Last updated: 25 May 2018
This Policy describes how the Partners in Performance Group being Partners in Performance International Pty Ltd and its related bodies corporate globally (PIP), including the data controller entities specified in the schedule, collects, uses, holds and discloses the personal information it holds about its clients, employees, potential clients, business associates and their employees, as well as visitors to PIP's website. This Policy also explains the rights individuals have to access their personal information, correct inaccurate information and to object to the use of personal information for the purposes described in the Policy. This Policy also describes our acts and practices in relation to information about our suppliers, contractors and employees.
This Policy contains the following sections:
- Applicable laws and applicable services.
- What types of personal information does PIP collect?
- How does PIP use personal information?
- With whom does PIP share personal information?
- Sending information overseas.
- Storage of personal information.
- How you can access, correct and control your personal information.
- Updates to this Policy.
1. Applicable laws and applicable services
“Personal information” is information or an opinion relating to an individual which can be used to identify that individual.
Laws and rules regarding the use of personal information may vary by jurisdiction. PIP members comply with applicable laws and rules in the jurisdiction where they are located or which govern the personal information that they collect and use.
Certain privacy laws may apply based on the location of the individual about whom the privacy law relates. For example, where a member of the PIP Group offers services to individuals in the European Union, the General Data Protection Regulation (GDPR) will apply.
This Policy applies to the personal information PIP collects, uses and discloses in connection with:
- Your use of the PIP website;
- Inquiries or other communications you may have with PIP about its services, including by email and over the phone;
- The provision of PIP's services to you;
- Our recruitment, employment and management of our relationship with, our employees, suppliers and contractors; and
- Otherwise doing business with you, including if you are a contractor, service provider, or supplier to PIP, or work for someone who has one of those roles.
2. What types of personal information does PIP collect?
- PIP collects personal information when you visit the PIP website, communicate with PIP, provide it to PIP as part of PIP's client services, and when other sources provide it to PIP, as further described below:
- Information you submit on online forms, such as your name, contact details, subscription applications and information about your interests. PIP also collects your marketing preferences and any other information you choose to submit, including by email.
- Information you provide when you communicate with PIP, including any information you provide by way of forms filled out by people, interviews, business cards, telephone conversations, emails, and through business activities.
- Information relating to PIP's client services, including any information concerning the subject of the client services, such as names, addresses, contact details, employment history, occupations, educational qualifications and other information which assists it in understanding and meeting its clients’ needs.
- Information collected in connection with our engagement with you, if you are a supplier, contractor or employee of ours, then we may collect information for the purpose of managing our relationship with you, which may include feedback and other performance records, leave, payroll and other information.
- Information from other sources, including third parties who give us information about you and publicly available sources (such as LinkedIn).Sensitive information, in relation to our employees and contractors - we may collect, use, hold or disclose health information or membership of a professional or trade association to ensure we are able to comply with our occupational health and safety, insurance and other obligations to you.
If you do not provide personal information to PIP, then we may not be able to provide services to, or otherwise do business with, you.
3. The purposes for which PIP may use or disclose personal information?
PIP may use or disclose your personal information for the primary purpose for which it is collected, for reasonably expected secondary purposes which are related to the primary purpose and in certain other circumstances provided for in applicable privacy laws.
In general, PIP uses and discloses your personal information for the following purposes. To:
- Understand and meet its clients’ needs;
- Conduct its business;
- Recruit, manage and develop its employees and contractors;
- Provide and market its services;
- Communicate and manage its relationship with you; and
- Meet its legal obligations and to ensure that you meet yours.
If you are an individual in the European Economic Area (EEA), PIP processes personal information where it has a legal basis for doing so under applicable EU laws. This means PIP collects and uses your information only where:
- It is necessary to provide a service to you;
- PIP has a legitimate interest (which is not overridden by your data protection interests), such as to provide services to clients, to market and promote PIP’s services and to protect PIP’s legal rights and interests;
- You give your consent to do so for a specific purpose;
- PIP needs to process your personal information to comply with a legal obligation; or
- For Sensitive Data, to ensure we are able to comply with our occupational health and safety and insurance obligations.
4. With whom does PIP share your personal information?
PIP may disclose your personal information to:
- Other members within PIP including prospective members of PIP and their advisors;
- Other companies or individuals, in, or outside, your country, who assist PIP in providing services or who perform functions on their behalf. This may include, for example, information technology service providers, lawyers, accountants and other service providers;
- Anyone else to whom you authorise PIP to disclose it;
- Government agencies and other third-parties where required by law, and in certain circumstances to enforce agreements, policies and terms of service, to protect PIP or the public from harm or illegal activities; or to respond to an emergency;
- Other types of entity where permitted by law to do so.
5. Sending information overseas
PIP may disclose your personal information to other members of PIP located in, or outside, your country, which may not have equivalent data privacy laws to where you reside. PIP members will treat personal information collected and sent to them, in accordance with the requirements of any applicable local laws relating to privacy and PIP secures any such transfers from the EEA by using European Commission-approved model clauses.
A current list of countries in which PIP members are located or operating can be obtained from the Privacy Officer upon request. Contact details are set out in section 9 below.
PIP also discloses personal information to service providers located outside your country or the country from which the data was provided (collectively the “jurisdiction of origin”). While such third parties will often be subject to privacy and confidentiality obligations, where lawful such obligations may differ from and be less stringent than the requirements of the privacy laws of the jurisdiction of origin. For transfers from the EEA, PIP relies on European Commission-approved model clauses.
6. Storage of personal information
Personal information that has been collected by PIP is stored on on-site secure physical servers or by on-line cloud-based third party data storage providers. All access to data is password protected, and PIP employs the use of Rights Management Services (RMS) in some circumstances.
The personal information collected by PIP will be retained for as long as we require it for a lawful business purpose or to comply with our legal obligations.
7. How you can access, correct and control your personal information
PIP endeavours to ensure that the personal information it holds is accurate, complete and up-to-date. It encourages you to contact PIP in order to update any personal information it holds about you. Contact details are set out below.
You have the ability to request access to your personal information and to request correction of it. You may seek access to the personal information which PIP holds about you by contacting the Privacy Officer. Your rights of access and to obtain correction are subject to exceptions set out in the applicable laws. Individuals in the EEA also have the right to object to PIP’s processing of personal information or to request the deletion of personal information. These rights may be limited, such as where PIP has compelling reasons or is subject to a legal requirement to deny the request. Where personal information is used on the basis of consent, you may withdraw your consent at any time, but this will not affect processing that has already taken place.
If you make a request, PIP will require you to verify your identity and to specify what information you require.
8. Updates to this Policy
This Policy will be reviewed from time to time to take account of new laws and technology, changes to our operations and practices and the changing business environment. The most current version of this Policy is located at www.pipint.com and can be obtained by contacting the Privacy Officer.
If you have any questions about privacy-related issues, please contact the Privacy Officer by email to email@example.com or by telephone +61 2 9321 0800. Any complaint about PIP’s handling of personal information should be made in writing to the Privacy Officer who will respond within 30 days. If the complaint remains unresolved, you can refer it to any data protection authority where you live, where you work or where you feel your rights have been infringed.
EU Representative: Partners in Performance UK Limited
Schedule 1 – Data Controllers for the purposes of GDPR
- PIP Global IP Limited
- Partners in Performance Global IP UK Limited
- Partners in Performance UK Limited
- Partners in Performance International Pty Ltd