AustralianSuper Candidate Privacy Notice

Introduction

This Privacy Notice covers candidates’ personal and sensitive information collected by AustralianSuper Pty Ltd, and our related companies (AustralianSuper) as part of our recruitment and selection process. If you provide personal or sensitive information in another context, such as in your capacity as a member, please refer to our privacy policy.

Protecting your personal information is important to us and is required by law. The Privacy Act 1988 (Cth) determines that we must handle your personal information in accordance with a set of Australian Privacy Principles. If you are applying for a role in the UK or EU or are based in the UK or EU, please refer to the GDPR Specific Addendum below.

Provision of your personal information to us is not mandatory, however If you do not provide this when requested, we may be unable to progress your application or offer of employment or consider you for future employment opportunities.

Personal Information Collection and Use

AustralianSuper, collects your personal information to consider you for potential employment with us. This includes the position you applied for, other relevant opportunities, and to manage business risks, legal and regulatory obligations and disputes. We also use it for statistical reporting and analysis in relation to recruitment, to understand our website usage and diagnose technical problems. If you are successful in securing a position with AustralianSuper, we will also use your personal information for employment-related purposes.

We collect personal information about you:

directly (for example when you provide information by applying for a role or submitting information through our website) where relevant, and with your consent, through third parties such as referees, recruitment agencies, government bodies, and similar sources.

Types of Personal Information Collected

Personal and sensitive information collected during our recruitment process may include, but is not limited to:

Contact details (e.g. name, postal and email address, phone number);
Resume and other correspondence;
Employment details and qualifications (e.g. work history, education history and qualifications, licenses, certifications, memberships);
Diversity and Inclusion information (e.g. gender identity, Indigenous status) - used for statistical reporting only;
Information provided during interviews or assessments including aptitude or other psychometric testing;
Identity information (e.g. photo ID, passport details, birth certificate, driver's license details, date of birth, gender);
Background check information (e.g. criminal history, pre-employment medical declaration, regulatory checks, visa status, work eligibility, references)- collected after a successful application;
Financial information (e.g. Tax File Number, Tax Residency Status, bank account details) and emergency contact details - collected after a successful application; and
Other information we may consider necessary to our recruitment processes.

Sharing Your Personal Information

We may share your personal information under certain circumstances, such as:

When legally required (e.g., fraud prevention)
For legitimate business reasons (e.g., risk management, verifying identity, legal defense)
To comply with law enforcement or legal requirements;
With your permission.

We may share your personal information with various entities, including:

Our employees, contractors, directors, and officers and related companies;
Service providers (e.g., recruitment agencies, IT support, security providers, background check providers), some of whom may be located outside the country you are applying from or will be working from if successful with your application;
Law enforcement and government agencies;
Professional advisors, auditors, or business partners;
Fraud prevention agencies;
Authorised third parties with your permission; and
Entities involved in potential mergers.

Third-party providers may be used for services such as employment suitability assessment, application process management, and conducting surveys.

How long will your personal information be retained

We will retain the personal information provided in your application in accordance with our data retention and destruction policies and standards, as amended or replaced from time to time

If you are successful in your application, your personal information may become part of your employee file. This will be retained for 10 years after you cease your employment with AustralianSuper at which point it will be securely deleted/deidentified.

If you are unsuccessful in your application, and we have not had any 'meaningful contact' (communication between us either verbal or written, or where you are actively engaging with our online portal) with you, or the company/agency you are working for or with, for three years we will endeavour to remove you from our talent pool. In addition, you can separately unsubscribe from our talent pool (including receiving notifications from us) via the portal. If we have 'meaningful contact' with you, we will continue to retain your personal information.

Background Checks

For successful applicants, we conduct education checks, background checks (including police, bankruptcy and work rights) to ensure a safe work environment for all colleagues. These checks help us verify your qualifications, confirm your identity, and comply with legal and regulatory requirements. They also allow us to assess potential risks related to security, financial integrity, and workplace safety.

AustralianSuper uses third parties Sterling Risq (AU) & Accurate (UK & US) for these checks. We will make you aware if the role you have applied for requires specific background checks and will inform you of any relevant background checks during the recruitment process.

Accessing and Updating Your Information

You have the right to access and update your personal information, and have it corrected if necessary, by contacting us. We strive to provide this information within 30 days of your request, after verifying your identity. In some cases, we may withhold providing you your information. If we do refuse your request to access your personal information, we will provide you a written response explaining our decision.

Making a Privacy Complaint

If you have a privacy concern, please contact our Privacy Officer:

AustralianSuper Privacy Officer
AustralianSuper Pty Ltd
130 Lonsdale Street Melbourne Vic 3000 or email us.

We will investigate your complaint promptly. If dissatisfied with the resolution, you may contact the Office of the Australian Information Commissioner.

GDPR Specific Addendum

The following section applies to the collection and use of personal information of candidates who are domiciled in the United Kingdom (“UK”) or European Economic Area (“EEA”). Such personal information referred to in this addendum as “Personal Data”.

