At MyPass Global, Data Governance and Information Security are important to us and our customers.
That is why we (MyPass Global, MyPass Inc, MyPass Australia Pty Ltd and all of our corporate affiliates) have put together this Privacy Policy.
This Privacy Policy tells you how we collect, store, use and disclose your personal information. Personal information refers to information or an opinion about an identified individual, or an individual who is reasonably identifiable. For example, this may include your name, contact details, date of birth, gender and identity information.
We obtain this from you through our website, any social media page we maintain, and when you reach out to us directly such as by email. We encourage you to read this Privacy Policy carefully so that you understand the keyways in which we typically handle personal information and sensitive information in the ordinary course of our business..
This Privacy Policy does not limit or exclude any rights that you have or may have under the Privacy Act 1988 (Cth) (Australia Privacy Act), the Privacy Act 2020 (New Zealand Privacy Act), Law No. 21,719 (Chile Personal Data Protection Law), Law N° 29733 (Peru Personal Data Protection Law)and Privacy Act 2020 (California Consumer Privacy Act) or under any other applicable law. Capitalised terms in this Privacy Policy have the meaning given to them in the Terms of Use.
To provide you and our other customers with our products and services and operate our business, we may collect and use personal information about you and others. The types of personal information we collect about you will also depend on how you choose to interact with us and what you tell us during those interactions. If we are not provided with all the personal information we request, we may not be able to supply our products and services.
The types of information we collect through our Service include:
• personal identifiers (such as names, physical addresses, email addresses, phone numbers, government identification numbers, unique student identifiers, and driver’s licences);
• sensory information (such as photo ID cards, passports, and profile photos);
• personal characteristics (such as date of birth);
• professional, employment, and education information (such as job classifications, resumes, evidence of rights to work, including a temporary visa with entitlement to work, passport, certificate of citizenship or birth certificate);
• other work licences;
• training documentation and qualifications;
• referee details; and
• contact information of others (such as emergency contacts, and other contact details).
We may also handle categories of “sensitive information”, which is given additional protection under Australia’s Privacy Act. As part of your use of the Service, we may give you the option of sharing with us information about your ethnic origin (currently this option is whether or not you identify as being an Aboriginal, Torres Strait Islander or Maori), gender or health (e.g. immunisation records and pre-employment medicals). This information may be ‘sensitive information’ under Australia’s Privacy Act 1988 or “protected information” under other applicable laws. Subject to limited exceptions permitted by law, we will obtain your consent and explain the purpose of collecting this information at or before the time of collecting it.
We collect personal information through the Service so we can:
• Provide the Service to you and others
• Match your profile and skills to jobs and provide your details to your employer, business partner or the end users whose locations you may work at
• Identify our customers, potential customers, and their representatives
• Inform you of any initiatives we think may be of interest to you
• Inform you or others about our products and services and the benefits of using our products and services
• Provide you or others with information about offers or other benefits that may become available
• Seek your opinion or comments about our products and services
• Carry out billing and/or debt recovery activities;
• Carry out our management, administrative quality assurance and complaint handling activities in a professional and efficient manner
• Develop and implement initiatives to improve our products and services
Generally, we collect an individual’s personal information directly from that individual in the course of their dealings with us. For example, we gather contact information, job classifications and other work-related information during the worker registration.
We may also collect personal information from someone other than the individual, for example from the company with whom you work, from End Users (such as asset owners or facility operators) on whose site or facility you have been engaged, medical facilities, training institutions, industry associations or background check providers.
We mainly hold information in digital form (and may also have hard copies from time to time). We take reasonable steps to keep secure any personal information that we hold about you, by implementing a number of physical, administrative, personnel and technical measures to protect your personal information from misuse, loss and interference or unauthorised access, disclosure or alteration.
These measures include:
• Any personal information you provide to us is stored on servers with high-security measures.
• Access to personal information is limited to those who specifically need it to carry out their business responsibilities.
○ For Personnel, this may include our personnel, your current employers, your future employers or End Users on whose site or facility you have been engaged, or others you share it with through the Service.
○ For Employers, this may include our personnel, End Users to whom you provide services, or others you share it with through the Service.
We also maintain physical security procedures to manage and protect the records containing personal information. Unfortunately, the Internet cannot be guaranteed to be 100% secure, and our reasonable security measures may not be sufficient in all cases to protect information transmitted over the internet. To help us protect your privacy, you should maintain the secrecy of the access credentials (i.e. username and password) you use to access and use our website.
We use and disclose the personal information we collect for the primary purpose for which it is collected, for reasonably expected secondary purposes which are directly related to the primary purpose (and in the case of sensitive personal information, directly related to the primary purpose), and in any other circumstances authorised or permitted by or under applicable law, including the Australia Privacy Act, the New Zealand Privacy Act, the Chile Personal Data Protection Law and the California Consumer Privacy Act (as applicable).
We usually disclose the personal information we collect to our related entities, vendors and service providers (such as IT service vendors, website hosting facilities, email distribution services, accountants and lawyers) and Business Partners (End Users, Institutions, background check providers, medical facilities, industry associations, integration partners) who help us supply our products and services, or otherwise support our business.
