Privacy Policy

Overview

Team APAC (ABN 75 681 171 228) provides access to the Team APAC Workforce Platform (the “Platform”), which enables you to engage and compensate Employees in multiple countries—without the need to establish a local legal entity.

We achieve this by hiring individuals through our affiliated entities (referred to as “Local Affiliates”) and making them available to you to perform duties for your business, while we remain their legal employer under an Employer of Record (EOR) model.

In this arrangement, Team APAC acts as the Employer of Record (EOR), and the individuals engaged under this model are referred to as “Employees.”

These Terms outline the conditions under which Team APAC and its Local Affiliates offer you access to the Platform and related services (“Services”).

By either (i) registering an account on the Platform or (ii) using any of our Services, you confirm that you are entering into a legally enforceable agreement with Team APAC.

You also represent that the individual accepting these Terms on your behalf has the authority to bind your organization to this contract.

Local Affiliates

Our Local Affiliates are legal entities within the Team APAC group, established in various jurisdictions to employ workers on r behalf and deliver EOR Services. An “Affiliate” refers to any entity that directly or indirectly controls, is controlled by, or is under common control with another entity in our group.

Privacy Policy

This Privacy Policy applies to Team APAC, its local affiliates, and other related entities.

1. Privacy Statement

This statement includes the following:

• Our Privacy Policy, which provides further details on how we handle and manage personal information
  
• Our Collection Statement, which outlines how and why we collect and use personal information

2. Contact Details

You may contact our Privacy Officer via email at privacy@teamapac.com.

In some cases, we may be required to collect information related to an individual, or to communications involving an individual, under the data retention provisions of the Telecommunications (Interception and Access) Act 1979 (“Data Retention Law”).

3. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in the law, our website, or our products and services—particularly where those changes affect how we manage personal information. When we do, we’ll upload the revised version to our website. We encourage you to check back regularly to stay informed.

Any changes will take effect from the date the updated policy is posted. By continuing to access our website, engage with us, or use our products or services after that date, you agree to the updated terms.

4. Your Privacy Rights

This policy outlines how we manage your personal information under the Australian Privacy Principles (APPs), the General Data Protection Regulation (GDPR) in Europe, and other relevant privacy laws in jurisdictions where Team APAC operates.

5. Collection of Personal Information

We only collect personal information that is reasonably necessary for the proper performance of our functions as a platform provider. You are under no obligation to provide personal information to us. However, if you choose not to, we may be unable to respond to your requests or provide certain services. For example, we may not be able to consider you as a Candidate or Employee unless you identify yourself and provide the necessary details.

We may also choose not to collect unsolicited personal information and may take steps to remove it from our systems where appropriate.

6. Information Collected

We collect and hold personal information that is reasonably necessary for the proper performance of our functions and activities as a software platform. Our services include:

• Global Employer of Record (EOR) services
• HR Support Services
• Timekeeping Software
• Employee Onboarding Software
• Workplace Services

The type of personal information we collect may vary depending on your relationship with us. For example, we may collect different information depending on whether you are:

• Employee
• Customer
• Supplier & Vendor & Contractor

7.1 Employee Data: Information Collected

The type of personal information we typically collect and hold about Employees is information necessary to manage the employment relationship and monitor performance in roles obtained through Team APAC. This may include:

• Contact details, including postal address, work address, email, and phone numbers
• Date of birth, sex, occupation, driver’s licence, or other identification documents such as a passport
• Bank account details, for the purpose of processing wages and other statutory entitlements and benefits as agreed with your employer
• Next of kin or emergency contact details
• Any other information reasonably required by Team APAC in relation to your employment, including (but not limited to):
• Tax and payroll-related information
• Benefits such as health insurance, disability coverage, sick leave, life insurance, pension, severance, and paid time off
• Statutory contributions and other employment-related entitlements

7.2 Customers Data: Information Collected

The type of personal and business information we typically collect and hold about Customers is necessary to manage the delivery of our services and maintain our ongoing relationship. This may include:

• Contact details
• Company registration information (e.g. company number, registered business address)
• Job descriptions and job titles
• Banking details for invoicing and payment purposes
• Names of team members and other relevant stakeholders or related parties

7.3 Supplier & Vendor & Contractor: Information Collected

The type of information we typically collect and hold about vendors, suppliers, and contractors is necessary to manage the procurement of goods and services, as well as to maintain our business relationship.

This may include:

• Company registration information (e.g. company number and registered business address)
• Contact details
• Banking and payment details
• Purchase orders and related transaction records

8. Purposes

The purposes for which we collect, hold, use, and disclose your personal information may vary depending on your relationship with us. These purposes generally include:

• If you are an Employee: to manage your employment relationship, administer payroll and benefits, ensure compliance with legal obligations, and monitor performance and workplace conduct.
  
