Anson Data and Privacy Policy

ANSON DATA AND PRIVACY POLICY

Introduction

ANSON respects our clients, customers, participants, and community which is why we value transparency and trust when it comes to protecting your personal information and privacy. Our Privacy Policy describes how we do this in line with our values and respect for you, our community.

It is important to us that you should enjoy using our products, services, website, and communications without compromising your privacy and rights in any way. This policy outlines how we collect and use different types of personal and behavioural information, the reasons for doing so and your rights regarding the collection, use and security of your personal information.

We fully comply with the Australian Privacy Act 1988, Western Australia’s Freedom of information Act 1992 and align with the rights and principles of the European Union’s General Data Protection Regulation (GDPR) as the global leading standard.

We will not pass your data to other organisations to use for marketing purposes without your explicit consent. We, or our selected partners will not use your data in ways contrary to that which has been disclosed in our privacy policy or you have consented to.

You should read this policy in conjunction with our Terms and Conditions, our Website Terms and Conditions and ensure that you understand how we collect and use your information.

If you have any questions relating to your personal information, you can find out more in our FAQ section below. Alternatively, you can get in touch directly using the telephone number (08) 6242 0304 or via the details at the bottom of our website Our Terms Conditions and Policies.

This Privacy Policy supersedes any previous privacy policies we have distributed.

Our policies will be updated from time-to-time. Please refer regularly to keep yourself updated.

 

SECTIONS IN THIS POLICY 

  1. About us
  2. Your data
  3. DIFFERENCES BETWEEN GDPR AND THE PRIVACY ACT
  4. Information we collect
  5. Retaining and storing your information
  6. Legitimate Interest
  7. How we use your information
  8. Third parties
  9. IP Addresses, cookies, and external links
  10. Security and Phishing
  11. Your rights and how to exercise them
  12. FAQs
  13. Contact Us
  14. Changes to this policy

  1. About us

    1. The ANSON privacy policy is between ANSON Smart Workforce Pty Ltd and the customers, candidates and other individuals providing data and accessing the services of ANSON Smart Workforce. 
    2. This policy applies to anyone that is visiting, ordering, registering, or interacting with any product or service from the ANSON Smart Workforce.
    3. ANSON Smart Workforce Pty Ltd is a joint venture of ANSON Management Consulting Pty Ltd.
    4. ANSON Management Consulting Pty Ltd Australian registration number is 152 401 128 ANSON Smart Workforce registration number is 636 888 849.
    5. ANSON Smart Workforce Pty Ltd and ANSON Management Consulting Pty Ltd are the sole owners and data controllers of your personal information, meaning that we jointly manage, use, distribution and hold secure your personal data.
    6. For the purpose of the Privacy Act 1988 and Western Australia’s Freedom of information Act 1992 the data controller is ANSON organisation(s) at 321 Pier Street, Perth WA 6000, Australia.
    7. We respect the privacy rights of our customers, candidate and other individuals and understand the importance of protecting the information collected. Please read the policy carefully before accessing or using the information and services available through ANSON Smart Workforce.
    8. We will not share, sell, or rent-out this information to others in ways different from what is disclosed in this statement without your explicit consent.      
    9. We may modify this agreement at any time, and such modifications shall be effective immediately upon posting the modified agreement on our proposals and website.

  2. Your Data

    1. All the personal information you provide to us will be treated in accordance to the Privacy Act 1988 and Western Australia’s Freedom of information Act 1992.
    2. ANSON also aligns with the European Union’s General Data Protection Regulation (GDPR) providing you with additional rights regarding ANSON’s collection, management, use, security, and deletion of your data.
      1.  GDPR has no legal standing for an Australian company.
      2.  The relevance of GDPR for ANSON is limited to the purpose of up-holding the highest standards of ethical use management and security of client, candidate and participant data.
      3. The adherence to GDPR principles and rights provides no additional rights under the Privacy Act 1988 and Western Australia’s Freedom of information Act 1992.
      4. Therefore, conveys no additional legal protections under Australian law.
    3. The nature of our services and the use of our website means that we will obtain and certain information about you. This statement sets out the principles governing our use of data. By using ANSON services and our Website you agree to this data use.
    4. We may collect and process information that you provide by filling in paper forms, providing information on our website, details of transactions you carry out through our site and details of your visits to our site. If you contact us, we may keep a record of that correspondence.
    5. To ensure that your credit card, debit card or other payment methods are not being used without your consent, we may validate name, address and other personal information supplied by you during the order process against appropriate third party databases. By accepting these terms and conditions you consent to such check being made.  In performing these checks personal information provided by you may be disclosed to a registered Credit Reference Agency which may keep a record of that information.  Please be assured that this is only done to confirm your identity, that a credit check is not performed and that your credit rating will be unaffected.  All information provided by you will be treated securely and strictly in accordance with the Privacy Act 1988 and Western Australia’s Freedom of information Act 1992.

