Privacy Policy – Australia

1. Introduction

We respect the personal information of individuals (employees, Independent Professionals (IPros) and/or contractors), clients and prospective client’s contractors and their right to privacy. Protecting privacy when handling personal information is very important to People2.0 and is fundamental to the way the company services everyone.

This Privacy Policy has been developed to outline how People2.0 manages personal information. It describes the information that may be collected by People2.0, the choices an individual can make to access and correct their personal information and how People2.0 protects and discloses this information.

Personal information is described as information People2.0 holds about individuals (employees, IPros and/or contractors), clients and prospective clients contractors from which an identity is either apparent or can be reasonably determined.

People2.0 has adopted the 13 Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (Cth). The APPs govern the way in which the company collects, uses, discloses, stores, secures and disposes of personal information. A copy of the APPs may be obtained from the website of The Office of the Australian Information Commissioner at http://www.oaic.gov.au/.

This Privacy Policy applies to online websites operated by People2.0, which is used to1 provide access to information about our services and products; access to ‘Entity Online’ (online Portal service) and 'Entity Mobile' (mobile phone application) which allows users to provide information and conduct certain transactions using electronic means; and internal information management of everyone.

By visiting the website, Entity Online or Entity Mobile of People2.0 or otherwise providing us with your personal information, you are accepting the practices of People2.0 with respect to the collection, storage and use of personal information.

2. Privacy collection statement

Personal information is collected in accordance with the Privacy Act 1988 (Cth) and may be sought from you when you:

apply for an available position
are requested during an interview
completing forms
request information from People2.0
download certain documents and information
register for a demonstration of certain products or services
sign up or subscribe to a newsletter; or
various forms of business transactions.

Examples of personal information that the company collects, include: names, addresses, email addresses, phone and facsimile numbers, emergency contacts, bank details, superannuation and all information related to remuneration including bonuses and salary sacrificing.

People2.0 may also collect statistical information regarding the use of the website or the portal. The information collected includes the visitor’s computer Internet Protocol (IP) address, the date and time of the visit, previous site visited and browser type. This information is collected to provide People2.0 with information about the use to help maintain and develop to provide better information to users of the website, Entity Online or Entity Mobile

People2.0 website and Entity Online use cookies for the purposes of session tracking. However, People2.0 does not collect any personal information from the cookies, including any habits when accessing the website or Entity Online.

The personal information collected by People2.0 is for the primary purpose of providing services, and product information to individuals (employees, IPros and/or contractors), clients and prospective client’s contractors. The personal information may also be used for the following purposes:

To discharge any statutory or reporting obligations;
To provide information to you about People2.0 products and/or services;
To contact you and respond to your queries;
To enforce rights and to fulfil obligations under any agreement between People2.0 and its clients;
To enforce rights and to fulfil obligations under any agreement between you and People2.0;
To record statistical data for marketing analysis; and
Any other purpose which are permitted under any agreement between you and People2.0.

While People2.0 will endeavour to collect personal information directly from you, People2.0 may collect some of the personal information indirectly from others, such as the clients or prospective clients of People2.0, or your employer who may be located Australia or internationally.

If at any time you provide personal information about another individual to People2.0 you must ensure that the individual has read and understood this policy and separately consented to that personal information being used and disclosed by People2.0 for the purpose set out in this policy.

3. Disclosure

People2.0 recognises the trust with you to provide personal information, and such personal information will not be disclosed within Australia or internationally except as follows:

To the clients of People2.0 (as part of an engagement or prospective engagement in which you are involved or likely to be involved);
On a confidential basis to agents and service providers that People2.0 uses in the ordinary operation of its business;
Personal Information that is “Sensitive Information” will not be disclosed without your consent;
To third parties where you consent to the use or disclosure; or
Where required or authorised by law.

People2.0 may also use this information for secondary purposes closely related to the primary purpose, in circumstances where it would be reasonable to expect such use or disclosure.

4. Spam Act

When communicating electronically with individuals (employees, IPros and/or contractors), clients and prospective clients contractors People2.0 will follow three key elements in order to comply with the Spam Act 2003:

a – Consent

The company will only send commercial electronic messages with the addressee’s consent – either express or inferred consent.

b – Identify

The company will include clear and accurate information about the person or business that is responsible for sending the commercial electronic message.

c – Unsubscribe

The company will ensure a functional unsubscribe facility is included in all commercial electronic messages and deal with unsubscribe requests promptly. Individuals are able to unsubscribe from mailing/marketing lists at any time; by advising People2.0 (see ‘Contact the company’ details on page 8 Section 12 of this document), or by following the steps outlined in the email communication.