• If you are a Customer: to deliver our services, manage our business relationship, facilitate communication, billing, and support, and ensure compliance with contractual and regulatory requirements.
  
• If you are a Vendor, Contractor, or Supplier: to manage the procurement of goods or services, process payments, maintain records, and support our ongoing business relationship.

8.2 Employee Data: Purpose and Use

The personal information we collect, hold, use, and disclose about Employees is typically used for the following purposes:

• Facilitating work placement and employment operations
• Performing recruitment and onboarding functions
• Meeting statistical reporting obligations and statutory compliance requirements
• Verifying your identity
• Providing employment-related services and support
• Supplying and delivering devices, equipment, and other necessary tools for your role

8.3 Customer Data: Purpose and Use

The personal information we collect, hold, use, and disclose about Customers is typically used for the following purposes:

• Managing the customer relationship and delivering services
• Supporting recruitment and talent placement functions
• Providing relevant marketing and communications about our services
• Meeting statistical reporting obligations and statutory compliance requirements

8.4 Vendor, Contractor, or Supplier: Purpose and Use

The personal information we collect, hold, use, and disclose about vendors or suppliers is typically used for the following purposes:

• Procuring products and services
• Processing and paying invoices
• Managing our business relationship with you
• Supporting procurement and vendor management functions
• Meeting statistical reporting obligations and statutory compliance requirements

9. How Personal Information is Collected

The way we collect personal information may vary depending on your relationship with us, such as whether you are an:

• Employee
• Customer
• Vendor, Contractor, or Supplier

We generally collect personal information directly from you—for example, through forms, communications, onboarding processes, or service interactions.

However, in some cases, we may also collect personal information from third parties or publicly available sources. This may occur when:

• It is necessary to verify information you have provided
• You have consented to the collection
• You would reasonably expect us to collect your information in this way

In addition, the technologies used to support communication between you and Team APAC—such as email systems, websites, or other platforms—may automatically provide us with certain personal information. 

9.1 Employee Data: How It Is Collected

We collect personal information when you:

• Email us
• Sign up to our platform
• Participate in telephone, video conference, or face-to-face interviews
• Progress through the recruitment and onboarding process

In some cases, we may also collect personal information from publicly available sources such as newspapers, journals, professional directories, websites, and social media platforms. When this occurs, we manage the information in accordance with this Privacy Policy.

9.2 Customers Data: How It Is Collected

We collect personal information directly from you or your representatives when you:

• Enter into a contract with us for our services
• Sign up to our platform
• Provide information for business or business-related social purposes
• Email us
• Participate in the recruitment process for Employees

We may also collect personal information from publicly available sources such as newspapers, journals, professional directories, websites, and social media platforms. When we do so, we manage that information in accordance with this Privacy Policy.

9.3 Vendor, Contractor, or Supplier: How It Is Collected

We may collect personal information about you in the following ways:

• When you provide it to us for procurement or service management-related purposes
• When you email us
• When you sign up to our platform

We may also collect personal information from publicly available sources, including newspapers, journals, directories, websites, and social media platforms. When we collect information from these sources for inclusion in our records, we handle it in accordance with this Privacy Policy.

10. Photo & Image Data

We may collect photographs and video recordings of you to verify your identity during the recruitment process, particularly if you are a Candidate or Employee. This process may be supported by a third-party service provider, who may capture and store these images on our behalf.

Photographs and video recordings may be retained for up to three years—or longer if required by applicable law—for compliance and verification purposes.

11.  Electronic Transactions

We may collect personal information that you choose to provide via online forms or email. This includes situations where you:

• Subscribe to an email list, such as our company blog
• Register on our website to access features such as job notifications
• Submit an enquiry through our website
• Send us your resume via email or upload it through our website
• Contact us directly by email

Please note that while we take reasonable steps to secure electronic transactions, there are inherent risks associated with using the internet. We encourage you to take appropriate precautions to protect your personal information. For more guidance, we recommend reviewing the OAIC’s resources on Internet Communications and Technologies at https://www.oaic.gov.au.

We use secure systems and processes wherever possible to protect personal information transmitted online.

12.  GDPR Legal Grounds for Processing

If your personal information is subject to the General Data Protection Regulation (GDPR), we process your data under one or more of the following lawful bases:

• Contractual necessity – where we need to process your personal information to enter into or fulfill a contract with you (e.g. an employment or services contract)
• Legitimate interests – where processing is necessary for our legitimate business operations, including the purposes outlined in this Privacy Policy
• Legal obligation – where we are required to process personal information to comply with applicable laws
• Consent – in limited circumstances, where we have asked for and obtained your consent to use your personal information for specific purposes

13. California Privacy Rights (CCPA / CPRA)

If you are a California resident, you have specific rights under the California Consumer Privacy Act (CCPA) and the California Privacy Rights Act (CPRA). This section explains your rights and how you can exercise them.

