We are committed to protecting your personal information in accordance with the Australian Privacy Principles in the Privacy Act 1988 (Cth), the General Data Protection Regulation (EU 2016/679) and any other applicable data protection and privacy law (together “Privacy Laws”).
We recognise the importance of your privacy, and that you have a right to control how your personal information is collected and used.
If you have any questions relating to this policy, please contact PredictiveHire direct on the contact details set out in section 17 below.
PredictiveHire Limited and PredictiveHire Pty Ltd are each a data controller for the purposes of the personal information you have provided to us or we have collected from you through your use of our website or otherwise relating to the provision of any products or services to you.
The contact details of our offices are set out below.
Email address: email@example.com
Postal address: 15 Newton Street, Cremorne, Melbourne VIC 3121, Australia,
Telephone number: +61 1300 983 405
1.1 We collect personal information from customers (existing and prospective), employees (existing and prospective) of customers, suppliers, contractors, shareholders, users of our website and other individuals for various business and other purposes further listed in, or contemplated by, section 3.2 below. In this section, we explain the types of personal information which we usually collect as well as how we collect this information.
1.2 The types of personal information PredictiveHire will collect from you will depend on the circumstances in which that information is collected. It may include:
(a) contact details (e.g. your name, address, email and phone details);
(b) information required for you to transact with us (e.g. place of work, position, authority to transact with us);
(c) information about our customers’ current and former employees (e.g. place of work, position, length of tenure, qualifications, curriculum vitae, aptitude, performance reviews and any other relevant human resources information);
(d) information required for you to open a trading account with us or otherwise do business with us including bank account details, information obtained through credit checks and any other relevant financial information;
(e) your billing information, transaction and payment card information, your contact history, information on prior dealings with PredictiveHire or our customers;
(g) information on personal lifestyle and professional preferences;
(h) any other information required as part of a recruitment process;
(i) statistical information regarding the use of the PredictiveHire website, including website users’ IP addresses and the dates, times and page locations of website users’ visits;
(j) information about how you use our website, IT, communication and other systems;
(k) your professional online presence, e.g. LinkedIn profile;
(l) information from accounts you link to us, e.g. Facebook;
(m) information to enable us to undertake credit, fraud or other financial checks on you;
(n) information obtained through your responses to questionnaires, surveys, competitions and promotions you consent to complete for us or on behalf of our customers; and
(o) any other information relating to you that you provide in communications with us, including information you provide in person, by email or telephone or via an enquiry form.
1.3 The types of personal information listed in section 1.2 above are not intended as an exhaustive list. We may occasionally collect additional personal information about you as part of a user authentication process and may also require you to provide personal information about other individuals (eg, your authorised representatives etc.). In that case, you are expected to inform any such individuals whose personal information you provide to us that you are providing their personal information to us and to advise them about this policy. We will rely on you having obtained any required permission to share such personal information about other individuals with us and we consider it your responsibility for advising any such individuals of the existence or content of this policy.
1.4 In order to provide services to our customers, we may sometimes need to collect sensitive information (including e.g. information about a person’s race, ethnic origin, political opinions, health, religious or philosophical beliefs, sexual preferences, genetics or criminal history). Where we do need to collect your sensitive information, we will only collect it with your explicit consent, and we will only use it for the purpose for which you provided it and for the purposes of processing for which you consented to.
2.1 In this section, we explain how we usually collect your personal information. We usually collect personal information through:
(a) direct interactions with you – in person, by telephone, text or email or by completing a questionnaire or survey;
(b) our website;
(c) software platforms through which we provide services to customers;
(d) use of social media;
(e) orders for, and use of, our products or services;
(f) employment applications;
(g) third party service providers;
(h) requests for brochures, to join a mailing list or to be contacted for further information about our products or services;
(i) provision of customer service and support;
(j) responses to surveys or research conducted by us or on our behalf;
(k) publicly available materials;
(l) directly from a third party, eg: credit reference agencies, customer due diligence providers, banks you use to pay us or place orders;
(m) from a third party with your consent, e.g. your bank or building society;
(o) via our IT systems and software, e.g.: door entry systems and reception logs, monitoring of our websites and other technical systems, such as our computer networks and connections, CCTV and access control systems, communications systems, email and instant messaging systems.