  3. KEY DIFFERENCES BETWEEN GDPR AND THE PRIVACY ACT (1988).

    1. GDPR contains provisions outlining the legal basis of processing. However, the Privacy Act provides that personal information may only be collected by fair and lawful means, and for purposes relating to the entity's functions and activities.
    2. The Privacy Act does not explicitly provide individuals with some of the key data subject rights provided by the GDPR, including the right to erasure, the right to object, and the right to data portability.
    3. The GDPR defines pseudonymised data as 'the processing of personal data in such a manner that the personal data can no longer be attributed to a specific data subject without the use of additional information, provided that such additional information is kept separately and is subject to technical and organisational measures to ensure that the personal data are not attributed to an identified or identifiable natural person. The Privacy Act defines 'de-identified' information as information which is no longer about an identifiable individual (i.e. natural person) or an individual who is reasonably identifiable.
    4. The GDPR requires that data controllers and data processors maintain a record of their processing activities, conduct a data protection impact assessment (DPIA), and appoint a data protection officer ('DPO') in certain circumstances, whereas the Privacy Act does not contain similar provisions.
    5. Whilst both the GDPR and the Privacy Act provide for monetary and administrative penalties, the stated amounts of the fines under each differ significantly, although in practice the civil penalties under the Privacy Act may be applied such that in large scale serious interference with privacy, the amount of the fines under each may be similar.
    6. The Privacy Act does not distinguish between data controllers and data processors. Whereas GDPR does.
    7. The GDPR provides that it 'should apply to natural persons, whatever their nationality or place of residence, in relation to the processing of their personal data.'
    8. The Privacy Act does not explicitly refer to nationality or place of residence. However, personal information processed by an APP entity will be subject to the Privacy Act.
    9. Article 4(1) of the GDPR clarifies that a data subject is 'an identified or identifiable natural person.' The Privacy Act does not provide the definition of data subject but provides a definition of 'individual' which means a natural person.
    10. Where the processing is based on consent, the consent of a parent or guardian is required for providing information society services to a child below the age of 16. However, the Privacy Act does not specify an age of consent. An individual aged under the age of 15 is presumed not to have capacity to consent. However, an individual under the age of 18 has capacity to consent when they have sufficient understanding and maturity to understand what is being proposed. In some circumstances, 'it may be appropriate for a parent or guardian to consent on behalf of a young person, for example, if the child is young or lacks the maturity or understanding to do so themselves.'
    11. The GDPR does not include credit information, tax file number information, and employee records within the definition of special categories of personal information. The Privacy Act defines special categories of personal information which includes credit information, tax file number information, and employee records.
    12. The GDPR specifies that online identifiers such as IP addresses, cookie identifiers and radio frequency identification tags. The Privacy Act does not specifically address IP addresses, cookie identifiers and radio frequency identification tags. However, there is case law that explores the question of whether an IP address is considered personal information and, depending on the circumstances, these categories of data can be (and in practice often are) personal information. That is, where such identifies or can reasonably identify a natural person.

  4. INFORMATION WE COLLECT

    THE DATA LIFE CYCLE

    The Data Lifecycle
    1. There is certain personal identifiable information (PII) that we need to provide the products and services we offer, such as:
      • First Name and Surname
      • Home address
      • Post code
      • State or Territory
      • Telephone number
      • Mobile phone number(s)
      • Email address
      • Payment details
    2. We may also collect sensitive information about you, such as gender, race, ethnicity, and disability. This data is collected as part of our recruitment selection process to provide relevant support to candidates. We also use this information to understand the diversity of our recruitment programmes such as to identify potential biases in selection criteria. This information is kept secure and will never be shared with other people. You have the right to see this data and to have this data deleted.   
    3. A candidate or participant is under no obligation to share this information. 
    4. We retain some sensitive information for the purposes of:
      1. Assessing potential hidden selection biases.
      2. Provision of appropriate additional support to candidates where necessary.

      3. This information includes:

        • The Gender you identify with
        • The age group you belong to.
        • Whether you identify as Aboriginal or Torres Strait Islander.
        • Whether you identify as having culturally or linguistically divers.
        • Whether English is not your first language.
        • The language you speak most.
        • How well you speak English.
        •  If you identify as a person with disability and, if so, they type of disability and whether you  require workplace adjustments to assist in doing your job.
        • Your residency status.
    5. We do not collate any other sensitive data such as religion, sexual orientation, or biometric information. 

    6. We retain the responses provided from our questionnaires for the purpose of:

      • Accurately determine the likelihood of a candidate to be suitable for the sector or a specific role.
      • Making shortlisting and selection decisions.
      • Benchmarking and analysis.
      • Assessing on-going performance of placed candidates and other employees. 

    7. In addition, we may also use cookies and other technologies (see “IP Addresses, Cookies and External Links” below), to collect and retain the following information in order to help you select and purchase the right products for you:

      • The pages you read on our website
      • Devices (e.g. mobile and desktop responsive)
      • Browser type
      • e-Mail provider
      • IP address
      • Internet connection
      • e-Mail engagement (opens, click throughs and deletion)
      • Letters and e-mails you have sent to us
      • How you came to our website
    8. You also need to provide additional information essential or helpful to us to ensure we deliver appropriate or requested ANSON Smart Workforce service to you. By providing this additional information, it helps us to ensure when you order, purchase, register, subscribe, unsubscribe or make use of our products or services we recommend the right services and communicate with you in a way that is most relevant and useful for you.
    9. All Personal Identifiable Information (PII) and sensitive data is held secure.
    10. Retention policy
      1. We collect only the data necessary for us to deliver the products and services provided by ANSON and to improve our service and activities.
      2. We store your information securely and in accordance with the law and hold it for as long as we need to provide our products, services, and marketing to. However, this does not affect your rights as described in “Your rights and how to exercise them”.
      3. We only use your data for the purposes described above.
      4. We limit access to your data to named individuals.
      5. When we process or transfer your data, wherever possible we anonymise the data and use the minimum amount of data necessary to achieve the required outputs.
      6. We review our retention periods for personal information regularly. If you have not interacted with us in any way, we will generally delete your information after seven years. This allows us to retain information for a period that may cover moving to new employers.
      7. Sometimes we may need to keep it for longer periods such as tax and other financial or regulatory reasons, this would typically be seven years. We would only keep it for longer than this if we are required to by law.
      8. If you request for us to no longer contact you, for example with marketing communications, we will retain the minimum amount of information about you so that we can ensure we remove you from any future communications. Please note that if you ask us to completely remove all information about you, and you subsequently use our products and services at a later date, we will no longer be able to recognise your previous request to not be contacted, which is why we would keep it and suppress it in line with industry standards.
      9. We regularly ‘clean’ our database by disposing of data to ensure that we are not holding unnecessary personal information and that the information we do hold is accurate. Deletion includes removing the personal identifiable information, so that data retained cannot be ascribed to an individual.
    11. Storing and transferring information internationally
      1. The Internet is a global environment, and we work with third parties across the globe. Collecting and using personal information may involve the transfer of information internationally including outside of Australia.
      2. By using our products and services you acknowledge and agree to your personal information being transferred in this way, including to jurisdictions outside Australia. This in no way affects your rights under Australian law.
      3. We maintain strict policies to ensure all information that is transferred is done so safely and securely, including with appropriate contracts, controls, liabilities, and remedies.
    12. Keeping your information safe
      • We take information security seriously and have policies and procedures in place to ensure the information we hold on you remains safe. We limit who has access to your information and ensure that those who do access information are bound by contracts to keep your information protected restricted and safe.
      • Where we maintain your information for analysis purposes, we use alphanumeric codes to represent individuals not personal identifiable information (PII) to ensure that you are fully anonymised.
    13. Individuals under 16
      • ANSON does not intentionally, or knowingly, process personal information from individuals under the age of sixteen. When necessary, users under the age of 16 will be told not to submit any personal details. We will make every effort to delete any details of such users where a parent or guardian has informed us that these details have been collected.

