Introduction
Peoplebank Singapore takes seriously its commitment to preserve the privacy of the personal information that we collect. This Privacy Policy applies to and governs data collection, processing and usage in compliance with the Personal Data Protection Act 2012 (No. 26 of 2012) of Singapore (“PDPA)”.
We will only collect information that is reasonably necessary for the proper performance of our activities or functions as a recruitment agency.
We do not collect personal information just because we think it could be useful at some future stage if we have no present need for it. We do not collect or use personal information for the purposes of unlawful discrimination.
We may decline to collect unsolicited personal information from you or about you and Peoplebank may take such measures as we think appropriate to purge it from our systems.
For any questions related to your privacy please contact us at privacy.pbsg@peoplebank.asia
Information Collection
We will collect personal information from you directly when you fill out and submit one of our registration forms, application forms, or any other information in connection with your application to us for work.
As a contracted service provider it may be necessary for us to collect and manage personal information as an Agency under different privacy arrangements. To find out if this may apply please contact us on the details noted above.
Future Changes
This policy may change over time in light of changes to privacy laws, technology and business practice. If you use our website regularly or conduct transactions with us that involve us to collect your personal information, it is important that you check this policy regularly to ensure that you are aware of the extent of any consent, authorisation or permission you might give.
Kinds of Information that we Collect and Hold
The type of information that we collect, and hold is information that is reasonably necessary for the proper performance of our activities or functions as a recruitment agency and is likely to differ depending on whether you are:
- A Candidate – i.e. someone who is looking for a placement or work through us; or whom we have identified as a person who might be receptive to an offer of a placement or work through us;
- A Client – i.e. someone other than a Candidate who is looking to acquire our services as a recruitment agency or whom we have identified as someone who might be interested in acquiring our services; or
- A Referee – i.e. a person from whom we have sought facts or opinions regarding the suitability of one of our Candidates for work or positions through us; and who may be a Referee nominated by the Candidate, a Client or us.
Sensitive information is only collected with consent and where it is necessary for the performance of our functions and activities as a recruitment agency. Sensitive information will need to be collected where it relates to a genuine occupational requirement, for the purposes of the right to work in Singapore verification or an inherent requirement of the job or work being considered. Our collection of some types of sensitive information is also governed by equal opportunity and anti-discrimination laws.
You may choose not to provide us your personal information or act under a pseudonym. However, to do so will render us unable to provide you with our services in seeking and being placed into work.
For Candidates
The type of information that we typically collect and hold about Candidates is information that is necessary to assess amenability to work offers and work availability; suitability for placements; or to manage the performance in work obtained through us. It includes:
- Information submitted and obtained from the Candidates and other sources (e.g. Referees or Clients) in connection with applications for work;
- Information about personality, character, skills, qualifications and experience;
- Information about career path and preferences;
- Information about work entitlement and ability to undertake specific types of work;
- Information about health status and ability to undertake specific types of work;
- Work performance information;
- Information about incidents in the workplace;
- Personnel information including contact details;
- Information in relation to absences from work due to leave, illness or other causes;
- Bank details and TIN’s;
- Information required to undertake criminal history checks and obtain criminal history records; and
- Information required to ascertain a Candidates right to work in Singapore
For Clients
The type of information that we typically collect and hold about Clients is information that is necessary to help us manage the presentation and delivery of our services and includes:
- Client relationship information;
- Information about position, contacting and hiring authority;
- Information about team structures and roles;
- Information about incidents in the workplace;
- Client facility addresses, company identification numbers, key personnel and contact details; and
- Credit check and financial information
For Referees
The type of information that we typically collect and hold about Referees is information that is necessary to help make determinations about the suitability of one of our candidates for particular jobs or particular types of work and may include:
- Information about work position, authority to give a reference and preferred contact details;
- Opinions of the Referee regarding the Candidates character and work performance or work environment; and
- Facts or evidence in support of those opinions, sometimes involving the Referee’s own knowledge and experience of having worked with the Candidate
Purposes
The purposes for which we collect, hold, use and disclose your personal information are those purposes that are reasonably necessary for the proper performance of our functions and activities as a recruitment agency:
- Candidates – personal information is typically used for recruitment and work placement operations, pre-employment screening, staff management, training, remuneration, workplace health and safety, statistical purposes and statutory compliance requirements
- Clients – personal information is typically used for client and business relationship management, review of workplace operations and health and safety management, credit checking, statistical purposes and statutory compliance requirements
- Referees – personal information is typically used to confirm identity and authority to provide references and for candidate suitability assessment
How your personal information is collected
Generally, information will be collected directly from you:
- Candidate – information is collected through your application, from referees, results of any competency test or similar, and other sources such as registrations or any professional disciplinary matter
- Client – information is collected when you provide it to us for business purposes
- Referee – information is collected from the Candidate in the course of their application for work, and from you when providing the reference
We may also collect personal information about you from publicly available sources including newspapers, journals, directories, the internet and social media sites. This information will be included in our records only if necessary for the performance of our activities or functions as a recruitment agency.
