1. Outline

    • 1.1 This document describes the privacy policy of TimeTarget.
    • 1.2 TimeTarget and its Related Bodies Corporate have sought to adopt a uniformly rigorous and best practice approach to collecting, using, disclosing and protecting personal information. This is necessarily subject to applicable laws in relevant jurisdictions. Accordingly, other Related Bodies Corporate may have a different privacy policy.  Please refer to such policies when dealing with the relevant Related Body Corporate. 
    • 1.3 We may change, vary or modify all or part of this Privacy Policy at any time in our sole discretion.
    • 1.4 If we adopt a new Privacy Policy:
      • 1.4.1 we will post the new Privacy Policy on the Platform; and
      • 1.4.2 it will thereupon apply through your acceptance of it by subsequent or continued use of the Platform or the WFM Solution or by virtue of notice given to you (actual or constructive).
    • 1.5 It is your responsibility to check the Platform periodically for changes.
    • 1.6 The Privacy Act 1988 (Cth) and the APPs regulate the collection, use and disclosure of personal information.

    2. Scope

    2.1 This Privacy Policy explains among other things:

    2.1.1 why we collect personal information;

    2.1.2 what personal information we collect;

    2.1.3 how we collect personal information;

    2.1.4 how we use personal information;

    2.1.5 the disclosure of personal information;

    2.1.6 your right of access to your personal information;

    2.1.7 your right to correct your personal information;

    2.1.8 how we protect the integrity of your personal information;

    2.1.9 your right to have your privacy complaints investigated and resolved; and

    2.1.10 how you can contact us regarding privacy concerns.

    2.2 Subject to clause 2.4, this Privacy Policy governs all personal information collected by and provided to us with respect to our business and must be adhered to by all persons who access, use, process, control or otherwise deal with such personal information on our behalf.

    2.3 This Privacy Policy also applies (without limitation) to independent contractors, job applicants, prospective customers, Users of our software and services (including the WFM Solution and whether in a hosted or cloud environment), as well as individuals who provide us with their personal information (directly or indirectly) in whatever capacity or basis.

    2.4 This Privacy Policy does not apply to our acts and practices which relate directly to the employee records of our current and former employees for the purposes of section 7B(3) of the Privacy Act.

    3. Purpose

    3.1 We collect your personal information for the following purposes (Primary Purpose):

    3.1.1 to lawfully carry out our functions and activities;

    3.1.2 to process such personal information, most usually as a data processor in respect of use of a relevant WFM Solution or TimeTarget software by a relevant customer and/or User, but also as a data controller in some instances (e.g. in our own capacity as an employer and with respect to our own business activities separate to data processing activities);

    3.1.3 to assess whether you are a permitted User of a relevant instance of the WFM Solution;

    3.1.4 upon direction of your employer or in connection with your employment, to conduct visa and/or migration checks via third party service providers or a relevant governmental body or agency via integrated functionality within the WFM Solution or an application which operates in conjunction with it or by other means;

    3.1.5 to deliver the software and/or services that you or another person has requested or contracted to acquire;

    3.1.6 to store in a relevant database;

    3.1.7 to provide you with further information about the software and/or services you or another person has requested or contracted to acquire;

    3.1.8 to personalise and customise your experiences with us;

    3.1.9 to help us review, manage and enhance our software and/or services;

    3.1.10 to develop insights used in reports or other content developed by us;

    3.1.11 to communicate with you;

    3.1.12 for administration purposes, including charging, billing and collecting debts;

    3.1.13 to promote and market those of our other software and/or services which we consider may be of interest to you;

    3.1.14 when considering making offers to job applicants and prospective employees or for employment purposes; and

    3.1.15 to receive services from you or the organisation which employs you.

    3.2 In addition to the Primary Purpose, we may use the personal information we collect and you consent to us and our Related Bodies Corporate using your personal information to:

    3.2.1 provide you with news about any software and/or services;

    3.2.2 send you marketing and promotional material that you may be interested in;

    3.2.3 communicate with you, including by email, telephone and mail;

    3.2.4 manage and enhance software or your experience on our Platform or a relevant WFM solution and the domains of our Related Bodies Corporate;

    3.2.5 conduct surveys or promotions;

    3.2.6 verify your identity;

    3.2.7 investigate any complaints about, or made by you, or if we have reason to suspect you have breached any relevant terms and conditions; or

    3.2.8 as required or permitted by any law.

    3.3 Unless otherwise provided by law or with the consent of a relevant person, we will not collect, hold, use or disclose sensitive information without your consent.

