Last updated: 1st of October, 2023
At Agile HRO, we value the privacy of our users and visitors.
Agile HRO is made up of a number of legal entities which we use as infrastructure to provide our Services. However, for data protection purposes the entity in control of all personal information processed in connection with the Site and the Service is Agile Solutions Pte. Ltd., a company incorporated in Singapore with company number 2019344684H and its registered office at 190 Clemenceau Ave #06-08, Singapore 239924 (“Agile HRO”, “us”, “we”, or “our”).
The terms “personal data”, “data processing” and “data subject” have the same meaning as under Regulation (EU) 2016/679 – the General Data Protection Regulation.
Information CollectionWhile communicating with us, accessing our Site and/or using our Service, we collect and store your personal information. Some of this information can be used on its own or in combination with other information with other information to identify you. Below is a list of types of personal information that could be collected when you interact with us, access our Site and/or use our Service.
TYPE OF PERSONAL DATA
When and how we collect personal information
We may collect personal information when:
> You subscribe to our blog
> You use or view our Site
> You opt-in for marketing messages
> You receive an email from us or send an email to us
> You contact us
> You engage in a meeting with our team
> You participate in our events, programmes or giveaways
> You use our Service
> You create an account in the Platform
> Third parties share your data with us, such as:
– Companies and business partners that introduce you to us
– Our service partners
– Our third-party vendors, including (without limitation) those that help us authenticate your identity
– Social networks and other technology providers (for instance, when you click on one of our LinkedIn or Google advertisements)
– Fraud prevention agencies
– Other financial services companies (to fulfil a payment or other service as part of a contract which they have with you, or to help prevent, detect and prosecute unlawful acts, money laundering, and fraudulent behaviour)
– Public information sources such as (without limitation) publicly available government databases
– Third-party agents, suppliers, sub-contractors and advisers
– Market researchers
– Firms providing data services
– Government, law enforcement agencies, authorities and regulatory bodies to help Agile HRO comply with its legal obligations
WHAT WE DO
LAWFUL BASIS FOR PROCESSING
Communication, Location, Professional
CommunicationsWe may contact you with newsletters and other marketing information that may be of interest to you. You may opt out of receiving any, or all, of these marketing communications from us by following the unsubscribe link or instructions provided in any email we send or by contacting us. Please note that we may still send you transactional or administrative messages related to the Service even after you have opted out of receiving marketing communications.
Information Sharing with Third PartiesWe do not rent, share, list or sell personal information with any third parties, except as necessary for our legitimate professional and business needs, to carry out your requests, and/or as required or permitted by an applicable law.
We will only share your information with the third parties listed below for the purposes described above in the “Information Use” Section, unless otherwise noted at the point of collection:
> Third-party agents, partners, and service providers who are only permitted to use your information as we allow which may include contacting you on your behalf and are required under law or contract to keep your personal information confidential. Information is shared to help us provide the Service.
> Government agencies and taxing authorities, as required to provide the Service, including but not limited to tax agencies, and state and federal regulatory agencies.
> Insurance carriers and other third parties, as needed to provide employee benefits.
> Banking and financial institutions.
> Certain parties as necessary to respond in good faith to legal process where required to do so by law or subpoena or if we believe that such action is necessary to comply with the law and the reasonable requests of law enforcement or to protect the security or integrity of our Service.
> Legal and financial advisors and auditors.
> The following third parties under the circumstances described below:
– we may share business or personal information with credit bureaus, and we may share information with certain companies, banks and organizations for purposes such as fraud prevention or determining eligibility for the Service;
– if you participate in a referral program, the referral email and referral link sent to any referred leads may include your name;
– if there is a sale of Agile HRO (including, without limitation, a merger, stock acquisition, sale of assets or reorganization), or in the event that Agile HRO liquidates or dissolves, we may sell, transfer or otherwise share some or all of our assets, which could include your information, to the prospective acquirer;
– from time to time, we may share reports with the public that contain anonymized, aggregate, de-identified information and statistics; and
– we may share your information with certain other third parties with whom you expressly authorize us to share your information.
How long we keep your personal informationIn accordance with applicable data protection laws, we do not store your personal information for longer than needed for the purposes of the respective processing activity. The relevant retention periods depend on the national legislation of the country you are based in.
