Seera Pty Ltd

PRIVACY POLICY

Seera Pty Ltd values your Privacy.

When you use this site or engage with our services you can trust us with your information.

This Privacy Policy and associated End User License Agreement helps you understand what information we collect (“Data”), why we collect it, and what we do with it. This policy extends to the range of products owned by Seera Pty Ltd as identified in Schedule1 (“Products”).

This Privacy Policy also outlines our provisions for doing business with us and describes how the privacy of your Data is respected in a variety of common interactions with us.

Data: means information that identifies you as an individual, or from which your identity can be reasonably ascertained. This includes but is not limited to first name, last name, date of birth, age, address, email address, past job information, current job information, resume, skills, competencies, qualifications, work right status, visa details and other job-related information of a non-sensitive nature. It also contains information that we may supply you in the course of dealing with us through our products and services including but not limited to information contained in job descriptions and advertisements.

The Data you provide us, or the Data we provide you may contain Data that identifies personnel and individuals, and Seera Pty Ltd maintains the same high level of protection in this respect also.

The obligations under the Privacy Act 1988 and the Australian National Privacy Principles guide the way Seera Pty Ltd collects, handles, and stores your Data and any Data within it. We will not use or disclose Data about an individual for a purpose other than in the terms of its Services or Products with its Licensees. This Privacy Policy includes the End User License Agreement with Seera Pty Ltd also available here.

Data you Provide Us

Seera Pty Ltd works hard to ensure the security of your information and Data. Once it comes into our possession, reasonable steps will be taken to protect and secure this information. When you send Data to us information this will be used strictly for the purposes outlined in this privacy policy and our End User License Agreement.

Our primary purpose for collecting Data is website registration, job opportunity matching, skills assessment, and employee/contractor management. We collect, hold, use and disclose Data as it is reasonably necessary for running the platform. This includes:

  • Website Registration: we collect, hold, use, and disclose personal Data for the purpose of user access management.

  • Job Opportunity Matching: we hold, use, and disclose personal Data for assessing an individual's suitability and skills for a job or role (including invitations to apply for positions), or professional development opportunities.

  • Employee Management: our Products allows for our client organisations to collect, hold, use and disclose Data or assess an individual’s suitability and skills for a job, role, or professional development opportunity and for the ongoing management of employed or contracted individuals.

  • Direct Marketing: we collect, hold, use, and disclose personal Data for the purpose of direct marketing information about our Products, where the individual has requested, we do so through an opt-in registration process, and from which you can opt-out at any time by unsubscribing. Seera Pty Ltd does not sell, rent, or assign Licensee Data to other businesses. 

Data we Provide You

Our site is for the purpose of supplying quality information. Certain Data available on the site is free to use and is considered public Data. Other information we may provide you or manage for you may be considered private and commercial in confidence information.

Using this Site, Products, and Services

You can access and browse our Site and Products without disclosing your Data. We will only accept personnel information or your Data with your consent.

From time to time Seera Pty Ltd links to other websites. These websites are responsible for their own privacy practices, and you should check those websites for more information about how they will handle your Data and the provision of Data.

GDPR Compliance

Seera Pty Ltd will also ensure that your Privacy is respected in accordance with the GDPR standards in Europe applicable to its clients and users in Europe from 25 May 2018.  This includes:

  • Right to be informed: We will always tell you what Data is being collected, how it’s being used, how long it will be kept and whether it will be shared with any third parties.

  • Right of access: We acknowledge that you have the right to request a copy of the Data that we hold.

  • Right of rectification: We will ensure that you have the right to correct Data that is inaccurate or incomplete.

  • Right to be forgotten: We will ensure that on request we will erase any personal Data that is stored on you.

  • Right of portability: On request we will ensure we transfer any Data that we hold to another company.

  • Right to restrict processing: Individuals can request Seera Pty Ltd limit the way it uses its personal Data.

