Privacy Policy
Last updated: 1st of October, 2023
At Agile HRO, we value the privacy of our users and visitors.
This Privacy Policy outlines how we at Agile HRO collect, protect, and use the personal data you ("User", "you," or "your") may provide on the www.agilehro.com website (the "Site") and within any of our products or services (the "Service").
Agile HRO is made up of a number of legal entities which we use as infrastructure to provide our Services. However, for data protection purposes the entity in control of all personal information processed in connection with the Site and the Service is Agile Solutions Pte. Ltd., a company incorporated in Singapore with company number 2019344684H and its registered office at 190 Clemenceau Ave #06-08, Singapore 239924 (“Agile HRO”, “us”, “we”, or “our”).
We collect, use and disclose personal information in order to provide you with a safe, smooth, efficient and customised experience with us. The collection, use and disclosure of personal information enables us to provide services and products that are most likely to meet your needs and requirements. This Privacy Policy outlines our policy and responsibility in relation to the collection, use and disclosure of personal information when you access our Site and our Service.
Your actions of accessing and/or using the Site, the Service and/or communicating any information in a manner explained in this Privacy Policy signify that you have read and understood this Privacy Policy and you agree to the collection and use of your information in accordance with this Privacy Policy. If you are based in Singapore, you provide your consent to us collecting, using and disclosing your personal data in accordance with this Privacy Policy. This Privacy Policy should be read in conjunction and together with the terms of use and other policies as may be available on the Site (collectively the “Terms of Use”). Please read this Privacy Policy and in the event you do not agree to the terms or policies specified herein, please discontinue the usage of the Site and the Service.
Unless otherwise defined in this Privacy Policy, capitalized terms used in this Privacy Policy have the same meanings as in our Terms of Use.
This Privacy Policy applies to the following data subjects: Users of the Site and/or Service, including Customers, Partners, Contractors and Employees and all visitors of www.agilehro.com with whom Agile HRO does not have a contractual relationship. Depending on data subject category and country of residence this Privacy Policy may from time to time be supplemented by additional policies issued by us and other parties which will be notified to you separately. For example, personal information about Employees hired by any of our local legal entities can be co-controlled by these local entities and, where required by law, an additional policy will be notified to you in case the local entities engage in personal data processing not covered in this Privacy Policy.
The terms “personal data”, “data processing” and “data subject” have the same meaning as under Regulation (EU) 2016/679 – the General Data Protection Regulation.
Information Collection
While communicating with us, accessing our Site and/or using our Service, we collect and store your personal information. Some of this information can be used on its own or in combination with other information with other information to identify you. Below is a list of types of personal information that could be collected when you interact with us, access our Site and/or use our Service.TYPE OF PERSONAL DATA
DESCRIPTION
Contact
Addresses, e-mail addresses, phone numbers and other ways in which to contact you.
Location
Data we get about where you are. This may come from your mobile phone or the place where you connect a computer to the internet.
Identifying
Information that can identify a specific individual such as name, government-issued ID, birthdate, photographs or birth certificate.
Financial/Account
Information that identifies an individual’s financial account or about an individual’s remuneration, such as bank accounts, salary, benefits, details about the transactions you carry out and the payments to and from your accounts with us.
Financial/Account
Information that identifies an individual’s financial account or about an individual’s remuneration, such as bank accounts, salary, benefits, details about the transactions you carry out and the payments to and from your accounts with us.
Professional
Information about educational or professional career, such as roles.
Emergency Contact
Name, contact details and relationship of emergency contact.
Social
Marital status and number of dependents.
Special Category Data
Health data (e.g. disability, pregnancy, absence due to sickness, etc.)
Communication
What we learn about you from communications between us.
Contractual
Details about the products or services we provide to you.
Behavioural
Details about how you use our Service and Site.
Technical
Details on the devices and technology you use to use our Service and Site.
Public and third-party records
Details about you that are in public records and information about you that is publicly available on the internet. We also collect information about you which we receive from other companies, such as (without limitation) credit reference or fraud protection agencies (see below for more information).
Usage Data
Other data about how you use our products and services.
Consents
Any permissions, consents or preferences that you give us.
