Privacy Policy

We may collect the following types of personal information:

‍

• name;

• mailing or street address;

• email address;

• telephone number and other contact details;

• your device ID, device type, geo-location information, computer and connection information, statistics on page views, traffic to and from the sites, ad data, IP address and standard web log information;

• details of the products and services we have provided to you or that you have enquired about, including any additional information necessary to deliver those products and services and respond to your enquiries;

• any additional information relating to you that you provide to us directly through our website or app or indirectly through your use of our website or app or online presence or through other websites or accounts from which you permit us to collect information;

• information you provide to us through customer surveys; or

• any other personal information that may be required in order to facilitate your dealings with us.

We may collect these types of personal information either directly from you, or from third parties. We may collect this information when you:

• register on our website or app;

• communicate with us through correspondence, chats, email, or when you share information with us from other social applications, services or websites;

• sign up to our newsletters, alerts or other materials;

• sign up to a webinar or event;

• apply for a job with us;

• interact with our sites, services, content, social media platforms and advertising; or

• invest in our business or enquire as to a potential purchase in our business.

‍

In addition, when you apply for a job or position with us, we may collect certain information from you (including your name, contact details, working history, education history and relevant records checks) from any recruitment consultant, your previous employers and others who may be able to provide information to us to assist in our decision on whether or not to make you an offer of employment or engage you under a contract.

‍

We may exchange your personal data with academic institutions, recruiters, screening check providers, health service providers, professional and trade associations, law enforcement agencies, recruitment analytics providers, referees and your current and previous employers. We may also gather additional information about you from publicly available resources such as LinkedIn or other social or professional media platforms and collate this with the information that you provide to us.

‍

Without your personal data, we may not be able to progress considering you for positions with us.

In some instances, personal data must be provided to us in order for us to legally or contractually perform services to you, for example where we [e.g. are obligated to gather personal data for anti-money laundering identification purpose]. Where relevant we will highlight to you those details that we are obligated to collect.

‍

This Privacy Policy does not apply to employees, a separate internal employee policy shall be provided to you on employment.

Where we intend to use your personal data, we rely on the following legal grounds:

‍

Performance of a contract: We may need to collect and use your personal data to enter into a contract with you or to perform a contract that you have with us. For example, SaaS product terms agreement, and where we respond to your requests and provide you with services in accordance with our terms and conditions or other applicable terms of business agreed with you or with your employing organisation.

‍

Legitimate interests: Where we consider use of your information as being (a) non-detrimental to you, (b) within your reasonable expectations, and (c) necessary for our own, or a third party’s legitimate purpose, we may use your personal data, which may include:

‍

• for our own direct marketing or continued communication;

• the prevention of fraud;

• our own internal administrative purposes;

• personalisation of the service(s) we provide to you;

• ensuring network and information security, including preventing unauthorised access to electronic communications networks and stopping damage to computer and electronic communication systems; and/or

• reporting possible criminal acts or threats to public security to a competent authority.

‍

Compliance with a legal obligation: We may be required to process your information due to legal requirements, including employment laws, tax laws and other regulatory provisions applicable to VAPAR as a provider of our services.

‍

Consent: You may be asked to provide your consent in connection with certain services that we offer, for example in respect of any processing of your personal data for our marketing purposes where you or your employing organisation is not a client of VAPAR, or in respect of certain special categories of personal data such as your health or racial background for which we are legally obliged to gain your consent due to the sensitive nature of such information and the circumstances in which it is gathered or transferred. Where we are reliant upon your consent, you may withdraw this at any time by contacting us, however, please note that we will no longer be able to provide you with the products or services that rely on having your consent.