  5. LEGITIMATE INTEREST

    1. We may process your personal information for our legitimate business interests.
    2. “Legitimate Interests” means the interests of our company in conducting and managing our business to enable us to give you the best product/services and the best and most secure experience. For example, we have an interest in making sure our website is personalised to you to improve your user experience. It can also apply to processing that is in your interests as well. For example, we will process your information to ensure candidates are suitable for the roles applied for, or to protect you against fraud when transacting on our website or to respect your wish to opt-out of marketing. When we process your personal information for our legitimate interests, we make sure to consider and balance any potential impact on you (both positive and negative), and your rights under data protection laws and our policies.
    3. The basis of our legitimate interest:
      1. First, we need to use your information in certain ways to provide our products or services to you, in accordance with our contracts with you. In this case, it is necessary for us to use your information so that we can deliver the products or services you have chosen.
      2. Second, as described in more detail below, in certain cases, we may use your information where necessary to further our legitimate interests, where those legitimate interests are not overridden by your rights or interests. See the Your rights and how to exercise them section below.
      3. Third, we may collect data to ensure that we are supporting diversity in the workplace.
      4. Finally, ANSON Smart Workforce use of automated processing of resume’s, questionnaires and other information is integral to the delivery of the ANSON Smart Workforce services and the performance of a contract between a customer and candidate. By submitting your information for a recruitment opportunity, to are agreeing to the automated processing of that information.
    4. Our legitimate business interests do not automatically override your interests - we will not use your Personal Data for activities where our interests are overridden by the impact on you unless we have your consent or are otherwise required or permitted to by law. For example:
      1. We will not send you marketing communications if you have asked us not to.
      2. We will not share your information with third parties without your express permission except where we are using these third parties in ways directly related to the products and services, we provide.
    5. For more information on your rights, see the Your Rights and how to exercise them section below.
    6. When we process data for these purposes, we will ensure that we always keep your personal data rights in high regard.
    7. If you have any concerns about the processing of your data you have the right to object to how we process your data and if you wish to do so please contacted us by phone (08) 6242 0304 or by visiting our web site.