5. Anonymity

Subject to an agreement to the contrary, you are not required to provide People2.0 with your personal information. However, the services and products offered by People2.0 rely on such information. If you do not provide your personal information, then People2.0 may not be able to engage you or provide services to you.

6. Security of Personal Information

Personal information is stored in a manner that reasonably protects it from misuse, loss, unauthorised access, modification or disclosure. The information is stored on secure servers, at a data warehouse, onsite, or at an eternal archiving facility. People2.0 employees are obliged to respect the confidentiality of any personal information held by People2.0.

However, security of communications cannot be guaranteed, and therefore absolute assurance that information will be secure at all times cannot be given. To the extent permitted by law, People2.0 does not accept responsibility for events arising from unauthorised access to personal information.

When personal information is no longer needed for the purpose for which it was obtained, the company will take reasonable steps to destroy or permanently de-identify personal information. However, most of the personal information is or will be stored in files which will be kept by the company for a minimum of seven (7) years.

External Service Provider

The websites, Entity Online and Entity Mobile of People2.0 and its electronic mail servers may be managed by a third party hosting service provider. When you access the websites, portals or mobile application of People2.0 or transmit electronic mail to People2.0, you may be communicating with a third party’s server that maybe located outside of Australia.

People2.0 and links to other websites

Unsolicited personal information

If People2.0 receives personal information that the company did not solicit the company will as soon as possible but only if lawful to do so, destroy the information or ensure that the information is de-identified.

7. Access to Personal Information

People2.0 will, upon request, and subject to applicable privacy laws, provide individuals (employees, IPros and/or contractors), clients and prospective client’s contractor’s access to personal information held by People2.0. If making a request, we ask that the type/s of personal information requested is clearly listed in writing and sent to your relevant People2.0 representative or by contacting the People2.0 Data Protection Officer (see ‘Contact the company’ details on page 9 Section 13 of this document).

The company will deal with the request in a reasonable timeframe and in most instances within 30 days of receipt of a request. In order to protect personal information, People2.0 will require identification before releasing such information. Personal information sought by spouses or other family members requires written authority by the individual the information is being sought for prior to making such a request. If the evidence is insufficient People2.0 may deny the request.

People2.0 will not charge for lodging a request, but may recover reasonable costs incurred in supplying the information.

Exceptions:

The right to access personal information is not absolute. In certain circumstances, the law allows the company to refuse a request for information, such as circumstances where:

Access would pose a serious threat to the life or health of any individual;
Access would have an unreasonable impact on the privacy of others;
The request is frivolous or vexatious;
The information relates to a commercially sensitive decision making process;
Access would be unlawful; or
Access may prejudice enforcement activities, a security function or commercial; negotiations

8. Freedom of Information Laws

In addition to Privacy Laws, individuals may have rights to access their personal information contained in certain company documents. Details on how to apply for access to these documents are contained in the Freedom of Information Act 1982 (FOI Act).

9. Quality of Personal Information

It is an important part of providing services to our clients that personal information is up to date. The APP provides guidance that the company takes reasonable steps to make sure that personal information is accurate, complete and up-to-date.

It is important that individuals advise People2.0 at the earliest opportunity, of any changes to personal information so that the People2.0 records can be updated. This can be done by contacting your relevant People2.0 representative or by contacting People2.0 Data Protection Officer (see ‘Contact the company’ details on page 8 Section 12 of this document).

10. Consequences of Breach of Privacy and Personal/Sensitive Information

Individuals (employees, IPros and/or contractors) are expected to act a manner consistent with the matters set out in this policy where they have responsibility for personal information. Failures to do so may be subject to disciplinary action, and may result in warning letter, demotion or termination depending on the level or seriousness of the breach.

If anyone suspects or is aware of a breach of privacy, you have an obligation to report this breach to the People2.0 Data Protection Officer so immediate action can be taken to eradicate the situation. Contact details of the Privacy Officer are provided in Section 13 of this document.

11. Privacy/Data Protection Obligations

Individuals (employees, IPros and/or contractors) are expected to act a manner consistent with the matters set out in this policy, where they have responsibility for personal information.

If an Individual suspects or becomes aware of a breach, they also have an obligation to report this immediately to People2.0 Privacy/Data Protection Officer. Failure to comply will be subject to disciplinary action, and may result in warning letter, demotion or termination depending on the level or seriousness of the breach.

