Privacy Policy
Rikta encourages being data privacy aware. We at rikta (HREX Pty Ltd and its affiliates) take your privacy requirement seriously.
This Privacy Policy is intended to inform you about the conditions in which we collect, use, store, share, transmit, transfer, delete or otherwise process (collectively “Process”) information relating to you (your Personal Data). In this rikta Privacy Policy we describe the measures we take to ensure the protection of your Personal Data. Importantly we inform you about your rights, and tell you how you can reach us to ask any questions you may have about this Privacy Policy and your Personal Data.
At rikta, we are committed to complying with any applicable legislation relating to Personal Data and we shall ensure that your Personal Data is collected and processed in accordance with provisions of the European Union’s General Data Protection Regulation (GDPR) and any other applicable local law. In this Privacy Policy, “you” and “your” means any covered individual. “We”, “us”, “our” and “rikta” means the global organisation of rikta entities.
What this Privacy Policy covers
This Privacy policy applies to rikta across our global organisation and all our listed entities in all geographies where we operate including the European Union, the UK and the European Economic Area.
This policy applies to the collection and Processing by rikta, as controller of the Personal Data of: our applicants, the employees of our customers or prospective customers, the employees of our suppliers/vendors, our contractors/subcontractors, the visitors of our websites.
This Privacy Policy does not apply when we provide the rikta services as processor on behalf of our customers. If you wish to obtain information relating to the use by one of our customers, acting as controller, of the rikta services, please contact our customer directly.
The Personal Data we collect from you includes, as relevant:
- your contact information (name, email),
- your identifiers (username and password),
- your internet activity information (Internet Protocol (IP) addresses or other identifiers).
- Any information supplied by you in use of the platform or in the interest of you interacting with rikta, in response to information requests where you permissively supply such information.
We collect such information when:
- you request (or express an interest in receiving) information about our services; you use our “Contact Us” or similar features or download certain content on our websites;
- you request customer support;
- you register for an event, webinar or training;
- you attend an event, we may, with your further consent, scan your attendee badge,
- you visit our websites,
- you communicate with us via a phone or exchange emails with us,
- you use our services, we automatically collect information about your device and your usage of our services through log files and other technologies, some of which may qualify as Personal Data (please see the “What device and usage data we process” section, below),
- you visit one of our offices and you are requested to register as a visitor,
- you apply to a job at rikta.
We also collect information about you from other sources including our business partners, or third parties from whom we purchase Personal Data and from publicly available information. The Personal Data we collect from these sources includes your business contact information, including mailing addresses, job titles, email addresses, phone numbers, IP addresses, social media profiles, LinkedIn URLs and custom profiles, for purposes of targeted advertising, delivering relevant email content and event promotion.
We only collect or process Your Personal Data where we have a lawful reason to do so, as follows:
- to contact you and communicate with you, to provide you with information about our services (based either on your consent or our legitimate interest),
- to provision our services, fulfil your orders and manage the billing of our services (based on the performance of a contract with you or our legitimate interest),
- to plan and manage your registration, access and participation to marketing and training events and (based on your consent or our legitimate interest),
- to promote and market our services, send you marketing communications in accordance with any applicable legal requirements (based on your consent or our legitimate interest),
- to improve our services and your experience using our services and navigating our websites (based on our legitimate interest),
- to secure our services and websites, including to diagnose website technical problems, to prevent, detect, investigate, mitigate and fix potential security issues and fraudulent or illegal access or activities (based on our legitimate interest),
- to respond to a court or a regulator order or a public authority request and defend our rights in court (based on a legal obligation),
- to review our application and manage our recruitment process (based on our legitimate interest).
When we ask you for your consent to process your Personal Data, you can withdraw your consent at any time, which will not affect the lawfulness of the processing before your consent was withdrawn. If you would like to withdraw your consent, you can do so by mailing customer@rikta.ai.
How long we store your Personal Data
We only retain your Personal Data for as long as reasonable and necessary for the purposes we collected it or as long as required to satisfy any legal, accounting or reporting requirements. To determine the appropriate retention period for your Personal Data we take into account the amount, nature, and sensitivity of your Personal Data being processed, the potential risk of harm from unauthorised use or disclosure of the Personal Data, and whether the purposes of the processing can be achieved in another way, and the applicable legal requirements (such as applicable statutes of limitation).
Upon expiry of the applicable retention period, we will securely destroy your Personal Data in accordance with applicable laws and regulations.
How we secure your Personal Data
Your Personal Data is securely stored using our allocated Amazon Web Services (AWS) server locations in Australia and USA, and in accordance with any legal requirements of the countries in which our organisation operates. We actively use appropriate technical and organisational measures to protect your Personal Data against accidental or unlawful alteration or loss, deploy security measures both digitally and physically to deter unauthorised use, disclosure or access, in accordance with our Company Information and Systems Security Policy. We work to ensure appropriate and reasonable measures are deployed based on Privacy by design and Privacy by default principles, to safeguard and protect the Processing of your Personal Data.
How we disclose your Personal Data
We share your Personal Data, in the following circumstances:
- To rikta entities for the purposes described in this Privacy Policy,
- With third parties we have retained in connection with the purposes described in this Privacy Policy and our services,
- With entities as required for the prevention of money laundering fraud and crime. Including financial institutions, tax authorities and regulatory bodies,
- With courts, law enforcement authorities, regulators, government officials or attorneys or other parties where it is reasonably necessary for the establishment, exercise, or defence of a legal or equitable claim, or for the purposes of a confidential alternative dispute resolution process,
- With service providers who we engage, for example, shared service centres, to process your Personal Data for any of the purposes listed above on our behalf and in accordance with our instructions only.
