(version date 9 May 2021)
- What information we collect and when we collect it
- Use of Personal Information
- Legal basis for using your Personal Information
- Direct marketing
- Accessing, correcting and updating your Personal Information
- Personal Information we share
- International transfers
- How long do we keep your Personal Information?
- Enforcement and Complaints
- Contact us
What information we collect and when we collect it
Information gathered during registration When you sign up for our Services, or register to use our Platform as a User, we collect and process certain Personal Information and data about you including:
- If you are a Client: if you are an entity, we will collect data in order to provide our Services to you and your users, including your business or company name, ABN or ACN, contact details (including address, phone number and email address) and payment information. If you are an individual representative of the Client (such as a recruiter, hiring manager, approver or referrer) we will collect your contact details (including your full name, address, phone number and email address), details of your role, communications with Members, marketing and communication preferences. If you carry out any training offered by LiveHire we will also collect details relating to that training (such as whether or not training has been completed). We use this data to notify you of Member messages, job vacancy notifications and other information relating to Talent Communities and the Platform, to notify you of training opportunities and to send you marketing emails.
- If you are a recruitment agency submitting a person for a job vacancy to a Client: if you are an entity, we will collect data in order to provide our Services to you and your users, including your business or company name, ABN or ACN and contact details (including address, phone number and email address). If you are an individual representative of a recruitment agency we will collect your contact details (including your full name, address, phone number and email address).
- request information, material or a demonstration from us;
- enter one of our promotions;
- subscribe to our mailing list;
- provide your business card;
- attend an event that we host, sponsor or are otherwise involved in;
- provide your Personal Information to companies that we have acquired or partnered with;
- apply to become a referral partner;
- have your details submitted by another person as a referral for a job vacancy;
- join our social media pages; and/or
- provide information to comply with our anti-money laundering processes.
- your explicit consent; or
- the establishment, exercise or defence by us or third parties of legal claims.
Usage Data We may collect information about which Services you use and how you use them and/or the Platform. This usage data and information includes:
- Log information: When you use our Services or view content provided by us (including through our ‘General Search’ function), we may automatically collect and store certain information in our server logs. This may include:
- details of how you used the Service, such as search queries;
- telephony log information;
- Internet Protocol (IP) address. As an automatic process, our webserver records a log file of IP addresses that access the Platform. We also collect IP addresses and other system information for purposes of statistical analysis and to maintain the security of the Platform. We will not use IP addresses or other system information to identify a User unless we determine, in our sole discretion, that it is necessary to improve our Services or to enforce compliance with our policies or agreements with Users to protect our Service, Platform, Clients and others. Notwithstanding this, we gather only that information that is reasonably necessary for us to operate and improve the Platform and otherwise conduct our business. We use commercially reasonable efforts to ensure our collection of information does not interfere with the operation or security of your system;
- device event information such as crashes, system activity, hardware settings, browser type, browser language, the date and time of your request and referral URL;
- Location information: When you use a location-enabled service or device, we may collect and process information about your location. We may also use various technologies to determine location, such as sensor data from your device and IP addresses. We collect this data in order to pre-fill forms for you, and to allow relevant suggestions of job opportunities.
- Unique application numbers: Certain Services include a unique application number. This number and information about your installation (eg the operating system type and application version number) may be sent to us when you install or uninstall that service or when that service periodically contacts our servers, such as for automatic updates.
- Local storage: We may collect and store information, including Personal Information, locally on your device using mechanisms such as browser web storage (including HTML 5) and application data caches.
