Event Workforce Group Holdings Pty Ltd. (along with its affiliates, Rosterfy Pty Ltd, Event Workforce Group (USA) Inc & Rosterfy Ltd) known as the “Rosterfy Group” (together “us”, “we”, “our”) are committed to protecting your privacy and maintain a policy of strict confidence concerning your personal information (Privacy Notice).
This Privacy Notice details how we deal with your personal information and has been developed in accordance with the privacy laws applicable to our business, inclusive of the Australian Privacy Act 1988 (Cth), the General Data Protection Regulation (EU) 2016/679 (GDPR) as transposed into domestic legislation of any European Union member state; and any other applicable laws with in respect of which your personal data is subject from time to time (Privacy Laws).
By providing your personal information to us directly or indirectly you accept the terms of this Privacy Notice. Providing your personal information indirectly includes via our clients, our service providers or a person authorised by you to provide your personal information.
From time to time, there may be more than one data controller of your information within our group where you have engaged different parts of our broader organisation to provide different or jointly delivered services.
This Privacy Notice does not apply to, and Rosterfy Group is not responsible for, any third party websites which may be accessible through links from this website (please see section 11 (Online services - Links to third party sites, services and content) below for more information.)
Scope of Privacy Notice
This Privacy Notice explains and describes:
What kinds of information we collect.
How we collect your personal information.
Legal basis for usage of your personal data.
How we use the personal data we collect.
How and when we may disclose personal data that we collect.
How we protect your personal data and keep it secure.
What cookies are and how we use them.
What happens when you access third-party services and content.
Your legal choices and rights.
What happens if your personal data is transferred overseas.
How to request further information.
Our contact details.
What kinds of information do we collect?
The type of information that we collect from you may include the following: name, phone number, date of birth, gender, postal and residential address, emergency contact details, email address, social media addresses, employment and volunteer history, education and qualifications, shirt size, profile pictures and any other personal information that you submit to us, submit to your user portal or otherwise submit to our websites or a Rosterfy Group Application (App).
Complying with the Health Records Act 2001 (Vic)
Event employment and volunteering is often physically demanding. Some duties require varying physical attributes. The purpose of collecting your history of previous physical injuries or health conditions is to ensure you are fit to carry out certain tasks at an event. You consent to the collection of your history of previous physical injuries or health conditions. You also consent to our disclosure of your history of previous physical injuries or health conditions to third parties as outlined in this Privacy Notice.
We may collect information from or about the device where you install or access a Rosterfy Group Application, depending on the permissions you have granted. We may associate the information we collect from your different devices, which helps us provide consistent services across your devices. Here are some examples of the device information we collect:
attributes such as the operating system, hardware version, device settings, file and software names and types, battery and signal strength, and device identifiers.
device locations, including specific geographic locations, such as through GPS, Bluetooth, or Wi-Fi signals.
connection information such as the name of your mobile operator or ISP, browser type, language and time zone, mobile phone number and IP address.
How do we collect your personal information?
We collect your personal information directly from you, from your emergency contacts and from third parties. The main ways we collect personal information about you are when:
you access our websites;
you register with us;
you log onto the websites;
a third party, including our clients, provides it to us;
you download, log onto or visit a Rosterfy Group Application;
a Rosterfy Group Application is running on your phone, tablet or other device (device);
you provide personal information about a person you want to act as your emergency contact; and
you otherwise submit personal information about yourself, or someone else, to us, our websites or a Rosterfy Group app.
We will only collect your personal information from third parties if you give the third party your consent to provide the information to us or as described in section 6 below.
We may collect information from other sources, such as social media platforms or payment gateways that share information about how you interact with our social media content, and any information gathered through these channels will be governed by the privacy settings, policies, and/or procedures of the applicable social media platform, which we strongly encourage you to review.
If someone other than you provides us with personal information about you that we did not ask for, or you provide us with unsolicited personal information, we will only hold, use or disclose this information if we determine that it is consistent with section 6 below. In this circumstance we will take all reasonable steps to notify you of the collection of that information. If we determine we do not have a legal basis for retaining that information, we will lawfully de-identify or destroy that personal information.
