Our values and policies.


Our Values

  • Ambitious

    We are courageous and we are inspired to challenge ourselves to drive for both professional and business growth.

  • Accountable & Commercial ​

    We take our responsibilities seriously and we deliver outstanding outcomes with tenacity and integrity.​

  • Loyal & Committed  

    We are motivated, loyal and committed to each other and to our customers.​

  • Trust & Transparency​

    We trust and care for one another. We actively share and embrace feedback and communicate information as quickly as is possible.​

  • Simplicity​

    We are relentless in our pursuit of simplicity.​

  • Respectful & Collaborative 

    We respect one another, both personally & professionally, and are one engaged team driving for optimal outcomes for each other and our business.​

Workplace Behaviour and Respectful Interactions Policy


OneStep is committed to maintain and foster a psychological safe work environment where all employees, clients and customers are treated equally, regardless of age, race, background, gender, sexual preference, sexual orientation, cultural, religious and/or caring responsibilities.

OneStep aims to:

  • create a working environment free from discrimination, harassment, bullying and violence and where all employees are treated with dignity, courtesy, and respect
  • always promote and maintain appropriate standards of workplace conduct
  • encourage the reporting of inappropriate workplace behaviour
  • treat all concerns in a sensitive, impartial, timely and confidential manner
  • protect against victimisation and reprisals for employees making complaints



This policy sets out the responsibilities of employees, consultants, and contractors in relation to acceptable workplace behaviour. It provides an overview of the concepts of discrimination, harassment, sexual harassment, bullying, and victimisation to ensure that all those engaged in our workplace understand their rights and obligations.

This policy intends to create a safe and transparent process for employees and contractors that are subject to, or witness of, inappropriate behaviour in the workplace. The workplace includes at work or during work activities or work events (even where it occurs outside of normal working hours or away from normal work premises). In some circumstances, the workplace also extends to social media (for example, where workers interact with colleagues or make public statements concerning their employment or engagement).

It does not form part of your contract of employment and is not intended to create a separate contract of any kind.

However, those covered by this policy are expected to always comply with the requirements, and to meet the expected standards of behaviour, set out below. A failure to meet the expected standards of behaviour could result in disciplinary action, which may include termination of employment. It is also important to be aware that individuals can be personally liable under workplace health and safety and anti-discrimination laws for a failure to meet the required standards of behaviour.



We expect all our people model a respectful standard of behaviour and create an environment where we can all feel safe to speak up if we witness or experience workplace conduct that falls short of the standards set out in this policy. Appropriate workplace conduct is behaviour that aligns to our OneStep values and can be described as behaviour that is not defined as inappropriate behaviour under this policy (defined below).

Even if you don’t personally experience inappropriate behaviour, you can help contribute to a safe and respectful working environment by identifying, speaking out about or seeking to engage others in responding to behaviours that might be having a negative impact, including by:

  • Showing you don’t agree with the conduct (for example, by shaking your head or not laughing to a perceived inappropriate joke or remark)
  • Supporting others by checking in with them to ask if they are okay or helping them understand their options for reporting or addressing the conduct
  • Speaking up in a respectful way (for example, calling out or questioning the conduct or speaking to the person privately to tell them you are concerned about what you observed)

Understanding the concepts set out in this policy will help in identifying behaviours that might cross a line and better enable us to have constructive conversations to address any issues as and when they arise.


As a person covered by this policy, you have a responsibility to:

  • familiarise yourself and comply with this policy and applicable workplace laws
  • conduct yourself professionally and appropriately in the workplace and at work events
  • not engage in inappropriate behaviour in the workplace or in connection with work
  • approach or report any incidents of inappropriate workplace behaviour that you have observed or witnessed (whether directed at you or another person), to the person directly, if it safe to do so, the Leader or the CEO if appropriate
  • not use any OneStep equipment or systems (such as computers, cloud-based servers or telephones) to view, send or store any offensive, obscene, profane or indecent images or material that may be in breach of this policy, or to intimidate or harass any person
  • participate honestly in workplace investigations, where reasonably requested to do so
  • maintain confidentiality if you raise concerns and if you provide information during the investigation
    of a complaint



The intention or motive is not relevant to whether inappropriate behaviour may have occurred. It is therefore important to make sure you are familiar with your obligations under this policy and act in a respectful way during all work-related interactions (including work-related social activities). Being under the influence of alcohol or drugs will not be an excuse for engaging in inappropriate workplace behaviour. You are responsible for managing your own alcohol intake sensibly and in moderation at work events where alcohol is served.


