UPDATED 25 November 2018
Referoo Pty Ltd ACN 165 046 953, a company registered in Australia ("we" "us" or "our") is committed to protecting and respecting your privacy.
Please read the following carefully to understand our views and practices regarding your personal data and how we will treat it. By visiting https://referoo.com.au (our "website") or using our SaaS online referencing software platform (the "Service") you are accepting and consenting to the practices described in this policy.
If you are a citizen or resident of the European Union, the General Data Protection Regulation (EU) 2016/679 ("GDPR") will apply to your personal data.
For the purposes of the GDPR, the data controller is:
If you are a citizen or resident of Australia, New Zealand or any other country, the Australian Privacy Act 1988 ("Australian Privacy Laws") will apply to your personal data.
1. Information we may collect from you
We may collect and process the following data about you:
1. Information you may provide to us. The types of information you may provide to us depends on the nature of your dealings with us as follows.
a. If you are the representative of a licensed user ("Licensee") of our Service, you may give us information about individuals within your organisation at or before the time that you register with us. This includes information you provide when you take out a trial of the Service, accept a licence agreement, make an enquiry with us online, or subsequently in other ways, including if necessary to provide you with ongoing services. The information you give us may include names, position titles, addresses, telephone numbers, email addresses and other contact details.
b. Our Service is a Software-as-a-Service (SaaS) product. As such, information and data you provide by inputting into our software as a Licensee is held on servers owned by third party hosting providers and leased by us. Such data may include personal data relating to your clients and individuals within your organisations, including information and job candidates and potential candidates.
c. If you are one of our 'business contacts' (e.g. a contact person in one of our suppliers, or in an agency with which we deal), you may give us basic business contact information about you. This includes your name, title and work contact details.
d. If you are providing us with personal data about a third party, eg. Candidate details, you warrant to us that you have that person's consent to disclose their personal data to us and that your use and disclosure of the information to us is in accordance with the GDPR. This paragraph is without prejudice to any obligations you may have to us as a Licensee under any licence agreement for use of our software or services.
e. Please note that we use a third party payment gateway provider to process payments, however we do not have access to credit card information, nor do we collect or store such information.
f. Note for Referees who have been requested to give references on behalf of job candidates
1. The information you enter into the referoo site will be collated on behalf of the candidate and provided to their recruiter with the purpose of being presented to their client to aid with the recruitment process.
2. A candidate has the right to request to see the information you have provided to Referoo Pty Ltd and we will provide them an electronic copy if a valid request is made.
3. We may also disclose what you submit through the site when legally required to do so.
4. Referoo is an Australian based company; however we often deal with international clients so you consent to having the details you submit to this site being sent internationally when required.
2. Information we collect about you. With regard to each of your visits to our website we may automatically collect the following information:
a. Technical information, including the Internet protocol (IP) address used to connect your computer, tablet, mobile or other device (each being a "Device") to the Internet, your login information, browser type and version, time zone setting, browser plug-in types and versions, operating system and platform, information you post online either on our website or on a third-party social media site to which we have access.
b. Information about your visit, including the full Uniform Resource Locators (URL) clickstream to, through and from our website (including date and time); products you viewed or searched for; page response times, download errors, length of visits to certain pages, page interaction information (such as scrolling, clicks, and mouse-overs), and methods used to browse away from the page and any phone number used to call our customer service number.
3. Information we receive from other sources. We may receive information about you if you use any other websites that we operate or may operate from time to time or other services we provide. We may share information amongst members of our group, which means our subsidiaries, our ultimate holding company and its subsidiaries ("Affiliates"). We may also work with third parties (including, for example, business partners, sub-contractors in technical, payment and delivery services, advertising networks, analytics providers, search information providers, credit reference agencies) and may receive information about you from them.
2. Disclaimer where we are carrying out the role of data processor (for the purposes of the GDPR where applicable)
3. Analytic Tools, Cookies and Remarketing
1. Our website and Service uses analytic tools (such as Google Analytics) and cookies to distinguish you from other users of our website or Service and monitor website and Service user activities and behaviours. This helps us to provide you with a good experience when you browse our website or Service and also allows us to improve them. By continuing to browse the website or Service, you are agreeing to our use of analytic tools cookies.