12. Procedure

If Individuals (employees and/or contractors) become aware of a breach of personal data, they have an obligation to report this breach to the People2.0 Privacy/Data Protection Officer immediately.

An Individual can also make a complaint if they feel their personal data has been handled inappropriately by People2.0 and is in breach of its obligations under the Act. In the first instance, any concern or complaints must be directed to People2.0 Data Protection Officer in writing.

People2.0 will investigate the complaint and/or concern and take necessary steps to rectify the matter.

Please contact the People2.0 Data Protection Officer via the following means:

Emailing: compliance.apac@people20.com or
Calling: +61 (03) 9600-0333; or

Writing:
Legal & Compliance
People2.0 Group
Level 24, 150 Lonsdale Street
Melbourne VIC 3000

13. Policy Updates

This Privacy Policy may change from time to time. People2.0 Privacy Policy is available at the People2.0 offices, intranet, portal or website. People2.0 reserves the right to make changes to this Privacy Policy from time to time as business or technical needs require

Privacy Policy – New Zealand

1. Introduction

We respect the personal information of employees, IPros and/or contractors and their right to privacy. Protecting privacy when handling personal information is very important to People2.0 and is fundamental to the way People2.0 services its employees IPros, and/ or contractors. This Policy has been developed to outline how People2.0 manages personal information.

This Privacy Policy applies to the management of staff, services and products offered online and websites operated by People2.0. People2.0 also uses the internet to provide access to ‘Entity Online’ (online Portal service) and ‘Entity Mobile’ (mobile phone application) to allow users to provide information and conduct certain transactions using electronic means.

People2.0 has adopted the 12 Privacy Principles (PPs) contained in the Privacy Act 1993 The PPs govern the way in which People2.0 collects, uses, discloses, stores, secures and disposes of personal information.

A copy of the PPs may be obtained from the website of the Office of the Privacy Commissioner at www.privacy.org.nz

By visiting the website or portals of People2.0 or otherwise providing us with your personal information, you are accepting the practices of, People2.0 with respect to the collection, storage and use of personal information

2. What personal information and how is it collected?

Personal information means information People2.0 holds about an identifiable individual. Examples of personal information that People2.0 collects, include: names, addresses, email addresses, phone, facsimile numbers, emergency contacts, bank details, superannuation and all information related to remuneration including bonuses and salary sacrificing.

This information may be sought from you when you:

Attend interviews;
complete forms;
Request Information from People2.0;
Download certain documents and information;
Register for a demonstration of certain products and services; and
Sign up or subscribe to a newsletter.

If at any time you provide personal information about another individual to People2.0 then you must ensure that the individual has read and understood this policy and separately consented to that personal information being used and disclosed by People2.0 for the purpose set out in this policy.

Website, Entity Online and Entity Mobile

People2.0 may collect statistical information regarding the use of the website Entity Online and Entity Mobile. The information collected includes the visitor’s computer Internet Protocol (IP) address, the date and time of the visit, previous site visited and browser type. This information is collected to provide People2.0 with information about the use, to help it maintain and develop the website Entity Online and Entity Mobile to provide better information to users.

People2.0 website Entity Online and Entity Mobile use cookies for the purposes of session tracking. However, People2.0 does not collect any personal information from the cookies, including any habits when accessing the website, portal or Entity Online.

3. Use and disclosure of personal information

People2.0 collects personal information for the primary purpose of providing services, and in managing Employees, and IPros and or contractors. This includes the following:

To discharge any statutory or reporting obligations;
To provide information to you about People2.0 products and /or services;
To contact you and respond to your queries;
To enforce rights and to fulfil obligations under any agreement between People2.0 and its clients;
To enforce rights and to fulfil obligations under any agreement between you and People2.0;
To record statistical data for marketing analysis; and
Any other purpose which are permitted under any agreement between you and People2.0

People2.0 recognises the trust with which you and provide personal information, and such personal information will not be disclosed except as follows:

To the clients of People2.0 (as part of an engagement or prospective engagement in which you are involved or likely to be involved);
On a confidential basis to agents and service providers that People2.0 uses in the ordinary operation of its business;
To third parties where you consent to the use or disclosure; and
Where required or authorised by law

People2.0 may also use this information for secondary purposes closely related to the primary purpose, in circumstances where it would be reasonable to expect such use or disclosure.