What is discrimination?

It is unlawful for a person to discriminate against someone because they have a certain attribute/s, such as:

  • Age
  • Race
  • Pregnancy
  • Parent and carer status
  • Gender identity
  • Breastfeeding
  • Disability
  • Sexual orientation
  • Marital status
  • Employment activity
  • Sex characteristics
  • Lawful sexual activity
  • Expunged conviction
  • Sex
  • Physical features
  • Profession, trade or occupation
  • Industrial activity
  • Political belief of activity

or personal association with a person who has, or is believed to have, any of the attributes above.

Direct discrimination occurs if you treat someone with a certain attribute less favourably than you would treat a person without that attribute. An example of this would be refusing to employ someone because they are “too old”.

Indirect discrimination occurs if you impose a condition, requirement or practice which is unreasonable in the circumstances and has the effect of disadvantaging a person or group with a particular attribute more than a person without that attribute. An example of this might be requiring all employees to start work at 6 am. This might seem to treat everyone equally, but it could disadvantage employees needing to care for children, who are usually women. If it is not a reasonable requirement,
this will be indirect discrimination.

There are some limited exceptions, such as where the condition is necessary for a person to perform an inherent requirement of the job.

It is also unlawful to engage in conduct which offends, humiliates, intimidates, insults or ridicules another person on the basis of one of the attributes listed above, in circumstances where a reasonable person, having regard to all the circumstances, would have anticipated that the other person would be offended, humiliated, intimidated, insulted or ridiculed. Examples may include racist or sexist jokes.


Harassment is unwelcome conduct that intimidates, offends or humiliates an individual, or group of people, on the basis of race, culture, sex, age, sexual orientation, disability or other attribute (as above) protected by any state of federal anti-discrimination legislation. It is any inappropriate conduct or comment by a person towards another person that the person knew or reasonably ought to have known would cause that other person to be humiliated or intimidated. Harassment is often characterized through insulting, hurtful, hostile, vindictive, cruel or malicious behaviours which undermine, disrupt or negatively impact another’s ability to do his or her job and results in a harmful work environment of the employee.


What is Sexual Harassment?

The law defines sexual harassment as unwelcome sexual behaviour that causes a person to feel offended, humiliated, or intimidated, where a reasonable person could have anticipated that reaction in the circumstances.

Sexual harassment includes:

  • an unwelcome sexual advance
  • an unwelcome request for sexual favours
  • any other unwelcome conduct of a sexual nature.

Examples of sexual harassment may include (but are not confined to):

  • displays of sexually graphic material including pictures, cartoons, graffiti or messages
  • viewing, storing or circulating pornography (even if you do not intend for it to be seen by others)
  • remarks or insinuations about a person’s sex or private life
  • sexual propositions
  • physical contact such as kissing, pinching, touching, hugging, grabbing sexually explicit or suggestive conversations, emails or text messages


What is Bullying?

We all have an obligation to take reasonable care for our own safety and the safety of others who may be affected by our acts or omissions. A failure to do so could amount to a breach of workplace
health and safety laws.

Bullying is repeated, unreasonable behaviour directed towards a worker or group of workers that creates a risk to their health and safety.

Repeated behaviour refers to the persistent nature of the behaviour and can refer to a range of behaviours over time.

Unreasonable behaviour means behaviour that a reasonable person, having regard to the circumstances, would see as unreasonable, including behaviour that is victimising, humiliating,
intimidating or threatening.

Single incidents of unreasonable behaviour can also present a risk to health and safety and will not be tolerated. For example, violence in the workplace is never acceptable, even if it is not repeated. Examples of bullying may include (but are not confined to):

  • Physical abuse
  • Repeated verbal abuse, swearing or shouting
  • Deliberately excluding or isolating behaviour
  • Deliberately withholding information vital for effective work performance

What is not Bullying?

Reasonable management action carried out in a reasonable and lawful way does not constitute bullying. This includes performance management, providing feedback and directing and controlling work.