Depending upon the circumstances in which we gather your personal information, we may use your data to provide you with services and information, or for any of the following purposes:

‍

• to enable you to access and use our website, services and/or app that you or your employing organisation request;

• to operate, protect, improve and optimise our website, services and/or app, business and our users’ experience, such as to perform analytics, conduct research and for advertising and marketing;

• to respond to your enquiries;

• to maintain and develop our relationship with you;

• to carry out our obligations arising from any contracts entered into between you and us;

• to help us to improve our services, products or online services;

• to send you service, support and administrative messages, reminders, technical notices, updates, security alerts, and information requested by you;

• for business purposes, including data analysis, submitting invoices, detecting, preventing and responding to actual or potential fraud, illegal activities, or intellectual property infringement;

• to send you marketing and promotional messages and other information that may be of interest to you, including information sent by, or on behalf of, our business partners that we think you may find interesting;

• to administer rewards, surveys, contests, or other promotional activities or events sponsored or managed by us or our business partners;

• to maintain and update our records including our database of contacts;

• for research, planning, service development, security or risk management;

• as we believe reasonably necessary or appropriate to comply with our legal obligations; respond to legal process or requests for information issued by government authorities or other third parties; or protect your, our, or others’ rights;

• to comply with our internal business operations and legal obligations, resolve any disputes that we may have with any of our users, and enforce our agreements with third parties; and

• to consider your employment application and to evaluate, recruit and hire personnel.

We may also disclose your personal information to a trusted third party who also holds other information about you where any of the following apply:

• You have consented to us sharing your personal data in this way.

• We deem it reasonably necessary to provide you with the services that you have required at any particular time.

• Such sharing is provided for under contract, including our terms and conditions for any particular service that we may provide to you.

• Such sharing is to law enforcement bodies or other government authority.

• We need to enforce or apply our terms and conditions to which you have agreed (or other terms that have been agreed to apply to our relationship with you or your employing organisation).

• It is necessary to protect the rights and interests, property, or safety of VAPAR, our clients or others.

• It is relevant in the circumstances to disclose the information to parties with whom we have co-promotional arrangements (such as jointly sponsored events, external venues, or caterers).

• Our agents or contractors who assist us in providing our services require such information, for example in fulfilling requests for information, receiving and sending communications, updating marketing lists, analysing data, providing support services or in other tasks from time to time. Our agents and contractors will only use your information to the extent necessary to perform their functions.

• We use third party service providers to provide services that involve data processing, for example archival, web-hosting, analytics providers in connection with the operation of our online services, event hosting, information technology providers, auditing, reference checking, professional advisory (including legal, accounting, financial and business consulting), mailing vendor, delivery, technology, website, research, banking, payment, client contact, data processing, insurance, forensic, litigation support, marketing and security services.

• All, or most, of the assets of VAPAR or any single business unit within VAPAR are merged with or acquired by a third party, or we expand or re-organise our business, in which case your personal data may form part of the transferred or merged assets.

• We are under a legal, regulatory or professional obligation to do so (for example, in order to comply with a Court Order).

‍

We may also disclose your information to a third party who may combine your personal information in order to enable it and us to develop anonymised consumer insights so that we can better understand your preferences and interests, personalise your experience and enhance the products and services that you receive.

‍

Any third parties that we may share your data with are obliged to keep your details securely, and to use them only to fulfil the service they provide you on VAPAR’s behalf. When such third parties no longer need your personal data to fulfil this service, they will dispose of such details in line with VAPAR’s procedures unless they are themselves under a legal obligation to retain information (provided that this will be in accordance with applicable data privacy laws). If we wish to pass your sensitive personal data onto a third party we will only do so once we have obtained your consent, unless we are legally required to do otherwise.

‍

We own the database rights in the information collected via our online services. We do not sell, rent, or otherwise share information that reasonably identifies you or your organisation with unaffiliated entities for their independent use except as expressly described in this Privacy Policy or with your express prior permission.

‍

We may disclose your data to an actual or potential buyer (and its agents and advisers) in connection with any actual or proposed purchase, merger, acquisition, restructuring or insolvency of any part of our business, provided that we inform any recipient that it must use your personal information only for the purposes disclosed in this Privacy Policy.

‍

We may share information that does not reasonably identify you or your organisation as permitted by applicable law.

We and/or our carefully selected business partners may send you direct marketing communications and information about our service and/or products if you have consented and signed up to this service.

‍

This may take the form of emails, SMS, mail or other forms of communication, in accordance with the Spam Act and the Privacy Act in Australia and the Privacy and Electronic Communications Regulations and the Data Protection Act 2018 in the UK.