2.2 You do not need to provide us with your personal information. However, this means we may not be able to fulfil the applicable purpose for which we have requested the information, such as to supply products or services to you.
2.3 Where practicable, we will collect personal information directly from you.
2.4 When we collect personal information from you, we will take reasonable steps to notify you at, before, or as soon as practicable after, the time of collection.
2.5 From time to time we may be given information by third party sources, including but not limited to:
(a) your employer;
(b) your representatives or advisers;
(c) affiliated companies within the PredictiveHire group of companies ; and
(d) third parties who assist us in any aspect of our business, including our third party service providers.
2.6 If you provide us with personal information about another individual (as their representative or adviser), we rely on you to:
(a) inform them that you are providing their personal information to us; and
2.7 On our request, you must also assist us with any requests by the individual to access or update the personal information you have collected from them and provided to us.
2.8 We may also collect your personal information from other parties where we are legally required to do so. If we receive information about you from someone else, we will take reasonable steps to ensure you are aware that we have collected personal information about you and the circumstances of the collection.
2.9 While we take reasonable steps to ensure that your personal information remains secure, many information security risks do exist and we always recommend that you take appropriate steps to help safeguard your personal information from such risks.
3.2 In accordance with Privacy Laws, we can only use your personal information if we have a proper reason for doing so, eg:
• to comply with our legal and regulatory obligations;
• for the performance of our contract with you or to take steps at your request before entering into a contract;
• the processing is necessary for the purposes of our legitimate interests or those pursued by a third party (examples of legitimate interests include the pursuit of our commercial objectives, or where we process personal information for direct marketing purposes); or
• where you have consented to the processing (you can withdraw this consent at any time – see section 12 below about your rights).
A legitimate interest is when we have a business or commercial reason to use your information, so long as this is not overridden by your own rights and interests. We will not process your information for such purposes where these are overridden by your own interests or by your rights and freedoms with respect to your personal data.
3.3 The following table sets out the types of data we may collect in the course of providing services to our customers, the purpose for which that data is collected and processed, and the legal basis for processing that data:
3.4 In order to provide our products or services to customers, we may use your personal data (including any data we collect through surveys or research) to predict your behaviour in a particular role and assess your suitability for that role. We do this by using data analytics to measure your expected performance against key performance indicators for that role and provide our customers with predictions of your performance. The purpose is to enable our customers to make better hiring choices. Please note, however, that such a decision is not based solely on automated processing (including profiling).
4. When we disclose personal information
4.1 We generally explain at the time we collect personal information how we will use or disclose that information. We may share your personal data with the parties set out below for the purposes set out in the table in paragraph 3.3 above. We will only use or disclose personal information for a purpose other than for which it was collected or a related purpose if you have consented to such different use or disclosure or such use or disclosure is otherwise allowed by the Privacy Laws.
4.2 We routinely share personal information with:
• the entities within the PredictiveHire group of companies;
• our employees, contractors, business partners and agents;
• our customers in respect of data collected about their employees and job applicants to provide our services to our customers;
• third parties we use to help deliver our products and services to you, e.g. payment service providers, IT service providers;
• other third parties we use to help us run our business, e.g. alliance partners, website hosts, web developers, internet service providers, customer service or support specialists, marketing organisations and research and data analysis organisations;
• third parties approved by you, e.g. social media sites you choose to link your account to or third party payment providers;
• credit reference agencies;
• our insurers and brokers and professional advisers (including legal counsel);
• our and your banks; and
• our financial, accounting and administrative service providers.
4.3 We only allow our service providers to handle your personal information if we are satisfied they take appropriate measures to protect your personal information. We also impose contractual obligations on service providers to ensure they can only use your personal information for the purposes for which we have given them access and for no other purpose.
4.4 We may also share personal information with external auditors, e.g. in relation to certain accreditations and the audit of our accounts.
4.6 We may disclose and exchange information with law enforcement agencies and regulatory bodies to comply with our legal and regulatory obligations.
4.7 We may also need to share some personal information with other parties, such as potential buyers of some or all of our business or during a re-structuring.
4.8 Usually, the personal information we share will be anonymised but this may not always be possible. The recipient of the information will be bound by confidentiality obligations.