    4. Collection

    4.1 Personal information we collect about you may include your name, date of birth, address, telephone number, gender, biometric data (such as biometric finger vein scans), payment information, social media identifiers and email addresses, including any information you enter to register on or use our Platform and/or a relevant instance of the WFM Solution or, provide to use or access our software and/or services (as the case may be) and other information from which your identity is apparent or can be reasonably ascertained.

    4.2 We also collect information that is not personal information, such as data relating to your activity on the Platform or a relevant instance of the WFM Solution (Other Information).

    4.3 Other Information we collect may include:

    4.3.1 the Internet Protocol address and a component of the domain name used (e.g. .com or .net);

    4.3.2 the type of browser and operating system you used;

    4.3.3 the date and time you visited the Platform or a relevant instance of the WFM Solution;

    4.3.4 the web pages or services you accessed at the Platform;

    4.3.5 the time spent on individual pages and the Platform overall;

    4.3.6 which files you downloaded; and

    4.3.7 information about your computer and Internet connections using cookies.

    5. Collection methods

    5.1 Personal information may be provided by you using the Platform, or by you and/or your employer using a relevant instance of the WFM Solution or by telephone, business cards, contracts, applications, competition entries, order forms, mail or email, by attending events or webinars, face-to-face, in writing or by other means.

    5.2 If you provide personal information about another person to us, we require that you:

    5.2.1 inform that person you have done so and provide them with a copy of this Privacy Policy; and

    5.2.2 confirm to us that you have that person’s express and informed consent to provide or transfer such information for the purpose specified and for use as permitted by this Privacy Policy.

    5.2.3 ensure that the relevant third parties, customers, employees, independent contractors and other persons have been informed of, and have given their consent to, such use, processing as required by all applicable data protection and privacy laws in Australia or overseas

    5.3 If we receive unsolicited personal information about you that we could not have collected in accordance with this Privacy Policy and the Privacy Act, we will within a reasonable period, destroy or de-identify such information received.

    5.4 You are not obliged to give us your personal information as a general rule but may be by relevant laws or your agreement with a relevant employer or other person. If you would like to access any of our software, services or features of our Platform on an anonymous basis we will take reasonable steps to comply with your request. However, we will require you to identify yourself if:

    5.4.1 we are required by law to deal with individuals who have identified themselves; or

    5.4.2 it is impracticable for us to deal with you if you do not identify yourself or elect to use a pseudonym.

    5.5 We use Google Analytics to obtain a more detailed understanding of our Platform users and their potential needs.  We do not collect personal information by such methods; only aggregate data is used for planning purposes.

    6. Use

    6.1 We will only use and disclose your personal information:

    6.1.1 for purposes which are related to the Primary Purpose; or

    6.1.2 if we otherwise get your consent to do so, in accordance with this Privacy Policy and the Privacy Act.

    6.2 Except to the extent to which consent has been given or applicable law allows, we will not use your personal information for any purpose for which you would not reasonably expect us to use your personal information. Additionally, we will not disclose your sensitive information without your consent, unless there is a need to disclose such information in accordance with the Privacy Act or to comply with any other regulatory requirement or as permitted by applicable law.

    6.3 We will only use or disclose your personal information for the purposes of direct marketing if:

    6.3.1 we collected the information from you;

    6.3.2 it is reasonable in the circumstances to expect that we would use or disclose the information for direct marketing purposes;

    6.3.3 we provide you with a simple means to ‘opt-out’ of direct marketing communications from us; and

    6.3.4 you have not elected to ‘opt-out’ from receiving such direct marketing communications from us.

    6.4 You may opt out of receiving such communications by:

    6.4.1 clicking a link on the email communications sent to you;

    6.4.2 contacting our Privacy Officer by email at admin@timetarget.com; or

    6.4.3 writing to Privacy Officer, TimeTarget Pty Limited, Level 10, 52 Alfred Street, Milsons Point, New South Wales 2061.

    7. Disclosure

    7.1 We may disclose personal information and you consent to us disclosing such personal information to:

    7.1.1 third parties engaged by us to perform functions or provide software and/or services on our, or their, behalf such as mail outs, marketing or advertising;

    7.1.2 Related Bodies Corporate;

    7.1.3 AWS, pursuant to the terms of a relevant AWS Customer Agreement or otherwise;

    7.1.4 your referees and former employers;

    7.1.5 credit agencies;

    7.1.6 our professional advisors, including our accountants, auditors and lawyers;

    7.1.7 persons authorised by you to receive information held by us; and

    7.1.8 any persons as required or permitted by any law.

