections apply to them when they do. The policy is required by law for certain companies and must set out the key features of the whistleblower protection regime established under Part 9.4AAA of the Corporations Act 2001 (Cth). The whistleblower protection reforms in the Corporations Act 2001 (Cth) commenced on 1 July 2019, significantly expanding the protections available to whistleblowers in the corporate sector. Under s 1317AI, public companies, large proprietary companies, and proprietary companies that are trustees of registrable superannuation entities must have a whistleblower policy. The policy must be made available to officers and employees of the company. Failure to have a compliant policy is an offence attracting a civil penalty. The regime defines an 'eligible whistleblower' broadly under s 1317AA to include current and former employees, officers, contractors, suppliers, associates of the company, and their relatives or dependants. This wide definition ensures that those with genuine knowledge of misconduct — including former employees and supply chain workers — can come forward and receive protection. A disclosure qualifies for protection under s 1317AA(1) if the eligible whistleblower has reasonable grounds to suspect that the information concerns misconduct, or an improper state of affairs or circumstances, in relation to the company or a related body corporate. This includes suspected contraventions of the Corporations Act or the ASIC Act 2001 (Cth), conduct representing a danger to the public or the financial system, and tax-related misconduct under the Taxation Administration Act 1953 (Cth). The key protections afforded to eligible whistleblowers who make qualifying disclosures include: confidentiality protection under s 1317AAE, making it a criminal offence to disclose the identity of a whistleblower without their consent; protection from detriment under s 1317AD, prohibiting dismissal, demotion, harassment, discrimination, or any other adverse action because of a disclosure; civil and criminal immunity under s 1317AB, meaning a whistleblower cannot be sued or prosecuted in respect of their disclosure; and compensation rights under s 1317AE for any loss, damage, or injury suffered as a result of unlawful detriment. The whistleblower policy must, under s 1317AI(3), include information about: the protections available to whistleblowers; the disclosures to which those protections apply; how disclosures can be made; how the company will support and protect whistleblowers, including confidentiality measures; how the company will investigate disclosures; how the company will ensure fair treatment of employees mentioned in disclosures; and how the policy will be made available to officers and employees. In addition to the Corporations Act regime, whistleblower protections for tax-related disclosures are provided under ss 14ZZC to 14ZZE of the Taxation Administration Act 1953 (Cth), administered by the Australian Taxation Office. The Public Interest Disclosure Act 2013 (Cth) also provides a parallel regime for public sector whistleblowers. Best-practice whistleblower programs include independent external hotlines to allow anonymous reporting, regular training for managers and the Whistleblower Protection Officer on handling disclosures, clear procedures for managing conflicts of interest in investigations, and regular Board-level reporting on whistleblower disclosures. ASIC has published regulatory guidance (RG 270) providing detailed guidance on implementing whistleblower policies in practice. This Whistleblower Policy template covers all mandatory elements required by s 1317AI of the Corporations Act 2001 (Cth), including eligible whistleblowers and disclosures, protections from detriment and breach of confidentiality, how to make a disclosure to internal and external recipients, the investigation process, fair treatment obligations, and Board authorisation.