What we use your Personal Information for
We use the Personal Information we collect from you for a range of purposes, including to:
- enable us to provide, maintain, protect and improve the Services and our products offered to you, to operate our business and develop new services, and to help us protect you and the Platform;
- offer you specific and relevant information such as search results, IOPS, work opportunities, Connection opportunities and education recommendations, in connection with the provision of our Services;
- assist you in pursuing potential employment opportunities with, or through, our Clients;
- as required by law and when complying with our legal obligations and assisting governments, law enforcement agencies or regulators;
- support our internal business purposes (including administration, planning and product development);
- issue marketing, promotional and fundraising materials to you;
- contact you to inform you about updates to the Platform and Services and provide information relating to transactions you may conduct on the Platform;
- create offer documentation;
- verify the information you have provided;
- facilitate your set up in third party systems with which we integrate on behalf of Clients (including payroll, superannuation, onboarding, reference and background checks and video interviewing);
- infer information such as gender for diversity and reporting purposes; and
- send alerts about potential job opportunities in our Talent Communities or publicly available online.
Legal basis for using your Personal Information
EU/UK Individuals We will only collect, use and share your Personal Information where we are satisfied that we have an appropriate legal basis to do so. We will make sure that we only use your Personal Information for the purposes set out above and in Appendix 2 where we are satisfied that:
- you have provided your consent to us using the data in that way; or
- our use of your Personal Information is necessary to perform the Services under the Terms of Service which you have entered into with us or in order for us to take steps at your request prior to you entering into those Terms of Service; or
- our use of your Personal Information is necessary to comply with a relevant legal or regulatory obligation; or
- our use of your Personal Information is necessary to support the ‘legitimate interests’ that we have as a business.
In all cases, we will look after your information in a way that is proportionate and respects your privacy rights. You have a right to object to this Processing as explained further in Appendix 2. If you would like to find out more about the legal basis upon which we process Personal Information, please contact us.
EU/UK individuals We do not conduct any automated decision-making on your Personal Information. We may use limited profiling or other forms of automated Processing:
- to determine the mix of candidate characteristics within Talent Communities;
- to segment individuals into different groups or rankings, with humans making decisions based on that profiling;
- for security purposes, to assess if your account may be fraudulent, a spam account or suspect in any way; and
- the purposes of marketing, to pursue our legitimate interests of ensuring our marketing communications are relevant to you and persons to whom it is targeted.
As profiling uses automated Processing, it is sometimes connected with automated decision making. Not all profiling results in automated decision making, but it can do. Please note, you have certain rights (including a right to object) in respect of automated decision making, where that decision has significant effects on you, including where it produces a legal effect on you. See below for more information about your rights.
Accessing, correcting and updating your Personal Information
To request access to Personal Information we hold about you, please contact us. If that information is incorrect, out of date or incomplete, we provide processes to update it or to delete it unless we have to keep that information for legitimate business or legal purposes. When requesting access or changes to your Personal Information, we may ask you to verify your identity before we act on your request. There are some circumstances in which we are not required to give you access to your Personal Information. We may reject requests that are unlawful, frivolous, vexatious, unreasonably repetitive, require disproportionate technical effort (eg developing a new system or fundamentally changing existing practices), that we believe risk the privacy, health or safety of others, or would be otherwise be extremely impractical (eg requests concerning information on our backup systems or unique ID data on Users). Where we provide information access and correction, we will do so for free, except where in our opinion it would require a disproportionate effort or cost for us to do so. We may require you to meet our reasonable costs in providing you with access including for photocopying and postage. Where you correct, update or otherwise provide Personal Information, you represent to us that the information you provide to us is, having regard to the circumstances, accurate, up to date and complete, having regard to the purposes of the disclosure, and not misleading or deceptive. We will respond to any requests to change your Personal Information within a reasonable timeframe and will take all reasonable steps to ensure that the Personal Information we hold about you remains accurate, up-to-date and complete.