Employees, IPros, and/or contractors are able to unsubscribe from mailing/marketing lists at any time; by advising People2.0 (see “Contact People2.0” details in Part 12 of this document), or by following the steps outlined in the communication.

4. Unsolicited Electronic Messages Act 2007

When communicating electronically with Employees, IPros and/or contractors, People2.0 will follow three key elements in order to comply with the Unsolicited Electronic Messages Act 2007:

a – Consent

People2.0 will only send commercial electronic messages with the addressee’s consent. Consent may be either express or inferred consent.

b – Identify

People2.0 will include clear and accurate information about the person or business that is responsible for sending the commercial electronic message.

c – Unsubscribe

People2.0 will ensure a functional unsubscribe facility is included in all commercial electronic messages, and deal with unsubscribe requests promptly.

5. Anonymity

6. Security of Personal Information

Personal Information is stored in a manner that reasonably protects it from misuse and loss and from unauthorised access, modification or disclosure. The information is stored on secure servers. People2.0 employees are obliged to respect the confidentiality of any personal information held by People2.0.

When Personal Information is no longer needed for the purpose for which it was obtained, People2.0 will take reasonable steps to destroy or permanently de-identify Personal Information. However, most of the Personal Information is or will be stored in files which will be kept by People2.0 for a minimum of seven (7) years.

External Service Provider

The websites and portals of People2.0 and its electronic mail servers may be managed by a third party hosting service provider. When you access the websites or portals of People2.0 or transmit electronic mail to People2.0, you may be communicating with a third party’s server that maybe located outside of New Zealand or Australia. People2.0 and links to other websites

The People2.0 website may contain links to other websites. These link sites are not under the control of People2.0. People2.0 is not responsible for the information handling practices, conduct or the content of those sites. People2.0 is not responsible for the information handling practices, conduct or the content of those sites.

7. Access to Personal Information

People2.0 will, upon request, and subject to applicable privacy laws, provide employees IPros and/or contractors access to personal information held by People2.0. If making a request, we ask that the type/s of information requested is clearly listed.If information is urgently required a request should state this together with the reasons for urgency.

People2.0 will deal with the request in a reasonable timeframe, and in most instances within 20 working days of receipt of a request. In order to protect personal information, People2.0 may require identification before releasing such information.

People2.0 will not charge for lodging a request, but may recover reasonable costs incurred in supplying the information

Exceptions:

The right to access personal information is not absolute. In certain circumstances, the law allows People2.0 to refuse a request for information, such as circumstances where:

Access would pose a serious threat to the life or health of any individual;
Access would have an unreasonable impact on the privacy of others;
The request is frivolous or vexatious;
The information relates to a commercially sensitive decision making process;
Access would be unlawful; or
Access may prejudice enforcement activities, a security function or commercial; negotiations

8. Maintaining the quality of personal information

It is an important part of providing services to our employees, IPros and/or contractors, that Personal Information is up to date

It is important that Employees and IPros advise People2.0 at the earliest opportunity, of any changes to Personal Information so that People2.0 records can be updated.

9. Consequences of breach of privacy and personal/sensitive information

Employees, IPro’s and/or contractors are expected to act a manner consistent with the matters set out in this policy where they have responsibility for personal information. Failures to do so may be subject to disciplinary action, and may result in termination depending on the level or seriousness of the breach.

If anyone suspects or is aware of a breach of Security/Privacy information, you have an obligation to report this breach to the Data Protection Officer so immediate action can be taken to eradicate the situation. Contact details of the Data Protection Officer are provided in Section 11 on page 15 of this document.

10. Privacy/Data Protection Obligations

Individuals (employees, IPros and/or contractors) are expected to act a manner consistent with the matters set out in this policy, where they have responsibility for personal information.

11. Procedure

If Individuals (employees and/or contractors) become aware of a breach of personal data, they have an obligation to report this breach to the People2.0 Privacy/Data Protection Officer immediately

People2.0 will investigate the complaint and/or concern and take necessary steps to rectify the matter.

Please contact the People2.0 Data Protection Officer via the following means:

Emailing: compliance.apac@people20.com or
Calling: +61 (03) 9600-0333; or

Writing:
Legal & Compliance
People2.0 Group
Level 24, 150 Lonsdale Street
Melbourne VIC 3000

12. Policy Updates

This Privacy Policy may change from time to time. People2.0 Privacy Policy is available at the People2.0 offices or on the People2.0 Intranet. People2.0 reserves the right to make changes to this privacy policy from time to time as business or technical needs require. The amended policy will be posted on People2.0 intranet