Legal

Privacy policy
Terms of use
Cookie Notice
View policy for:
Rest of the world
EU/UK

1. Introduction

Flow of Work Co Pty Ltd trading as GoFIGR AI (ACN 644 329 840) of 81-83 Campbell Street Surry Hills NSW 2010 Australia (we, us and our) understand that your privacy is paramount, and are committed to protecting your privacy in accordance with the Privacy Act 1998 (Cth) (Privacy Act), the Australian Privacy Principles (APPs) and, where applicable, the General Data Protection Regulation 2016/679 (GDPR) and other relevant and applicable legislation. This policy sets out how we handle information about you.
Where you are a registered customer of ours and you reside in the European Union, we act as the ‘data controller’ of personal data. This means we determine how and why your data are processed in accordance with this Privacy Policy.

We may modify or amend this Privacy Policy from time to time. We will display a notice on our website indicating when any such revisions have been made. This Privacy Policy was last updated on 12 Dec 2024.

Unless you notify us otherwise, we will assume that you have consented to the collection of all information which is provided to us for use in accordance with this Privacy Policy.

2. Collection of personal information

Personal information is information or an opinion about an individual, or an individual who is reasonably identifiable, whether true or not and whether recorded in material form or not.
We may collect personal information from you when you:

(a)    participate in any event, campaign or activity or organised or run by us; or
(b)    visit our website; or
(c)    access our application through this website; or
(d)    contact us by any method, such as telephone, email, social, post, facsimile or in person; or
(e)    sign up to be notified and join our mailing list
(f)     or otherwise as notified to you from time to time, including in any collection notice.

The personal information you provide to us may vary depending on the nature of your interaction with us, but may for example include your name, date of birth, contact details and any communications you send to us.

There may be occasions when we collect information about you from a third party. In such instances, we will determine whether we would have been entitled to collect such information from you and to the extent we would not have been entitled to do so, we will destroy or de-identify such information as soon as reasonably practicable.    

Where possible, we will allow you to interact with us anonymously or using a pseudonym. For example, if you contact us with a general enquiry, we will not ask for your name unless we need it to adequately handle your enquiry.

However, for most of our functions and activities we usually need your name and contact information.

3. Why we collect your data

Data protection law means that we can only use your data for certain reasons and where we have a legal basis to do so. Here are the reasons for which we process your data:
(a)    improving our services;
(b)    customer support, and notifying you of any changes to our service;
(c)    marketing purposes (with your consent)
(d)    other legitimate interests, like gaining insights from your behaviour on our website and enhancing data security.

4. Third parties who process your data

Technology businesses like ours often use third parties to help them host their application, communicate with customers, power their emails and so on. We partner with third parties who we believe are the best in their field at what they do.
Your data is shared only when strictly necessary and according to the safeguards and good practices detailed in this Privacy Policy. Where personal data is transferred to a third party outside of Australia, we take steps to ensure we agree the standard contractual clauses with them. We continually monitor this transfer mechanism. For example, any data transfers to the cloud service providers in the US are encrypted and generally consist of insensitive personal data.

Here are the details of our main third-party service providers, and what data they collect or we share with them, where they store the data and why they need it:

Service Provider Data Collected or Shared Purpose Place of Processing
Amazon Web Services (AWS) Contact details and user data Provides hosting, and used to power our application and platform Australia (Sydney) where possible. USA for non-regional specific AWS services
Google Cloud Platform (GCP) Analytical data and/or contact details and any email attachment(s) you share with us Provides data for analytics, AI, Google Maps geolocation, mail, calendar, and Workplace Gdrive USA
Bubble.io Personal data collected as part of providing our services Provides a part of our website and tech stack needed to provide services to you USA
LightCast Professional experience(s), education(s), and/or qualification(s) and/or skill(s) data Provides data insights used to provide services as part of GoFIGR platform USA
Hotjar Usage and Analytics Provides usage analytics to help improve GoFIGR’s platform USA
Pipedrive Contact Information, including Lead Details, Communication and activity history Used for managing customer relationships, and lead information EU and/or USA
ProxyCurl Public LinkedIn URL Used to retrieve public LinkedIn information about a specific user or company USA and/or Singapore

5. Our website

Our web servers may automatically collect information when you visit our websites, including:
(a)    your IP address;
(b)    the date and time of your visit;
(c)    the parts of our website you access during your visit;
(d)    your actions on our website; and the browser you are using.