Photos and Images
We may request proof of identification from you including copies of your passport, visa, driver’s license or any other relevant licences and will only do so for the performance of our activities or functions as a recruitment agency.
Electronic Transactions
We also collect personal information through our websites and social networking services such as Facebook and Twitter. We use this information to improve our website.
Social Networks and Web Searches
In order to assess your suitability for positions and to assist you to find work, we conduct internet searches using search engines and regulatory or government agency sites by entering your name and relevant identifying details.
Web Browsing
When you look at our website, our website host makes a record of the visit and logs (in server logs) the following information for statistical purposes:
- Your server address;
- Your top-level domain name (for example .com, .gov, .org, .sg, etc.);
- The pages you accessed, and documents downloaded
- The previous site you visited; and
- The type of browser being used
We do not identify users other browsing activities except, in the event of an investigation, where a law enforcement agency may exercise a warrant to inspect the internet service provider’s server logs.
We do not accept responsibility for the privacy policy of any other site to which our site has a hyperlink, and it is advisable to look at the privacy policy of other sites before disclosing personal information.
Collecting through our websites
The Peoplebank Group has its own public websites — www.peoplebank.com.au, www.porterallen.com.au, www.leaders.com.au, www.ambitengineering.com.au, www.peoplebank.com.hk, www.peoplebank.com.sg. There are several ways in which we collect information through our website.
Analytics
We use Google Analytics to collect data about your interaction with our website. Google Analytics is hosted by a third party. The purpose of collecting your data in this way is to improve your experience when using our site as well as assisting users in finding the most relevant information. The types of data we collect with these tools include:
- your device's IP address (collected and stored in an anonymized format)
- device screen size
- device type, operating system and browser information
- geographic location (country only)
- referring domain and out link if applicable
- search terms and pages visited
- date and time when website pages were accessed
Cookies
Cookies are small data files transferred onto computers or devices by websites for record-keeping purposes and to enhance functionality on the website.
Most browsers allow you to choose whether to accept cookies or not. If you do not wish to have cookies placed on your computer, please set your browser preferences to reject all cookies before accessing our website.
Advertising
We have Google Analytics advertising features enabled on our site, we use this for:
- Remarketing with Google Analytics
- Google Display Network Impression Reporting
- Google Analytics Demographics and Interest Reporting
- Integrated services that require Google Analytics to collect data for advertising purposes, including the collection of data via advertising cookies and identifiers
Opt-out
Should you wish to opt-out of Google Analytics Advertising features, please use the browser add-on provided by Google. You can access this plugin here: https://tools.google.com/dlpage/gaoptout/.
Web Bugs
If we use web bugs we will display a clearly visible icon the page. The icon will include the name of the company collecting information and will be labelled as a tracking device. The web bug will be linked to a page disclosing what data is collected, how it is used, and which companies receive the data. Web visitors will be able to opt-out of data collection by web bugs. Web bugs will not be used to collect sensitive information.
Cloud Computing Services
In cases where we use cloud-computing services we will take reasonable steps to ensure that:
- Disclosure of your personal information to the cloud service provider is consistent with our disclosure obligations under Privacy laws. This may include ensuring that we have obtained your consent, or that the disclosure is for purposes within your reasonable expectations;
- Disclosure is consistent with any other legal obligations, such as the restrictions on the disclosure of TIN’s information or the disclosure by private employment agencies of Candidate details; and
- Our Cloud computing services provider’s terms of service recognise that we are bound by obligations to protect the privacy of your personal information and that they will not do anything that would cause us to breach those obligations.
