2. Who we areRepute Digital believes that online reputation and earned trust will be the future currency in the digital world and conducts business by assisting organisations to make better business risk decisions. We do this through obtaining and leverage of available reputation based information. These organisations engage Repute Digital to obtain online information of individuals who wish to either work with them or engage their services from social media and other business sites. The information collected is compiled in a report and provided to the organisations for their own analysis and use. These services are designed to provide further peace of mind for these organisations so they know more information about who they are engaging with. Conversely it allows applicants to leverage, where applicable, their earned positive reputation and thus gain access to preferential products, services and pricing.
Our headquarters are in Sydney, Australia.
3. Our approach to privacyAs a business, we obtain personal information on behalf of organisations who engage our services.
We do not share or sell personal information to third parties for any other purposes. We do not abuse or misuse your personal information, or let it fall into the wrong hands. We only collect or process your information for the reasons we say we do.Personal information is only obtained for the purpose of generating our report to our customers which provided insight into an individual’s identity and reputation.
We delete the personal information obtained on an individual once we generate the report unless we are required to keep it in accordance with privacy laws.
We also obtain personal information when our customers sign up for our services, such as names, phone numbers, email and physical addresses.
In giving your consent, you agree to:
- The transfer of your personal information to other countries outside Australia where applicable.
If you do not want your personal information to be used in any of the ways listed above, then please do not use our service.
5. Where and why we collect and process your personal informationWe collect your personal information from the following sources:
- When you visit our website;
- When you contact us including where you contact us for help or support; and
- When you use services and you engage us to source personal information on individuals from publicly available sources and sites such as social media sites and other business sites such as Google, LinkedIn, Facebook, Twitter, Instagram, Ebay, Airbnb and Uber.
We process your information for one or more of the following purposes:
- To analyse what online or digital reputation you have which we share with our clients and third parties;
- To validate that you are who you say you are;
- To provide you with information you have requested from us;
- To ensure the safe operation and security of our website and underlying business infrastructure; and
- To manage any communication between us and you.
6. Our legal basis for processing your informationBy using services and website we assume you have provided consent for us to collect, process and store your personal information. Further, if you have come to our website or contacted us for help or information we also assume you have provided us with consent to collect, possess and store your information.
If you are a customer and wish to use our services, we will use all reasonable endeavours to check and satisfy ourselves that any individual you wish for us to collect personal information on has provided informed consent to do so. Repute Digital however accepts no liability where you have asked us to obtain personal information on an individual and that individual has not provided informed consent for us to do so. For more information in this regard, please review our terms of service.
7. What information we collectAs part of our services, we collect and analyse a range of personal information on individuals who have provided informed consent for us to do so. This may be quite broad and include sensitive personal information.
Such personal information, including sensitive personal information, that is publicly or legally available and may include:
- Personal names and addresses;
- Work history and events;
- Personal preferences and profiling information;
- Any references you have made to sexual preferences, religion, drugs, alcohol or discriminatory matters;
- Any online ratings or comments in relation to your behaviour and habits such as Ebay and Uber ratings; and
- Information received from other sources to provide our services to you or our client.
If you are visiting our website, are one of our customers, or are trying to contact us for information, assistance or technical support, then the information we collect or may ask for could include:
- Your name and company name;
- Your contact details, such as a phone number and/or email address;);
- Billing information; and
- Other information as required.
We share your personal information, including sensitive personal information, with:
- Our clients/customers;
- Group companies, who may provide related or ancillary services; and
- Internationally recognised legal and regulatory bodies as required.
We will also share personal information in the following circumstances:
- If we believe that it is reasonably necessary to comply with a law, regulation or legal request (e.g. to assist in matters of public interest or safety);
- If we sell, transfer or otherwise share some or all of our assets in connection with a merger, acquisition, reorganisation or sale of assets, or in the event of bankruptcy. We endeavour to provide you with notice prior to the transfer of your personal information to a successor entity;
- To complete any transaction or provide any product or service you have requested or authorised;
- To maintain the security of the website and our services; and
- To protect ours and your rights and property.
9. SecurityWe have, what we believe are robust, appropriate and sufficient security controls in place to protect personal information. Risk assessment, including assessing risks to the rights and freedoms of information subjects, is at the heart of our Information security management system. Although even with that, we have no control over what happens between your smartphone device and our information infrastructure. You should be aware of the many cyber security risks that exist and take appropriate steps to safeguard your own information.