It is also important to recognise that differences of opinion and personality differences can sometimes occur, but do not necessarily constitute bullying. 10 Level 1/65 Fennell St Port Melbourne VIC 3207 (03) 9325 6666



What is Victimisation?

It is unlawful to victimise someone because they have made (or intend to make) a complaint or have been involved in the complaint process. Victimisation occurs if a person subjects, or threatens to
subject, another person or an associate of that other person to any detriment, or singles them out for unfair treatment.

Conduct likely to constitute a detriment includes (but is not confined to) dismissal, loss of a benefit, being deliberately excluded from work or work-related social functions, being the subject of malicious gossip or innuendo, threats of violence. While all complaints will be treated seriously, if a complaint is found to be vexatious or maliciously motivated, disciplinary action may be taken against the person raising the complaint and this will not amount to victimisation.



When raising an issue with OneStep, it is important to be aware that, while complaints will be treated confidentially, this does not necessarily mean it will remain confidential solely to the person you have come to with your concerns. Depending on the nature of the issue, the person you speak to may have an obligation to initiate an investigation (which may involve speaking to those directly involved in order to provide a fair opportunity to respond and any witnesses), or bring the issue to the attention of relevant managers. This is particularly the case where a risk to health and safety has been identified. An employee that makes a complaint should also maintain confidentiality to those that can assist in
resolution. Spreading of concerns to others may in itself, be a form of bullying


Federal legislation
Age Discrimination Act 2004
Racial Discrimination Act 1975
Sex Discrimination Act 1984
Disability Discrimination Act 1992
Fair Work Act 2009

State legislation
Equal Opportunity Act 2010 (Vic)
Racial and Religious Tolerance Act 2001 (Vic)
Occupational Health and Safety Act 2004

Privacy Policy


OneStep Group (‘OneStep’) is committed to protecting the privacy of its employees and meeting any privacy obligations set out in the Privacy Act 1988 (Cth) (‘the Privacy Act’) that might apply to it.

OneStep collects personal information in order to conduct its business and comply with a range of legislative and operational requirements.

The purpose of this policy is to explain how OneStep handles personal information of those who work with or work in conjunction with OneStep. This includes both prospective and current employees and customers of OneStep.



This policy applies to all OneStep employees.  It does not form part of your contract of employment and is not intended to create a separate contract of any kind.



Personal information is information relating to an individual which personally identifies an individual or makes the person’s identity reasonably apparent.

Personal information may also include ‘sensitive information’. Sensitive information is information or an opinion about an individual’s racial or ethnic origin, political opinions, membership of a political association, religious beliefs, philosophical beliefs, membership of a professional or trade association, membership of a trade union, sexual preferences, criminal record, health and biometric information or similar such information.

Sensitive information may be required to be collected in some circumstances. OneStep will only collect sensitive information if it is necessary for business purposes. OneStep will generally only collect sensitive information with your consent (unless otherwise permitted or required by law).

All information collected will be used and disclosed by OneStep only in accordance with this policy and the law. OneStep will take reasonable steps to ensure that all personal information is held securely.

Collection of Personal Information

OneStep will only collect personal information from individuals if it is reasonably necessary for its functions or activities.

Information provided by an Individual

OneStep may collect personal information directly from an individual including (but not limited to):

  • recruitment and on-boarding information such as an application form and resume, emergency contact details, and details of previous employment;
  • contact details, including address, email address and phone number;
  • date of birth;
  • details of next of kin and emergency contact details;
  • gender;
  • identification documents including passport and drivers’ licence;
  • marital status and family details, including in relation to personal leave;
  • Visa status or evidence of eligibility to work in Australia;
  • Educational qualifications;
  • bank details (including bank name and location, BSB and account number), superannuation and information in relation to tax status; and
  • details of share and option plans.

OneStep is required by law to retain your employee records for seven years.

Information Provided by a Third-Party

As part of the recruitment process, where relevant, and with the candidate’s consent, OneStep may seek information about a candidate through a third-party such as a recruitment service provider or a former employer. With the candidate’s consent, OneStep may also seek information regarding:

  • prior employment history through reference checks;
  • eligibility to work in Australia through a visa status check;
  • educational qualifications by requesting confirmation of qualifications or results from an academic institution;
  • interview records and details of any pre-employment assessments, including aptitude or other psychometric testing; and
  • ability to perform the inherent requirements of the role, through medical and other allied health professionals, or criminal history check and/or working with children check.