13. 1 Your Rights Under California Law

As a California resident, you have the right to:

• Know what categories of personal information we collect, use, disclose, and sell
• Access a copy of the personal information we hold about you
• Delete personal information we have collected from you, subject to legal exemptions
• Correct inaccurate personal information
• Opt-out of the sale or sharing of your personal information (if applicable)
• Limit the use and disclosure of sensitive personal information (if applicable)
• Non-discrimination for exercising any of your rights under California privacy laws

13.2. Categories of Personal Information We Collect

In the past 12 months, we may have collected the following categories of personal information:

• Identifiers (e.g. name, email address, phone number, IP address)
• Professional or employment-related information
• Commercial information (e.g. records of services purchased or considered)
• Internet or other electronic network activity (e.g. usage data from our platform)
• Geolocation data (if relevant to service delivery)
• Sensitive personal information (e.g. government ID, where legally required)

We collect this information to provide our services, manage business relationships, comply with laws, and for other purposes described in this Privacy Policy.

13.3. How to Exercise Your Rights

You can request to access, correct, or delete your personal information, or exercise any of your California privacy rights by contacting us at: privacy@teamapac.com

To protect your information, we may need to verify your identity before fulfilling your request.

13.4. Do Not Sell or Share My Personal Information

Team APAC does not sell personal information in exchange for money. However, some data sharing activities (e.g., with service providers or analytics tools) may be considered a “sale” or “sharing” under California law. If you wish to opt out of such practices, please contact us at privacy@teamapac.com.

13.5. Authorized Agents

You may authorize another person to submit a request on your behalf. If you do so, we may require written proof of that authorization and may still verify your identity directly.

14. Regional Privacy Compliance (Asia Pacific)

In addition to our obligations under GDPR and CCPA/CPRA, Team APAC complies with relevant data privacy laws in jurisdictions where we operate. These include, but are not limited to:

• The Privacy Act 1988 (Australia)
• The Personal Data Protection Act (PDPA) (Singapore)
• The Privacy Act 2020 (New Zealand)

15. How Personal Information Is Held

We store personal information in our business systems and retain it only for as long as necessary to fulfil the purposes for which it was collected or as required by law. When the information is no longer needed, we will either de-identify or securely destroy it—provided it is lawful for us to do so.

We take a range of measures to safeguard your personal information from:

• Misuse, interference, and loss
• Unauthorised access, modification, or disclosure

16. Outsourced Service Providers

We engage third-party Outsourced Service Providers (OSPs) to support various aspects of our operations. In the course of providing their services, these providers may have access to some of your personal information.

Typical categories of OSPs include:

• Software and platform solution providers
• IT contractors, database designers, and internet service providers
• Legal, financial, and other professional advisors
• Insurance providers, brokers, underwriters, and loss assessors
• Superannuation and pension fund managers
• Background checking and screening agents
• Government bodies and statutory authorities (as required by local law)

We take reasonable steps to ensure that our OSPs are contractually bound to uphold privacy obligations consistent with this Privacy Policy. This includes ensuring they do not use or disclose personal information in a way that would cause us to breach our own obligations.

You have the right to request details about which OSPs have had access to your personal information.

17. Cross-Boarder Disclosures

Team APAC may transfer your personal information to service providers located outside the country in which you reside, including to jurisdictions that may not offer the same level of data protection as your home country.

For example, we use a third-party platform provider such as Worksuite.com, to support onboarding and workforce management processes. This provider may process your personal information in Ireland (EU).

Where required by law, we take appropriate steps to ensure that such cross-border data transfers comply with applicable privacy regulations. These steps may include using standard contractual clauses, data transfer agreements, or ensuring the recipient is subject to an appropriate certification (e.g., EU-U.S. Data Privacy Framework or binding corporate rules).

18. Your Rights

Depending on the applicable privacy or data protection laws in your jurisdiction, you may have certain rights in relation to your personal information.

These rights may include, but are not limited to:

• The right to access the personal information we hold about you
• The right to request correction or deletion of your personal information
• The right to object to or restrict our processing of your personal information
• The right to data portability
• The right to withdraw consent, where processing is based on your consent
• The right to lodge a complaint with a relevant data protection authority

These rights are subject to the criteria, limitations, and exceptions set out in the relevant laws.

If you wish to exercise any of your rights, please contact us at privacy@teamapac.com.

Depending on the nature of your request and your relationship with us, we may need to verify your identity before taking further action.

18.1 Access to Personal Information

Subject to certain exceptions under applicable privacy laws, you have the right to request access to a copy of the personal information we hold about you.

