Privacy Policy – Philled

Home

This is the privacy policy of Sociable Tech Pty Ltd ABN 94 654 934 684 and its subsidiaries, which include Philled Pty Ltd ABN 44 656 428 483 and Workinitiatives Pty Ltd ABN 63 657 665 444, each referred to as ‘we’, ‘us’ or ‘our’ (as applicable). Customers, candidates, business contacts and other individuals with whom we deal through the Workinitiatives platform accessible at www.workinitiatives.com.au (Platform) and through our www.workinitiatives.co.uk website and the Workinitiatives mobile application, and through other channels, may provide us with personal information (defined below). The purpose of this privacy policy is to provide information about how we deal with and manage personal information.

We are headquartered in Australia and for that reason this privacy policy is based on the requirements of the Privacy Act 1988 (Cth) (Privacy Act) and the Australian Privacy Principles (which exist within the Privacy Act).

Even so, our business operates in a global marketplace and this is reflected in our arrangements for dealing with and managing personal information. Accordingly, to the extent that we deal with customers, candidates, service providers and others who are in jurisdictions other than Australia, we operate in accordance with the leading standard for data protection law, the European Union General Data Protection Regulation (EU) 2016/679 (‘EU GDPR’). We also monitor and adhere to the retained version of the EU GDPR which applies in the UK (where we are also active), as this is amended from time to time (‘UK GDPR’)1.

Our obligations under the Privacy Act exist in respect of our dealings with ‘personal information’ of ‘individuals’. For the purposes of this privacy policy, those terms should be read as interchangeable with the corresponding terms in the UK GDPR: ‘personal data’ and ‘data subjects’. Other terms that relate to the Privacy Act and/or the UK GDPR are defined below.

For the purposes of the UK GDPR, the ‘data controller’ of personal data that we collect is Sociable Tech Pty Ltd. Among other things in this privacy policy, we explain what rights data subjects might have in respect of their personal data, how you can exercise those rights (where they apply) and the methods with which you can contact us.

1UK GDPR applies by virtue of section 3 of the European Union (Withdrawal) Act 2018 and as amended by Schedule 1 to the Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2019 (SI 2019/419).

What is personal Information?

Personal information is defined in the Privacy Act as:

information or an opinion about an identified individual, or an individual who is reasonably identifiable: (a) whether the information or opinion is true or not; (b) whether the information or opinion is recorded in a material form or not.

Why do we collect personal Information?

There are few, if any, organisations that can function without personal information. We are no exception. We collect personal information where it is reasonably necessary for our functions or activities. Our functions and activities include:

our primary services are:
- connecting jobseekers, employers and recruiters with each other
- connecting jobseekers with other participants in the international jobs market, including immigration service providers and training and education providers;
marketing our services;
undertaking research to improve our business;
obtaining goods and services from other businesses;
employing staff; and
complying with legal and regulatory obligations.

Some common examples of personal information that we may collect include an individual’s name, contact details, and details of services that they obtain from us.

The Privacy Act recognises certain types of personal information as sensitive information. Examples of sensitive information about an individual include information about the individual’s:

health;
racial or ethnic origin;
political opinions;
membership of a political association, professional or trade association or trade union;
religious beliefs or affiliations;
philosophical beliefs;
sexual orientation or practices;
and criminal record.

It is in the nature of the services we provide that we may collect sensitive information from candidates with whom we deal. Otherwise, we do not normally collect sensitive information in the course of our activities. Any sensitive information which we do collect will either be collected with the consent of the relevant individual or as permitted by law.

How do we collect and keep personal Information?

We receive personal information in different ways and through a number of different media including:

via online sources (including email and other electronic communication channels such as the Workinitiatives platform located at www.workinitiatives.com.au, Facebook, Instagram, Twitter and other social media and technology platforms;
by telephone;
through face to face communications; and
by hard copy correspondence and documentation

We keep different types of records that include personal information. These include records stored electronically on databases, information stored in the cloud, and also hard copy files. Our servers are hosted by Amazon Web Services. Your personal information will be routed through, and stored on, those servers as part of the Service. Personal information of Australian and New Zealand users of the platform will be held in servers located in AWS’s Asia Pacific (Sydney) Region, personal information of European users will be held in one of the AWS Europe regions and personal information of UK users will be held in the AWS Europe (London) Region or Europe (Ireland) Region. Information about the Amazon Web Services Regions is accessible at https://aws.amazon.com/about-aws/global-infrastructure/regions_az/.

We take reasonable steps to protect personal information we hold from misuse, interference and loss, as well as unauthorised access, modification or disclosure.

When do we use or disclose or transfer personal Information?

If we collect personal information for a particular purpose, we may use or disclose that personal information for that purpose. For example, if a customer obtains a product or service from us, we may use and/or disclose their personal information for the purpose of providing the product or service to them.