How your Personal Information is Held
When your personal information is collected it will be held in our Information Record System until it is no longer needed for any purpose for which it may be used or disclosed, at which time it will be de-identified or destroyed provided that it is lawful for us to do so.
Our Information Record System
Information you provide to us is stored in our secure cloud-based recruitment database and document storage system, which are restricted and accessible by staff through the use of individual log-in credentials.
Information Security
We will take all reasonable steps to ensure the information you provide us remains secure and confidential and is only used for the performance of our functions or activities as a recruitment agency.
Disclosures
General Disclosures
We may disclose your personal information for any of the purposes for which it is primarily held or for a related purpose where lawfully permitted. We may disclose your personal information where we are under a legal duty to do so, including circumstances where we are under a contractual duty to disclose information.
Disclosure will usually be internal and to our related entities, to our Clients, and to Referees for suitability and screening purposes.
Related Purpose Disclosures
We outsource a number of services to contracted service suppliers (CSP’s) from time to time. Our CSP’s may see some of your personal information. Typically, our CSP’s would include software solutions providers, IT contractors and/or background checking and screening agents.
We take reasonable steps to ensure that terms of service with our CSP’s recognise that we are bound by obligations to protect the privacy of your personal information and that they will not do anything that would cause us to breach those obligations.
Cross-Border Disclosures
Some of your personal information is likely to be disclosed to overseas recipients. The likely countries, type of information disclosed, and likely recipients are indicated, so far as is practicable, in the following table:
Country | Type of Information | Likely Recipients |
Canada | All personal data | Our recruitment management system vendors for maintenance of our database |
Hong Kong | All personal data | Our subsidiary company – Peoplebank Hong Kong; Our recruitment management system vendors for maintenance of our database |
New Zealand | All personal data | Our recruitment management system vendors for maintenance of the database |
Singapore | All personal data | Our subsidiary company – Peoplebank Singapore |
United States of America | All personal data | Our recruitment management system vendors for maintenance of the database |
United Kingdom | All personal data | Our recruitment management system vendors for maintenance of the database |
We will take such steps as are reasonable in the circumstances to ensure that the overseas recipient does not breach the privacy laws.
Information Security
We will take all reasonable steps to ensure the information you provide us remains secure and confidential. We take a range of measures to protect your personal information from:
- Misuse, interference and loss; and
- Unauthorised access, modification or disclosure
Training
We train our staff to respect the confidentiality of client information and the privacy of individuals.
System Access and Password Protection
Our Information Record Systems have multi-layer permission access which includes password protection and permission level access.
Software Protection
Our software is protected as follows:
- Our network is protected using a firewall which governs internal and external access rights;
- Our emails are filtered to determine email rights, spam control and content control;
- Data is kept virus free by antivirus software which controls virus definition to all machines;
- Data access is controlled by permissions software; and
- All data is backed up both onsite and offsite
Hardware Protection
Our hardware is protected as follows:
- Our servers are in dedicated, secure IT facilities. All access to IT equipment is strictly controlled
- Our servers are protected from failure by redundant hardware features
- All disk systems are redundant using some form of RAID; and
- Sites contain backup UPS systems to protect against power loss or power anomalies
Policy on portable electronic devices
To protect personal information from misuse, interference and loss, we do not, as a matter of practice, issue staff with laptops, tablets, mobile phones or other portable electronic devices. Where our staff utilise their own portable devices, they are subject to our remote access and acceptable IT use policies.
Retention and Disposal
We adopt record management practices in accordance with legislative requirements and policies and guidelines on recordkeeping and management of electronic communications.
Where information is lawfully destroyed this is done by secure means of disposal.
Clients and 3rd Parties
All client and third-party information accessed and used by our on-hired personnel during their assignments with our clients is protected from disclosure or unauthorised use by:
- The confidentiality and privacy obligations that are contained in our contracts signed by such on-hired personnel; and
- The obligations to comply with all client policies and procedures, including those in relation to confidentiality and privacy that are contained in our contracts signed by such on-hired personnel
Access and Correction
Access
Subject to some exceptions that are set out in privacy law, you can gain access to the personal information that we hold about you. You will need to be in a position to verify your identity. There are some exceptions to providing access, such as when opinions have been provided confidentially in the course of our performing reference checks and access would impact on the privacy rights of other people.
We might impose a moderate charge in providing access. Our Privacy Coordinator would discuss this with you. We will generally respond to your request for access within five (5) working days.
