1.1 This website privacy policy explains how we use any personal data we collect about you when you use this website and/or any internal business tools provided or utilised by BigHand, including for recruitment and job enquiry purposes. Please read this website privacy policy carefully. If you have any questions about it, you can contact us as described in HOW TO CONTACT US below.
1.2 This privacy notice specifically applies to circumstances where you have accessed our website (https://www.bighand.com/), our community portal, and/or any of our internal business tools (including relating to recruitment). Throughout this policy we refer to this as the “Website”.
2.1 We are BigHand Software Pty Ltd, of GPO Box 1084, Sydney, New South Wales, 2001, Australia. We provide productivity tools and solutions including workflow, dictation, business intelligence and pricing tools to our customers, who are organisations using those tools and solutions to support their own operations.
2.2 We are part of a group of companies, the BigHand group, which support our service provision to our customers. In this policy we refer to BigHand Software Pty Ltd as “we” and our group companies as “BigHand group members”.
3.1 You do not have to provide any information to use the Website.
3.2 When using the Website, we collect your personal data under the following circumstances.
Data description | Categories and examples of data provided | Why we collect this data |
When you voluntarily complete any of the BigHand's website form(s) / use the chat function on the BigHand's website. |
Your first name, company, last name, work email, phone number, some details about your company and your message to us. We will incidentally collect any other personal information you provide to us through such forms. |
|
When you voluntary complete any feedback form provided by us |
Your first name, company, last name, work email, phone number, some details about your company and your feedback. We will incidentally collect any other personal information you provide to us through such forms. |
|
When you browse our Website |
Your IP address |
|
4.1 When you join any of our video conferences, calls or webinars and/or use any of our CRM tools, we collect and process your personal data under the following circumstances. If you or your employer are our existing customer, we process your data for the purpose of performance of our contract. If you or your employer are our business prospect, we rely on legitimate interest when processing your data.
Data description | Categories and examples of data provided | Why we collect this data |
When you join any of our video calls, conferences and/or webinars/ use any of our CRM tools |
Your first name, company, last name, work email, phone number, some details about your company, your image. We will incidentally collect any other personal information you provide to us through such call/conference. |
|
1.1 When you access and use our community portal, we collect the following personal data:
Data description | Categories and examples of data provided | Why we collect this data |
When you use our community portal |
Your IP address, your first and last name, your email address, phone, region, company name and, where applicable, your username and password |
|
1.1 When you complete an application for a job, or otherwise engage with our recruitment process (via our Website or otherwise), we collect the following personal data:
Data description | Categories and examples of data provided |
Personal details | Your name, gender, nationality, civil/marital status, date of birth, age, personal contact details (e.g. address, telephone or mobile number, e mail), national ID number, immigration and eligibility to work information, driving licence, languages spoken; emergency contact information, details of any disability and any reasonable adjustments required as a result. |
Recruitment and selection data | Skills and experience, qualifications, references, CV and application, interview and assessment data, vetting and verification information (e.g. results of credit reference check, financial sanction check and a basic disclosure criminal record check relating to unspent convictions were carried out and permitted by applicable law), right to work verification, information related to the outcome of your application, details of any offer made to you. |
Other personal data | Any other personal data which you choose to disclose to us during the recruitment exercise whether verbally or in written form (for example in work emails). |
1.2 To the extent permitted by applicable laws, we will collect and process a limited amount of personal data within the above table that falls into special categories, sometimes called "sensitive personal data". This term means information relating to:
1.3 Usually, we collect and record your personal data from you. You will provide this information directly to the individual the recruitment exercise or enter it into our systems (for example, through your participation in recruitment and selection processes, emails and instant messages you send or through verbal information which is recorded electronically or manually).
1.4 We also obtain some information from third parties: for example, references from a previous employer, medical reports from external professionals, information from recruitment consultants or where we employ a third party to carry out a background check (where permitted by applicable law). Some data may be obtained from publicly accessible sources.
1.5 If particular information is required by contract or statute this will be indicated at the time of collection. We will also let you know where there are consequences of you not providing the information requested. Failure to provide some information will mean that we cannot continue with the recruitment exercise as we will not have the personal data we believe to be necessary for the effective and efficient administration of the recruitment exercise. It should be noted however that it is not a condition or requirement of your recruitment to agree to any request for consent from us.