OneStep may also access personal information through publicly available networking sites such as Facebook or Linkedln.

Information Collected During the Course of Employment

OneStep may also collect information about an individual and their work over the course of their employment with the company, (or for contractors during the performance of a contract with OneStep). Such information may include:

  • details of any contract of employment (or contract for services) including start and end dates, department, role and location, reporting lines, title (including details of previous titles), working days and hours, details of promotions, details of bonuses, remuneration and salary (including details of previous remuneration), taxation, banking, superannuation, benefits and entitlements;
  • any information relating to disciplinary or grievance investigations and proceedings, including any warnings and related correspondence;
  • information relating to performance and behaviour at work, including appraisals, ratings, performance reviews, objectives, goals, and performance improvement plans;
  • details of attendance at work and absences, including annual and personal leave;
  • diversity demographic data;
  • training records including training needs;
  • details of any expenses claimed;
  • details of the use of Company property and equipment (including computers, swipe cards and telephone systems), emails and software; and
  • details of technical licenses, business licenses, trade licenses, high risk work licenses, accreditations and other OneStep relevant authorisations.

OneStep may also collect other personal information if required or authorised to do so by law.


Use of Personal Information

The purposes for which OneStep may collect, use, and disclose personal information include (but are not limited):

  • to establish, maintain and manage relationships, including to serve functions such as recruitment, payroll, performance feedback, and any disciplinary action (including any termination of any employment or engagement) and managing employees’ work and any claim in relation to any injuries or illnesses;
  • to assess or respond to claims, complaints, or conduct, or co-operate with investigations when required;
  • to obtain professional services as required including legal, human resources, industrial relations, accounting and insurance services;
  • work-related administrative purposes;
  • to finalise the terms of a contract, including pay rates;
  • to confirm eligibility to work in Australia;
  • to carry out a contract including, where relevant, its termination;
  • to pay and provide other benefits in accordance with a contract;
  • to make travel bookings on an individual’s behalf;
  • to allow you access to OneStep’s buildings, and to ensure the security of company buildings, confidential information and other Company property;
  • to reimburse expenses claimed;
  • to operate any share scheme including the granting of share options;
  • to operate schemes relating to sick leave, maternity leave, paternity leave, adoption leave, and parental leave;
  • deducting and paying appropriate tax and superannuation contributions;
  • to monitor and protect workplace health and safety;
  • to provide a reference upon request from another employer;
  • monitoring compliance with Company policies and OneStep’s contractual obligations;
  • to comply with all applicable law;
  • to liaise with any insurers in respect of any insurance policies that relate to you;
  • running the company business and planning for the future;
  • the prevention and detection of fraud or other criminal offences;
  • to defend OneStep in respect of any investigation or litigation and to comply with any court or tribunal orders for disclosure;
  • otherwise as permitted or required by law; or
  • otherwise with your consent.

Use of Your Personal Information on the Company Website (e.g., for Marketing Purposes etc.)

OneStep may use your personal information (for example, your name, image, job title and work contact details) on its website or in other publicly available resources where this is necessary for legitimate business purposes.

We also consider all aspects of the privacy and protection of our customers’ personal information through the lifetime of the development of new, and improvement of, existing products, services and system developments.

OneStep may also use this personal information for other marketing purposes, such as for displaying photos of employees/customers on its website and in other marketing materials. In some circumstances it will be necessary to continue to use certain personal information (such as photos of you) on the company website or in other marketing materials even after your employment has come to an end.

OneStep will always only use such personal information in a reasonable manner, taking into account your position within OneStep and the nature of your role. If you have any concerns about such use of your personal information, you should discuss this with your Leader. OneStep will consider any such points raised.