Correction
If you find that personal information that we hold about you is inaccurate, out of date, incomplete, irrelevant or misleading, you can ask us to correct it by contacting us. We will take such steps as are reasonable in the circumstances to correct that information to ensure that, having regard to the purpose for which it is held, the information is accurate, up to date, complete, relevant and not misleading.
Please advise us if you wish to be removed from our recruitment software system. We will amend your status to ‘inactive’ and will remove information that we have no present need for or obligation to retain.
There is no charge to correct information. We will generally respond to your request for access within five (5) working days.
Our Policy on Direct Marketing
We may sometimes use personal information for marketing purposes but only subject to the following:
- Candidates, whilst they are registered with us, with updates in relation to employment opportunities, market information and promotions from time to time;
- Clients, with whom we have a relationship, with market information and promotions from time to time;
- Subscribers to our website with news and job alerts to which they have subscribed;
- Personal information is not used by or disclosed to any third party for marketing purposes;
- Client lists are not generally obtained from third parties for marketing purposes;
In accordance with the anti-spam legislation, individuals to whom marketing communications are sent are:
chosen on the basis of having given their express and/or implied consent for such communications to be sent to them since they registered with us for the purpose of engaging us as their employment agent or recruitment agent; and
always given an opt out or unsubscribe option in relation to such communications
When sending direct marketing material, we will give you the direct option as to whether or not you wish to receive marketing communications and remain compliant with anti-spam legislation.
Complaints
You have a right to complain about our handling of your personal information if you believe that we have interfered with your privacy.
How to Complain
If you are making a complaint about our handling of your personal information, it should first be made to us in writing. You can make complaints about our handling of your personal information to our Privacy Co-ordinator at privacy.pbsg@peoplebank.asia.
How your complaint will be handled
When we receive your complaint:
- We will take steps to confirm the authenticity of the complaint and the contact details provided to us to ensure that we are responding to you or to a person whom you have authorised to receive information about your complaint;
- Upon confirmation we will write to you to acknowledge receipt and to confirm that we are handling your complaint in accordance with our policy
- We may ask for clarification of certain aspects of the complaint and for further detail;
- We will consider the complaint and may make inquiries of people who can assist us to established what has happened and why;
- We will require a reasonable time (usually 30 days) to respond;
- If the complaint can be resolved by procedures for access and correction we will suggest these to you as possible solutions;
- If we believe that your complaint may be capable of some other solution we will suggest that solution to you, on a confidential and without prejudice basis in our response;
If the complaint cannot be resolved by means that we propose in our response we will suggest that you take your complaint to the Personal Data Protection Commission, Singapore.
Other Important Privacy Information
EU Residents
If you are a resident of the European Economic Area, you have the following data protection rights:
If you wish to access, correct, update or request deletion of your personal information, you can do so at any time by contacting the Privacy Officer at privacy.pbsg@peoplebank.asia.
- In addition, you can object to processing of your personal information, ask us to restrict processing of your personal information or request portability of your personal information. Again, you can exercise these rights by contacting us using the contact details provided.
- You have the right to opt-out of marketing communications we send you at any time. You can exercise this right by clicking on the "unsubscribe" or "opt-out" link in the marketing emails we send you. If you are an unregistered user, or to opt-out of other forms of marketing (such as postal marketing or telemarketing), you may contact us using the contact details provided.
- Similarly, if we have collected and processed your personal information with your consent, then you can withdraw your consent at any time. Withdrawing your consent will not affect the lawfulness of any processing we conducted prior to your withdrawal, nor will it affect processing of your personal information conducted in reliance on lawful processing grounds other than consent.
- You have the right to complain to a data protection authority about our collection and use of your personal information. For more information, please contact your local data protection authority.
- We respond to all requests we receive from individuals wishing to exercise their data protection rights in accordance with applicable data protection laws. Notwithstanding the foregoing, we reserve the right to keep any information in our archives that we deem necessary to comply with our legal obligations, resolve disputes and enforce our agreements.
Complaints
You have a right to complain about our handling of your personal information if you believe that we have interfered with your privacy. If you are making a complaint about our handling of your personal information, it should first be made to us in writing.
Please contact our Privacy Coordinator at privacy.pbsg@peoplebank.asia. You can also make complaints to the Personal Data Protection Commission, Singapore.