1.6 We also collect non-personal data derived from these data types. This data is not personal data and is used to ensure the security of our systems and infrastructure, and to develop and support our tools and solutions.
1.7 We collect this personal data on the basis that you have consented to give it to us. This also means that you are free to withdraw this consent at any time, and we will promptly stop processing your personal data received on this basis.
1.8 We have set out below the purposes we may use your personal data for and the legal basis we rely on in each case:
Purpose for processing | The lawful basis we rely on |
Recruitment and selection |
Some of this processing is necessary for the compliance with legal obligations to which BigHand is subject including the requirement to make reasonable adjustments or accommodations where appropriate if you choose to disclose that you have a disability. Some of this processing is necessary for takings steps at your request to enter into a contract with you. BigHand has a legitimate interest in fully assessing applicants to ensure that only suitable and appropriate candidates are selected, to compare candidates and make a fair decision on the most appropriate candidate for the position. BigHand aims to recruit the best person for each vacancy through fair, systematic, effective recruitment and selection procedures. This will contribute towards BigHand continuing to meet its business objectives, maintain its reputation and attract high calibre employees. |
Pre-employment verification and screening |
Some of this processing is necessary for the compliance with legal obligations to which we are subject including establishment of the right to work in the country in which you are employed. Screening which is not legally required is necessary for the purpose of the legitimate interests pursued by us. BigHand has a legitimate interest in ensuring that candidates for employment or engagement do not pose an unacceptable risk to the business or its customers and considers the verification carried out necessary to prevent crime and other unlawful acts and to protect the business customers from fraud, dishonesty, or incompetence. |
Offers of employment and on-boarding |
Some of this processing is necessary for the compliance with legal obligations to which we are subject including the requirement to issue written particulars or terms of employment and the requirement not to unlawfully discriminate in the terms of any offer to you. Additional processing is necessary to take steps to enter into the contract between you and BigHand and to perform that contract because we will need information to make an appropriate offer to you and administer your employment contract if you join us. The remainder of the processing is necessary for the purpose of the legitimate interests pursued by us. BigHand has a legitimate interest in ensuring the effective engagement of staff on appropriate terms and conditions of employment and that there is a smooth transition into employment for successful candidates and that information supplied in the recruitment process which is relevant to ongoing employment is maintained. This will contribute towards us continuing to meet our business objectives, maintain its reputation and attract high calibre employees. |
Future job opportunities |
This processing is necessary for the purpose of the legitimate interests pursued by us. BigHand has a legitimate interest in maintaining an appropriate pool of talent who have shown an interest in working for us and who are potentially suitable candidates for employment. This will potentially benefit both initially unsuccessful candidates and us. It will contribute towards BigHand continuing to meet its business objectives, maintain its reputation and attract high calibre employees. |
Recruitment feedback and complaints |
This processing is necessary for the compliance with legal obligations to which we are subject including ensuring that BigHand can demonstrate its compliance with data protection laws and anti-discrimination laws. Beyond legal compliance processing is necessary for the purpose of the legitimate interests pursued us. BigHand has a legitimate interest in being able to provide feedback to candidates and to be able to defend any challenge or claim made in connection with our recruitment decision. This will assist us to avoid the risk of financial exposure or costs incurred through challenges to recruitment decisions and to maintain its reputation. |
Complaints, claims and litigation |
This processing is necessary for the purpose of the legitimate interests pursued by us. BigHand has a legitimate interest in protecting its organisation from breaches of legal obligations owed to it and defending itself against litigation. This is needed to ensure that our legal rights and interests are protected appropriately, to protect our reputation and to protect us from other damage or loss. This is important to protect our business and ensure its continued success and growth. This supports BigHand’s immediate and long-term business goals and outcomes. |
Legal or regulatory disclosures |
This processing is necessary for the compliance with legal obligations to which we are subject where there is a legal obligation to disclose information or a court or other legal order to provide information is place. Where not legally required, processing is necessary for the purpose of the legitimate interests pursued by us. BigHand has a legitimate interest in co-operating with relevant authorities, government bodies or regulators for the provision of information where appropriate. We wish to maintain our reputation as a good corporate citizen and to act ethically and appropriately in all the countries in which we do business. |
1.9 The special categories of personal data that we process are set out above. Where we process special categories of data it will be justified by a condition set out 5.8 above and also by one of the following additional conditions:
6.1.1 The processing is necessary for the purposes of carrying out the obligations and exercising the rights of you or us in the field of employment law, social security and social protection law, to the extent permissible under applicable laws;
6.1.2 The processing is necessary for the purposes of preventive or occupational medicine, for the assessment of your working capacity, medical diagnosis, the provision of health or social care or treatment or the management of health or social care systems and services, to the extent permitted by applicable laws;
6.1.3 The processing is necessary to protect your vital interests or of another person where you are physically or legally incapable of giving consent (for example in exceptional emergency situations, such as a medical emergency);