  • Right to object: individuals have the right to challenge certain types of Data processing by Seera Pty Ltd if notified in writing.

  • Rights related to automated decision-making including profiling: Individuals and organisations can ask Seera Pty Ltd to provide a copy of its automated processing activities if they believe the Data is being processed unlawfully.

You are reminded you are free to exercise these rights.

Complaints process

If you have any questions or concerns about our collection, use or disclosure of personal information, or if you believe that we have not complied with this Privacy Policy or the Privacy Act 1988, please contact us via the “Contact Seera” option on our website. This includes ensuring compliance with the European Union General Data Protection Regulation (GDPR) that came into effect 25 May 2018.

We will investigate the complaint and determine whether a breach has occurred and what action, if any, to take.  When contacting us, please provide as much detail as possible in relation to the query, issue, or complaint.

We will take any privacy complaint seriously.  We will aim to resolve any such complaint in a timely and efficient manner, and our target response time is 30 days. We request that you cooperate with us during this process and provide us with relevant information we may require.

The following outlines the way in which Seera Pty Ltd protects your personal information:

Storage and security of your personal information

Seera Pty Ltd will take reasonable steps to keep any Data we hold about you secure. However, except to the extent liability cannot be excluded due to the operation of statute, the Company excludes all liability (including in negligence) for the consequences of any unauthorised access to your personal information. Please notify us immediately if you become aware of any breach of security.

Data Security

Seera Pty Ltd platforms contain sensitive Data for all our customers, and we treat this data with the utmost care.  All data transmitted into and out of our Products is encrypted. All Data at rest in Seera’s SQL Azure databases is encrypted. There are no usernames and passwords available to exploit, and passwords are not stored in the database for customers that select to use single sign on. The design of the system and the Azure platform protects the databases from direct access.

Confidentiality

Confidentiality is the most important aspect. In most public cloud scenarios, the systems are what we call multi-tenant. That means that you share physical disks, network cables and CPUs with other customers’ systems. It is the cloud provider’s systems and operations that provide the separation between customers and ensures that one customer’s system cannot access another customer’s data. With Windows Azure for example, there are mechanisms in place to ensure that this does not happen. There are over 10 layers of security wrapped around any system built on Windows Azure to ensure that it cannot access any resources outside of its own. Microsoft’s Global Foundation Services have published several white papers on how they implement security in Microsoft’s online services.

Additional Privacy

There are a set of common techniques that Microsoft cloud services use to protect data privacy. The first are data access controls. Data access controls fall into two categories: physical and logical. On the physical side, access to data centre facilities is guarded by outer and inner perimeters with increasing security at each level, including perimeter fencing, security officers, locked server racks, multi-factor access control, integrated alarm systems, and extensive 24x7 video surveillance from the operations centre.

Access to customer data is restricted based on business needs. Access is restricted by controls such as role-based access control, two-factor authentication, minimising standing access to production data, and logging and auditing of activities performed in the production service environment.

Microsoft regularly monitors our production environments for privacy and security-related threats. We also use a robust internal program that reports potential privacy risks in our data centres. When activated, the process brings engineers together with specialists with a background in privacy, forensics, legal, and communications who work as a team to determine the appropriate course of action to ensure that privacy incidents are driven to resolution in a timely manner.

To ensure data privacy between customers who store Data in the same cloud service, Microsoft uses data isolation techniques to logically separate cloud tenants and create an environment where customers can only access their own Data.

Data geo-location is an important concept for customers operating in regulated industries or in countries with data protection laws. Microsoft understands that some customers must maintain their data in a specific geographic location, such as maintaining Data within the EU or APEC.

Microsoft’s Global Foundation Services (GFS) team maintains a world-wide network of cloud-scale data centres and verifies each meets strict security requirements.  We continuously monitor all systems involved in our services to help identify potential threats by predicting malicious behaviour and monitoring for irregular events that may indicate those threats. This monitoring also provides the data for our privacy effectiveness reports that are required by standards organisations.