5.1 To deliver our products and services to you, it is sometimes necessary for us to share your personal information outside of the jurisdiction from which it was collected and outside the European Economic Area (EEA), e.g.:
• with our group companies and offices outside the EEA;
• with your and our service providers located outside the EEA;
• if you are based outside the EEA;
• where there is an international dimension to the products and services we are providing to you or our customers.
These transfers are subject to special rules under European and UK data protection law.
The following countries to which we may transfer personal information have been assessed by the European Commission as providing an adequate level of protection for personal information: Andorra, Argentina, Canada (commercial organisations), Faroe Islands, Guernsey, Israel, Isle of Man, Jersey, New Zealand, Switzerland, Uruguay and the US (limited to the Privacy Shield framework).
Except for the countries listed above, other non-EEA countries do not have the same data protection laws as the United Kingdom and EEA. We will, however, ensure the transfer complies with data protection law and all personal information will be secure.
We ensure your personal data is protected by requiring all our group companies to follow the same rules when processing your personal data.
Many of our external third parties are based outside the European Economic Area (EEA) so their processing of your personal data will involve a transfer of data outside the EEA.
Unless data protection legislation permits the transfer of your personal data outside the EEA due to a specific exception for such restricted transfers, whenever we transfer your personal data out of the EEA, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:
• We will transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data by the European Commission.
• Where we use certain service providers, we may use specific contracts approved by the European Commission which give personal data the same protection it has in Europe.
• Where we use providers based in the US, we may transfer data to them if they are part of the Privacy Shield which requires them to provide similar protection to personal data shared between the Europe and the US.
5.2 We may disclose personal information outside of the jurisdiction from which it was collected. In the conduct of our business, we transfer to, and hold or access personal information from, various countries including Australia, the United Kingdom and the United States. The privacy laws of those countries may not provide the same level of protection as the privacy laws of the country from which the personal information was collected. However, this does not change our commitments to safeguard your privacy and we will comply with all applicable laws relating to the cross-border data disclosure.
6.1 Like most businesses marketing is important to our business’ success. We therefore, from time to time, send marketing materials to current or prospective customers. We only do so in accordance with applicable laws or with your prior consent. We have a legitimate interest in processing your personal information for promotional purposes (see above ‘How we use personal information’). This means we do not usually need your consent to send you promotional communications. However, where consent is needed, we will ask for this consent separately and clearly.
6.2 If you are receiving promotional information from us and do not wish to receive this information any longer, you can opt out at any time by contacting PredictiveHire direct on the contact details set out in section 17 below and asking to be removed from our mailing lists, or by using the unsubscribe facilities included in our marketing communications. We may ask you to confirm or update your marketing preferences if you instruct us to provide further products and services in the future, or if there are changes in the law, regulation, or the structure of our business.
You have the following rights, which you can exercise free of charge:
The right to be provided with a copy of your personal information
The right to require us to correct any mistakes in your personal information
To be forgotten
The right to require us to delete your personal information—in certain situations
Restriction of processing
The right to require us to restrict processing of your personal information—in certain circumstances, eg if you contest the accuracy of the data
The right to receive the personal information you provided to us, in a structured, commonly used and machine-readable format and/or transmit that data to a third party—in certain situations
The right to object:
—at any time to your personal information being processed for direct marketing (including profiling);
—in certain other situations to our continued processing of your personal information, e.g. processing carried out for the purpose of our legitimate interests.
Not to be subject to automated individual decision-making
The right not to be subject to a decision based solely on automated processing (including profiling) that produces legal effects concerning you or similarly significantly affects you
If you would like to exercise any of those rights, please:
• email, call or write to us — see below section 17: ‘Contacting us’; and
• let us have enough information to identify you (e.g. your full name, address and customer or matter reference number);
• let us have proof of your identity and address (a copy of your driving licence or passport and a recent utility or credit card bill); and
• let us know what right you want to exercise and the information to which your request relates.
11.1 You have a legal right to know what personal information we hold about you. You can request access to the information we hold about you by contacting us at the contact details listed in section 17 below. Our file of your information should be made available to you within 30 days, though the Privacy Laws may envisage certain circumstances in which we may not give you access to the personal information we hold about you (eg. where we cannot give you access if it would unreasonably affect someone else’s privacy or if giving you access poses a serious threat to someone’s life, health or safety). We will let you know in writing if we are unable to give you access to your personal information.