Depending on our relationship with you, or your relationship with our Client, we may need to refer your request to our Client; who will consider your request and respond to you directly.
|Right||What this means|
|Access||You can ask us to:
|Rectification||You can ask us to rectify inaccurate Personal Data. We may seek to verify the accuracy of the data before rectifying it.|
|Erasure||You can ask us to erase your Personal Data, but only where:
We are not required to comply with your request to erase your Personal Data if the Processing of that data is necessary:
|Restriction||You can ask us to restrict (ie keep but not use) your Personal Data, but only where:
We can continue to use your Personal Data following a request for restriction, where:
|Portability||You can ask us to provide your Personal Data to you in a structured, commonly used, machine-readable format but only where:
|Objection||You can object to any Processing of your Personal Data which has our ‘legitimate interests’ as its legal basis, if you believe your fundamental rights and freedoms outweigh our legitimate interests. Once you have objected, we have an opportunity to demonstrate that we have compelling legitimate interests which override your rights and freedoms.|
|International transfers||You can ask to obtain a copy of, or reference to, the safeguards under which your Personal Data is transferred outside of the European Economic Area. We may redact data transfer agreements or related documents (ie obscure certain information contained within these documents) for reasons of commercial sensitivity.|
|Supervisory Authority||You have a right to lodge a complaint with your local supervisory authority about our Processing of your Personal Data. For example, in the UK, the supervisory authority for data protection is the ICO. We ask that you please attempt to resolve any issues with us first, although you have a right to contact your supervisory authority at any time.|
If you wish to exercise any of your rights, we may ask you for additional information to confirm your identity and for security purposes, in particular before disclosing Personal Data to you. We reserve the right to charge a fee where permitted by law, for instance if your request is manifestly unfounded or excessive. We may not always be able to fully address your request (eg if it would impact the duty of confidentiality we owe to others) or if we are legally entitled to deal with the request in a different way.
International Data Transfers
Your Personal Information may be disclosed, transferred to or processed outside of your country of residence, including in Australia, New Zealand, the United States, Europe and the Asia Pacific. Your Personal Information is principally maintained within data centres and servers located in Australia. When you connect with Clients for employment opportunities, the information shared with those Clients may be processed in the countries in which they operate which may be outside of Australia. We take measures to ensure that any disclosure of your Personal Information outside of Australia is completed in compliance with Australian Privacy laws. EU/UK Individuals Your data may be processed outside of the European Union in countries including in Australia, New Zealand, the United States and the Asia Pacific that are subject to different standards of data protection. We will take appropriate steps ensure that transfers of Personal Information are in accordance with applicable law and carefully managed to protect your privacy rights and interests and transfers are limited to countries which are recognised as providing an adequate level of legal protection or where we can be satisfied that alternative arrangements are in place to protect your privacy rights. To this end we will ensure that any transfers of your Personal Information between members of any group of companies of which LiveHire is a member will be covered by an intra-group agreement which contractually obliges each member to ensure that Personal Information it receives is subject to an adequate and consistent level of protection wherever it is transferred within the group of companies. Where we transfer your Personal Information outside any group of companies of which LiveHire is a member, or to third parties who help provide our Services, we obtain contractual commitments from them to protect your Personal Information. Some of these assurances are well recognised certification schemes like the EU/US ‘Privacy Shield’ for the protection of Personal Information transferred from within the European Union to the United States and/or the use of the European Union Model Clauses for controller to controller and/or controller to processor transfers from the EU/UK to jurisdictions, such as Australia, the United States and the Asia Pacific, which do not have an adequacy finding from the European Union Commission. Where we receive requests for information from law enforcement or regulators, we carefully validate these requests before any Personal Information is disclosed. You have a right to contact us for more information about the safeguards we have put in place to ensure the adequate protection of your Personal Information when this is transferred as described above.
How long do we keep your Personal Information?
We will retain your Personal Information for as long as is reasonably necessary for the purposes for which we collect this information. In some limited circumstances we may retain your Personal Information for longer periods, for instance where we are required to do so in accordance with legal, regulatory, tax or accounting requirements. In specific circumstances we may also retain your Personal Information for longer periods so that we have an accurate record of your dealings with us in the event of any complaints or challenges, to ensure we meet our obligation to unsubscribe a User under the Spam Act 2003 (Cth) or if we reasonably believe there is a prospect of litigation relating to your Personal Information or dealings with us. We aim to maintain our Services in a manner that protects information from accidental or malicious destruction. At the request of any Client or Member, all data belonging to the requesting party can be removed from the system. EU/UK Individuals To determine the appropriate retention periods, we consider the amount, nature and sensitivity of the personal data potential risk of harm from unauthorised use or disclosures the purposes for which we process your Personal Information and whether we can achieve those purposes through other means and the applicable legal requirements. In some circumstances we may store your Personal Information for longer periods than others, for instance where we are required to do so in accordance with legal, regulatory, tax, accounting requirements. This may be for a seven (7) year period unless the applicable law prescribes otherwise. If you would like more information on how we retain your data, please contact us.