When and how we collect personal information
We may collect personal information when:
> You subscribe to our blog
> You use or view our Site
> You opt-in for marketing messages
> You receive an email from us or send an email to us
> You contact us
> You engage in a meeting with our team
> You participate in our events, programmes or giveaways
> You use our Service
> You create an account in the Platform
> Third parties share your data with us, such as:
– Companies and business partners that introduce you to us
– Our service partners
– Our third-party vendors, including (without limitation) those that help us authenticate your identity
– Social networks and other technology providers (for instance, when you click on one of our LinkedIn or Google advertisements)
– Fraud prevention agencies
– Other financial services companies (to fulfil a payment or other service as part of a contract which they have with you, or to help prevent, detect and prosecute unlawful acts, money laundering, and fraudulent behaviour)
– Public information sources such as (without limitation) publicly available government databases
– Third-party agents, suppliers, sub-contractors and advisers
– Market researchers
– Firms providing data services
– Government, law enforcement agencies, authorities and regulatory bodies to help Agile HRO comply with its legal obligations
Cookie Use
Please refer to our Cookie Policyarrow_up_right_square for more information.WHAT WE DO
LAWFUL BASIS FOR PROCESSING
DATA SUBJECTS
PERSONAL DATA
Administration, performance and termination of employment agreements (i.e. paying out salaries and providing benefits)
Performance of a contract
Employees
Communication, Special category data, Social, Emergency Contact, Professional, Financial/Account, Identifying, Location, Contact, Contractual
Legally required purposes (i.e. managing time off and sick days, pension and retirement administration, tax reporting, establishing and exercising legal claims in connection with the employment relationship)
Compliance with a legal obligation
Employees, Job applicants
Communication, Special category data, Social, Emergency Contact, Professional, Financial/Account, Identifying, Location, Contact, Contractual
Administration, performance and termination of the contractual relationship between Agile HRO and the Customer
Performance of a contract
Customers, Contractors
Communication, Professional, Financial/Account, Identifying, Location, Contact, Contractual
Assistance with the drafting, negotiating, and execution of the contract between the contractor and the Customer
Performance of a contract
Customers, Contractors
Communication, Professional, Financial/Account, Identifying, Location, Contact, Contractual
KYC checks
Compliance with a legal obligation
Customers, Customer’s UBO(s) and directors
Professional, Financial/Account, Identifying, Location, Contact, Public and third-party records
Create user accounts
Performance of a contract
Customers, Employees, Contractors
Contact, Identifying, Location, Financial/Account, Professional, Contractual
Hire employees
Performance of a contract
Customers, Employees
Special category data, Communication, Social, Emergency Contact, Professional, Financial/Account, Identifying, Location, Contact, Contractual
Payment and management of contractor invoices on behalf of the Customer
Performance of a contract
Customers, Employees
Contact, Financial/Account, Professional, Communication, Contractual
Recording of conference video calls
Consent (to be obtained when data subject joins call, and can be withdrawn at any time)
Customers, Employees, Contractors
Communication, Contact, Consents
Identify you and help you solve issues related to the usage of our services
Performance of a contract
Customers, Employees, Contractors
Contact, Communication, Contractual
Notify you of any changes to the Service
Performance of a contract
Customers, Partners
Contact, Communication, Contractual
Contact you to improve our services and customer experience
Legitimate interest (service improvement)
Customers, Employees, Contractors, Partners, Users of the Site
Contact, Communication, Behavioural, Usage Data
Direct marketing
Consent (which can be withdrawn at any time – see ‘Communications’ below)
Data subjects who gave their explicit consent
Contact, Communication, Location, Professional, Consents
Share your business information with our partners when you attend a promoted event
Consent (which can be withdrawn at any time by emailing
agile@agilehumansolutions.com)
Customers, Employees
Contact, Communication, Location, Consents
Send you marketing material about our company (newsletters, blogposts, webinars, prizes, etc.)