We accept no liability in respect of breaches that occur beyond our sphere of control. However, we take the privacy and protection of your personal information very seriously and use a number of methods to try to keep your personal information secure from loss or unauthorised use or access when it is in our possession or control. These methods include reasonable physical, technical and organisational measures to restrict access to your personal information. Access to your information (for example amongst our employees and customers) is strictly controlled by a combination of secure passwords, permissions-based user roles, tried and tested processes, multi factor authentication and more.
Where we have given you (or where you have chosen) a password which enables you to access certain parts of our website and/or apps, you are responsible for keeping this password confidential. You should never share a password with anyone and you should ensure that you do not reuse or recycle passwords.
Where required by applicable law, we will notify you of any loss of or unauthorised access to your personal information, and we will cooperate with the appropriate authorities to investigate such incidents in a timely fashion.
10. International transfers of informationWe are a global company which provides services globally. As such your personal information may be transferred and stored in locations outside of Australia and where privacy laws may not be as protective as they are in Australia. Our product partners may also operate in such locations and may require that we transfer your personal information to them in those locations.
11. Retention of your informationWe keep your personal information for as long as is necessary to fulfil the purposes for which it was collected. This purpose is usually for one of the two reasons as listed above in the section on our legal basis to process your information. In most cases, this will be solely for the purposes of a providing a report to our customers where they have asked us to collect and process information about you. However, we are subject to our customer’s instructions and they may ask us to retain it for longer or to delete it sooner.
We maintain a permanent record of anonymized location, demographic and survey information. This information is used to produce aggregated consumer insights and cannot be used to identify individuals.
12. MinorsWe do not knowingly collect personal information or information of minors under 18 years of age. We have no control over who contacts us but we do not conduct business with anyone under 18 years of age.
13. Your rightsAs an information subject whose personal information we collect and process, you have certain rights. If you wish to exercise any of these rights, then please email firstname.lastname@example.org or use the contact details supplied below. In order to process your requests, we will ask you to provide two valid forms of identification for verification purposes.
Your rights are as follows:
- The right to be informed. As an information controller, we are obliged to provide clear and transparent information about our information processing activities. This is provided by this policy and any related communications we may send to you.
The right of access. You may request a copy of the personal information we hold about you.
We will always provide this free of charge. Once we have verified your identity and, if
relevant, the authority of any third-party requester, we will provide access to the personal
information we hold about you as well as the following:
- The categories of personal information concerned
- The purpose for processing the personal information
- If applicable, who we have disclosed the information to
- The proposed or planned retention period for that information
- The source of personal information, if collected from a third party
- The right to rectification. If you feel we hold inaccurate or incomplete personal information about you, you may exercise your right to correct or complete it. This may be used in conjunction with the right to restrict processing (see below) to make sure that incorrect or incomplete information is not processed until it has been rectified.
- The right to erasure. Often referred to as the ‘right to be forgotten’. Where no overriding legal basis or legitimate reason continues to exist for processing your personal information, you have the right to request that we delete that information. We will always take all reasonable steps to ensure the erasure or deletion of your information.
The right to restrict processing. You have the right to ask us to stop processing your
personal information. We will still store the information, but will not process it further.
This right is an alternative to the right to erasure. If any of the following conditions apply,
then you may exercise your right to restrict processing;
- You contest accuracy of your personal information and we are verifying it.
- Your information has been unlawfully processed.
- We no longer need the personal information for processing but the personal information is required for part of a legal process (e.g. establishing, exercising or defending a legal claim).
- You have exercised your right to object and processing is restricted pending a decision on the status of that processing.
- The right to information portability. You may request personal information which we hold, to be transferred to you, another controller, processor or third party. We must ensure we provide it in a commonly used and machine readable format. This right only applies because our lawful basis for processing is either consent or for the performance of a contract.
The right to object. You have the right to object to our processing of your information.
This applies when processing is;
- Based on your legitimate interests (or those of a third party)
- For the purposes of direct marketing
- For research purposes (scientific, historic or statistical)
- Based upon public tasks or legitimate interests
14. Data Protection OfficerWe are the data controller for the purposes of the EU General Data Protection Regulation (GDPR).
We have nominated a Data Protection Officer, David Griffiths to take overall responsibility for matters of information protection and privacy. This is our Head of Information Security and you can contact them with any questions or concerns about your information by emailing email@example.com (for more contact details see below).
15. Contact UsShould you have any questions, comments or concerns about this policy or how we handle and process your information then please email firstname.lastname@example.org.
Our address is:
Repute Digital Pty Ltd ACN 625 074 973
Level 1, 204 Clarence Street
Level 1, 204 Clarence Street
Repute Digital customer service team’s may be contacted on 1800 954 666 for Australia and +61 (0)411 888 444 for overseas callers.