We recognise our responsibility to protect your Personal Information. We take security very seriously and work together with you, developers and external security experts to design security into our products from the ground up (including through implementing privacy by design and security by design measures). We store information about you in computer systems and databases operated either by us or our external cloud Service Providers. Our information storage is on secure servers in locked data centres and data is encrypted wherever possible. However, as the transmission of information across the internet is not completely secure we cannot guarantee the security of your information transmitted to our Website. We will take reasonable steps to destroy or de-identify Personal Information once we no longer require it for the purposes for which it was collected or for any secondary purpose permitted under any applicable data privacy laws. We recommend that you create a secure password, do not disclose your password or account details to anyone, and that you change your password each quarter. As the security of information depends in part on the security of the computer or device you use to communicate with us and the security you use to protect your user IDs and passwords, we encourage you to take appropriate measures to protect this information. Our Platform is operated using security capabilities, such as SSL (Secure Sockets Layer) and TLS (Transport Layer Security) to protect your Personal Information. These are industry standard cryptographic protocols, utilising strong encryption algorithms such as AES and SHA, whilst disabling insecure ciphers to ensure the information is reasonably protected against unauthorised interception both in transit and at rest. We have developed and implemented an Information Security Management System (ISMS) comprising people, processes and technological controls to protect Personal Information from misuse, interference or loss, and from unauthorised access, modification or disclosure. Measures include requiring that all employees and contractors comply with internal information security policies and standards to keep information secure, whilst maintaining compliance with any legal, regulatory and contractual obligations, requiring employees to undertake mandatory information security training and awareness sessions and monitoring and regularly reviewing our practices against our own policies and against industry best practice.
Enforcement and complaints
If you have any queries or issues please contact our Privacy Officer at LiveHire Ltd Level 10/461 Bourke Street Melbourne, VIC 3000 Email: email@example.com
Appendix 1 – Categories of Personal Information
|Information type||Details of information that we typically capture|
|Contact Details||Name, address, telephone number, email address|
|Employment Information||Curriculum vitae or resume, employment intentions, nationality, right to work|
|Personal Information||Gender, date of birth, profile photo|
|Marketing||Name, email address, interests/marketing list assignments, record of permissions or marketing objections, Website data (including online account details, IP address and browser generated information)|
|Contact Details||Business or company name, name, work address, work email, work telephone numbers, job title, profile photo|
|Marketing||Name, email address, interests/marketing list assignments, record of permissions or marketing objections, Website data (including online account details, IP address and browser generated information)|
Appendix 2 – Legal Basis for Processing
|Activity||Type of information collected||The basis on which we use the information||Who we may disclose the information to|
|Set up a record on our systems||
|Provide assistance and support||
|Comply with legal and regulatory obligations||
|Applicable to all|
|Transfer books of business||
|Sale or reorganisation of LiveHire||
Client means an entity, organisation or individual which has a commercial arrangement with LiveHire which permits them to use our Services and/or Platform, primarily to search for, contact or otherwise engage with Members for recruitment and talent pooling purposes.
CCPA means the California Consumer Privacy Act 2018.
Connection (also Talent Community Connection) means an agreement between a Member and a Client to be connected for potential employment opportunities and related communication. It can arise in a number of ways, for example through a Member choosing to join a Client’s Talent Community, applying for a job, or accepting a connection request or invitation sent from a Client.
Data Controller means a natural or legal Person who determines the means and purposes of Processing of Personal Information.
