Last updated: July 2018
We know how important security and privacy is to you. They are at the heart of Datasii and as such we strive to make things as safe and clear as possible for everyone involved.
(a) the Privacy Act 1988 (Cth, Australia);
(b) the Privacy Act 1993 (New Zealand);
(c) the Personal Information Protection and Electronic Documents Act, SC 2000, c5 (federal, Canada);
(d) the Personal Information Protection Act (Alberta, Canada);
(e) the Personal Information Protection Act (British Columbia, Canada);
(f) all applicable United States federal and state privacy laws, including, but not limited to, the California Online Privacy Protection Act (CalOPPA), Early Learning Personal Information Protection Act (ELPIPA);
(g) the General Data Protection Regulation (EU);
(h) the Data Protection Act 2018 (UK);
(i) any other applicable privacy legislation.
(the above collectively referred to as “Data Protection Laws”)
3. Collection of Personal Data
We may collect the following categories of Personal Data in in the following situations:
a) Personal Data you voluntarily provide to us: This includes Personal Data that you give to us directly, whether face-to-face, by telephone, email, post, through social media, through our website or by communicating with us in any way. Personal information that we collect and hold is information that is reasonably necessary for the proper performance of our functions and activities as a recruitment service provider. The type of information collected will differ depending on whether you are a Candidate, Client or Referee.
(i) Candidate – The Personal Data we may collect includes:
- Contact and identity information (such as your contact details and other information you may provide in your registration form)
- For recruitment purposes: your previous work history, performance appraisals, curriculum vitaes, resumes, employment or job applications, employment covering letters, qualifications, information about incidents in the workplace, your health information, personal history, opinions from referees, information in relation to absences from work due to leave, illness or other causes and our assessment of you as a prospective candidate for recruitment.
- Information from third parties including any references about you, psychometric or competency test results or any information about any insurance investigation, litigation, criminal matter, inquest or inquiry in which you are involved.
- Financial information that allows Datasii to pay you should you be engaged as an employee or contractor, including your Tax File Number, superannuation account details, bank account details and other ancillary information that is required to fulfil contractual, legislative, filing and reporting obligations (including the payment of salary and wages).
(ii) Client - The Personal Data we may collect includes:
- Contact and identity information (such as your contact details and other information you may provide.
- Feedback that you may have provided in relation to a Candidate, or their performance on placement.
(iii) Referee – The Personal Data we may collect includes:
- Contact and identity information (such as your contact details and other information you may provide.
- Feedback that you may have provided in relation to a Candidate or their suitability for a position.
b) Our email marketing list: When you become a Datasii Account Holder, or where you elect to sign up to our email marketing list, we may collect your name, email address, and email marketing preferences.
c) Personal Data we collect automatically: When you use our Service or browse our Website, we may collect information about your usage and web browsing. We may collect the Personal Data as log files, or through cookies or other tracking technologies (see the “Cookies and tracking” below for more information), store it against the associated Datasii Account, and link it to the other Personal Data we hold.
Categories of Personal Data: The Personal Data we may collect includes your IP address, your operating system, your browser ID, time, date, your browsing activity, your interaction with the Service (including any Content, comments, and location).
d) Statistical information: We may collect statistical (non-personal) information about your use of the Website and the Service to improve the features and overall user experience. This may include statistical information such as pages accessed on the Website and the Service, search terms, links that are clicked on, Website and Service visit times, browsers and operating systems, IP address, and cookies.
Personal Data may be collected as log files, or through cookies or other tracking technologies, stored against associated Datasii Accounts, and linked to the other Personal Data we hold about associated Datasii Accounts.
The Website does not currently recognize Do Not Track (DNT) signals sent by our Users’ web browsers.
In addition, third parties that have content embedded on the Website, such as videos or social media buttons, may set cookies on a User’s browser and/or obtain information about the fact that a web browser visited the Website from a certain IP address.