Legitimate interest (service promotion)
Customers, Partners, Users of the Site
Communication, Professional, Contact
Reporting marketing campaign activities (i.e. understanding how many leads our marketing campaigns were able to convert)
Legitimate interest (service promotion)
Customers, Users of the Site
Communication, Location, Professional
To monitor, improve and administer the Site, and to provide general statistics regarding Users of the Site
Legitimate interest (service promotion)
Customers, Employees, Contractors, Users of the Site
Communication, Location, Contact, Behavioural, Technical, Usage Data
Aggregating pseudonymised personal data and reporting anonymised salary data for the purpose of compensation benchmarking in various industries and geographies
Legitimate interest (service promotion)
Employees, Contractors
Financial/Account
Reaching out to Customers and candidates for the purposes of our recruitment services
Legitimate interest (providing additional services to Customers in the field of recruitment and reaching out to candidates who may be interested in roles that our Customers recruit for)
Customers, Employees, Contractors,
Communication, Professional, Contact
Disclosing Personal Data to third parties
See ‘Information Sharing with Third Parties’ below
See ‘Information Sharing with Third Parties’ below
See ‘Information Sharing with Third Parties’ below
Communications
We may contact you with newsletters and other marketing information that may be of interest to you. You may opt out of receiving any, or all, of these marketing communications from us by following the unsubscribe link or instructions provided in any email we send or by contacting us. Please note that we may still send you transactional or administrative messages related to the Service even after you have opted out of receiving marketing communications.Information Sharing with Third Parties
We do not rent, share, list or sell personal information with any third parties, except as necessary for our legitimate professional and business needs, to carry out your requests, and/or as required or permitted by an applicable law.We will only share your information with the third parties listed below for the purposes described above in the “Information Use” Section, unless otherwise noted at the point of collection:
> Third-party agents, partners, and service providers who are only permitted to use your information as we allow which may include contacting you on your behalf and are required under law or contract to keep your personal information confidential. Information is shared to help us provide the Service.
> Government agencies and taxing authorities, as required to provide the Service, including but not limited to tax agencies, and state and federal regulatory agencies.
> Insurance carriers and other third parties, as needed to provide employee benefits.
> Banking and financial institutions.
> Certain parties as necessary to respond in good faith to legal process where required to do so by law or subpoena or if we believe that such action is necessary to comply with the law and the reasonable requests of law enforcement or to protect the security or integrity of our Service.
> Legal and financial advisors and auditors.
> The following third parties under the circumstances described below:
– we may share business or personal information with credit bureaus, and we may share information with certain companies, banks and organizations for purposes such as fraud prevention or determining eligibility for the Service;
– if you participate in a referral program, the referral email and referral link sent to any referred leads may include your name;
– if there is a sale of Agile HRO (including, without limitation, a merger, stock acquisition, sale of assets or reorganization), or in the event that Agile HRO liquidates or dissolves, we may sell, transfer or otherwise share some or all of our assets, which could include your information, to the prospective acquirer;
– from time to time, we may share reports with the public that contain anonymized, aggregate, de-identified information and statistics; and
– we may share your information with certain other third parties with whom you expressly authorize us to share your information.
How long we keep your personal information
In accordance with applicable data protection laws, we do not store your personal information for longer than needed for the purposes of the respective processing activity. The relevant retention periods depend on the national legislation of the country you are based in.If the personal information is no longer required for the performance or enforcement of contractual or legal obligations, we will delete it regularly, unless its further temporary storage is still necessary to:
> fulfil our obligations pursuant to the agreement between us and a Customer/Employee/Contractor;
> establish, exercise, and defend a legal claim; or
> fulfil statutory obligations to which we are subject, such as continued storage pursuant to accounting legislation.
You have the right to request that we delete any of your personal information, subject to exceptions set forth by the law (such as, including but not limited to, where the information is used for compliance and other legal reasons, to identify and repair errors on this Application, to detect security incidents and protect against fraudulent or illegal activities, to exercise certain rights, etc.).
If no exception applies, as a result of exercising your right, we will delete your personal information and direct any of our service providers to do so.
Security
Data protection is ensured by encryption and security measures throughout the lifecycle of your data. However, despite our best efforts, security cannot be absolutely guaranteed against all threats. To the best of our ability, the access to your personal information is limited to those who have a need to know. Those individuals who have access to the personal information are required to maintain the confidentiality of such data. In addition, please note that emails, messages sent via your web browser, and other similar means of communication with other users, are not encrypted. Therefore, while we strive to protect your personal information, we cannot guarantee its security.
Please also be aware that we may use third-party cloud service providers that provide hosting, data storage and other services pursuant to standard terms and conditions that may be non-negotiable. These service providers have informed us or the general public that they apply security measures they consider adequate for the protection of information within their system, or they have a general reputation for applying such measures. However, we will not be liable (to the fullest extent permitted by law) for any damages that may result from the misuse of any information, including your personal information, by these companies.