  6. HOW WE USE YOUR INFORMATION

    1. To provide products and services:
      1. To fulfil your orders and legal contracts with us.
      2. For internal record keeping.
      3. To manage your access to our online content and apps, and to send you content via e-mail, push notifications, newsletters, etc.
      4. To send you service notifications related to your product or service such as order notifications, order confirmations and password resets.
      5. To manage customer service queries and complaints.
      6. To manage your privacy preferences and to ensure you only receive communications that you have requested, which may include using your details to suppress you from communications.
      7. To send you administrative emails about your account, reminders, service changes, or new policies.
      8. To provide general location-based services (e.g. country you are in), advertising or search results and the application of the correct taxes.
      9. To detect and reduce fraud including fraudulent orders.
      10. To prevent users from posting illegal, offensive, or objectionable comments on our site.
      11. To be a speaker or contributor at, or in, one of our events, or contribute to content in one of our blogs or communications. In these cases, subject to any specific terms ANSON agrees with you separately, you grant a global right to ANSON to use your name, picture, likeness, voice, biographical information and statements, for advertising, trade, publicity and promotional purposes in all media now known or discovered afterwards and on the internet.
      12. To improve the quality and performance of our recruitment placements.
      13. To develop new products and services.
      14. To develop and analyse trends, developments within the sectors we operate in.
      15. To monitor the performance of candidates to assess that we are providing the right quality of candidates, who become successful placements.
      16. To provide information that will aid you in supporting our placements to be the best they can be.
    2. To deliver marketing and advertising
      1. The delivery of marketing communications is part of our terms and conditions based on our legitimate interest in keeping you informed of ANSON’s products, services, activities and interests.
      2. We may contact you by email, phone, mobile phone, SMS, mail, or face to face.
      3. To personalise or otherwise improve our services and communications for the benefit of our customers
      4. We may contact you to tell you about special offers and other products or services within available from or through ANSON. We may send marketing communications via a range of channels including email and push notifications. You can opt out of these at any time.
      5. You have the right to opt-out of ANSON communications in part or entirely at any time by:
        • Clicking the unsubscribing link at the bottom of our emails
        • Logging onto the ANSON and Smart Workforce website
        • Writing to us (see ‘Contact us’). 
      6. We will not opt you out via a telephone call because we will not be able to provide a copy of the telephone conversation.
      7. This does not apply to important service notifications such as payment confirmations as described in the Legitimate Interest section above or where we have some other legal basis for contacting you.
      8. In order to deliver services, advertising and marketing messages that are relevant to you, we may use the information we hold about you, including details that we collate from your use of our services or third parties.
      9. We may share your details with selected third parties which we believe may be of interest to you, ONLY where you have explicitly consented to be contacted for such purposes.
    3. Other uses of your information. Some of the services described below may involve the use of selected third-party suppliers:
      • To help us enhance, modify, and improve our customer and user experience.
      • To detect and reduce fraudulent activity and for other security related purposes such as to help us protect against harassment, IP infringement, crime, or other security issues.
      • To determine the effectiveness of promotional campaigns and advertising.
      • To measure customer and user response and engagement with our products and services such as online content and email newsletters. This may include sharing your information with third parties who help us to analyse and measure these things.
      • To support in new product development, we may send customer satisfaction surveys and market research questionnaires (for which we may share your information with third party suppliers employed by us).
      • To create audience profiles for personalised services, advertising, marketing or research and development on and off our websites – See Audience Profiling and Social Media sections below for more detailed information.
      • To enhance the security of our network and information systems.
      • To better understand how people, interact with our websites
      • To ensure our products (including websites and apps) are compatible with the browsers and operating systems used by most of our visitors.
      • For any purpose required by law or regulation and to verify information that we provide to third parties for compliance and audit purposes such as the Tax Office. We may share your personal data with a third-party auditing organisation, so they can verify aggregated statistics about circulation and usage of our products or review our policies, processes, and procedures for compliance with relevant standards. 
      • You have the right to object to any of the above uses of your information, please contact us if you wish to do so. We will consider all objections reasonably and respectfully to our community, but there may be legal reasons where we deem that the use of your information is still appropriate. We will explain our decision to you in a timely manner.
    4. Social media
      1. ANSON may, from time to time, publishes content on social media platforms e.g. Instagram, Twitter, Facebook, LinkedIn through both "organic" and "paid" methods to reach current and potential readers:
      2. “Organic” methods describe where content and/or offers are published onto a social platform so that they may appear in your social platform’s content, without being promoted or forced to appear more prominently, e.g. ANSON’s Facebook Page.
      3. “Paid” methods describe where content and/or offers are published onto a social platform so that they will appear more prominently or be shown to users that do not currently following ANSON’s social pages e.g. a promoted tweet on your Twitter Timeline.
      4. We may place one or more social media platform “tags” on our website in order to better understand how ANSON may be of best value to you by providing you with the most relevant content available according to what you have chosen to read on our own websites. These tags only record information around events to help us understand if you are registered or subscribed with us, so that we may use your reading preferences to provide more relevant content and/or offers to you, on social media platforms, e.g. removing subscription offers from your feed if you are a current subscriber.
      5. We do not have direct access to your personal data on your social media platforms.
    5. How we use your details for audience profiling
      1. To enable us to personalise the content and advertising you see (including on social media), we may use your interaction, purchases, candidate submissions (e.g. resume, values questionnaire results and psychological profiles) and browsing behaviour or preferences (such as how and what you buy or read on our websites and our apps) to create audience profiles. This is to enable content and message personalisation, and in some cases, advertising to be delivered to you or a group of users (an audience) with similar interests to you. This can be done both on our site and on those of third parties. Please see our Cookie Policy for more information.
      2. We may analyse your individual information to create a profile of your interests and preferences as a part of an audience.  There are times we may use additional information available from external sources to help us do this effectively (see How we work with third parties’ section below).
      3. We will use resumes, values questionnaire results and psychological profiles, interview answers, videos, references, and background checks to assess suitability for roles.  This information will be retained to continue to support candidates in finding the best fit roles.
      4. We will use organisational information such as values, locations and types of care provided to better ensure that that shortlisted candidates are right for the role and the organisation
      5. You can choose to opt out of our marketing audience profiling activity if you wish. This does not mean that you will no longer see advertisements, it just means that the advertisements you will see are no longer personalised to your interests. Please contact us to do so.
    6. When we will ask for your consent.
      There may be times when we need your consent to use your information for some specific purposes that are not described above.  Examples of reasons we will ask for your consent to use your information are as follows:
      1. When coming to our website for the first time, you will be asked to consent to our Data Notice
        • By taking part in our recruitment selection processes you are consenting to allow ANSON to store and use your data for the purposes of recruitment, evaluation, and benchmarking.
        • You are also consenting for the hiring organisation to receive relevant information and reports relating to your application.
        • If you do not agree to these terms, you should not continue with the recruitment process.
        • This does not affect your rights under the Privacy Act of 1988 or the Western Australian Freedom of Information Act 1992.
      2. To deliver services such as criminal record checks and references.
      3. To pass your information to specially selected third parties who would like to contact you with information regarding their own products and services such as other subscriptions, events, or content services. 
      4. Those parties are responsible for their use of your data and you should read their privacy policies carefully. For more information on how we work with third parties please see the section below.
    7. Controlling your personal information
      • You may choose to restrict the collection or use of your personal information in the following ways:
        • Whenever you are asked to fill in a form on the website, look for the box that you can click to indicate that you do not want the information to be used by anybody for direct marketing purposes
        • If you have previously agreed to us using your personal information for direct marketing purposes, you may change your mind at any time by emailing us at smartworforce@anson.com.au
      • We will not sell, distribute, or lease your personal information to third parties unless we have your explicit permission or are required by law to do so.
      • You may request details of personal information that we hold about you under the Data Privacy 1988.
      • If you would like a copy of the information held on you please write to 321 Pier Street, Perth WA 6000, WA, Australia.
      • If you believe that any information we are holding on you is incorrect or incomplete, please write  to the address above or email us at smartworforce@anson.com.au as soon as possible. We will promptly correct any information found to be incorrect.
      • For further information on your data rights and how to exercise these rights please read the Your Rights and How to Exercise them section here

  7. THIRD PARTIES

    1. How we work with third parties As mentioned, in some instances, we disclose personal information to third parties when it is necessary to deliver a service or product, or to help us improve your experience with us, or when we are required to do so by contract or law. “Third parties” include agents, subcontractors, sponsors, and other associated organisations. We have in place contracts to ensure the information remains secure and limited in use, and if we do not have a legitimate business reason to pass on your information, we will ask you to give consent first. Some examples of when we share your information are below:
      1. When you make a payment on any of our sites your payment will be processed by a specialist payment processor to ensure a secure transaction. All payment processors used by ANSON are compliant with required security standards. If you have any questions regarding secure transactions, please call us on (08) 6242 0304 or contact us at smartworforce@anson.com.au.
      2. When you log on to your account, we ensure that the username and password are correct.
      3. When we test and launch new products, services or offers, we may work with trusted third parties to support us.
      4. We employ third parties to help us create analytics and machine learning techniques that support improvements to our candidates’ assessment, shortlisting, and placement performance.
      5. We also employ third parties to carry out statistical analyses and conduct surveys on our behalf, to support our customer satisfaction, advertising, and content production.
      6. To provide information for auditing purposes by official regulators.
      7. When we send you an email or a push notification, these are delivered by marketing platforms. As part of this service, certain information such as message opens, clicks and formatting are recorded to help deliver the best email experience.
      8. To enable third parties such as advertisers or sponsors to contact you with information about their own products and services that may be of interest – only if you give explicit permission for us to do so.
    2. Third parties who pass information to us
      • We may work with third parties to identify individuals who may be interested in our products and services or in some cases our sponsors / advertisers’ products and services. These third parties may give us access to your personal information if you have allowed them to do so. In any communication you receive from us, through these third parties, we make sure to identify ourselves (and them) so that you know who has access to your information.
      • IMPORTANT: Please note that the collection, use, and disclosure of information by these third parties are described in their own privacy policies, and consequently may differ from that set out in ANSON’s Privacy Policy. We are not responsible for those third-party privacy policies, and you should ensure that you have read and understood all applicable privacy policies before proceeding.