‍

You may opt-out of receiving marketing materials from us by contacting us using the details set out below or by using the opt-out facilities provided (e.g. an unsubscribe link).

We may, in providing our services and operating our business, allow access to your personal data to the different entities within VAPAR’s group for our internal administrative purposes such as billing, promoting our events and services, and providing you or your organisation with services, provided in all instances that such processing is consistent with the section Legal basis for usage of personal data above and applicable law.

‍

We may disclose personal information for the purposes described in this privacy policy to:

‍

• our employees and related bodies corporate;

• third party suppliers and service providers (including providers for the operation of our websites and/or our business or in connection with providing our products and services to you);

• professional advisers, dealers and agents;

• payment systems operators (e.g. merchants receiving card payments);

• our existing or potential agents, business partners or partners;

• our sponsors or promoters of any competition that we conduct via our services;

• anyone to whom our assets or businesses (or any part of them) are transferred;

• specific third parties authorised by you to receive information held by us; and/or

• other persons, including government agencies, regulatory bodies and law enforcement agencies, or as required, authorised or permitted by law.

Your information is securely stored in Microsoft Azure Data centres in Australia and the United Kingdom.

‍

We retain the information we collect for no longer than is reasonably necessary to fulfil the purposes that such data was originally collected in accordance with our internal data retention polices or to comply with our legal and regulatory obligations.

We may disclose personal information outside of Australia third party suppliers and/or cloud providers located in the United States of America, United Kingdom and/or India.

‍

When you provide your personal information to us from within the UK or EEA, such information may be transferred to countries outside of the EEA.

‍

By way of example, this may happen if one or more of our third-party service providers with whom we share personal data are located, or have their servers located, outside your country or the country from which the data were provided. If we transfer your information outside the EEA in this way, we will take steps to ensure that your privacy rights continue.

We may collect personal information about you when you use and access our website.

‍

While we do not use browsing information to identify you personally, we may record certain information about your use of our website, such as which pages you visit, the time and date of your visit and the internet protocol address assigned to your computer.

‍

We may also use ‘cookies’ or other similar tracking technologies on our website that help us track your website usage and remember your preferences. Cookies are small files that store information on your computer, TV, mobile phone or other device. They enable the entity that put the cookie on your device to recognise you across different websites, services, devices and/or browsing sessions. You can disable cookies through your internet browser, but our websites may not work as intended for you if you do so.

‍

We may also use cookies to enable us to collect data that may include personal information. For example, we may collect information about the type of device you use to access our online services, the operating system and version, your IP address, your general geographic location as indicated by your IP address, your browser type, the content you view and features you access on our online services, the web pages you view immediately before and after you access our online services, whether and how you interact with content available on our online services, and the search terms you enter on our online services.

‍

VAPAR’s website sets cookies which remain on your computer for differing times. Some expire at the end of each session, and some remain for longer so that when you return to our website, you will have a better user experience.

‍

Detailed below are the cookies we use and why and how long they last.

‍

Google Analytics

We collect standard internet log information and details of visitor behaviour patterns by using Google Analytics cookies. We do this to compile reports and to help us find out things such as the number of visitors to the various parts of our website, so that this can be improved. This information does not identify visitors or collect any personal details. We do not make any attempt to find out the identities of those visiting our websites. We will not associate any data gathered in this way with any personal data from any source. For more information about Google Analytics cookies please see the link here.

‍

To provide website visitors with more choice on how their data is collected by Google Analytics, Google have developed the Google Analytics Opt-out Browser Add-on. The add-on communicates with the Google Analytics JavaScript (ga.js) to indicate that information about the website visit should not be sent to Google Analytics. The Google Analytics Opt-out Browser Add-on does not prevent information from being sent to the website itself or to other web analytics services. For more information about Google Analytics Opt-out Brower Add-on please see the link here.

‍

Control of cookies

Web browsers allow you to exercise some control of cookies through the browser settings. Most browsers enable you to block cookies or to block cookies from particular sites. Browsers can also help you to delete cookies when you close your browser. You should note however, that this may mean that any opt-outs or preferences you set on our website will be lost. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.allaboutcookies.org which includes information on how to manage your settings for the major browser providers.

