Categories of data we may process
|Categories of data and processing.
||Name, all types of contact details: email, phone numbers; home landline place of work number, mobile numbers. Gender, date of birth, place of birth, nationality identification number, social security number internal company employee or ID numbers. Marital/civil partnership status, domestic partners, dependants, disability status, emergency contact details, such as names and phone numbers and address of listed individual. Ethnic origin. Photographic image. CCTV or other video systems. smart building controls. Metrics systems used for data analytics, driver licence number. car details. passport number. details contained in letters of application and C.V. potential background check information. eLearning and training programs. internal/external qualifications. performance and development reviews.
|Personal details – clients and prospects
||Name, all types of contact details: email, phone numbers; home landline place of work number, mobile numbers. Contact preferences, preferred medium for communication. Marketing preferences, data relating to services provided. Relationship with CyberCX representative. data related to event, (invitation, attendance, relevant costs)
|Personal details – Vendors, service providers, suppliers, payees, intermediaries.
||Name, all types of contact details, such as title, job title email, all categories of phone numbers, home and work address. Data related to invitations for business events. Bank details, invoicing address. Company registration numbers company VAT numbers. Any type of unique identification numbers. Details of relationship to CyberCX.
||Name, all types of contact details, such as title, job title email, all categories of phone numbers. home and work address. Contact preference. Data relating to interaction or relationship with CyberCX.
|Documents required under immigration laws.
||Citizenship, passport data details of residency, work permit.
|Compensation and payroll
||Remuneration details, tax codes, insurance codes, statutory and voluntary contributions, overtime and shift work. Compensation type, pay frequency, salary reviews, performance reviews, bank details credit card details. Working time records. Pay data, expense details, receipts from expenses.
|Leaves of absence
||Annual leave requests and approvals, statutory leave (maternity and paternity) Data relating to administrative leave (suspension), illness, leave due to accident at work. Occupational health leave (in accordance with local law) Dates of all the above listings.
||Monthly. Yearly pension capital sums, differed pension sums. Type of pension.
||Description of current position, job title, corporate status, career level, job function. Legal employment entity. Location of work, employee identification number. Terms of employment contract of employment. Length of service. Promotional prospects. Disciplinary records.
|Work location and relocation
||Work address, place of work, workplace indicator, future assignment country. Employment permits. Visa, expiry dates.
||Details of any shares of common stock or directorships. Stock purchase plans purchase eligibility & contribution. Stock options and information.
||Promoting and providing products and services to actual and potential customers, advertising marketing and PR related activities.
|Accounts and records data. Data relating to vendors, service providers, suppliers’ payees and intermediaries, legal services data.
||Order management, including billing credit analysis, shipping account maintenance. Internal administration and accounting for all commercial relationships. Managing and analysing sales and demand, communications, business operations, customer relationship management. conducting internal audits and other internal control activities relating to a contract. management with supplier, vendors subcontractors and business partners. Due diligence for anti-corruption and antibribery purposes. Reporting activities to fulfil finance and account requirements. Risk management and corporate audits and assessments. Legal filing and reporting, purchase order and payment. Internal investigation. Computer system security, including ensuing adequate level of protection of the personal data stored therein. Other services on an ad hoc basis.
|Data relating to mergers. Ventures and acquisitions.
||Management and employment information. Compensation and payroll details Client relationships. Compliance, due diligence. Full company reporting: finance and legal. Risk management, corporate audits. Ensuring adequate protection of data processing activities.
|Purpose for which CyberCX uses the personal data.
||Scheduling, Recruitment. Managing and administration of employees. Employee engagement. Performance management. Professional development. Financial planning, payroll, fund management and accounting. Share plan management and operations. Business marketing and public relations. Building and managing external relationships. maintaining relationships. Planning and delivering business capabilities. Research and development. Compliance and audit purpose. Internal & external investigations, including liaisons with law enforcement and other Government organisations. Litigation management. Client, supplier and business partner management. Technology infrastructure, security and support. Travel management. Knowledge management. reporting to Supervisory Authorities. Liaising with regulators/ government departments for routine reporting. Merger and acquisitioning. Other purposes required and or permitted by law.
You will only receive direct marketing information from CyberCX if you indicate to us a preference to do so, via our ‘’Subscribe’’ option on the website. You will be invited to complete a client consent/opt in process by email because of the following:
- Becoming a client
- Your attendance at an event
- Providing us with a business card directly to a CyberCX employee or provided at a business event.
- You, registering your brief contact details to obtain information, or free downloads from our website.
- An email request from you to attend an event.
- Your attendance at an event organised or co-hosted by CyberCX that has been promoted via social media or other advertisement.
We may use and process your information where you have consented for us to do so via our consent process. This consent can be withdrawn at any time via our ‘’unsubscribe from the list’’ option.
What are cookies?
A cookie is a small data file that is placed om your computer or device to allow a website to recognise you as a user. Some cookies can tell how often you use the website, the duration of the visit. Cookies are very common way for remembering information about the visitor to the website.
Cookies we use
How to control and delete cookies
If you wish to reduce or block these cookies you can do this through your browser settings. The help section within your browser will show you how to do this. If you would like more information on cookies, please visit www.allaboutcookies.org.
Credit and debt card payment
When you pay for any services over the telephone/internet, your credit/debit card payment is processed by a third-party payment processor, who specialises in the secure online capture and processing of credit/debit card transactions. If you have any questions regarding secure transactions, please contact us using the details at the end of this policy
Direct Debt payments
If you set up a direct debit, your name, bank account number and sort code will be shared electronically with your bank or building society and a third-party processor in order to set up the direct debit mandate.
A copy of your direct debit mandate will also be held by CyberCX to allow us to track any payments made and will be kept in accordance with our data retention policy.
You may cancel a direct debit at any time by informing us and contacting your bank or building society.
Where we store your data
All information you provide to us for our use is stored on secure servers which are located in Australia. Using cloud service providers such as Amazon Web Services (AWS).
The third parties listed under ‘purpose for which CyberCX uses personal data’’ which process your personal data may be located outside of the EEA or they may transfer your data outside the EEA. Those countries may not have the same standards of data protection and privacy laws as the UK. Which means additional safeguards must be in place. Whenever we transfer your data outside the EEA we introduce obligations on the recipients of that data to protect your personal data to the standard that the UK expect.
How long will we retain your data for?
If we collect your personal data, the length of time for which we retain it is determined by a number of factors including the type of data, the purpose for which we use that data and our regulatory and legal obligations attached to this use. The only exception to this is where the law requires us to hold your personal data for a longer period or delete it sooner: You ask us to delete your data (if applicable).
|Data Category/document type
||6+1 Year after termination of contract.
||Up to 12 months after candidate application.
||6 + 1 Year after leaving employment
||6 +1 year after termination of the contract.