4. Use of Personal Data
We process Personal Data for the following purposes:
a) to assist you in finding or retaining work;
b) to perform the necessary functions of our business as a recruitment company;
c) to analyse user behaviour for the purposes of:
(i) inviting Users to explore other features within the Website or Service, and otherwise to generally promote our Service;
(ii) ensuring the security of the Website and the Service; and
d) to respond to enquiries, feedback or complaints received from you;
e) to perform authorised financial transactions with you and to help us to manage our Datasii Accounts and administrative services;
f) to verify your identity;
g) for directly marketing to you (including by email, post, other means, or through functionality within the Service) with information about our Service;
h) on an aggregated non-identifiable basis, to:
(i) help Datasii understand its market position;
(ii) assist with marketing our Service to others, including in respect of any online advertising; and
(iii) deliver a statistical result to help with general Datasii announcements;
i) to protect our legal interests and fulfil our regulatory obligations (if and to the extent necessary); and
j) in other circumstances, provided we comply with applicable Data Protection Laws.
5. Lawful Basis for Processing
Performance of a contract: You acknowledge and agree that the processing identified below is necessary for the performance of a contract to which the data subject is party (being the Agreement):
a) to carry out User and Datasii Account administration tasks;
b) to manage and deliver the Service; and
c) to manage any disputes (including disputes over invoices or delivery of Service).
6. Direct marketing
All those with whom we interact have the option to opt-out of receiving direct marketing communications from us. If you do not wish to continue to receive direct marketing communications from us and/or selected third parties, you should opt-out by clicking on the “unsubscribe” link in any email communications that we might send you.
Please note that some features of the Service may involve us providing, through the functionality within the Service, recommendations or suggestions for goods, services or benefits that we offer.
7. Retention and deletion of Personal Data
We will retain your Personal Data for as long as the Datasii Account associated with you is active, or as long as needed to provide you with our Service.
We take steps to regularly destroy Personal Data, however we may:
(a) in some cases, retain a copy of your Personal Data to comply with our legal obligations, resolve disputes, enforce our agreements and to comply with our trust and safety obligations. Personal Data retained for this purpose will be archived and stored in a secure manner after your Datasii Account has been closed, and will not be accessed unless required for any of these reasons; and
(b) retain Personal Data in an aggregated, de-identified or otherwise anonymous form, such that there is no reliable way of identifying you from the information.
8. Disclosure of Personal Data
a) Disclosure to third parties
We will not sell Personal Data to anyone.
We share Personal Data with third parties for limited purposes, such as to help us run our business and provide the Website and Service. Those third parties can be categorised as follows:
i) Internally and to our related entities;
ii) To our Clients;
iii) To other intermediaries involved in managing the supply of personnel including organization who carry out credit, fraud and other security check, payment processors, hosting services, content delivery services and IT support providers;
iv) To legal and other professional advisors.
v) To Referees for suitability and screening purposes.
We limit the information we provide to third parties to the information they need to help us provide or facilitate the provision of goods and services and associated purposes. We deal with third parties that are required to meet the privacy standards required by law in handling your Personal Data and use your Personal Data only for the purposes that we give it to them.
c) Legal obligation: If we are under a duty or have a legal right to disclose or share Personal Data in order to comply with any legal obligation, or in order to enforce or apply our terms and conditions or to protect our rights, property, or the safety of our personnel or third parties. This includes exchanging information with other companies and organisations for the purposes of fraud protection, trust and safety and credit risk reduction.
9. Trans-border Personal Data flows
Datasii is a global service, based in Sydney, NSW Australia, Therefore, Datasii stores and processes the information gathered on servers located in other countries.
Some of your personal information may be disclosed to overseas recipients. Where we transfer your personal information to related entities outside Australia, we believe that the recipients of such information are subject to a law, binding scheme or contract which effectively upholds principles for fair handling of the information that are similar in all material respects to the APPs outlined in the Privacy Act.
