Privacy Policy

Last updated: 8th April 2024

In the course of carrying out our activities, including providing our platforms and services, TRU Recognition Holdings Limited (ACN 631 171 796), and our subsidiaries and related bodies corporate (together, TRU Recognition, we, us or our), will collect, store, use and disclose Personal Information.

Privacy is important to us. TRU Recognition is committed to providing quality services and complying with Data Protection Laws.

Guidance note - general - This Privacy Policy details how we deal with Personal Information and has been developed in accordance with Data Protection Laws applicable to our Services. We are committed to the protection of Personal Information and to compliance with applicable Data Protection Laws.

Throughout the policy, we have inserted guidance notes to summarise the purpose of each section.

1. Personal information and personal data

Guidance Notes: When we use “Personal Information” or “Personal Data”, we mean any information that can lead to someone identifying you or inferring that the information is about you.

1.1 Personal information and/or personal data (the terms commonly used in applicable Data Protection Laws), is information or an opinion about an identified or reasonably identifiable individual, whether or not the information or opinion is true and whether or not the information is recorded in a material form (Personal Information or Personal Data).

1.2 We use the term Personal Information throughout this policy however, you can also read this as a reference to Personal Data.

2. Types of Personal Information we collect and hold

Guidance Notes: We collect different types of Personal Information depending on how you interact with us or our Services. The below sets out the types of information we might collect, either in our capacity as TRU Recognition (the company), or when you interact with our Services via our Customers.

Personal Information we collect in our capacity as TRU Recognition, ‘the company’

2.1 TRU Recognition collects, and/or receives, holds, and stores Personal Information about individuals for the provision of our Services and purposes connected to our Services, which includes Personal Information incorporated in General Data, Customer Personnel Data, and Services Data as follows.

2.2 The types of Personal Information we may collect, receive, store, and hold in respect of General Data and Customer Personnel Data includes the following.

(a) Identity and contact details of Customer Personnel – including individuals’ full name, address, date of birth, telephone number, email address, and other identifying and contact information such as employment details (company and position, employment history, educational background, etc.).

(b) Personal information connected to payment details – where the Customer purchases Services from us, we collect Personal Information associated with payment details of any Customer Personnel facilitating the payment.

(c) Other information – text of written and oral communications gathered in the course of our interaction with Customer Personnel, including where Customer Personnel comment within our Services and/or otherwise interact on live-chat, social media and emails, including feedback and online reviews and other information from Customer Personnels’ interactions with us online, including cookie information, IP address, URLs, search histories and other associated information.

Personal Information processed via our Services

2.3 The types of Personal Information about Individual Data Subjects that we may receive, access, and process as part of Services Data includes the following.

(a) Physical appearance – including identifiable physical traits such as clothing, facial features, body features and other distinguishing marks or features.

(b) Behaviour data – including movements, interactions, actions, gestures, mannerisms and similar.

(d) Other identifying data – including vehicle details (licence plates, make, model, colour), name tags or similar, and time-stamped data indicating an individual’s pattern or location at a specific time.

3. How we collect and hold Personal Information

Guidance note – methods of collection - This section explains how we collect Personal Information. The manner of collection ultimately depends on whether we’re acting in our capacity as TRU Recognition (the company), in which case Personal Information may be collected directly from you, indirectly from third parties or from publicly available information, or whether you are interacting with our platforms and/or Services via a third-party Customer. When you interact with our Services, we may receive Personal Information directly from the Customer Personnel and/or via the Customer, which we explain in more detail below.

3.1 When we act in our capacity as TRU Recognition (the company), the ways we may collect your Personal Information are as follows.

(a) Directly from the individual. We may collect Personal Information directly from the individual (including an individual Customer Personnel), including while providing our Services, from our website and other online platforms, including using cookies (data files placed on your device or computer).