6.1.4 The processing is necessary for purposes authorised by applicable law.
6.1.5 The processing is necessary for the establishment, exercise, or defence of legal claims; or
6.1.6 In exceptional circumstances the processing is carried out subject to your explicit consent.
1.10 Personal data relating to criminal convictions and offences will only be processed where authorised by applicable laws.
1.1 We only share personal data with other organisations where necessary.
1.2 These organisations are:
1.1 We, or service providers or processors working for us, may transfer personal data outside the APAC region.
1.2 BigHand operates on a global basis. Accordingly, your personal information may be transferred and stored in countries outside the APAC region that are subject to different standards of data protection. BigHand will take appropriate steps ensure that transfers of personal information are in accordance with applicable law and carefully managed to protect your privacy rights and interests and transfers are limited to countries which are recognized as providing an adequate level of legal protection or where we can be satisfied that alternative arrangement are in place to protect your privacy rights. To this end:
1.3 You have a right to contact us for more information about the safeguards we have put in place to ensure the adequate protection of your personal information when this is transferred as mentioned above.
8.1 We only use personal data for marketing our services by electronic communications methods where you have given us your consent, subject to any exceptions permitted by the applicable law (for example, where you previously purchased any of our products or services or where we email any corporate subscribers). We have legitimate interest in marketing our products and services to our current and potential customers.
8.2 We will provide you with an option to unsubscribe from receiving marketing communication from us. You have a right at any time to stop us from contacting you for marketing purposes or giving your information to other BigHand group members. We will take steps to limit direct marketing to a reasonable and proportionate level and only send you communications which we believe may be of interest or relevance to you.
8.3 If you no longer wish to be contacted for marketing purposes, please email us at [email protected].
1.1 We have achieved ISO27001 standards (the global information security standard) for our information security and organisational security standards and practices.
1.2 We regularly review, test and assess our information and organisational security measures, and we ensure that:
1.1 We do not use personal data to profile or enable automated decision making about individuals.
1.2 We carry out a small amount of profiling from time to time related to assessment of performance and potential as part of our appraisal process or other career development programmes. This is used for development and may be considered for promotion or succession planning but is not used as the sole basis for any decision.
1.1 We only keep personal data for as long as necessary for the purposes for which we use it as set out in this policy.
1.2 We are required to keep certain information for certain periods of time in order to comply with legal and regulatory obligations. We minimise the amount of data we retain, and de-identify it to protect individuals being identified.
1.3 You can ask us about the specific periods for which we retain personal data by contacting us as described in How to contact us below.
1.1 Not all of these rights apply in every circumstance, and we may not always be able to comply with a request to exercise your rights (for example, if we are subject to a legal obligation). In some cases, if you exercise your rights, we may be unable to continue to provide access to our tools and solutions to you. You have the following rights:
1.2 You can exercise these rights by contacting us as described in How to contact us below. We may ask for proof of your identify if you do this (by means of a copy of your passport, driving licence, birth certificate or recent utility bill, for example).
1.3 As stated above, you have a right to lodge a complaint with your local supervisory authority if you have concerns about how we are processing your personal information.
1.4 We ask that you please attempt to resolve any issues with us first, although you have a right to contact your supervisory authority at any time.
1.1 We keep our privacy policy under regular review, and we will place any updates on this web page.
By email at [email protected] or write to us at: BigHand Software Pty Ltd, ACN 131578544, ACN 131578544,.
Address: GPO Box 1084, Sydney, New South Wales, 2001, Australia.
ABN: 74 131 578 544
Data Protection Manager: Joseph Birkby