2. A cookie is a small file of letters and numbers that we store on your browser or the hard drive of your Device. Cookies contain information that is transferred to your device's hard drive or device.
3. We may use the following cookies:
a. Strictly necessary cookies. These are cookies that are required for the operation of our website/Service. They include, for example, cookies that enable you to log into secure areas of our website/Service, use a shopping cart or make use of e-billing services.
b. Analytical/performance cookies. They allow us to recognise and count the number of visitors and to see how visitors move around our website/Service when they are using it. This helps us to improve the way our website/Service works, for example, by ensuring that users are finding what they are looking for easily.
c. Functionality cookies. These are used to recognise you when you return to our website/Service. This enables us to personalise our content for you, greet you by name and remember your preferences (for example, your choice of language or region).
d. Targeting cookies. These cookies record your visit to our website/Service, the pages you have visited and the links you have followed. We will use this information to make our website/Service and the advertising displayed on it more relevant to your interests. We may also share this information with third parties for this purpose.
4. Except for essential cookies, all cookies will expire after 30 days.
6. We may remarket our services to you in a targeted way, by using third party remarketing services (such as Google Ads or similar providers). Our third party remarketing vendors may advertise our services to you at multiple online locations. You agree to our use of these third party vendor remarketing services for the purpose of advertising to you in this way. You can withdraw your consent to this advertising at any time. Visit http://optout.networkadvertising.org/#!/ for information on how to opt out.
4. Uses made of your information
We use information held about you in the following ways:
1. Information you give to us. We will use this information:
a. to provide our SaaS solution in accordance with the instructions of the relevant Licensee;
b. to carry out our obligations arising from any contracts entered into between you and us including the provision to you with information, products and services that you request from us, online content and dealing with your requests and enquiries;
c. to provide you with information about other products and services we offer that are similar to those that you have already purchased or enquired about;
d. to send newsletters or other communications on topics which may be of interest to our customers and to people who have requested information from us via our website (e.g. to provide a trial of our products or services, provide you with information on our products and services or other information requested);
e. where you have expressly consented to us contacting you for marketing purposes, to provide you, or permit selected third parties to provide you, with information about goods or services we feel may interest you. If you are an existing customer, we will only contact you with information about goods and services similar to those which were the subject of a previous sale or negotiations of a sale to you. We will only provide your data to selected third parties for marketing purposes if you have expressly consented to this. If you do not want us to use your data in this way, please ensure that the relevant box is ticked or unticked as appropriate on the webpage where we collect your data, or click on the unsubscribe button on any email communication from us;
f. to notify you about changes to our service or products;
g. to contact you in relation to service updates that affect you, regulatory updates that affect our services and any additional information in relation to our service that we think you may find interesting;
h. to analyse and improve the services offered on our website/Service; and
i. to ensure that content from our website/Service is presented in the most effective manner for you and on your Device.
2. Information we collect about you. We will use this information:
a. to provide our SaaS solution in accordance with the instructions of the relevant Licensee;
b. to administer our website/Service and for internal operations, including troubleshooting, data analysis, testing, research, statistical and survey purposes;
c. to improve our website/Service to ensure that content is presented in the most effective manner for you and for your Device;
d. to allow you to participate in interactive features of our service, when you choose to do so;
e. as part of our efforts to keep our website/Service safe and secure;
f. to personalise the way the website/Service content is presented to you and provide you with the most user-friendly navigation experience. We may also use and disclose information in aggregate (so that no individuals are identified) for marketing and strategic development purposes;
g. to measure or understand the effectiveness of advertising we serve to you and others, and to deliver relevant advertising to you;
h. to use IP addresses to identify the location of users, to block disruptive use, to establish the number of visits from different countries and to determine whether you are accessing the services from a particular country; and
i. to make suggestions and recommendations to you and other users of our website/Service about goods or services that may interest you or them.
3. Information we receive from other sources. We may combine this information with information you give to us and information we collect about you. We may use this information and the combined information for the purposes set out above (depending on the types of information we receive).