(b) From third parties. In some circumstances, we do not have a direct relationship with the person whose Personal Information we are receiving, accessing, handling, processing, and/or storing (as applicable). We may receive Personal Information about individuals, including Customer Personnel and Individual Data Subjects, from third parties with whom the relevant individual has a relationship with, including from our third-party vendor AI model providers.

(c) Publicly available information. We may also collect Personal Information from publicly available sources of information, including via websites, directories, and social media channels.

3.2 When you interact with our Services via our Customers, we may receive, access and process your Personal Information as follows.

(a) The Customer as your employer. Where you are Customer Personnel and the Customer is your employer and/or you’re otherwise engaged by the Customer (for example, as a contractor or other representative), the Customer may disclose your Personal Information to us while enabling your use of our Services.

(b) The Customer as an entity with whom you interact. Where you are an Individual Data Subject, and, accordingly, you are interacting with the Customer directly (eg you are on their premises and/or the Customer is your service provider), while using our Services, the Customer may make your Personal Information available to us to access and/or otherwise use or handle.

3.3 While your disclosure of Personal Information to the third parties set out above remains governed by your relationship with that third party, including their privacy policy, our access and use of your Personal Information, once we receive access to it from such third parties, will be governed by this Privacy Policy.

3.4 Personal Information is held securely, is subject to various security protections and is held only for as long as the information remains relevant to the purpose for which it was collected, and in accordance with our business needs and legal requirements.

4. Purposes for which we hold, use and disclose Personal Information

Guidance note – purposes - We collect, use and disclose Personal Information for a wide variety of reasons but only to the extent that we need to in order to operate our platforms and provide our Services, or where required or permitted by law. Where you engage with our Services and/or platforms via our Customers, the purposes for which they collect your Personal Information will be dealt with under our Customer’s privacy policies.

4.1 We will not use or disclose Personal Information for any secondary purpose, unless that secondary purpose is related to the primary purpose for which we have collected that information, and you would reasonably expect the disclosure in the circumstances, or unless you consent to that use or disclosure.

4.2 The purposes for which we collect, hold, use and disclose information may include the following for Personal Information incorporated in General Data, Customer Personnel Data and Services Data.

(a) Conducting our business. This includes providing our Services, or the products and services of a third party, to our Customers, including in accordance with the directions provided by the Customer in respect of Services Data.

(b) Service improvement. To improve and optimise our Services and platforms (in the case of Service Data, this will only occur where the Customer permits us to do so in our contract with them).

(c) Legal. To comply with any legal obligations that we have in respect of General Data, Customer Personnel Data and/or Services Data.

4.3 In respect of Personal Information incorporated in General Data and Customer Personnel Data only, we may also use it for the following purposes.

(a) Communication. To communicate information about our Services or third-party organisation services that may be of interest to the Customer and/or the relevant Customer Personnel.

(b) Advertising. To provide you with information or advertising relating to our Services (including serving and targeting advertisements) or marketing communications we believe may be of interest to the Customer and/or the relevant Customer Personnel.

(d) Recruitment. For use with our recruiting processes and procedures.

4.4 We may also disclose Personal Information to the following third parties for their use for the same purposes.

(a) Our parent companies and other affiliates and related bodies corporate.

(b) Third-party service providers, including service providers who assist us so we can make our Services available to our Customers and/or assist with ancillary services made available through Services and technology and marketing service providers and partners, including Amazon Web Services and Google Analytics.

(c) In respect of Customer Personnel Data only, the Customer as the entity who has employed or otherwise engaged you, as Customer Personnel, and who is our customer using our Services.

(d) In respect of Services Data only, the Customer as the entity with whom you, as an Individual Data Subject, interact or otherwise have a relationship with.

4.5 While our disclosure of Personal Information to such third parties is governed by our privacy policy, such third party’s use of your Personal Information, including contacting them with any queries you have about the Personal Information they hold and how they are using it, will be governed by their privacy policy. It is your sole responsibility to review such privacy policies.