If you are under 18 years of age
If you are under 18 years of age you must ask your parent or legal guardian to approve your provision of personal information before you submit your personal details to us.
Use of personal information
This Privacy Notice deals with personal information of registered users, clients, service providers and other third parties.
We will only use your personal information for the purposes for which it was given to us, or for purposes which are directly related to the provision of our services.
Your personal information may be used by us in a number of ways, including to:
provide the services offered on our websites, on an EW Group App or otherwise advertised by us;
assess your eligibility for a paid or volunteer position with one of our clients;
place you in a paid or volunteer position;
facilitate the operation of our digital rostering, training and accreditation systems;
communicate between our clients, their employees and volunteers;
inform you about future employment or volunteer opportunities at events;
send you newsletters with information and services, including relevant marketing communications related to EW Group, and other information or materials, that you request from us or which we feel may interest you where you have indicated that you would like to receive these from us;
enhance and improve your use of our websites, an EW Group App and our products and services;
respond to any questions, comments or queries submitted by you;
for internal business purposes, such as undertaking research, developing system analytics, measuring and developing our services, tracking employee and volunteer usage rates; and
as required or authorised by law, including under the Australian Privacy Principles.
Legal basis for usage of personal data
Where we intend to use your personal data, we rely on the following legal grounds:
Performance of a contract: We may need to collect and use your personal data to enter into a contract with you or to perform a contract that you have with us and where we respond to your requests and provide you with services in accordance with our terms and conditions or other applicable terms of business agreed with you or with your employing organisation.
Legitimate interests: Where we consider use of your information as being (a) non-detrimental to you, (b) within your reasonable expectations, and (c) necessary for our own, or a third party’s legitimate purpose, we may use your personal data, which may include:
for our own direct marketing or continued communication;
the prevention of fraud;
our own internal administrative purposes;
personalisation of the service(s) we provide to you;
ensuring network and information security, including preventing unauthorised access to electronic communications networks and stopping damage to computer and electronic communication systems; and/or
reporting possible criminal acts or threats to public security to a competent authority.
Compliance with a legal obligation: We may be required to process your information due to legal requirements, including employment laws, tax laws and other regulatory provisions applicable to EW Group as a provider of workforce services.
Consent: You may be asked to provide your consent in connection with certain services that we offer, for example in respect of any processing of your personal data for our marketing purposes where you or your employing organisation is not a client of EW Group, or in respect of certain special categories of personal data such as your health or racial background for which we are legally obliged to gain your consent due to the sensitive nature of such information and the circumstances in which it is gathered or transferred. Where we are reliant upon your consent, you may withdraw this at any time by contacting us in accordance with section 16 (Contact us) below, however please note that we will no longer be able to provide you with the products or services that rely on having your consent.
Disclosure of personal information
In certain circumstances, it may be necessary for us to disclose your personal information to third parties in order to assist us in providing our services, or where disclosure is required by us to meet our legal and regulatory obligations. Third parties may include:
current EW Group clients for the purpose of providing our services to them;
digital marketing service providers;
technology support services and data storage providers;
government and law enforcement agencies and regulators; and
entities established to help identify illegal activities and prevent fraud.
We may also disclose your personal information to anyone authorised by you, or to whom you have provided your consent (either expressly or impliedly) or where another permitted general situation applies (as defined in the Privacy Laws).
We may in providing our services and operating our business, allow access to your personal data to the different entities within share your personal information inside the EW Group for our internal administrative purposes such as billing, promoting our events and services, and providing you or your organisation with services, provided in all instances that such processing is consistent with section 6 (Legal basis for usage of personal data) above and applicable law.
We may also disclose your personal information to potential investors in the EW Group. If Event Workforce Group or Rosterfy(Rosterfy), or both, go through a business transition, such as a merger, acquisition by another company, or sale of all or a portion of its or their assets, your personal information may be among the assets transferred. We may also disclose your personal information during the negotiation stages of any proposed business transition.
We will not disclose information that personally identifies you to any third party other than as set out in this Privacy Notice.