In using our websites, your personal information may be collected through the use of cookies. These are small text files placed on your mobile device or computer by our websites which automatically collect information about you without you providing that information to us directly. Most browsers are set by default to accept cookies. However, if you do not wish to receive any cookies you may set your browser to either prompt you whether you wish to accept cookies on a particular site, or by default reject cookies.  You can also delete cookies through your browser settings.

Please note that rejecting cookies may mean that some or all of the functions on our website will not be available to you.

Sometimes our websites contain links to other websites. When you access a website other than our websites, we are not responsible for the privacy practices of that site. We recommend that you review the privacy policies of each website you visit.

6. Using your personal information

The personal information that we collect is generally used to provide products or services to you, and, if you use our website, to track your usage, to evaluate performance of our website, and to keep track of your account settings.  Information collected by us may also be used for the following purposes:
(a)    to provide you with information in relation to the products and services we provide;
(b)   to send email notifications for special promotions or offers conducted by us;
(c)    to conduct marketing activities and to conduct market research;
(d)   to respond to your questions or suggestions;
(e)    to improve the quality of our products or services; or
(f)     to improve the quality of your visit to our Website.

You may opt out of receiving marketing information by notifying us accordingly, or by using any unsubscribe facility we provide for that purpose.

7. Sharing your personal information  

We may disclose information to third party contractors, who help us conduct our business.  Where information is shared with these third parties, we will take all reasonable steps to ensure that third parties observe the confidential nature of such information and are prohibited from using any or all of this information beyond what is necessary to assist us.
We may disclose your personal information to a third party referred to above that is located outside Australia, however due to circumstances which change from time to time it is not practicable for us to specify the countries in which such third parties are located. In all cases, we take all reasonable measures to ensure that applicable legislation is complied with in regard to your personal information.

We may also disclose your personal information as permitted or required by law.

8. Accessing and correcting your personal information

We will, on request, provide you with access to the information we hold about you, including for the purpose of correcting or updating that information, unless there is an exception to such disclosure which applies under relevant or applicable privacy legislation. If you require access to your personal information, please contact our Privacy Officer at privacy@gofigr.ai. You may be required to put your request in writing for security reasons.
For most requests, your information will be provided free of charge, however, where permitted by applicable legislation, we may charge a reasonable fee if your request requires a substantial effort on our part.

If we refuse to provide you with access to the information, we will provide you with reasons for the refusal and inform you of any exceptions relied upon under the APPs (unless it would be unreasonable to do so).

We take reasonable steps to ensure that your personal information is accurate, complete, and up-to-date whenever we collect or use it.  If the personal information we hold about you is inaccurate, incomplete, irrelevant or out-of-date, please contact us and we will take reasonable steps to either correct this information, or if necessary, discuss alternative action with you.

9. Protecting your personal information

We are committed to protecting your personal information. We take appropriate security measures to protect your personal information from misuse, interference or loss, and from unauthorised access, modification or disclosure. This includes the use of technologies and processes such as access control procedures to protect the privacy of your personal information.

10. Change of policy

We may modify or amend this Privacy Policy from time to time. We will display a notice on our website https://gofigr.ai for a reasonable period after any such revisions have been made. We will keep the current version of this Privacy Policy on that website.

11. Contact information

If you have any queries or complaints with regards to our collection, use or management of your personal information, please contact privacy@gofigr.ai
A: Privacy Contact
   81-83 Campbell Street Surry Hills NSW 2010 Australia    

E: privacy@gofigr.ai

If you make a complaint, we will endeavor to respond to it as soon as possible. If you are dissatisfied with our response, you have the right to make a complaint to the Office of the Australian Information Commissioner by phoning 1300 363 992 or by email at enquiries@oaic.gov.au.

Introduction

We are Flow of Work Co Pty Ltd trading as GoFIGR AI (ACN 644 329 840) of 81-83 Campbell Street Surry Hills NSW 2010 Australia. This Privacy Policy describes how we collect and use your personal information in relation to GoFIGR applications, products, services, events, and experiences that reference this Privacy Policy (together, GoFIGR Offerings).
This Privacy Policy also explains your choices surrounding how we use information about you, which include how you can object to certain uses of information about you and how you can access and update certain information about you.