Disclosure of Personal Information

OneStep may disclose personal information to third parties including:

  • other companies within OneStep’s legal structure;
  • employees and contractors working for OneStep, to the extent this is necessary for the operation of OneStep’s business;
  • technology service providers, including, internet service providers, cloud hosting service providers, software suppliers, maintenance and support service providers, and security services on a confidential basis so that they can provide services to OneStep;
  • service providers such as banks;
  • external consultants such as legal, human resources, industrial relations, auditors, accounting, and insurance;
  • travel agents and suppliers of accommodation and travel services;
  • government agencies such as the ATO, Fair Work Ombudsman, WorkCover, etc;
  • superannuation funds; and
  • to other third parties as allowed by law or with your consent.

Accuracy and Storage of Personal Information

OneStep will always endeavour to maintain an accurate record of all personal information it holds. Individuals should ensure that all personal information provided to OneStep is accurate and up to date and notify OneStep of any changes where required.

In addition, in order to ensure personal information is handled appropriately, individuals should:

  • only access personal data if they need to do so for the proper performance of their role;
  • not share personal data unless this is necessary for the proper performance of their role;
  • keep personal data secure and protected;
  • regularly review and update personal data as necessary;
  • not make unnecessary copies of personal data and keep and dispose of any copies securely;
  • consider using strong passwords and when protecting documents with personal data on them;
  • lock unattended computer screens and devices;
  • never leave computers, devices, electronic storage systems, files, paperwork or other things containing personal data in a manner that risks there unauthorised access or theft;
  • where appropriate, ensure that highly sensitive personal data is encrypted before being transferred electronically to authorised external contacts. Where necessary, please speak to your manager or the IT department for more information on how to do this;
  • consider anonymising data or using separate keys/codes so that the data subject cannot be identified;
  • not save personal data to personal computers or other devices;
  • not take personal data away from OneStep premises unless required to do so for the proper performance of your role;
  • shred and/or securely dispose of personal data when finished with;
  • ask for help from your Leader if unsure about data protection, or if any areas of data protection or security can be improved;
  • keep a clear desk policy by the way of either securing them appropriately or destroying them promptly; and
  • immediately report any loss, unauthorised access, security risk or other issue that arises in respect of personal information to your manager.

Access to Personal Information

Personal information held by OneStep in respect of employees is subject to the “employee records exemption” under the Privacy Act and does not have to be disclosed on request.

Other persons, such as job applicants can request copies of their personal information by contacting OneStep may make reasonable changes for access to personal information and may refuse to provide access to, or delete, information where this is required or authorised by the Privacy Act or another law.

If personal information is incorrect, individuals may request that OneStep amend its records and the company will take reasonable steps to do so. Employees can do this by contacting their Leader other persons, such as job applicants should use the contact details referred to above.

Customer Privacy, Confidential Information and Security Requirements

We are committed to keeping our customers’ confidential information safe and secure. Confidential Information is all information about or relating to our customers (including Customer Data and any other personal information, applications, contracts and customer lists in any format). This also includes all information which is by its nature confidential.

To protect customer privacy we must not:

  • leave insufficient details in customer records
  • share or leave exposed credit card, banking or password details
  • share own opinions or assumptions about the customer
  • write customers personal or sensitive information on paper and workspace notice boards
  • keep customer or company details on white boards/screens/conference room boards
  • talk about customer related information in public spaces, including public transport, café’ etc
  • email internal, confidential or restricted information to personal email addresses

OneStep employees must use best efforts to prevent customer Confidential Information from being lost, accessed, modified, disclosed or otherwise used in a way that puts our customers’ Privacy at risk. This includes applying industry best practice security procedures and safeguards to restrict access to places and systems where such Confidential Information is stored. Focusing on the privacy of our customers is essential in helping us maintain their trust by respecting the personal and corporate information they provide to us in our interactions with them.

Whether you deal with customers on a day-to-day basis or not, we are all responsible for ensuring that the personal information we collect is protected.


If you have any concerns or are made aware about the use of your personal information (or of any other person’s personal information) in potential breach of this policy; you should discuss this with your Leader or the HR manager in the first instance. Other persons, such as job applicants or customers can email

Any release or misuse of personal information can have serious consequences not only for our customers but also for OneStep in relation to fines, brand and reputation damage.

OneStep will generally ask for your concern or complaint to be put in writing and it will endeavour to provide a reply within 21 days. In the event this occurs, it will be handled using OneStep Group’s Workplace Behaviour & Respectful Interactions Policy.