  8. IP Addresses, Cookies and External Links

    1. IP Addresses
      • We may collect information about your computer, including where available your IP address, operating system, and browser type, for system administration. This is statistical data about our users' browsing actions and patterns and does not identify any individual.  It also helps us ensure that you have a great user experience.
    2. Cookies
      • Cookies are pieces of code saved by websites onto your web browser when a session is initiated by opening our website. Their most important uses are session management, monitoring browsing preferences, user personalization and tracking. Their purpose is to provide a better user experience when you explore and use our website.
      • The ANSON websites use cookies. By using the ANSON website, you are agreeing to these terms and conditions, you consent to ANSON Smart Workforce Pty Ltd use of cookies in accordance with the terms of Smart Workforce Pty Ltd's privacy policy.
      • 2.3   The ANSON Smart Workforce website uses the following types of cookies:
    3. Session cookies allow the site to ‘remember’ content from page to page for example when reviewing and selecting ANSON services for your shopping basket. The cookie collects data on sessions such as number of users, number of sessions (visits to our site), pages visited, pageviews, journeys, average time on the site and ‘bounce’ rate (people exiting after a single page view) and any error messages you experience. By analysing user behaviour, we can improve the performance, user experience and accessibility of our website. Session cookies expire within a few seconds of you leaving our website or closing the browser. These cookies do not gather information that identifies you, they are anonymous and help to improve how the website works.
    4. Persistent cookies stay on the user’s computer for a longer time (usually a year or longer) and is not deleted when the browser is closed. They are used to remember a single user. For example, we use this type of cookie to store your preferences, so that they are remembered for the next visit. By remembering the choices, you make we can tailor the website to provide enhanced content and a better user experience for you. They are particularly helpful for regular users of our site as when you return to our website. Our policy is to remove persistent cookies that have not been used for 2 years.
    5. Secure Cookies are used encrypted data for checkout and payment.  These secure cookies facilitate safer transactions in a similar way to online banking websites.
    6. Targeting Cookies use to tailor marketing communications, so it is relevant to you. They are also used to limit the number of times you see an advertisement.
        1. For the same reason, we may obtain information about your general Internet usage by using a cookie file which is stored on the hard drive of your computer. They enable us:
          • To estimate our audience size and usage patterns.
          • To store information about your preferences, and so allow us to further customise our site according to your individual interests.
          • To speed up your searches,
        2. You may refuse to accept cookies by indicating that you do not consent to their use on the banner that appears on the homepage on your first visit. However, if you select this setting you may be unable to access certain parts of our site. Unless you have adjusted your browser setting so that it will refuse cookies, our system will issue cookies when you log on to our site. 
        3. A cookie in no way gives us access to your computer or any information about you, other than the data you choose to share with us. You can choose to accept or decline cookies. Most web browsers automatically accept cookies, but you can usually modify your browser setting to decline cookies if you prefer. This may prevent you from taking full advantage of the website.
        4. Disabling Cookies:  You can disable your cookies if you which.  However, if you choose to do so, please be aware we will no longer know that you have opted out, and banners from ANSON may reappear.
        5. We may use the data in accordance with the preferences expressed in your acceptance of the ANSON cookie policy and terms and conditions of use of the ANSON website.
        6. See our cookie policy here
    7. External Links
      • This privacy policy only applies to ANSON’s use of data.  
      • Our websites, products or services may, from time to time, contain links to external sites. ANSON is not responsible for the privacy policies or the content of such sites and we recommend that you read the privacy policies on any external sites you use.
      • Once you have used these links to leave our site, you should note that we do not have any control over that other website. Therefore, we cannot be responsible for the protection and privacy of any information that you provide whilst visiting such sites and such sites are not governed by this privacy statement. You should exercise caution and look at the privacy statement applicable to the website in question
      • Similarly, if you are directed to our website from a third-party, we are not responsible for the privacy policy or practices of the third party. We strongly recommend you read their policy.

  9. SECURITY AND PHISHING

    1. Security
      • We realise how important it is to securely store any information that you provide us. To prevent unauthorised access or disclosure, we have put in place suitable physical, electronic, and managerial procedures to safeguard and secure the information we collect online.
      • The ANSON transactional web site currently uses invoiced payments only and does not process credit / debit card transactions. If we do move to credit/debit card payments, they would provide a secure link between our online shop and our bank to ensure that your card details are kept secure and fraud checks can take place.
      • We also allow transaction on our website using Pay Pal. This service also provides the secure link between our online shop and our bank to ensure your details are kept secure and fraud checks take place.
      • You can therefore rest assured that we take the security of your payment and personal details very seriously. We may vary this in the future if we feel you will benefit from greater security whilst using our Website.
    2. Phishing
      • Phishing is the practice of tricking someone into giving confidential information. Examples include falsely claiming to be a legitimate company when sending an email to a user, to trick the user into sending private information that will be used for identity theft and fraud.
      • ANSON will never ask you to send any personal details via email. If we require such details, for security reasons we will ask you to contact us by telephone. Should you receive an email claiming to be from ANSON requesting this kind of information please do not respond but contact us immediately.