Hosting

Seera products are provided on a SaaS (Software as a Service) basis, hosted in the cloud.  Seera currently runs out of Microsoft’s Azure data centre located in Melbourne.  We can, if required, also install the application in other Azure data centres internationally.

Availability

Availability is ensured through highly available, redundant systems. All Seera Products systems and data is built on Windows Azure using the Windows Azure Storage mechanisms which have three live redundant copies available at any time. If one of those copies becomes unavailable the system seamlessly switches to a live backup while creating a third live backup. This high availability scenario is much more reliable than most on-premises systems (where any kind of failure means recovery from backup). 

Authentication

Seera Pty Ltd supports the following authentication for organisation users:

  • Legacy internal username and password.  This can be disabled for customers.

  • Microsoft Azure AD, supporting single sign-on.

  • On-premises ADiii.

Role Based Security

Seera Pty Ltd enables clients to have an unlimited number of different user groups, enabling organisations to control what each user group has access to within the solution. Authorised users can interact with the system according to their designated authorisation level from any device at any time in any location. Authority levels are set when the solution is implemented and ongoingly can be easily managed by delegated Administration access.

Seera enforces two types of security:

  • Function-level security to restrict access to reports and other functions based on the user group that the user is a member of; and

  • Logical security that restricts the amount and type of information that users can access about staff based on their role in the organisation and relationship to the staff.

For example, HR Administrators will be able to see information about all staff, managers can see only relevant information about their team-members, and staff with no reports can see information about themselves.  This is configurable by the client.  Function-level security is used to restrict access to reports that don’t currently provide logical security. Some reports provide logical security.

EV SSL certificates

EV SSL certificates offer the highest available levels of trust and authentication to your website. The green address bar prominently displays your company name and provides highly visual assurance to customers that your site is secure – immediately giving them the confidence to complete their transaction.

Audit Logs

Audit logs are available and can be viewed by our customers if required, this functionality is access controlled and is a permission that can be delegated to the relevant users.

Changes to this Privacy Policy

The date of this Privacy Policy is set out below. We may change this Privacy Policy at our discretion. By continuing to use our Site, or otherwise continuing to deal with us, you accept this Privacy Policy as it applies from time to time.

For further information on Seera Pty Ltd’s strong values surrounding data protection please contact us via the “Contact Seera” option on our website.

SCHEDULE 1 PRODUCTS

1:  MySeera - Skills and Career Portfolio

MySeera is an integrated online software solution for recording and managing Skills as Data.  The platform allows individual users to record their skills, experiences, qualifications, accreditations, and licenses.  It also records job applications (including invitations to apply for positions), performance reviews and learning credentials, the combination of which provides the following benefits.

  • Independent Assessments of Current and Desired Skills, Interests, and Positions

  • Streamlined Job Applications and Reference Checks

  • Integrated Performance Reviews

  • Learning and Development History

  • Verification and Compliance Records Management

  • Career Planning

Limitations of Use: This Agreement limits the use of the Seera Software to an individual or group user within the terms outlined in agreement with the licensor.

Licensed Period: This license period of this Agreement is in perpetuity unless terminated or amended by the licensor in writing.

 

2:  Seera Cloud - Skills and Careers Management

SeeraCloud is an integrated online software platform for managing Skills as Data across an enterprise. The platform synchronises employee skills data from their MySeera account and provides client businesses the following benefits.

  • Data Set Selection and Administration

  • Templated Position Descriptions

  • Objective Assessments and Performance Management

  • Accelerated Recruitment and Project Resourcing

  • Aligned Training Prioritisation

  • Robust Compliance Records Management

  • Transparent Diversity and Integrity

  • Enterprise Capability Planning

Limitations of Use: This Agreement limits the use of the Seera Software to Business client administrators or managers within the terms outlined in agreement with the Licensor.

Licensed Period: This license period of this Agreement is in perpetuity unless terminated or amended by the Licensor in writing.