We may also use or disclose personal information for other secondary purposes including the following:

where the individual has consented to the use or disclosure for the secondary purpose;
the secondary purpose is related to (or in the case of sensitive information directly related to) the purpose for which the personal information was collected and the individual concerned would reasonably expect us to use or disclose the information – for example providing marketing information to existing customers (unless the customer has requested not to receive marketing information from us);
the use or disclosure is required or authorised under a particular law or a court or tribunal order;
a permitted general or health situation exists as defined in the Privacy Act; or
we reasonably believe that the use or disclosure of the personal information is reasonably necessary for one or more enforcement related activities conducted by, or on behalf of, an enforcement body.

We may disclose your personal information to third parties, such as our service providers (including IT services including cloud storage, insurers, financial institutes, mailing houses), member organisations and other business partners, our professional advisers (including lawyers, accountants and auditors), and government, regulatory and law enforcement authorities;

We may share your personal information with analytics and search engine providers that assist us in the improvement and optimisation of our platform. For these purposes your personal information will be aggregated and looked at on a statistical basis. One important example is Google Analytics based in the USA (treated by the EU and UK as a third country) which requires all partners to have a Privacy Policy in place and to alert users to the use of cookies such as tracking and retargeting triggers which are stored on the users device or computer. For more information on Google Analytics see https://marketingplatform.google.com/about/analytics/ and for Google’s privacy policy please see here: https://policies.google.com/privacy?hl=en

Otherwise, we use the personal information that we collect for a variety of purposes related to the services that we provide. We only hold and process personal data when the law in your particular jurisdiction allows us to. Using the UK GDPR as a benchmark (and refining these lawful bases as required to suit the Australian context) we have reviewed the six kinds of legal justification that could apply to the processing of a user’s personal data. They are summarized in the following.

Processing Personal Data under Data Protection Law: The 6 Lawful Bases

Security of your personal information

We have put in place appropriate technical and organisational measures to help keep the personal information that we collect safe from unauthorised access or disclosure as required by law and in accordance with good industry practice. For example, all information you provide to us is stored on our secure servers and our database is encrypted using only whitelisted IP addresses for access. Any payment transactions will be encrypted using SSL technology.

Where we have given you (or where you have chosen) a password which enables you to access certain parts of our site, you are responsible for keeping this password confidential. You must not share your password with anyone.

The transmission of information via the internet is not completely secure. Although we implemented the measures described above to protect your personal information, we cannot guarantee the security of information that is transmitted to our platform and any transmission is at your own risk.

We will react swiftly (in line with UK GDPR response-times and our own data breach response procedure) upon discovering or being advised of a security breach where your personal information is lost, stolen, accessed, used, disclosed, copied, modified, or disposed of by any unauthorised persons or in any unauthorised manner.

Retention of your personal information

We will only retain your personal information for as long as is necessary for the purposes described in this policy. This means that retention periods will vary according to the type of personal information that we have collected in the first place. For example, we’ll hold on to your personal information for as long as you have your account, or as long as is needed to be able to provide the services to you but we may also retain some of your personal information (even after you have closed your account) for fraud prevention and detection reasons and where necessary to satisfy our regulatory and other legal obligations.

Data subjects in the UK: special provisions

Transferring personal information overseas

At all times we will ensure that wherever in the world your personal information is stored or processed, it will be done so in full adherence to prevailing law.

What this means for data belonging to people located in the EU or UK is that appropriate safeguards will be taken to ensure adequate protections are in place with regards to any “third country” (including Australia) we use for key headquartered functions and processes.

If you are a candidate based in the UK, you will provide us with personal information about yourself when you upload you resume to our platform or apply for a job that is listed on the platform. In that case, your personal information will be transferred from the UK to us in Australia and, under the UK GDPR, we are require to make sure that the personal data of UK data subjects is subject to appropriate safeguards as if it were being processed inside of the UK.

We will apply the most appropriate safeguard for such transfers and acknowledge the “EU standard contractual clauses” updated for use by the European Commission on 4 June 2021 and available here: https://eur- lex.europa.eu/eli/dec_impl/2021/914/oj?uri=CELEX%3A32021D0914&locale=en. We will monitor the UK variant of these as and when updated and made available for deemed use in data transfers outside the UK by the Information Commissioners Office.

As a UK data subject, you have the following rights under UK GDPR:

Request access to your personal information. This enables you to request access to your personal information in our possession or control or for information about the ways in which your personal information has been or may have been used or disclosed by us. You may request access to the information we hold about you, by setting out your request in writing and sending it to us at the email address specified below

Request correction of the personal information that we hold about you. This enables you to have any incomplete or inaccurate information we hold about you corrected.

Request erasure of your personal information. This enables you to ask us to delete or remove personal information (such as your profile, account or username) where there is no good reason for us continuing to process it. You also have the right, if you are within the UK, to ask us to delete or remove your personal information where you have exercised your right to object to processing (see below).

Object to processing of your personal information. This right exists where we are relying on legitimate interest as the legal basis for our processing and there is something about your particular situation which warrants your objection to the processing of your personal information. You also have the right to object where we are processing your personal information for direct marketing purposes.

Request the restriction of processing of your personal information. This enables you to ask us to suspend the processing of personal information about you, for example if you want us to establish its accuracy or the reason for processing it.