11.2 If at any time you wish to change the personal information we hold about you because it is inaccurate or out of date, please contact us at the contact details listed in section 17 below and we will amend your details. If you wish to have your personal information deleted, please let us know in the same manner and we will delete it unless we are required by law to keep it or need to keep it to comply with our legal and regulatory obligations.
11.3 You have the right to ask us to provide you with the personal information we hold about you in a structured, commonly used and machine-readable format and, where technically feasible, to transmit that data to another organisation.
11.4 There is generally no cost for accessing the personal information we hold about you. However, we may apply an administrative charge for providing access in certain circumstances. Any such charge will be reasonable and we will advise you of the charge and obtain your consent before providing you with access to your personal information.
12.1 If you have a privacy-related complaint or query against us (including, for example, if you think that we have failed to comply with the Privacy Laws) or you would like us to stop processing your data, you may use the contact details listed in section 17 below to notify us. We will promptly acknowledge and address all complaints. In most cases, we will ask that you put your complaint in writing to us.
12.2 We will investigate any complaint and will use reasonable endeavours to respond to you in writing within 30 days of receiving a written complaint.
12.3 You have the right to make a complaint to the relevant regulator responsible for data protection if you are dissatisfied with the response that you receive from us or you believe that we have not complied with the Privacy Laws. The regulator is the Information Commissioner’s Office in the UK (https://ico.org.uk) and the Office of Australian Information Commissioner in Australia (www.oaic.gov.au).
13.1 We will take all reasonable steps to keep secure any information which we hold about you, and keep this information accurate, up to date and complete. Your information is stored on secure servers that are protected in controlled facilities.
13.2 We have appropriate security measures to prevent personal information from being accidentally lost, or used or accessed unlawfully. We limit access to your personal information to those who have a genuine business need to access it. Those processing your information will do so only in an authorised manner and are subject to a duty of confidentiality.
13.3 Wherever possible, we procure that any third party with whom we share your personal information take reasonable steps to:
(a) protect and maintain the security of your personal information; and
(b) comply with the relevant Privacy Laws when accessing and using your personal information.
13.4 The transmission of information over the internet is not complete secure. While we do our best to protect your personal information, we cannot guarantee the security of any personal information transmitted through our website. You provide your personal information to us at your own risk and we are not responsible for any unauthorised access to, and disclosure of, your personal information.
13.5 If you want detailed information from Get Safe Online on how to protect your information and your computers and devices against fraud, identity theft, viruses and many other online problems, please visit www.getsafeonline.org.
14.1 We have procedures in place to deal with any suspected data security breaches, including a comprehensive data breach notification policy and response plan (“Response Plan”). This Response Plan outlines the steps our personnel are required to take in the event of a data breach, which allows us to identify and deal with a data breach quickly to mitigate any harm that may result.
14.2 Where we are required under the Response Plan, we will notify you as soon as practicable if we:
(a) discover or suspect that your personal information has been lost, accessed by, or disclosed to, any unauthorised person or in any unauthorised manner;
(b) believe that you are likely to suffer serious harm as a result; and
(c) are unable to prevent the likely risk of harm.
14.3 We will also notify any applicable regulator of the suspected data breach where we are required to do so.
14.4 If you would like more information about our Response Plan, please contact us using the contact details in section 17.
15.1 We will keep your personal information while we are providing products and services to you. Thereafter, we will keep your personal information for as long as is necessary:
• to respond to any questions, complaints or claims made by you or on your behalf;
• to show that we treated you fairly;
• to keep records, or for any other reason, required by law.
15.2 We will not retain your personal information for longer than necessary for the purposes set out in this policy.
15.3 Please note that different retention periods may apply for different types of personal information. To determine the appropriate retention period for personal data, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure of your personal data, the purposes for which we process your personal data and whether we can achieve those purposes through other means, and the applicable legal requirements.
15.4 When we no longer need to use your information, we will destroy and remove it from our systems and records and / or take steps to properly anonymise or de-identify it so that you can no longer be identified from it.
If you have any concerns or complaints about how we handle your personal information, or if you have any questions about this policy, please contact the PredictiveHire Support Team via firstname.lastname@example.org.
Get our insights newsletter to stay in the loop on how we are evolving PredictiveHire