Personal Data Processed

The Personal Data processed for UK and EEA domiciled candidates has been outlined above under the ‘Types of Personal Information Collected’. For the avoidance of doubt, any reference to ‘Personal Information’ shall be read as ‘Personal Data’ for the purposes of this addendum.

Legal Basis for Collection

We rely on the following basis to process your Personal Data.

Consent: You provide us with clear unambiguous consent to process your Personal Data for the purposes of your employment application.
Contract: The processing of your Personal Data is necessary (more than just useful) to enter into a contract with you and in order for AustralianSuper to comply with the terms of the contract.
Legal Obligations: The processing of Personal Data is necessary in order for AustralianSuper to comply with relevant applicable legislation and the processing is a reasonable and proportionate way of achieving compliance.
Legitimate Interests: The processing of Personal Data is necessary for our and/or related third-parties legitimate interests (as set out in the table below) and these legitimate interests are compatible with your interests to have your Personal Data protected.

How we process your Personal Data	Legal Basis relied upon	Legitimate Interests
Verify your identity	Contract, Legal obligation, Our legitimate interests	Prevention of fraud Compliance with regulations Management of risks
Evaluate your application and suitability	Contract, Legal obligation, Our legitimate interests	Prevention of fraud Compliance with regulations Management of risks
Communicate with you	Consent, Contract, Legal obligation, Our legitimate interests	Communication with candidates Compliance with regulations Management of risks
Improve your overall candidate experience	Consent, Our legitimate interests	Enhancement of user experience Management of risks
Comply with relevant laws and assist law enforcement when required	Contract, Legal obligation, Our legitimate interests	Protection of data and systems Compliance with regulations Management of risks
Manage our business operations	Consent, Contract, Legal obligation, Our legitimate interests	Compliance with regulations Prevention and investigation of crime Management of risks

How long will your Personal Data be retained

We will retain the Personal Data provided in your application in accordance with our data retention and destruction policies and standards, as amended or replaced from time to time.

If you are successful in your application, your Personal Data may become part of your employee file.

The precise length of time we will retain your employee file will depend on the type of data, our legitimate business needs and other legal or regulatory rules that may require us to retain it for certain minimum periods. For example, we may be required to retain certain data for the purposes of tax reporting or responding to tax queries. We will generally retain personal data relating to you where necessary to enable us to provide you or a future employer with a reference. Once we have determined that we no longer need to hold your personal data, we will take steps to delete it from our systems. If you are unsuccessful in your application, and we have not had any 'meaningful contact' (communication between us either verbal or written, or where you are actively engaging with our online portal) with you, or the company/agency you are working for or with, for three (3) year we will endeavour to remove you from our talent pool. In addition, you can separately unsubscribe from our talent pool and remove your Personal Data (including receiving notifications from us) via the portal. If we have 'meaningful contact' with you, we will continue to retain your Personal Data.

International Transfers

When we share your Personal Data outside the UK or EEA, we ensure a suitable degree of protection is afforded to it. Where a transfer is within AustralianSuper, we ensure that access to Personal Data is restricted to AustralianSuper staff who require the information to complete the purposes as described within the ‘Information Collection and Use’ section of this notice. A system of passwords and different levels of access is used to protect the Personal Data that is held on our system. Where a transfer is to third parties, access is only provided to the extent required for the third party to assist us to complete the purpose described within the ‘Information Collection and Use’ section of this notice and only once EU Standard Contractual Clauses have been entered into with the third party.

Your rights in relation to your personal data

In accordance with both Data Protection Act 2018, GDPR (United Kingdom General Data Protection Regulation) (UK GDPR) and the EU General Dara Protection Regulation (EU GDPR), you have the following rights in relation to your Personal Data:

Right to be informed: You can ask how we collect and use your Personal Data.
Right to access: You can request a copy of your Personal Data.
Right to rectification: If your Personal Data is wrong you can request, we correct it.
Right to be forgotten (erasure): You can ask us to delete your Personal Data.
Right to object. You can object to our processing of your Personal Data where we are relying on a legitimate interest (or those of a third party).
Right to restrict the processing of your Personal Data: You can ask us to suspend the processing your Personal Data, for example if you want us to establish its accuracy or the reason for processing it.
Right to data portability: You can request to transfer your Personal Data to another party.

If you wish to make any of these requests; or have any other concerns regarding our collection or use of your Personal Data, you should contact the Privacy Team through the contact details outlined previously.

If you are not satisfied with how your request or complaint is managed, any decision/action we have taken in relation to your Personal Data or believe that your GDPR rights have been infringed, you can lodge a complaint with the UK’s Information Commissioner’s Office via their website.

AustralianSuper may change this notice from time to time as required. We will post the changes on the relevant pages of the AustralianSuper website.

Document last updated on: 14 February 2025.

Compare super

Superannuation

Investments

Retirement

Insurance

Employers

Tools & advice