Infrastructure security
> Data encryption in transit
> Data encryption at rest
> Architecture network isolation through private networks
> Fully auditable access and changes
> AWS is our trusted cloud provider and is compliant with the following industry standards:
– SOC I/II/III
– ISO 27001/27017/27018
– PCI-DSS
> All systems are protected by a firewall with security threat detection and prevention mechanisms.
Internal best practices
> We follow the least privilege principle to limit systems’ access to essential personnel only.
> All internal tools and systems require SSO.
> We practice continuous credentials auditing and management.
> We conduct internal security and privacy training.
Reliability
> Infrastructure-as-code allows for quick rebuilding and portability.
> Our average response times are under 150ms.
> We practice continuous monitoring of applications and infrastructure.
> Applicational logs are shipped off site and kept for 30 days.
> We create daily data backups.
Data Privacy
> Users have control of their data.
> We do not keep any data other than data strictly necessary for business operations.
International Transfer
We are part of a global network of companies and in common with other professional service providers, we use third parties located in other countries to help us run our business. As a result, personal information may be transferred outside the countries where we or Users are located. Personal information may be transferred internally to our affiliates and externally to third parties (including payroll processors, payment partners and service providers) across international borders for the purposes described in this Privacy Policy. This may include transfers to countries that may not have laws that provide the same degree of protection for the personal information as your home country. In accordance with applicable legal requirements, we take appropriate measures to facilitate adequate protection for any personal information so transferred, only in accordance with legally approved transfer mechanisms that are appropriate under applicable data protection laws.Link To Other Sites
Our Site and/or Service may contain links to other sites that are not operated by us. If you click on a third-party link, you will be directed to that third party’s site. We strongly advise you to review the privacy policy of every site you visit. We have no control over, and assume no responsibility for the content, privacy policies or practices of any third-party sites or services.Privacy of Minors
We do not knowingly collect personal information from persons under 18. If you are under the age of 18, please do not submit any personal information through our Site or Service. If you have reasons to believe that a person under the age of 18 has provided personal information to us through our Site or Service, please contact us. If we become aware that we have collected personal information from persons under 18 without verifiable parental consent, we will take steps to remove that information from our servers.Your Rights
Under applicable privacy regulation, you may have some or all of the following rights in respect of your personal information:> your right of access – to obtain a copy of your personal information together with information about how and on what basis that personal information is processed;
> your right to rectification – to rectify inaccurate personal information or to complete information you think is incomplete;
> your right to erasure – to erase your personal information in certain circumstances where it is no longer necessary in relation to the purposes for which it was collected or processed;
> your right to restriction of processing – to restrict processing of your personal information in certain circumstances;
> your right to object to processing – to object to the processing of your personal information in certain circumstances; and
> your right to data portability – to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
In addition to the above, you have the right to lodge a complaint with a supervisory authority for data protection. You also have the right to withdraw your consent to the processing of your information at any time. We may ask you for additional data to confirm your identity and for security purposes, before disclosing data requested to you. We reserve the right to charge a fee where permitted by law. We may also decline to process requests that jeopardize the privacy of others, are extremely impractical, or would cause us to take any action that is not permissible under applicable laws. Additionally, as permitted by applicable laws, we may need to retain certain personal information for a limited period of time for record-keeping, accounting and fraud prevention purposes.
To exercise these rights, you may contact us by emailing agile@agilehumansolutions.com. If you make a request, we have one month to respond to you. Please note also that you may be able to exercise some of these rights without our intervention. For example, if you are a registered Platform user, you can access and update some of your personal data.
Changes To This Privacy Policy
This Privacy Policy is effective as of the “LAST UPDATED” date specified at the top of this Privacy Policy and will remain in effect except with respect to any changes in its provisions in the future, which will be in effect immediately after being posted on this page.
We reserve the right to update or change our Privacy Policy at any time and you should check this Privacy Policy periodically. Your continued access to the Site and/or use of the Service after we post any modifications to the Privacy Policy on this page will constitute your acknowledgment of the modifications and your consent to abide and be bound by the modified Privacy Policy.
Questions or Concerns
If you have questions or concerns regarding privacy accessing this Site and/or using our Service, please contact our Data Protection Officer at Chris Pearson, agile@agilehumansolutions.com, 190 Clemenceau Ave #06-08, Singapore 239924.