Any third parties that we may share your data with are obliged to keep your details securely, and to use them only to fulfil the service they provide you on EW Group’s behalf. When such third parties no longer need your personal data to fulfil this service, they will dispose of such details in line with EW Group’s procedures unless they are themselves under a legal obligation to retain information (provided that this will be in accordance with applicable data privacy laws). If we wish to pass your sensitive personal data onto a third party we will only do so once we have obtained your consent, unless we are legally required to do otherwise.
We use personal information about you for the primary purpose of providing you with our services. We may also use it for other purposes for which you might reasonably expect us to use that information. You authorise us to use any email address or other contact information you provide to use at any time for such above purposes.
We may use your personal information to keep you informed about future events. This includes sending you information about opportunities you have opted in to hear about.
We may use your personal information to send you direct marketing material, on an ongoing basis with information and services, including relevant marketing communications related to Rosterfy Group, and other information or materials, that you request from us or which we feel may interest you where you have indicated that you would like to receive these from us, by email, telephone or any form of electronic communication.
You can opt out of receiving electronic communication at any time. You agree and acknowledge that even if you opt out of receiving information about future events or marketing material, we will still send you essential information that we are required to send you relating to the services we provide.
Storage and security
The security of your personal information is paramount to us and we use all reasonable endeavours to keep your information in a secure environment and to protect your personal information from misuse, interference, loss, unauthorised access, modification or disclosure. Our information security policy is supported by a variety of processes and procedures, and we store information in access controlled premises or electronic databases requiring logins and passwords.
All employees, officers or contractors of Rosterfy and third party providers with access to confidential information are subject to access controls and confidentiality obligations, and we require our third-party data storage providers to comply with appropriate information security industry standards.
Whilst we continually strive to ensure that our systems and controls are updated to reflect technological changes, the transmission of information via the internet is not completely secure, and as such we cannot guarantee the security of your data transmitted to our online services which is at your own risk. If you reasonably believe that there has been unauthorised use or disclosure of your personal information please contact us using the details below in section 16.
We keep records of the personal information we gather from you including storage in the cloud. You warrant that you will not act in a manner that results in us collecting, using or storing information that is in breach of our obligations at law.
If we no longer need your personal information, unless we are required under Australian law or a court or tribunal order to retain it, we will take reasonable steps to destroy, securely delete, or de-identify your personal information as appropriate.
Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently to improve the user experience, as well as to provide certain information to the owners of the site.
We may, for example, collect information about the type of device you use to access our online services, the operating system and version, your IP address, your general geographic location as indicated by your IP address, your browser type, the content you view and features you access on our online services, the web pages you view immediately before and after you access our online services, whether and how you interact with content available on our online services, and the search terms you enter on our online services.
Rosterfy Group’s website sets cookies which remain on your computer for differing times. Some expire at the end of each session and some remain for longer so that when you return to our website, you will have a better user experience.
Which cookies we use
Detailed below are the cookies we use and why and how long they last.
We collect standard internet log information and details of visitor behaviour patterns by using Google Analytics cookies. We do this to compile reports and to help us find out things such as the number of visitors to the various parts of our website, so that this can be improved. This information does not identify visitors or collect any personal details. We do not make any attempt to find out the identities of those visiting our websites. We will not associate any data gathered in this way with any personal data from any source.
Control of cookies
Web browsers allow you to exercise some control of cookies through the browser settings. Most browsers enable you to block cookies or to block cookies from particular sites. Browsers can also help you to delete cookies when you close your browser. You should note however, that this may mean that any opt-outs or preferences you set on our website will be lost. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit www.allaboutcookies.org which includes information on how to manage your settings for the major browser providers
Online Services – Links to third party sites, services and content
In addition to our online services, which we control directly, we also use and provide links to websites which are controlled by third parties, which may include:
Twitter, LinkedIn and YouTube, where we have certain Rosterfy Group accounts and profiles.
Facebook, where we have a social page.
- Stripe Payment Gateway
- Braintree Payment Gateway
If you use or follow a link to any of these third-party websites, please be aware that these websites have their own privacy policies and that we cannot accept any responsibility for their use of information about you.
