fbpx

Outdesk Privacy Policy - image shows a keyboard with 'enter' key replaced with a house silhouette and padlock image

Client Data Protection Policy

 

Outdesk (“we,” “us,” or “our”) is committed to protecting the privacy of our clients’ data. This Data Privacy Policy (“Policy”) outlines the types of personal data that we collect, how we use and protect that data, and the measures we take to ensure compliance with applicable data privacy laws and regulations.

 

COLLECTION AND USE OF PERSONAL DATA

We may collect personal data from our clients in order to provide outsourcing services. The types of personal data that we may collect include, but are not limited to:

  • Names and contact information of our clients and their employees who are responsible for managing the outsourcing services we provide.
  • Log-in credentials to access the client’s cloud-based software, browser-based applications, and other tools that may be required to perform the services – typically provided to our individual staff email accounts which staff then use in their day-to-day operations with our client’s businesses.
  • We do not collect any personal information of our client’s customers or employees, except where required to perform our services and with the client’s explicit consent.
  • Financial and billing information
  • Outdesk only uses personal information for the purposes for which it was collected and in accordance with our client’s instructions.

 

SHARING OF PERSONAL DATA

We may use this personal data for the following purposes:

  • Providing outsourcing services to our clients
  • Communicating with clients and their employees
  • Invoicing and payment processing
  • Compliance with legal and regulatory obligations

Outdesk may disclose personal information to third-party service providers, such as IT providers, payment processors, or other service providers, but only where necessary for the performance of our services, and where those third parties are also bound by confidentiality obligations.

 

DATA SECURITY AND RETENTION

Outdesk employees who provide outsourcing services are engaged by our clients and work within the client’s ecosystem, including but not limited to their cloud-based software and browser-based applications. Outdesk employees only have access to personal information that is strictly necessary for the performance of their duties and are bound by strict confidentiality obligations.

We take appropriate measures to protect personal data from unauthorized access, alteration, disclosure, or destruction. These measures may include:

  • Limiting access to client data to employees who need it to perform their job duties
  • Use of secure and encrypted cloud-based software and other tools
  • Regular monitoring of access to client data
  • Implementation of data retention policies to ensure that client data is deleted when it is no longer needed

Outdesk employees who provide outsourcing services are engaged by our clients and work within the client’s ecosystem, including but not limited to their cloud-based software and browser-based applications. Outdesk employees only have access to client information that is strictly necessary for the performance of their duties and are bound by strict confidentiality obligations.

Outdesk employees only download and store company data when strictly necessary, and such data is stored in encrypted form on Outdesk’s secure servers. Outdesk will remove any company data from its employees’ hard drives at regular intervals, or as instructed by the client.

Outdesk will retain personal information only for as long as necessary to fulfil the purposes for which it was collected, including any legal or regulatory requirements.

 

CLIENT RESPONSIBILITIES

Clients are responsible for complying with all applicable data protection laws and regulations with respect to their own customers’ personal data, and for providing any necessary consents and notices related to the collection, use, and disclosure of that personal data.

Clients are also responsible for providing accurate and up-to-date personal data of their employees (who are responsible for managing the outsourcing services we provide) to Outdesk, and for ensuring that their employees are aware of the collection and use of their personal data by Outdesk.

 

CONSENT

Outdesk will obtain explicit consent from our clients for the collection, use, and sharing of any information, and will ensure that such consent is specific, informed, and freely given.

 

DATA SUBJECT RIGHTS

Individuals have certain rights with respect to their personal data, including the right to access, correct, and delete their personal data. If a data subject wishes to exercise these rights, they should contact their employer or the Outdesk client who is responsible for their personal data.

 

CHANGES TO THIS POLICY

We may update this Policy from time to time in order to reflect changes in our practices or for other operational, legal, or regulatory reasons. We will provide notice of any material changes to this Policy on our website or by other means as appropriate.

 

CONTACT US

If you have any questions or concerns about this Policy or our data protection practices, please contact us

 

By email: [email protected]
By phone: +61 2 8667 0728