Request the transfer of your personal information. If you are within the UK, we will provide to you, or a third party you have chosen, your personal information in a structured, commonly used, machine-readable format. Note that this right only applies to automated information which you initially provided consent for us to use or where we used the information to perform a contract with you.

Withdraw consent. This right only exists where we are relying on consent to process your personal information. If you withdraw your consent, we may not be able to provide you with access to the jobs boards or opportunities provided by our site, application and software. We will advise you if this is the case at the time you withdraw your consent.

Make a complaint and seek a remedy. Under UK GDPR you have inalienable rights to (i) be informed about your right to complain through this privacy policy, (ii) make an actual complaint to your relevant supervisory authority depending on where you live (such as the Information Commissioner’s Office in the UK), and (iii) to receive an effective judicial remedy if your rights need to be upheld or enforced. If you believe that we hold personal information about you that is wrong (which includes inaccurate, out of date, incomplete, irrelevant or misleading), or you wish to complain about how we have handled your personal information, you should contact our Privacy Officer.

If you have complained to us about how we have handled your personal information, and you believe that we have not satisfactorily resolved your complaint, you may wish to contact the Office of the Australian Information Commissioner.

We will process your subject access request as soon as reasonably practicable, provided we are not otherwise prevented from doing so on legal grounds. If we are unable to meet your request, we will let you know why.

How can you access, correct or delete your personal information that we hold?

You may request access to your personal information held by us by contacting our Privacy Officer (details below). We will provide access where we are required to do so under law. In other cases, we reserve our right not to provide access and we will tell you why. We may also need to verify your identity when you request your personal information. We also reserve the right to recover our reasonable costs of providing you with access to your personal information held by us.

If you think that any personal information we hold about you is inaccurate, please contact us and we will take reasonable steps to ensure that it is corrected.

Philled also provides functionality for all personal information to be deleted. Please contact us if you require assistance deleting any personal information.

How to contact our Privacy Officer

Privacy Officer | Sociable Tech Pty Ltd

Unit 1, Building A/38 Brookhollow Avenue,

Baulkham hills NSW 2153

Email: [email protected]

Our use of Cookies

In order to improve our software, the “Workinitiatives” sites and platform, the customer experience and our overall service, we collect data by way of “cookies”. A cookie is a small text file containing small amounts of information which are automatically downloaded into your computer (or other electronic devices) when you access our application, site or platform. Cookies help us to measure the number of visits, average time spent, page views and other statistics relating to your access to our Platform and other Workinitiatives websites and mobile applicatons. Therefore, generally, we use cookies to:

recognise your browser as a previous visitor and save any preferences that may have been set during your last visit to this Site;
Help your session load faster
Keep you signed in
Monitor how you use the website and platform
track website analytics and carry out research and statistical analysis to help improve our content, products and services and to help us better understand our visitors’ or customers’ requirements and interests;
customise and target our marketing and job-advertising campaigns and those of our partners more effectively;
measure and research the effectiveness of our interactive online content, features, advertisements, and other communications;
make your online experience more efficient and enjoyable.

What type of cookies do we use?

We may use functional cookies to recognise you on our Platform and remember your previously selected preferences. These could include what language you prefer to use and your location. A mix of first-party and third-party cookies are used. The exception to functional cookies is where the cookies are strictly necessary in order for us to operate the Workinitiatives platform or any related application or site and/or to provide you with a service you have requested.

Further information about cookies, including how to see what cookies have been set on your computer or device and how to manage and delete them,
visit www.allaboutcookies.org and www.allaboutcookies.org.

Third-Party Cookies

Third-party cookies are set by a third-party site separate from us. We work with third-party service providers who are authorised to place third-party cookies and may also set cookies on our Platform. These third-party service providers are responsible for the cookies they set on the Platform. If you want further information, please go to the website of the relevant third party. If you would like to opt-out of all other types of technologies we employ on this Platform, you may do so by changing your browser settings to block, delete or disable these technologies as your browser or device permits.

In light of changes to cookies practices in the recent past, with respect to the disablement of third party cookies on some browsers, we include below an updated list of the more popular browser types with hyperlinks showing how to adapt their cookie settings accordingly:

Google Chrome
Microsoft Edge
Mozilla Firefox
Microsoft Internet Explorer
Opera
Apple Safari

At present the third party cookies that we use on the Platform are:

Auth_token – an authentication token securely transmits information about user identities between applications and websites and enables us to strengthen our authentication processes for the services we provide.

Facebook tracking – Facebook does not use cookies to create a profile of your browsing behavior on third-party sites or to show you ads, although it may use anonymous or aggregate data to improve ads generally. You can remove or block cookies using the settings in your browser, but in some cases, this may affect your ability to use Facebook.

Facebook’s Cookie Policy is accessible at https://www.facebook.com/policy/cookies

Google tracking – Google Analytics cookies collect information about how visitors use our Platform. We use the information to compile reports and to help us improve the Platform. The information collected is anonymous and does not identify a visitor. The data includes the number of visitors to the site, where visitors have come from and the pages they visited.

An overview of privacy at Google is accessible at https://marketingplatform.google.com/about/

Click here to opt out of being tracked by Google Analytics across all websites: https://tools.google.com/dlpage/gaoptout