However, there are important exceptions where access may be limited or denied. These include, but are not limited to:

• Evaluative opinion material obtained confidentially during reference checks, where disclosure would breach obligations of confidentiality or impact the privacy of others
• Confidential feedback received from involved parties as part of the recruitment process
• Internal evaluative material created by Team APAC in assessing your suitability for a role or in the course of providing a work device under an employment agreement

In many of these cases, the individuals providing the information do so with a reasonable expectation of confidentiality. Subject to the requirements of applicable law, we may refuse access if disclosure would breach that confidentiality or the rights of other individuals.

If you wish to access your personal information, please contact us. Depending on the nature of your request, we may need to verify your identity before processing it.

18.2 Erasure or Removal

You may have the right to request the erasure (also known as the “right to be forgotten”) of your personal information, subject to the requirements and exceptions under applicable privacy and data protection laws.

Please note that if you are currently employed by or engaged with Team APAC—either directly or through our Employer of Record (EOR) structure—we may be legally required to retain certain personal information. This includes data necessary to fulfil contractual obligations, meet statutory requirements (such as payroll, taxation, social security, and employment law compliance), and respond to legal or regulatory obligations.

In such cases, we will not delete your personal information immediately but will limit its processing to what is strictly necessary for those legal and operational purposes. Once your engagement ends and the relevant data retention periods have expired, we will proceed with erasure upon your request, in accordance with applicable law.

If you wish to request erasure, please contact us at privacy@teamapac.com. We may need to verify your identity before actioning your request.

18.3  Correction or Rectification

If you believe that any personal information we hold about you is inaccurate, out of date, incomplete, irrelevant, or misleading, you may request that we correct it by contacting us at privacy@teamapac.com.

If we are satisfied that the information requires correction, we will take reasonable steps to ensure it is accurate, up to date, complete, relevant, and not misleading, having regard to the purpose for which it is held.

If we do not make the requested correction, we will take reasonable steps to associate the information with a statement from you indicating that you believe the information is incorrect and have requested a correction.

If we have disclosed inaccurate or outdated personal information to third parties, you may request that we notify those third parties of the correction. We will take reasonable steps to do so unless it is impracticable or unlawful.

We aim to action all correction requests within a reasonable timeframe.

18.4 Restriction of Processing

In certain circumstances, you may have the right to request the restriction of the processing of your personal information. For example, this may apply if you contest the accuracy of the information and we are in the process of verifying it, or where processing is unlawful and you oppose erasure.

18.5 Objection to Processing

You may also have the right to object to the processing of your personal information where it is based on our legitimate interests, including profiling or decisions made solely by automated means. If we receive such an objection, we will assess whether our processing has overriding legitimate grounds or whether we must cease processing your data for that purpose.

18.6 Data Portability

Where applicable, you may request to receive a copy of your personal information in a structured, commonly used, and machine-readable format, or request that it be transferred directly to another service provider or system, where technically feasible.

18.7 Withdrawal of Consent

In cases where we have relied on your consent to process your personal information for a specific purpose, you may withdraw that consent at any time. Withdrawal of consent does not affect the lawfulness of any processing based on consent before its withdrawal.

To exercise any of these rights, please contact us at privacy@teamapac.com. Depending on the nature of your request, we may need to verify your identity before taking further action.

19. Complaints

You have the right to lodge a complaint if you believe that Team APAC has mishandled your personal information or interfered with your privacy.

Complaints may be made directly to us, or to the data protection authority in your jurisdiction.

20. Complaints Procedure

If you wish to make a complaint about our handling of your personal information, please contact our Privacy Officer: privacy@teamapac.com

When we receive your complaint, we will follow these steps:

1. Verify your identity and authority

We will take reasonable steps to confirm the authenticity of the complaint and the contact details provided to ensure that we are communicating with you—or someone you have authorised to act on your behalf.

2. Acknowledge the complaint

Once verified, we will send a written acknowledgment confirming receipt of your complaint and outlining how we will proceed in accordance with our privacy policy.

3. Seek clarification if needed

We may request further details or clarification to better understand your concerns.

4. Investigate the matter

We will consider the complaint and, where necessary, consult individuals or teams who can assist us in understanding what occurred and why.

5. Respond within a reasonable timeframe

We aim to respond within 30 days of receiving your complaint. If a resolution can be achieved through access or correction procedures, we will suggest those options. If we believe an alternative resolution is possible, we may propose that solution to you on a confidential and without-prejudice basis.

6.Escalation if unresolved

If the complaint cannot be resolved through our proposed solutions, we may recommend that you refer the matter to an independent review panel. Please note that the cost of seeking advice or resolution through this panel will be your responsibility.

7. Further escalation

If the complaint remains unresolved, we will suggest that you escalate the matter to the Office of the Australian Information Commissioner (OAIC) or to the relevant data protection authority in your jurisdiction.