10. Security of Personal Data
We take all reasonable steps to protect Personal Data, including through internal and external security, restricting access to Personal Data to those who have a need to know, maintaining technological products to prevent unauthorised computer access and regularly reviewing our technology to maintain security. We choose technology partners based on their security and privacy policies and practices.
Personal Data stored in our system is protected by electronic and procedural safeguards. We take reasonable precautions to protect Personal Data (and other content) from accidental loss and theft by storing it in secure data centres with off-site backups. Communication between Candidates, Clients and our servers is encrypted via industry-standard secure sockets layer (SSL).
The Service is protected by a secure and encrypted password that each Account Holders must choose themselves. Account Holders should never share their passwords. Datasii is not responsible for any loss of data or breach of privacy if an Account Holder shares their password with someone else. We do not store your password on our servers.
Given internet transmissions cannot be guaranteed to be entirely secure, you acknowledge and agree that you use the Service at your own risk.
In case of a Security incident or any other breach of security safeguards, such as the loss of, unauthorised access to or unauthorised disclosure of Personal Data under Datasii’s control, we will respond in accordance with applicable Data Protection Laws.
11. Your Rights
You have the right to:
a) access and correct your Personal Data that is held by us. This right is subject to some exceptions set out in privacy law including evaluative opinion material obtained confidentially in the course of our performing reference checks.
b) request the erasure of any or all of your Personal Data;
c) restrict or object to the processing of any or all of your Personal Data;
d) request the porting of any or all your Personal Data to another organisation; and
e) withdraw any consent to processing that you have previously given in respect of any or all of your Personal Data.
Please note that where we are not, or are no longer, in a position to identify you within the information we hold (including because of any de-identification techniques we may have employed), then your rights as described above shall not apply.
We will respond to any request made in respect of the above in accordance with the applicable Data Protection Laws where you are resident.
We will respond to any request made in respect of the above without delay, but in any case within one (1) month of a request, or two (2) months where the requests are complex or numerous (in which case, we will inform you of such delay).
Part B: Your Responsibilities
Uploading and transferring other people’s Personal Data through the Service
You acknowledge and agree that, in respect of other people’s Personal Data that you upload and transfer within the Service, you are acting as a joint data-controller along with Datasii in respect of such Personal Data.
By accessing and using the Service to upload and transfer other people’s Personal Data, you agree that you:
a) Comply with all Data Protection Laws: will comply with your obligations under all applicable Data Protection Laws;
b) Obtain consent: have obtained (or shall obtain) all consents necessary under Data Protection Laws, for Datasii to process the Personal Data through the Service as you direct, and that such consent is obtained from the correct person;
c) Withdrawn consent or objection to processing: must notify us without undue delay if they desire to withdraw their consent, or any part of their consent, or objects to any processing of Personal Data through the Service. This shall include any withdrawal of consent, or objection received by the person to whom the Personal Data relates;
d) Security breach: upon becoming aware of a security incident, or any other breach, or suspected breach, of your security safeguards, must notify us without undue delay and shall provide timely information relating to the security incident as it becomes known or as is reasonably requested by us;
e) Sensitive data: will not upload or transfer “sensitive data” (as that term is defined in applicable Data Protection Laws) to the Service;
f) Secure use of the Service: are responsible for your secure use of the Service, including securing your Datasii Account authentication credentials, protecting the security of Personal Data when in transit to and from the Service and taking any appropriate steps to securely encrypt or backup any Personal Data uploaded to the Service;
g) Evaluation of the Service: are responsible for reviewing the information made available by Datasii relating to data security and making an independent determination as to whether the Service meet your requirements and legal obligations under Data Protection Laws.
13. Questions and Comments
If you have any questions or comments, or want to access, update, or delete the Personal Data we hold about you, or have a privacy concern please write to us at:
Attention: Mr Peter Duong
The Privacy Officer
Datasii Pty Ltd
Please provide sufficient detail about the information in question to help us locate it. We will respond to any privacy request in compliance with the applicable Data Protection Law.