  10. YOUR RIGHTS AND HOW TO EXERCISE THEM

    1. You have the right to see and access the personal information we hold about you. 
    2. Right to rectification You can ask us to change or complete any inaccurate or incomplete personal information held about you.  You may correct any inaccuracies, delete, remove or restrict your personal information at any time. We aim to rectify your information within 1 month.  However, this may take up to two months if the request is complex.
    3. You also have the right to object to the way we use your personal information, to request to obtain your personal data for your own use or to share your personal information with a third party.
    4. You have a right to access to your personal information: You can request access to a copy of your personal information that we hold, along with information on what personal information we use, why we use it, who we share it with, how long we keep it for and whether it has been used for any automated decision making.
    5. Your right to erasure allows you to ask us to delete your personal information where it is no longer necessary for the purpose for which it was originally collected and used, or if you have withdrawn consent and we have no lawful basis for keeping it.
      • Where your personal data relates to the scores and benchmarks derived from our questionnaires and assessment, we will retain the scores, but remove all personal identifiable information, so that this information can not be used to identify who provided the scores.
    6. The rights we provide aligned with the European Data Protection Regulation (GDPR), have no legal standing in Australia.  However, we apply the principles and rights of GDPR as part of our commitment to provide the best legal protection, processes, and practices available.
    7. You may also make a complaint to the data protection supervisory authority:
      • Western Australian Office of the Information Commissioner: Albert Facey House, 469 Wellington Street PERTH WA 6000; Phone (08) 6551-7888; Freecall (WA country landline callers only) 1800 621 244; e-mail info@foi.wa.gov.au
      • Australian Information Commissioner: GPO Box 5218, Sydney, NSW, 2001: Enquiries:   https://www.oaic.gov.au/ ; Phone: 1300 363 992
    8. You can object to how we are using your personal information if you so wish. This objection can be to restrict specific uses or for any use.  In the case of a restrictions for any use, we retain enough information to ensure that the restriction is respected. Please contact us as noted above, providing details of your objection
    9. You have the right not to be subject to a decision based on automated processing which produces a legal or similarly significant effect on you as an individual unless the decision is necessary for entering into a contract, is authorised by law (e.g. fraud detection), or you have given explicit consent. You will be provided an explanation for the decision and you may challenge it if you believe it to be unfair.
      • This right does not apply when a decision does not have a legal or similarly significant effect on someone
    10. Your right of portability means you can ask us to provide you or a third party with your personal information that we hold about you in form that easily be accessed and used.
      • This right does not pertain to information that is derived from the outputs from questionnaires or other assessment techniques as these constitute ANSON Smart Workforce intellectual property.
    11. Right to restriction allows for you to restrict the personal information we use about you where you have asked for it to be erased or where you have objected to our use of it.
      • If this the restriction impacts ANSON Smart Workforce’s ability to provide recruitment services, the restriction must be waved, or the candidate or participant will be invited to continue in the recruitment process.
    12. Consent must be given freely with a clear affirmative action (e.g. a positive opt-in), not inferred by silence or a pre-ticked box.  Consent must be separate from other terms and verifiable.
    13. If you have provided consent to use your information you can withdraw consent at any time through e-mail, letter or on our website. We will not accept a withdrawal of consent over the phone because we cannot verify identity.
    14. We will typically not make any financial charge for responding to any request from you to exercise your privacy rights, and we will respond to your requests in accordance with our obligations under the privacy Act 1988 and your rights as defined in our terms and conditions. However, we reserve the right to make a small charge where the request is particularly complex or where there are repetitive objections.
    15. If you have given us your consent to use personal information, you can withdraw your consent at any time and, update your marketing preferences via email. To exercise any of your privacy rights you can make a complaint in writing to The Data Privacy Manager, ANSON Smart Workforce, 321 Pier Street, Perth WA 6000, Australia, or by e-mail to smartworforce@anson.com.au

  11. FAQs

    1. How can I see what information you hold on me? - You can contact our data privacy manager by phone (08) 6242 0300 or by email to smartworforce@anson.com.au.
    2. How do I opt out of profiling? - You can contact us at any time. A member of our data privacy team will speak to you regarding your request.
    3. How do I opt out of marketing? - You can update your preferences at any time by clicking the unsubscribe link at the bottom of our emails or by sending an e-mail to ANSON (see contact us).
    4. How do I make a complaint? - If you have a complaint regarding any aspect of your personal information or this privacy policy, please write directly to ANSON Smart Workforce, 321 Pier Street, Perth WA 6000, WA, Australia.
    5. If you are still not satisfied with the outcome of your complaint, you may write to: -
      Western Australian Office of the Information Commissioner, Albert Facey House, 469 Wellington Street PERTH WA 6000; Phone (08) 6551-7888; Freecall (WA country landline callers only) 1800 621 244; e-mail info@foi.wa.gov.au
      Australian Information Commissioner: GPO Box 5218, Sydney, NSW, 2001: Enquiries:   https://www.oaic.gov.au/ ; Phone: 1300 363 992
    6. How long do you hold my information for? - We generally hold information for up to seven years for tax and legal purposes and to recognise that a candidate may move employer several times during this period. If we have had no interaction with you during that period, we may contact you to confirm you are still working in the sector. We may also anonymise your data by stripping out personal identifiable information and use this data for purely analytical purposes such as measuring diversity.
    7. Can I ask you to delete my information? - Yes, just contact us. We will consider your request and take appropriate action that may mean that we suppress it, rather than delete it to ensure that we can still follow your preferences as to whether or not we can market to you.
    8. How do I update my information? - You can update it at any time by logging into your account on our website, or just contact us.
    9.  
    10. How do I manage cookies? - You can use our cookie consent tool. For more information please also see our [Cookie policy].
    11.  
    12. What are my rights under the privacy act 1988? - See link to Western Australia’s Freedom of information Act 1992
    13. Why have you adopted GDPR?To provide transparency, confidence, and security in our handling of your data we have adopted the principles and rights provided by GDPR which is widely recognised as providing the leading protections for individuals in the world.  These rights cover the following:
      • You have a right to ask us for information we hold about you, please email customer services or data privacy including the subject line, “Subject Access Request”, so that we can respond as promptly as possible. 
      • You also have the right to ask for us to update, delete or stop processing information we hold about you.
      • However, please note that there are circumstances in which complete erasure of your information or ceasing to process your information will not be possible for operational, legal, and business reasons. This may include if you remain a customer for whom we need to provide services, or if you wish us to no longer contact you for marketing purposes. In this case we may need to retain some of your details securely to facilitate this request by, for example, keeping you on a “do not contact” or suppression list. This will be the only purpose for which your data will be used if this is the case.
      • Please see below for the principles of GDPR and the rights they convey to you.
    14. If you have questions about this policy or about your personal information, please send correspondence to us at the following address:
      The Data Privacy Manager,
      321 Pier Street,
      Perth WA 6000
      Australia
      Alternatively, you can e-mail to smartworforce@anson.com.au   or call on (08) 6242 0300