Our online services may include integrated content or links to content provided by third parties (such as video materials). This Privacy Notice does not address the privacy, security, or other practices of the third parties that provide such content.
We engage third parties that support the operation of our online services, such as analytics providers. These third parties may use technologies to track your online activities over time and across different websites and online platforms. Please see section 10 (Cookies Policy) above for more information.
We take reasonable steps to ensure that the personal information held by us is accurate, complete and up to date. If you believe that any of your personal information is inaccurate, please contact us using the details set out in section 16 (Contact us) below and we will take reasonable steps to correct it.
Status of this statement
As technologies and information governance practices develop, and data privacy laws (and surrounding guidance) evolve, we may need to revise and vary the terms of this Privacy Notice at any time. You should check this Privacy Notice regularly so that you are aware of any variations made to this Privacy Notice.
We will post any Privacy Notice changes on this page and, if the changes are significant or may materially impact upon your rights, we will provide a more prominent notice or contact you by other means (including, for certain services, email notification of Privacy Notice changes).
Disclosure to overseas recipients
We may disclose your personal information to overseas recipients, such as an overseas client or an overseas service provider for the purposes outlined in this Privacy Notice or otherwise as allowed or required by law. By way of example, this may happen if one or more of our third party service providers with whom we share personal data in accordance with section 7 (Disclosure of personal information) are located, or have their servers located, outside your country or the country from which the data were provided.
If we transfer your information overseas, we will ensure that your privacy rights continue to be protected and that the overseas recipient handles your personal information in accordance with the Australian Privacy Principles, General Data Protection Regulation (EU) 2016/679 (GDPR) or substantially similar laws.
Access to your information and making a complaint
Where you have consented to our processing of certain personal data, you can at any time request access to the personal information we hold about you, withdraw such consent and/or tell us not to contact you with updates and information regarding our products and services (or part of them) either at the point such information is collected, (by leaving the relevant box unticked) or, where you do not wish us to continue to use your information in this way, by following the unsubscribe instructions on any communications sent to you.
You can request:
access to the personal data we hold about you
corrections or updates to your details;
the erasure of your personal data;
the portability of personal data that you have provided to us in a structured, commonly used and machine-readable format.
You also have the right to object to, or request the restriction of, our use of your personal data.
If you do so we will respond to your request within a reasonable period of time and, where reasonable and practicable, give access to the information in the manner you request. This will be subject to any exemptions provided under the Privacy Laws. You may request this information by writing to our Privacy Officer by using the details set out in section 16 (Contact us) below.
We may refuse to provide access where we have legitimate reasons for doing so under applicable data privacy laws, and in exceptional circumstances may charge a fee for access if the relevant legislation allows us to do so, in which case we will provide reasons for our decision.
Where it is practical to do so, when contacting us, you have the option to either not identify yourself or to use a pseudonym. However, this will not apply if we are required or authorised under Australian law (or a court or tribunal order) to only deal with individuals who have identified themselves.
If you wish to make a complaint about a breach of the Privacy Laws by us, you may do so by providing your complaint in writing to the contact details listed below. You may also make a complaint verbally. We will seek to respond to any complaint within a reasonable period of time. We may seek further information from you in order to provide a comprehensive and complete response.
You may also make a complaint to the Office of the Australian Information Commissioner (OAIC). You may contact the Australian Information Commissioner via telephone on 1300 363 992, by submitting a complaint or inquiry online at www.oaic.gov.au or by writing to the OAIC at GPO Box 5218 Sydney NSW 2001.
Please note that where you withdraw your consent we will no longer be able to provide you with the products or services that rely on having your consent. You can also exercise this right at any time by contacting us using the contact details at the end of this Privacy Notice.
If you have any questions, or if you wish to contact us for any of the reasons described above, including to correct or access the information we hold about you or to make a complaint, please contact our Privacy Officer:
The Privacy Officer (Global)
80 Market St, South Melbourne, 3205.
The Privacy Officer (all regions) for Rosterfy Group is Chris Grant.