    7.2 We consider that overseas recipients of personal information in such jurisdictions are subject to a law, or binding scheme, that has the effect of protecting personal information in a way that, overall, is at least substantially similar to the way in which the APPs protect personal information and there are mechanisms that a relevant individual can access to take action to enforce that protection of the law or binding scheme.

    7.3 In any event, you acknowledge and agree that if we disclose personal information to overseas recipients, we are not obliged to take reasonable steps to ensure overseas recipients (whether Related Bodies Corporate or not) of your personal information comply with the Privacy Act and the APPs.

    8. Access + Correction

    8.1 Access. You have a right to access your personal information, subject to certain exceptions provided for in the Privacy Act.

    8.2 If you require access to your personal information, please contact Privacy Officer, TimeTarget Pty Limited, Level 10, 52 Alfred Street, Milsons Point, New South Wales 2061. We may refer you to the Privacy Officer or other relevant person of a relevant employer as the case may require or be appropriate.

    8.3 You are required to put your request in writing and provide proof of identity.

    8.4 We are not obliged to allow access to your personal information if:

    8.4.1 we reasonably believe that giving access would pose a serious threat to the life, health or safety of any individual, or to public health or public safety;

    8.4.2 giving access would have an unreasonable impact on the privacy of other individuals;

    8.4.3 the request for access is frivolous or vexatious;

    8.4.4 the information relates to existing or anticipated legal proceedings between you and us and would not ordinarily be accessible by the discovery process in such proceedings;

    8.4.5 giving access would reveal our intentions in relation to negotiations with you in a way that would prejudice those negotiations;

    8.4.6 giving access would be unlawful;

    8.4.7 denying access is required or authorised by or under an Australian law or a court/tribunal order;

    8.4.8 we have reason to suspect that unlawful activity, or misconduct of a serious nature relating to our functions or activities has been, is being or may be engaged in and giving access would be likely to prejudice the taking of appropriate action in relation to the matter;

    8.4.9 giving access would be likely to prejudice one or more enforcement related activities conducted by, or on behalf of, an enforcement body; or

    8.4.10 giving access would reveal internal evaluative information in connection with a commercially sensitive decision-making process.

    8.5 If you make a request for access to personal information, we will:

    8.5.1 respond to your request within a reasonable period; and

    8.5.2 if reasonable and practicable, give access to the information in the manner requested.

    8.6 If we refuse to give access to the personal information because of an exception or in the manner requested by you, we will give you a written notice that sets out at a minimum:

    8.6.1 our reasons for the refusal (to the extent it is reasonable to do so); and

    8.6.2 the mechanisms available to complain about the refusal.

    8.7 We reserve the right to charge you reasonable expenses for providing access to personal information, for example, a fee for photocopying any information requested by you.

    8.8 Correction. We request that you keep your personal information as current as possible. If you feel that information about you is not accurate or your details have or are about to change, you can:

    8.9 Contact us as provided in clause 8.2 and we will correct or update your personal information. Where relevant we may refer you to the Privacy Officer or other relevant person of a relevant employer as the case may require or be appropriate.

    8.10 If you make a request to correct your personal information, we will:

    8.10.1 respond to your request within a reasonable period; and

    8.10.2 if reasonable and practicable, correct the information in the manner requested or attend to such request as contemplated above.

    8.11 If we refuse a request to correct personal information, we will:

    8.11.1 give you a written notice setting out the reasons for the refusal and how you may make a complaint; and

    8.11.2 take reasonable steps to include a statement with your personal information we refuse to correct.

    8.12 We reserve the right to charge you reasonable expenses for making a correction to your personal information, for example, a fee for photocopying relevant information.

    9. Security + Protection

    9.1 We will take all reasonable steps to:

    9.1.1 ensure that the personal information that we collect is accurate, up-to-date and complete;

    9.1.2 ensure that the personal information that we hold, use or disclose is, with regard to the relevant purpose, accurate, up-to-date, complete and relevant; and

    9.1.3 protect personal information from misuse, loss or unauthorised access and disclosure including by means of password access (where applicable) and secure servers.

    9.2 You acknowledge that the security of communications sent by electronic means or by post cannot be guaranteed. We cannot accept responsibility for misuse, loss or unauthorised access to your personal information where the security of information is not within our control.