  12. CONTACT US

    From time to time, we may make changes to the privacy policy. This may be in relation to changes in the law, best practice or changes in our services. These changes will be reflected in this statement, so you should check here regularly. Last update: 17th November 2020

    • Give control back to citizens and residents over their personal data.
    • Simplify the regulatory environment for international organisation.
    • Increase the consequence of non-compliance. GDPR lays out key accountabilities.  These are to:
    • Establish a culture that promotes information security best practices and an ethos centered on protecting personal information.
    • Ensure all privacy notices and consents are up to date, including with suppliers and other third parties.
    • Ensure privacy is built by design (meaning the data protection approach is considered at the start of a project not bolted on as an after-thought).
    • Ensure regular audits of processes and filing systems (data & paper).
    • Ensure you can show how you comply with the GDPR principles – e.g. documenting the decisions you take about a processing activity.
    • Ensure you test and practice your processes, particularly for subject access requests, requests to be forgotten or amended, breach identification and ICO notification.
    • Ensure all contracts and 3rd parties are compliant with GDPR.

  13. PRINCIPLES OF GDPR

    ANSON has adopted key facets or the European Union’s General Data Protection Regulation (GDPR). This includes GDPR’s data principles:

    1. Lawfulness, Fairness and Transparency: We will process personal data lawfully, fairly and in a transparent manner in relation to the data subject
    2. Purpose limitations: We will only collect personal data for a specific, explicit, and legitimate purpose. You must clearly state what this purpose is, and only collect data for as long as necessary to complete that purpose.
    3. Data minimisation: We will ensure that personal data you process is adequate, relevant, and limited to what is necessary in relation to your processing purpose.
    4. Accuracy: We will take every reasonable step to update or remove data that is inaccurate or incomplete. Individuals have the right to request that you erase or rectify erroneous data that relates to them, and you must do so within a month.
    5. Storage limitation: We will delete personal data when you no longer need it. The timescales in most cases are not set. They will depend on your business’ circumstances and the reasons why you collect this data.
    6. Integrity and Confidentiality: We will keep personal data safe and protected against unauthorised or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical or organisational measures
    7. Accountability:
      1. Our responsibility to comply with the GDPR
      2. your ability to demonstrate compliance
      3. Measures to help you meet the accountability requirement may include, for example:
      4. implementing data protection policies and security mechanisms
      5. agreeing data protection contracts with third-party processors
      6. documenting your processing activities
      7. recording and reporting, where necessary, of personal data breaches
      8. carrying out data protection impact assessments
      9. appointing a data protection officer

    8. Your rights under GDPR

      The General Data Protection Regulation (GDPR) creates new rights for individuals and strengthens those rights that currently exist:

      1. The right to see what the organization holds on you: Even such things as what segment they are in or their selection scores. The information must be concise, transparent, intelligible, and easily accessible; written in clear and plain language, particularly if addressed to a child; and free of charge.
      2. The right of access: Provision of a copy of the information free of charge or a ‘reasonable fee’ when a request is manifestly unfounded or excessive, particularly if it is repetitive.
      3. The right to rectification: You must provide a copy of the information free of charge. However, you can charge a ‘reasonable fee’ when a request is manifestly unfounded or excessive, particularly if it is repetitive.
      4. The right to erasure (to be forgotten):
      5. Where the personal data is no longer necessary in relation to the purpose for which it was originally collected/processed.
      6. When the individual withdraws consent.
      7. When the individual objects to the processing and there is no overriding legitimate interest for continuing the processing.
      8. The personal data was unlawfully processed (ie otherwise in breach of the GDPR).
      9. The personal data must be erased to comply with a legal obligation.
      10. The personal data is processed in relation to the offer of information society services to a child.
      11. The right to restrict processing: When processing is restricted, you are permitted to store the personal data, but not further process it. You can retain enough information to ensure that the restriction is respected in future.  The data subject can object to specific uses of data such as analysis and segmentations.  However, the company can use legitimate interests or necessary for the performance of a public interest task.
      12. The right to data portability: This allows individuals to obtain and reuse their personal data for their own purposes across different services.  It allows them to move, copy or transfer personal data from one IT environment to another in a safe and secure way, without hindrance to usability. The data must be provided in a structured, commonly used and machine-readable form (e.g. CSV files) so that software can extract specific elements of the data. However, this only relates to the data the subject has given to the organization, organization does not have to give data they have created (e.g. segmentation, decisions and offers)
      13. The right to object:
        1. Individuals have the right to object to processing based on legitimate interests or the performance of a task in the public interest/exercise of official authority (including profiling); or direct marketing (including profiling); and processing for purposes of scientific/historical research and statistics. You must stop processing the personal data unless you can demonstrate compelling legitimate grounds which override the interests, rights and freedoms of the individual; or the processing is for the establishment, exercise or defence of legal claims.
        2. The right to object must be “explicitly brought to the attention of the data subject and be presented clearly and separately from any other information.  You must inform individuals of their right to object “at the point of first communication” and in your privacy notice.
        3. The distinction between consent and the right to object may seem semantic and does achieves little today under the DPA. But under the GDPR it will make a significant difference because of the GDPR, requirement that consent to be freely given, specific, informed, and unambiguous. These requirements will make it much harder to obtain consent under the GDPR.
        4.  
      14. Rights in relation to automated decision making and profiling:
        1. Individuals have the right not to be subject to a decision when it is based on automated processing; and it produces a legal effect or a similarly significant effect on the individual. You must ensure that individuals are able to obtain human intervention, be able to explain the decision, express their point of view and challenge it.
        2. However, ANSON Smart Workforce automated processing of resume’s and other information is integral to the delivery of the ANSON Smart Workforce services and the performance of a contract between a candidate. By submitting your information for a recruitment opportunity, to are agreeing to the automated processing of that information.
        3. Automated process may also be used when it is authorised by law (e.g. for the purposes of fraud or tax evasion prevention); or based on explicit consent. Furthermore, the right does not apply when a decision does not have a legal or similarly significant effect on someone.