If the personal information is no longer required for the performance or enforcement of contractual or legal obligations, we will delete it regularly, unless its further temporary storage is still necessary to:
> fulfil our obligations pursuant to the agreement between us and a Customer/Employee/Contractor;
> establish, exercise, and defend a legal claim; or
> fulfil statutory obligations to which we are subject, such as continued storage pursuant to accounting legislation.
You have the right to request that we delete any of your personal information, subject to exceptions set forth by the law (such as, including but not limited to, where the information is used for compliance and other legal reasons, to identify and repair errors on this Application, to detect security incidents and protect against fraudulent or illegal activities, to exercise certain rights, etc.).
If no exception applies, as a result of exercising your right, we will delete your personal information and direct any of our service providers to do so.
Data protection is ensured by encryption and security measures throughout the lifecycle of your data. However, despite our best efforts, security cannot be absolutely guaranteed against all threats. To the best of our ability, the access to your personal information is limited to those who have a need to know. Those individuals who have access to the personal information are required to maintain the confidentiality of such data. In addition, please note that emails, messages sent via your web browser, and other similar means of communication with other users, are not encrypted. Therefore, while we strive to protect your personal information, we cannot guarantee its security.
Please also be aware that we may use third-party cloud service providers that provide hosting, data storage and other services pursuant to standard terms and conditions that may be non-negotiable. These service providers have informed us or the general public that they apply security measures they consider adequate for the protection of information within their system, or they have a general reputation for applying such measures. However, we will not be liable (to the fullest extent permitted by law) for any damages that may result from the misuse of any information, including your personal information, by these companies.
> Data encryption in transit
> Data encryption at rest
> Architecture network isolation through private networks
> Fully auditable access and changes
> AWS is our trusted cloud provider and is compliant with the following industry standards:
– SOC I/II/III
– ISO 27001/27017/27018
> All systems are protected by a firewall with security threat detection and prevention mechanisms.
Internal best practices
> We follow the least privilege principle to limit systems’ access to essential personnel only.
> All internal tools and systems require SSO.
> We practice continuous credentials auditing and management.
> We conduct internal security and privacy training.
> Infrastructure-as-code allows for quick rebuilding and portability.
> Our average response times are under 150ms.
> We practice continuous monitoring of applications and infrastructure.
> Applicational logs are shipped off site and kept for 30 days.
> We create daily data backups.
> Users have control of their data.
> We do not keep any data other than data strictly necessary for business operations.
Privacy of MinorsWe do not knowingly collect personal information from persons under 18. If you are under the age of 18, please do not submit any personal information through our Site or Service. If you have reasons to believe that a person under the age of 18 has provided personal information to us through our Site or Service, please contact us. If we become aware that we have collected personal information from persons under 18 without verifiable parental consent, we will take steps to remove that information from our servers.
Your RightsUnder applicable privacy regulation, you may have some or all of the following rights in respect of your personal information:
> your right of access – to obtain a copy of your personal information together with information about how and on what basis that personal information is processed;
> your right to rectification – to rectify inaccurate personal information or to complete information you think is incomplete;
> your right to erasure – to erase your personal information in certain circumstances where it is no longer necessary in relation to the purposes for which it was collected or processed;
> your right to restriction of processing – to restrict processing of your personal information in certain circumstances;
> your right to object to processing – to object to the processing of your personal information in certain circumstances; and
> your right to data portability – to ask that we transfer the personal information you gave us to another organisation, or to you, in certain circumstances.
In addition to the above, you have the right to lodge a complaint with a supervisory authority for data protection. You also have the right to withdraw your consent to the processing of your information at any time. We may ask you for additional data to confirm your identity and for security purposes, before disclosing data requested to you. We reserve the right to charge a fee where permitted by law. We may also decline to process requests that jeopardize the privacy of others, are extremely impractical, or would cause us to take any action that is not permissible under applicable laws. Additionally, as permitted by applicable laws, we may need to retain certain personal information for a limited period of time for record-keeping, accounting and fraud prevention purposes.
To exercise these rights, you may contact us by emailing email@example.com. If you make a request, we have one month to respond to you. Please note also that you may be able to exercise some of these rights without our intervention. For example, if you are a registered Platform user, you can access and update some of your personal data.
Questions or Concerns
If you have questions or concerns regarding privacy accessing this Site and/or using our Service, please contact our Data Protection Officer at Chris Pearson, firstname.lastname@example.org, 190 Clemenceau Ave #06-08, Singapore 239924.