5. Access and correction

Guidance note – access and correction - Individuals have the right to access and correct their own Personal Information and this section deals with such rights and the related processes.

5.1 We will take all reasonable steps to ensure any Personal Information we collect, use or disclose is up to date and accurate. If you believe Personal Information that we hold about you is not up to date or accurate, you may ask us to correct it.

5.2 You may ask us to provide you with details of the Personal Information we hold about you, and copies of that information. We will respond to your request and attempt to provide you with the data within 30 days of receipt of your request.

5.3 If we provide you with copies of the information you have requested, to the extent permitted by law, we may charge you a reasonable fee to cover the administrative costs of providing you with that information.

5.4 Please direct all request for access and correction to the email address set out in section 9 below.

6. Overseas disclosure

Guidance note – overseas disclosure - We won’t disclose Personal Information outside of Australia without consent.

6.1 We will not disclose personal information about an individual outside Australia without:

(a) obtaining the individual’s consent; or

(b) otherwise complying with applicable Data Protection Laws in respect of such disclosure.

7. Changes to this Privacy Policy

Guidance note – changes Please review the policy to check if we’ve made changes.

7.1 We will review and update this privacy policy from time to time as needed without notice. Therefore, you should review the terms of this policy periodically to make sure that you are aware of how we collect, hold, store and use Personal Information.

7.2 The date this policy was last updated will be set out at the start of the policy.

8. Complaints

Guidance note – complaints - Please contact us if you have a privacy complaint. We’ll do our best to resolve your complaint. If we don’t, below are the relevant supervisory authorities who you can contact.

8.1 If you consider a breach of any applicable Data Protection Laws has occurred, you may direct your query to our Privacy Officer using the details set out in the contacting us section below and we will attempt to resolve your complaint as soon as we can, and in any case within 30 days.

8.2 If you do not consider our response satisfactory, you may contact the Australian Privacy Commissioner at its website www.oaic.giv.au or by telephone on 1300 363 992.

9. Contacting us

If you have any questions about this Privacy Policy and would like further information, please contact us as follows.

Attention: TRU Recognition Privacy Officer

Address: District Docklands Shopping Centre, Suite F15/Level 1, 7 Wharf Street, Docklands, VIC 3008, PO Box 28002, Docklands 8012

Tel: 1300 544 367

Email: privacy@TRUrecognition.io

10. Definitions

Guidance note – definitions , Where we use a capitalised term in this document, please refer to this section for a precise definition of what we mean when we use that term.

10.1 In this Privacy Policy, unless the context otherwise requires, the following terms have the following meanings.

Customer means the entity to whom we provide our Services.

Customer Personnel Data means Personal Information and/or personal data that we collect from the Customer about the Customer Personnel who use and engage with our Services, including the types of Personal Information set out in section 2.

Customer Personnel means the Customer, its employees and/or other personnel or representatives.

General Data means Personal Information that we collect about general individual who are not Individual Data Subjects and/or Customer Personnel (eg individual who interact with our via our website or social media pages, enquire about employment with us, and/or enquire generally about our Services).

Data Protection Laws means laws that apply to the collection, handling, storage, processing, disclosure, and any other use of Personal Information, including the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs) (a copy of which can be obtained from the website of The Office of the Australian Information Commissioner at www.oaic.gov.au).

Individual Data Subjects means the individuals who engage with, or otherwise interact or have a relationship with, our Customers and/or their premises, products, and/or services.

Personal Information and/or Personal Data have the meaning given to them in section 1.

Privacy Officer means the staff member at TRU Recognition responsible for dealing with privacy matters.

Services means our products and services, including our software platforms and other ancillary or related services.

Services Data means data that the Customer makes accessible by us in connection with our Services, including images, footage, graphics, reports, documentation, reports, and/or analysis that may include Personal Information about or relating to Individual Data Subjects within the categories of Personal Information set out in section 2.