5. Disclosure of your information
1. We may share your personal data with our Affiliates in accordance with this policy.
6. Security of information we store and transfer
1. All information you provide to us is stored on secured servers. Any payment transactions will be encrypted using Secure Sockets Layer (SSL) technology. Where we have given you (or where you have chosen) a password which enables you to access certain parts of our website or Service, you are responsible for keeping this password confidential. We ask you not to share a password with anyone. It is important for you to protect against unauthorised access to your password and to your computer so we advise that you sign off when you have finished using a shared computer strongly recommend and that you do not use the browser's password memory function as that would permit other people using your Device to access your personal data.
3. Unfortunately, the transmission of information via the internet is not completely secure. Although we will do our best to protect your personal data, we cannot guarantee the security of your data transmitted to our website/Service and any transmission is at your own risk.
4. Once we have received your information, we will use strict procedures and security features to try to prevent unauthorised access however, we cannot guarantee the security of such information and, to the fullest extent permitted by law, we disclaim all liability and responsibility for any damages you may suffer due to any loss, unauthorised access, misuse or alterations of any information you submit to the website or our Service.
7. How long do we keep your personal data secure and private
We will keep your personal data only for as long as is reasonably necessary for the purpose that it has been processed and taking into account any legal requirements under the GDPR, or any other applicable laws of England and Wales (if you are located in the UK), and under Australian Privacy Laws (if you are located in a country other than the UK or EU).
8. How we manage sensitive personal data
The GDPR defines certain information as 'sensitive' (racial or ethnic origin, political opinions, religious believes, trade union membership, physical or mental health, sexual life, criminal proceedings and offences). If we ever deal with sensitive personal data we will only use this information to provide the service you require and we will ask for your explicit consent. As a customer, there may be times when you give us this sensitive information. We may share it with our Affiliates and our subcontractors to keep your records up to date.
9. Your rights
1. You have the right to ask us not to process your personal data for marketing purposes. You can exercise your right to prevent such processing by checking certain boxes on the pages we use to collect your data. You can also exercise the right at any time by contacting us at email@example.com
2. You can always choose not to provide information, however in that event we may not be able to provide you certain services, or fully provide you certain services.
3. You will usually be able to add or update certain information on pages such as "My Profile". When you update information, we will keep a copy of the prior version for our records unless you write to us to require us not to.
4. The GDPR and Australian Privacy Laws give you the right to access information held about you and to request that it is corrected if any of your details held are incorrect. Your right of access can be exercised in accordance with the GDPR. Any access request may be subject to a fee to meet our costs in providing you with details of the information we hold about you and you may also need to pay fees separately to any third party data controller. If you wish to verify the details that we hold about you may do so by contacting us via e-mail to firstname.lastname@example.org Our security procedures mean that we may request proof of identity before we reveal information. This proof of identity will typically take the form of your e-mail address and any password submitted upon registration.
10. Third party websites
1. Our website/Service may contain links to and from the websites of our partner networks, advertisers and other third parties. If you follow a link to any of these websites, please note that they have their own privacy policies and that we do not accept any responsibility or liability for these policies. Please check these policies before you submit any personal data to these websites.
1. We may from time to time provide you with an "opt in" or "opt-out" mechanism, subject to the requirements of applicable Australian privacy laws or the GDPR. An "opt-in" mechanism will provide you the opportunity to positively indicate that you would like or do not object to our sending you such further communications and we will not send you any unless you have "opted-in". An "opt-out" mechanism will provide you the opportunity to indicate that you do not want us to send you such further communications, and if you "opt-out" we will not send you any.
2. In each instance, opting-in or opting-out will be up to you and, in addition, if you do not want us to use your personal data for a particular purpose or disclose it to a third party, you may "opt out" at any time by contacting us as provided below. Please note, by opting-out, you may not be able to participate in certain activities on our website/Service.
3. Specific opt-outs may also be provided at the point of collection or along with the communications to you.
12. Jurisdiction and governing law
If you are a citizen or resident of the UK or EU, all matters relating to your data protection and privacy are governed by the laws of the EU, without reference to conflict or choice of law principles. You agree that the jurisdiction and venue for any legal proceeding relating to your data protection and privacy shall be in appropriate courts located in England and Wales. If you are located in a country other than the UK or EU, matters relating to your data protection and privacy are governed by the laws of Australia, without reference to conflict or choice of law principles. You agree that the jurisdiction and venue for any legal proceedings relating to data protection and privacy shall be in appropriate courts located in New South Wales, Australia.