We may hold your personal information in either electronic or hard copy form.

‍

Our information security policy is supported by a variety of processes and procedures, and we store information in access-controlled premises or electronic databases requiring logins and passwords. All employees, officers or contractors of VAPAR and third-party providers with access to confidential information are subject to access controls and confidentiality obligations, and we require our third-party data storage providers to comply with appropriate information security industry standards.

‍

We take reasonable steps to protect your personal information from misuse, interference and loss, as well as unauthorised access, modification or disclosure and we use a number of physical, administrative, personnel and technical measures to protect your personal information. For example, we implement encryption in use, transfer and storage.

‍

Whilst we continually strive to ensure that our systems and controls are updated to reflect technological changes, the transmission of information via the internet is not completely secure, and as such we cannot guarantee the security of your data transmitted to our online services which is at your own risk.

‍

If you communicate with us using non-secure web platforms, you assume the risks that such communications between us are intercepted, not received, delayed, corrupted or are received by persons other than the intended recipient.

‍

Once we have received your information, we will take reasonable steps to use procedures and security features to try to prevent unauthorised access, modification or disclosure.

‍

You can help us to keep your information secure by ensuring that any username or password in relation to our online services is kept strictly personal to you and not made available to any other person.  You should stop using your username and password and notify us immediately if you suspect that someone else may be using your user details or password.

In addition to our online services, which we control directly, we also use and provide links to websites which are controlled by third parties, which may include:

‍

• Twitter, LinkedIn, YouTube, Facebook

‍

Those links are provided for convenience and may not remain current or be maintained. Unless expressly stated otherwise, we are not responsible for the privacy practices of, or any content on, those linked websites, and have no control over or rights in those linked websites. The privacy policies that apply to those other websites may differ substantially from our Privacy Policy, so we encourage individuals to read them before using those websites.

Under applicable data protection legislation, we have a duty of care to ensure that your personal data is accurate and up to date.

‍

Therefore, please contact us to update or correct your information if this changes or if you believe that any information that we have collected about you is inaccurate.

‍

Where you have consented to our processing of certain personal data, you can at any time withdraw such consent and/or tell us not to contact you with updates and information regarding our products and services (or part of them) either at the point such information is collected (by leaving the relevant box unticked) or, where you do not wish us to continue to use your information in this way, by following the unsubscribe instructions on any communications sent to you.

‍

Please note that where you withdraw your consent, we will no longer be able to provide you with the products or services that rely on having your consent. You can also exercise this right at any time by contacting us using the contact details at the end of this Privacy Policy.

‍

You can request:

• access to the personal data we hold about you

• corrections or updates to your details;

• the erasure of your personal data;

• the portability of personal data that you have provided to us in a structured, commonly used and machine-readable format.

‍

You also have the right to object to, or request the restriction of, our use of your personal data.

If you would like to contact us to exercise any of the rights set out in this section, you by contacting us using the ‘contact us’ function of the website.

‍

Sometimes, we may not be able to provide you with access to all of your personal information and, where this is the case, we will tell you why. We may also need to verify your identity when you request your personal information.

If you think we have breached the Privacy Act, the UK GDPR, or you wish to make a complaint about the way we have handled your personal information, you can contact us using the ‘contact us’ function of the website.

‍

Please include your name, email address and/or telephone number and clearly describe your complaint. We will acknowledge your complaint and respond to you regarding your complaint within a reasonable period of time. If you think that we have failed to resolve the complaint satisfactorily, we will provide you with information about the further steps you can take.

‍

You may submit a complaint to the Information Commissioners Office, details of which can be found at https://ico.org.uk/global/contact-us.

For further information about our Privacy Policy or practices, or to access or correct your personal information, or make a complaint, please contact us using the details set out below:

‍

Australia

Contact Address: 9 Castlereagh Street, Sydney NSW 2000, AUSTRALIA

Email: info@vapar.co

‍

UK

Contact Address:  71-75, Shelton Street, Covent Garden, London, WC2H9JQ, ENGLAND

Email: info@vapar.co