    9.3 If you suspect any misuse or loss of your personal information please contact us immediately.

    10. Complaints

    10.1 If you have a complaint about how we collect, use, disclose, manage or protect your personal information please contact us in writing.

    10.2 We will respond to any written complaint within 14 days of receiving the complaint.

    10.3 Once the complaint has been received, we will try to resolve the matter in a number of ways:

    10.3.1 Request for further information: We may request further information from you. You should be prepared to provide us with as much information as possible, including details of any relevant dates and documentation. This will enable us to investigate the complaint and determine an appropriate solution. All details provided will be kept confidential.

    10.3.2 Discuss options: We will discuss options for resolution with you and if you have suggestions about how the matter might be resolved you should raise these with our Privacy Officer.

    10.3.3 Investigation: Where necessary, the complaint will be investigated. We will try to do so within a reasonable time frame. It may be necessary to contact others in order to proceed with the investigation. This may be necessary in order to progress your complaint.

    10.3.4 Conduct of our employees: If your complaint involves the conduct of our employees we will raise the matter with the employees concerned and seek their comment and input in the resolution of the complaint.

    10.4 You are free to lodge a complaint directly with the Office of the Australian Information Commissioner (OAIC) online, by mail, fax or email. For more information please visit the OAIC website at http://www.oaic.gov.au/privacy/making-a-privacy-complaint.

    11. Contact

    11.1 Please forward all correspondence in respect of this Privacy Policy to:

    Privacy Officer

    TimeTarget Pty Limited

    Suite 10.01, Level 10

    52 Alfred Street

    Milsons Point

    New South Wales 2061


    P: 1300 886 698

    E: admin@timetarget.com

    12. Interpretation + Definitions

    12.1 Personal pronouns: Except where the context otherwise provides or requires:

    12.1.1 the terms we, us or our refers to TimeTarget; and

    12.1.2 the terms you or your refers to a person who uses or accesses the Platform and/or a relevant WFM Solution (including a User) or other relevant person (not being us or our Related Body Corporate) and includes a person who agrees or by operation of law or contract is bound by the terms of this Privacy Policy by any relevant means.

    12.2 Terms italicised and defined in the Privacy Act have the meaning given to them in the Privacy Act.

    12.3 Defined terms: In this Privacy Policy unless otherwise provided, the following terms shall have their meaning as specified:

    APPs means any of the Australian Privacy Principles set out in Schedule 3 of the Privacy Act.

    AWS means Amazon Web Services Inc, P.O. Box 81226, Seattle, WA 98108-1226 or its relevant affiliate, assignee or successor in title as the case may be.

    AWS Customer Agreement means the Customer Agreement of AWS from time to time applicable which may be found at: https://aws.amazon.com/agreement/.

    Personal information means information or an opinion about an identified individual, or an individual who is reasonably identifiable: (a)  whether the information or opinion is true or not; and (b) whether the information or opinion is recorded in a material form or not.

    Platform means timetarget.com or humanforce.com or humanforce.co.uk

    Privacy Act means the Privacy Act 1988 (Cth) as amended from time to time.

    Privacy Policy means this privacy policy of TimeTarget as amended from time to time.

    Related Bodies Corporate has the meaning given in section 50 of the Corporations Act 2001 (Cth).

    Sensitive information means:

    (a)  information or an opinion about an individual’s:

    (i)  racial or ethnic origin; or

    (ii)  political opinions; or

    (iv)  religious beliefs or affiliations; or

    (v)  philosophical beliefs; or

    (vi)  membership of a professional or trade association; or

    (vii)  membership of a trade union; or

    (viii)  sexual orientation or practices; or

    (ix)  criminal record;

    that is also personal information; or

    (b)  health information about an individual; or

    (c)  genetic information about an individual that is not otherwise health information; or

    (d)  biometric information that is to be used for the purpose of automated biometric verification or biometric identification; or

    (e)  biometric templates.

    TimeTarget means TimeTarget Pty Limited (ACN 140 620 248) whose registered address is at Suite 10.01, Level 10, 52 Alfred Street, Milsons Point New South Wales 2061, Australia.

    User means a person who is permitted to use the WFM Solution in whatever capacity and includes customers, employers, employees, agents and independent contractors (whether with or without administration and/or special access rights).

    WFM Solution means the relevant TimeTarget workforce management solution or instance of it which includes or may comprise relevant hardware and TimeTarget or Humanforce software that may be licensed for on premise use and/or hosted in the cloud by us or AWS or a relevant employer and/or other person as the case may be.