Please note that Employers will not be able to use the Service to search for individuals. Employers will only be able to see information about you in the Service if you accept an invitation to connect with them. If you use our MyPass App then you may choose to use the App to share additional information with an employer by way of a QR code. The information you can share includes a photograph of you, the suburb or town in which you are located and your certifications.
Except where indicated above, we will not use or disclose personal information unless:
• The individual concerned has consented to the use and disclosure
• The third party is an Employer, your Employer’s client, End User or Business Partner, in which case we will require them to use and disclose the personal information only for the purpose for which it was provided to them
• The third party is a person involved in a dealing or proposed dealing (including a sale) of all or part of our assets and business
• The disclosure is to a related body corporate or affiliate
• The disclosure is permitted, required or authorised by or under law
• The disclosure is required or appropriate to protect your, our, or other’s rights, property, or safety
• We are involved in a merger, acquisition, financing due diligence, reorganisation, bankruptcy, receivership, sale of company assets, or transition of service to another provider, and your information may be disclosed in connection with the negotiation of such transaction, and/or transferred as part of such a transaction as permitted by law and/or contract.
We may disclose information to recipients in Colombia and the Philippines in the course of our business for fulfilment and customer support and take reasonable steps to ensure that recipients in those places comply with privacy obligations at least as strict as those which apply in your jurisdiction. We support customers and their workers in Australia, Chile, Canada, New Zealand and Peru, and may disclose information to recipients in each of those countries in connection with customers and workers in that country in the course of our business. Before we do so we will obtain your informed consent and/or take reasonable steps to ensure that each recipient is bound legally or contractually to privacy obligations at least as strict as those which apply in your jurisdiction.
We do not sell your personal information. When you visit our website or open our emails or advertisements, we and our third-party partners, such as advertising networks, social media widgets, and analytics providers, collect certain information by automated means, such as cookies, pixels, web beacons and web server logs. We currently use Google Analytics to collect and process certain website usage data and to serve advertisements on our behalf.
The information collected by automated means (such as cookies, web beacons and web server logs) includes online identifiers (such as IP address and device IDs), website activity information (such as website clicks, content and page views, the website each visitor visited prior to our website, domain type, browser version, and internet service provider), and inferences about your browsing behaviour and interests created from the information listed above.
We may use this information, for example, to determine how many users have visited certain pages or opened messages or newsletters, and to prevent fraud, and to help us understand and improve the usage of our website and the effectiveness of our marketing efforts. We may link this data to your profile..
Our third party advertising and analytics service providers may, if your privacy settings with them allow it, collect and combine information collected on our website and emails with other information about your online activities over time, on other devices, and on other websites or apps, if those websites and apps also use the same partners.
To learn more about Google Analytics and how to opt-out, please visit https://policies.google.com/technologies/partner-sites.
The best way to tell us your preferences is to contact us at support@mypassglobal.com. You may be able to change browser settings to block and delete cookies when you access our website through a web browser. However, if you do that, our website may not work properly. For more information, please see the ‘Cookies & Advertising Partners’ section of this Privacy Policy. For technical reasons our website does not yet respond to browser do-not-track signals.
You may be able to opt-out of receiving personalised advertisements on this browser or device from advertisers, or other advertising networks who are members of the Network Advertising Initiative or who subscribe to the Digital Advertising Alliance’s Self-Regulatory Principles for Online Behavioural Advertising by engaging in the opt-out options of each of those organisations. We recommend that you also regularly check and update your privacy settings with each platform, including Google and any social media platforms that you participate in.
If you post information on our social media pages, we may collect personal identifiers and characteristics (such as your social media username). Note that the third-party operators of social media websites also receive such information, and their use of your personal information is governed by their own privacy policies.
Links to those websites are here:
Network Advertising Initiative: http://www.networkadvertising.org/choices/
Digital Advertising Alliance: http://www.aboutads.info/choices/
You may be able to change browser settings to block and delete cookies when you access our website through a web browser. When you opt-out of personalised advertising, you may continue to see online advertising on our website and/or our ads on other websites and online services.
We may use personal information to advise you about new products and marketing initiatives that we think may be of interest to them. This may include product and service offerings, newsletters, and general information about us.
Those who prefer not to receive information about our products and services can ask to be removed from the relevant circulation list by contacting us at support@mypassglobal.com.
We will only send you commercial electronic messages for marketing purposes if you have consented to us doing so, and will include a functional unsubscribe facility in each message we send.
Our website may contain links to third party websites. This Privacy Policy does not apply to the practices of other websites, and we are not responsible for the actions and privacy policies of the third parties that operate or interact with those other websites.
Certain jurisdictions have specific legal requirements and grant privacy rights with respect to personal information, and we will comply with restrictions and any requests you submit as required by applicable law. For example, you may have the right to seek access to, review, seek correction of, and/or seek deletion of personal information we hold about you, or to consent or withdraw consent to certain uses or sharing of personal information. You may be able to use the Service to access and update the information that you have provided to us through your use of the Service or otherwise,.