EU GDPR means the General Data Protection Regulation (EU) 2016/679 as implemented in each member state of the European Union (EU) and the European Economic Area (EEA) excluding Switzerland.
EU Individual means an individual who is either based in or a resident of the European Union.
GDPR means the General Data Protection Regulation (EU) 2016/679.
Integration Partners means third parties with whom we integrate the Platform and/or the Services, on behalf of our Clients to enable those Clients to carry out hiring and employment related functions via the Platform including, for example, job postings (Adzuna, Broadbean, Glassdoor, Google for Jobs, Indeed, LinkedIn, Seek), candidate assessments (Added Insight, Revelian, Talegent, Testgrid, Weirdly), candidate background checks (CVCheck, Fit2Work), candidate reference checks (Checkster, SkillSurvey, XRef), curriculum vitae parsing (Daxtra), employee onboarding (Enboarder, FlareHR, HROnboard, Onboard Express), candidate sourcing (Hiretual), video interviewing (Calendly, HireVue, myInterview, Sonru, Vieple) and human resource management (SAP SuccessFactors).
LiveHire Group means LiveHire Ltd (ABN 59 153 266 605) of Level 10, 461 Bourke Street, Melbourne, Victoria 3000 and each of its related companies including LiveHire US Inc.
Member means a User who registers with the Platform as a candidate and uses the Platform and/or the Services primarily to search for, contact or otherwise engage with Clients or other Users for their own purposes.
Person means any individual, candidate, company, partnership, joint venture or other legal entity or entities.
Personal Data means any information (including Personal Information) capable of identifying a natural person, directly or indirectly, in particular by reference to an identification number or to one or more factors specific to their, his or her physical, physiological, mental, economic, cultural or social identity. Data is considered personal when it enables anyone to link information to a specific person, even if the person or entity holding that data cannot make that link.
Personal Information has the meaning given to it in the Australian Privacy Act 1988 (Cth) as amended.
Platform means the Website and all associated software, apps, files, emails, SMS, pictures, data, hardware, technology, business systems and processes and other resources.
Privacy Act means the Privacy Act 1988 (Cth).
Processing means any operation or set of operations that is performed upon Personal Data, whether or not by automatic means, including, but not limited to collection, recording, organisation, storage, access, adaptation, alteration, retrieval, consultation, use, disclosure, dissemination, making available, alignment, combination, blocking, deleting, erasure, or destruction.
Sensitive Information has the meaning given to it in the Australian Privacy Act 1988 (Cth), as amended.
Sensitive Personal Data means any Personal Data relating to your health, criminal convictions, sex life, sexual orientation, racial or ethnic origin, political opinions, religious or philosophical beliefs, trade union membership, including Sensitive Information. EU/UK Individuals Sensitive Personal Data will also include genetic and biometric data if collected for the purposes of uniquely identifying you.
Service Providers include a range of parties to whom we outsource certain functions of our business for our back-office, IT, professional support services (such as partners, service providers, contractors, suppliers, distributors and agents, including IT and web support contractors, cloud service providers, finance agencies, marketing partners and analysis companies).
Services means any products, goods or services that we or any Client, Service Provider or Integration Partner may provide to or for you, whether or not via the Platform.
Talent Community means the community that forms when a Client connect with Members via the Platform.
UK GDPR means the General Data Protection Regulation (EU) 2016/679 as implemented in the United Kingdom by the Data Protection Act 2018.
User means a Person whose name is specified during an online registration process to create an account on the Platform in the name of that Person, whether that Person then uses the Platform as, or on behalf of, a Client or Service Provider, as a Member, or on some other basis.
Website means the website(s) located at www.livehire.com, www.livehire.com.au and/or www.FIFObids.com.au, our Blog and all other related domains and subdomains.
1234lkdjflskdjfsdlkfUK GDPR means the General Data Protection Regulation (EU) 2016/679 as implemented in the United Kingdom by the Data Protection Act 2018.