- In the event of purchase or sale of any business or assets, in which case we may disclose your Personal Data to the prospective seller or buyer of such business or assets to whom we assign or novate any of our rights and obligations.
How we transfer your Personal Data internationally
We may transfer, store or process your Personal Data in a country that is not yours, including countries outside the European Economic Area (“EEA”). We have taken appropriate safeguards to ensure your Personal Data and your rights are protected in compliance with applicable data protection laws. In particular, if we transfer your Personal Data from the EEA to a country not recognized to provide adequate protection, such as the United States or , we enter into EU standard contractual clauses with the data importer or implement any alternative mechanism as approved by the European Commission (Art. 46 GDPR) or other applicable regulator.
For further information, including learning more about the countries in which the overseas recipients are located or obtaining a copy of the documents used to protect your information, please contact us at customer@rikta.ai.
Cookies, use and management
We use “cookies” on our website. What are Cookies? “Cookies” are portions of text that are placed on your computer’s hard drive when you visit certain websites. We may use cookies to tell us, for example, whether you have visited us before or if you are a new visitor and to help us identify features in which you may have the greatest interest. Cookies may enhance your online experience by saving your preferences while you are visiting a website.
We will let you know when you visit our websites what types of cookies we use and how to disable such cookies. Where required by law, you will have the ability to visit our websites and refuse the use of cookies at any time on your computer. You can accept or manage your preferences as a first action on visiting the website, or via your browser settings, but removal of some cookies may affect the performance of some website features.
What your rights are
To the extent that these apply to you, rikta supports and commits to ensuring the protection of your rights under applicable laws which may include:
- Your right to access and correct data.
You can request a copy of the Personal Data we hold about you. You may also request rectification of inaccurate Personal Data, or to have incomplete Personal Data completed.
- Your right to be forgotten.
Your right to be forgotten entitles you to request the erasure of your Personal Data in cases where:
(i) the data is no longer necessary for the purpose for which it was collected;
(ii) you choose to withdraw your consent;
(iii) you object to the processing of your Personal Data;
(iv) your Personal Data has been unlawfully processed;
(v) there is a legal obligation to erase your Personal Data;
(vi) erasure is required to ensure compliance with applicable laws.
- Right to restriction of processing.
You may request that processing of your Personal Data be restricted in the cases where:
(i) you contest the accuracy of your Personal Data;
(ii) rikta no longer needs your Personal Data for the purposes of the processing;
(iii) you have objected to processing for legitimate reasons.
- Right to data portability.
You can request, where applicable, the portability of your Personal Data that you have provided to rikta. We will do this in a commonly used, and machine-readable format. You have the right to transmit this data to another Controller without hindrance from rikta where:
(i) the processing of your Personal Data is based on consent or on a contract; and
(ii) the processing is carried out by automated means.
You can also request that your Personal Data be transmitted to a third party of your choice (where technically feasible).
- Right to object to processing.
You may object (i.e., exercise your right to “opt-out”) to the processing of your Personal Data particularly in relation to profiling.
- Right not to be subject to automated decisions.
You have the right not to be subject to a decision based solely on automated processing, including profiling, which has a legal effect upon you or significantly affects you. We do not implement automated decision making methods.
- Right to withdraw your consent at any time.
When the processing of your Personal Data is based on consent, you can withdraw it without affecting the lawfulness of the processing based on such consent before its withdrawal.
In the event you wish to exercise any of the rights listed above, please send an email request to customer@rikta.ai
We will aim to respond to your request within the time limits under the applicable law.
We typically do not charge a fee for you to access your Personal Data but may charge a reasonable fee for providing such access if your request is clearly unfounded, repetitive, or excessive for us to respond to. We may also need to request specific information from you to help us confirm your identity and ensure your right to access your Personal Data (or to exercise any of your other rights). This is a security measure to ensure that your Personal Data is not disclosed to any person who has no right to receive it.
Data collection and privacy of minors (Children)
We do not collect and process Children’s Personal Data without the consent of the holder of parental responsibility where required. In particular, we do not promote or market our services to Children, for example the processing of data for a data subject aged under 18 years of age working with that client. If you believe that we have mistakenly collected a Children’s Personal Data, please notify us using the contact details provided below.
If you are a California Resident
We do not sell Personal Data. We may share the following categories of Personal Data with third party business partners and service providers with whom we have entered into contracts:
- Contact information;
- Commercial information;
- Internet activity information;
- Financial information;
- Education, professional and employment-related information.
For information on how to exercise your rights under the California Consumer Privacy Act, including the right to access specific types of Personal Data, to learn how we process Personal Data, to request deletion of your Personal Data, and not to be denied goods or services for exercising these rights, please refer to the above “What Your Rights Are” Section. Keeping this Privacy Policy up to date We may update this Privacy Policy as required over time to reflect business change or legal requirements change by publishing a new version on our website. If we make any significant changes to this Privacy Policy, we will make reference to the
change on our website stating when any changes go into effect, and where appropriate, send a direct communication to you about the change. You are invited to check this page occasionally to ensure you are happy with any changes to it.
Privacy policies of other websites
In the event, the rikta website(s) contain links to, our privacy policy applies only to our website, so if you click a link to another website you should refer to their privacy policy.
How to contact us or the appropriate authority. To exercise your rights as mentioned above, or if you have any questions regarding this Privacy Policy or rikta privacy practices, we invite you to contact us at any of the below:
rikta
HREX Pty Limited (Registered Company)
Attn: Privacy Officer
Level 5, 50 Berry Street,
North Sydney, NSW, 2060
Australia
Email: customer@rikta.ai