When you make a request, we may require that you provide information and follow procedures so that we can verify a request you make and your jurisdiction before responding to it. The verification steps we take may differ depending on your jurisdiction and the request. We will match the information that you provide in your request to information we already have on file to verify your identity. If we can verify your request, we will process it. If we cannot verify your request, we may ask you for additional information to help us verify your request.
This section applies to personal information of individuals in Australia and New Zealand.
Access: If at any time you want to know what personal information we hold about you, you are welcome to request access to that information by contacting us, using the details listed below.
Unless your request is marked as urgent, we will aim to respond to you within 20 working days of your request.
We may deny your request for access in certain circumstances including (but not limited to) where:
• The access would have an unreasonable impact on the privacy of, or a serious threat to the safety of one or more others;
• The request for access is frivolous or vexatious or the information requested is trivial;
• There are existing or anticipated legal proceedings and the information would not be available by way of discovery in those proceedings.
Such access can be denied under the Australia Privacy Act or the New Zealand Privacy Act (as applicable) or under any other applicable law or by a law enforcement agency.
If we deny your request for access, we will let you know why. If the New Zealand Privacy Act applies to your request, you have the right to make a complaint to the Privacy Commissioner of New Zealand in respect of our refusal.
We will not charge you for making a request to access your personal information, however we may charge you a reasonable amount (which we will let you know about in advance) to cover the costs we incur processing your request including retrieving your information and providing it to you.
Quality & Correction: At all times we take reasonable steps to ensure that the personal information we collect, use or disclose about you is accurate, complete, up to date and not misleading.
If at any time you wish to seek access to the personal information we hold about you, or believe the personal information that we hold about you is incorrect, incomplete, or inaccurate, you should let us know at support@mypassglobal.com. We will aim to respond to you within 20 working days of your request and use all reasonable efforts to correct the information.
This section applies to the personal information of California consumers as governed by California law including the California Consumer Privacy Act (“CCPA”). Although the CCPA is a California law, it applies to any company that “does business in the State of California”.
We do not sell the personal information about you that we collect when you visit our website. We also do not rent, sell, or share personal information (as defined by California Civil Code § 1793.83) about you that we collect with other people or unaffiliated companies for their direct marketing purposes, unless we have your permission.
Under the CCPA, a California consumer has the following rights: to request additional information about our data collection, use, disclosure, and sales practices in connection with the consumer’s personal information; to request the specific personal information collected about the consumer during the previous 12 months; and to request the deletion of the personal information we have about the consumer. A California consumer may not be discriminated against for exercising the consumer’s California privacy rights.
You may use the Service to exercise many of the rights listed above. You may also make a request by email at enquiries@mypassglobal.com or through the website chat enquiry form. In most cases, you will be required to provide your name and possibly your postal address, email address, telephone number, and date of birth so that we can verify your request. In some cases, additional information may be required. However, the verification steps we take may differ depending on the request.
Where possible, we will attempt to match the information that you provide in your request to information we already have on file to verify your identity. If we can verify your request, we will process it. If we cannot verify your request, we may ask you for additional information to help us do so. We will respond to your request within the 45-day time period required by applicable law. However, we may not always be able to fully comply with your request, and we will notify you in that event.
Under the CCPA, California consumers may use an authorised agent to make privacy rights requests. We require the authorised agent to provide us with proof of the California consumer’s written permission (for example, a power of attorney) that demonstrates authorisation to submit a request for the California consumer.
An authorised agent must follow the process described above to make a request, and we will also (a) require the authorised agent to verify the agent’s own identity and (b) confirm the agent’s authority with the California consumer about whom the request was made.
As we evolve our business, processes and policies will be reviewed and may be revised. We may change our Privacy Policy from time to time and the updated version will be published on our website. If we make any material changes, we will provide notice through the Service or by other methods.
By continuing to use our Services, you agree to be bound by the Privacy Policy as amended.
We are committed to constantly improving our procedures so that personal information is treated appropriately. If you feel that we have failed to deal with your personal information in accordance with this Privacy Policy or in accordance with the Australian Privacy Principles set out in the Australia Privacy Act or the Information Privacy Principles set out in the New Zealand Privacy Act (as applicable), please contact us at privacy@mypassglobal.com so we have an opportunity to resolve the issue to your satisfaction.
We will log your complaint and, within a reasonable time, our privacy officer will:
• listen to your concerns and grievances;
• discuss with you the ways in which we can remedy the situation; and
• put in place an action plan to resolve your complaint and improve our information handling procedures if appropriate.
If you are based in Australia and are unhappy with our response, you can lodge a written complaint with the Office of the Australian Information Commissioner at:
Office of the Australian Information Commissioner (OAIC)
GPO Box 5218
Sydney NSW 1042
email: privacy@privacy.gov.au
If you require more detailed information about our information handling practices or if you have any concerns about our handling of your personal information, please let us know by contacting us at:
Privacy Officer
MyPass Australia Pty Ltd.
Email: privacy@mypassglobal.com
We will endeavour to respond to your concerns as quickly as possible.
