OS OptiSHFT by WRK Nexus

OptiSHFT Privacy Policy

Effective date: 1 May 2026 · Last updated: 1 May 2026

1. Introduction and scope

This Privacy Policy describes how WRK Nexus Pty Ltd ("WRK Nexus", "we", "us", "our") collects, uses, discloses, stores and protects personal information through the OptiSHFT mobile and web application and related services (collectively, the "OptiSHFT Service" or "App"). OptiSHFT is a workforce management platform used by employers, labour-hire businesses and their workers to plan rosters, manage timesheets and coordinate shifts.

We comply with the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs), and apply equivalent protections for users located in jurisdictions with comparable laws (such as the EU GDPR). This policy applies to anyone who installs, accesses or uses OptiSHFT, including customer organisations, their authorised administrators, end-employees whose data is processed in OptiSHFT, and visitors to the OptiSHFT website.

2. What information we collect

  • Account information: name, business email, role, company, phone number.
  • Employee and workforce data: names, contact details, employment status, qualifications, certifications, availability, rosters, timesheets, leave and award classifications.
  • Payroll-related data: tax file numbers, superannuation details, bank account details and pay rates, where customers configure payroll integrations.
  • Usage data: log data, device identifiers, IP address, browser type, pages viewed.
  • Support communications: records of enquiries, feedback and support tickets.

3. How we use information

We use personal information to:

  • Provide, operate, secure and improve the Service;
  • Authenticate users and administer accounts;
  • Process rosters, timesheets, attendance and integrate with payroll providers;
  • Provide customer support and respond to enquiries;
  • Comply with legal, regulatory and contractual obligations;
  • Send service-related notifications and, where permitted, product updates.

4. Data sharing and third parties

We do not sell personal information. We share information only with:

  • Sub-processors providing hosting, analytics, error tracking and email delivery;
  • Payroll, HRIS and identity providers integrated at the customer's direction;
  • Professional advisors and regulators where required by law;
  • Acquirers in the event of a corporate transaction, subject to confidentiality obligations.

5. Data security

We implement administrative, technical and physical safeguards designed to protect personal information, including encryption in transit and at rest, role-based access controls, audit logging, vulnerability management and regular backups. No system is perfectly secure; we continually improve our controls.

6. Data breach notification

We comply with the Notifiable Data Breaches scheme under Part IIIC of the Privacy Act 1988. Where an eligible data breach occurs, we will notify the Office of the Australian Information Commissioner (OAIC) and affected individuals as soon as practicable.

7. Data retention

We retain personal information for as long as needed to provide the Service and to meet legal, tax, accounting and record-keeping obligations (for example, employment and payroll records under the Fair Work Act 2009 typically require seven years' retention). When no longer required, we delete or de-identify personal information.

8. Your rights

Subject to applicable law, you may request access to, correction of, or deletion of your personal information, and you may withdraw consent for optional processing. Where OptiSHFT processes data on behalf of a customer (for example, an employee's roster data), requests should be directed to that customer as the data controller; we will assist as required.

9. Cookies and tracking

We use strictly necessary cookies to operate the Service and limited analytics cookies to improve it. You can control cookies through your browser settings. Disabling some cookies may affect functionality.

10. International data transfers

OptiSHFT is hosted in Australia. Where data is transferred overseas (for example, to sub-processors), we take reasonable steps to ensure recipients handle personal information consistently with the APPs and applicable safeguards (such as Standard Contractual Clauses for EU transfers).

11. Changes to this policy

We may update this policy from time to time. We will post the updated version on our website and revise the "Last updated" date. Material changes will be communicated to customers via the Service or by email.

12. Contact us

If you have questions or wish to make a privacy complaint, contact our Privacy Officer at support@wrknexus.com. If you are not satisfied with our response, you may contact the OAIC at oaic.gov.au.