  14. OUR DATA PRINCIPLES

    1. We never share, sell or rent-out customer data to anyone without our customers and partners’ explicit consent.
    2. We are always transparent about how we collect, process, and use data.
    3. We own customer data across ANSON products and services.
    4. We do not allow third parties to collect, access or process ANSON data for their own use.
    5. When we obtain customer consent for communicating with our customers and using customer data it is for the use across all ANSON businesses, not individual parts, or ANSON.
    6. We only ever buy, collect, or use customer data if we think it will benefit our clients, customers, candidates, and participants.
    7. We will never keep it for longer than is necessary.
    8. We would only ever buy customer data from companies that share our high standards regarding personal data, and this must be approved by the board.
    9. We never use customer data to make assumptions about customer’s ethnicity, religion, physical ability, sexual orientation, or any other attributes we deem sensitive.
    10. We only transfer customer data outside Australia in pre-defined circumstances and approved by the board.
    11. THE THREE TESTS APPROACH: PURPOSE, NECESSITY AND BALANCING

      The Purpose Test:

      We identify our purpose and decide whether it counts as a legitimate interest. We try to be as specific as possible, as this helps you when it comes to the necessity and balancing tests. We ask:

      • Why do we want to process the data?
      • What benefit do we expect to get from the processing?
      • Do any third parties benefit from the processing?
      • Are there any wider public benefits to the processing?
      • How important are those benefits?
      • What would the impact be if you could not go ahead?
      • What is the intended outcome for individuals?
      • Are we complying with other relevant laws?
      • Are we complying with industry guidelines or codes of practice?
      • Are there any ethical issues with the processing?
      • Are we using data for one of the following purposes (in which case the GDPR specifically says that these are legitimate interests):
        • fraud prevention (to the extent strictly necessary);
        • network and information security (to the extent strictly necessary); or
        • indicating possible criminal acts or threats to public security.

      The Necessity Test

      Is the processing necessary for the purpose you have identified in step one?  You need to ask:

      • Will the processing help us achieve our purpose?
      • Is the processing proportionate to that purpose, or could it be using a sledgehammer to crack a nut?
      • Can we achieve your purpose without processing the data, or by processing less data?
      • Can we achieve our purpose by processing the data in another more obvious or less intrusive way?
      • Are we honest in our consideration of whether the processing is necessary?
      • Are there are potentially other less intrusive alternatives and, if so, why are these not reasonable alternatives.
      • If we find it difficult to explain how the processing helps achieve our objective, or there are many alternative methods which simply aren’t our chosen business model, we go back to step one and be more specific about our purpose.

      The Balancing Test

      We consider the interests and fundamental rights and freedoms of the individual, and whether these overrides the legitimate interests we have identified.

      • Some examples we consider when balancing our needs with the data subjects’ rights and freedoms are:
        • the nature of the personal data we want to process.
        • the reasonable expectations of the individual.
        • the likely impact of the processing on the individual and whether any safeguards can be put in place to mitigate negative impacts.
        • The sensitivity of the personal data we intend to process. For example:
          • Is it special category data?
          • Is it criminal offence data?
          • Is it another type of data that people are likely to consider particularly ‘private’, for example financial data?
          • Are you processing children’s data or data relating to other vulnerable individuals?
          • Is it data about people in their personal or professional capacity?
      • We always keep customer data safe, secure and compliant with the Privacy Act 1988 and Western Australia’s Freedom of information Act 1992.
      • The more sensitive or ‘private’ the data, the more likely the processing is to be considered intrusive or to create significant risks to the individual’s rights and freedoms. For example, by putting them at risk of unlawful discrimination. In these cases, we ensure that there is a compelling reason to use this type of data, and take particular care to put adequate safeguards in place.
      • In contrast, if the processing involves personal data which is considered less sensitive or private, such as that of individuals in their work capacity, then it may be that the impact is less, but we give thought to the likely impact).

      EXAMPLES OF LEGITIMATE INTEREST

      • Transfer of PII:  A finance company’s customer stops paying and moves to a new house without notifying the company.  The finance company engages a debt collection agency to find the customer and seek repayment of the debt. It discloses the customer’s personal data to the agency for this purpose.  Although the customer has not consented to this disclosure, it is made for the purposes of the finance company’s legitimate interests – i.e. to recover the debt.
      • Employee Records:  An employer processes personal data about its employees on the basis that it is necessary to do so in connection with their individual contracts of employment and to comply with the employer’s legal obligations.
      • Marketing Suppressions: A company may need to hold some personal data to ensure marketing is not sent to this user. This could be regarded as a legal obligation which overrides the right to be forgotten.
      • Personalisation: Though a retailer may rely on consent for marketing communications, personalising a website's content (e.g. recommendations) to improve the user's customer experience may rely on legitimate interests.
      • Updating customer details and preferences:  The use of external service provider to verify the accuracy of customer data. Although, the controller must be careful here as to how such activity is carried out.
      • Assessment of financial risk:  A credit card company sends an applicant’s personal data to a credit reference agency for credit scoring.  Although, this should be made clear on the application form.
      • Existing Conversation: A potential customer initiates a sales contact for a certain product and the organisation continuing this conversation through a direct communication. This falls into the expected processing, as the customer would expect to be responded to or continue conversation. However, unrelated communications cannot be sent and there is a time limit
      • Adding Value: This means adding value to the data subject, such for a reminder of an insurance renewal.