Where we provide any of our GoFIGR Offerings under contract with an organisation (for example, your employer), that organisation controls the information processed by the GoFIGR Offerings. For more information, please see Notice to End Users below. This policy does not apply to the extent we process personal information in the role of a processor on behalf of such organisations. ‍

We may modify or amend this Privacy Policy from time to time. We will display a notice on our website indicating when any such revisions have been made. This Privacy Policy was last updated on 12 Dec 2024.

What information we collect about you

We collect information about you when you provide it to us, when you use our GoFIGR Offerings, and when other sources provide it to us, as further described below.
Information you provide to us: We collect information about you when you input it into the GoFIGR Offerings or otherwise provide it directly to us.

Account and Profile Information: We collect information about you when you register for an account, create or modify your profile, set preferences, sign-up for or make purchases with us.

Content you provide through our products: The GoFIGR Offerings include the GoFIGR products you use, where we collect and store content that you post, send, receive and share. This content includes any information about you that you may choose to include. Examples of information we collect and store under this category include: employment information, professional life information, contact information, and other identifiable information.

Content you provide through our websites: The GoFIGR Offerings also include our websites owned and operated by us. We collect other content that you submit to these websites, which include social media or social networking websites operated by us. For example, you provide content to us when you provide feedback or when you participate in any interactive features, surveys, contests, promotions, activities or events.

Information you provide through our support channels: The GoFIGR Offerings also include our customer support, where you may choose to submit information regarding a problem you are experiencing with any of our GoFIGR Offerings. Whether you designate yourself as a technical contact, open a support ticket, speak to one of our representatives directly or otherwise engage with our support team, you will be asked to provide contact information, a summary of the problem you are experiencing, and any other documentation, screenshots or information that would be helpful in resolving the issue.

Payment Information: We may collect payment and billing information when you use any of our paid GoFIGR Offerings.  For example, we may ask you to designate a billing representative, including name and contact information, upon registration.

Information we collect automatically when you use the GoFIGR Offerings

We collect information about you when you use our GoFIGR Offerings, including browsing our websites and taking certain actions within the GoFIGR Offerings.
Your use of the GoFIGR Offerings: We keep track of certain information about you when you visit and interact with any of the GoFIGR Offerings. For example, this information may include: your activity on any of our GoFIGR products or your activity on any of our GoFIGR websites.

Device and connection information: We collect information about your computer, phone, tablet, or other devices you use to access the GoFIGR Offerings. This device information includes your connection type and settings when you install, access, update or use our GoFIGR Offerings. We also collect information through your device about your operating system, browser type, IP address, URLs of referring/exit pages, device identifiers, and crash data.

Cookies and other tracking technologies: GoFIGR and our third-party partners, such as our advertising and analytics partners, use cookies and other tracking technologies to provide functionality and to recognise you across different GoFIGR offerings and devices. For more information, please see our Cookies Notice, which includes information on how to control or opt out of these cookies and tracking technologies.

Information we receive from other sources

We receive information about you from other GoFIGR Offerings users, from third-party services, from our related companies, social media platforms, public databases, and from our business and channel partners. We may combine this information with information we collect through other means described above. This helps us to update and improve our records, identify new customers, and create more personalised suggestions and services that may be of interest to you.


Other users of the GoFIGR Offerings: Other users of the GoFIGR Offerings may provide information about you when they submit content through a GoFIGR account. For example, your email may be provided by another user of your GoFIGR account to invite you to the service, an administrator may provide your contact information when they designate you as the billing or technical contact on your company’s account or when they designate you as an administrator.

Other partners: We receive information about you and your activities on and off the GoFIGR Offerings from third-party partners, such as advertising and market research partners who provide us with information about your interest in and engagement with, our GoFIGR Offerings and online advertisements.

Third party providers: We may receive information about you from third party providers of business information and publicly available sources (like social media platforms), including physical mail addresses, job titles, email addresses, phone numbers, intent data (or user behaviour data), IP addresses and social media profiles.

How and why do we use your personal data?

Data protection law requires that we only use your personal data for purposes that we tell you about and where we have a legal basis to do so. Here are the purposes and legal bases for which we process the personal data talked about above:
To provide our services to you: To offer and provide you with our GoFIGR Offerings, including to register you with a GoFIGR account, process transactions with you, authenticate you when you log in, and provide customer support.

  • Legal basis for this data usage: Contract, Consent


To otherwise communicate with you: To communicate with you about our services, products or offerings, to manage returns and exchange authorisations, and to answer any queries you have asked us.

  • Legal basis for this data usage: Contract, Legitimate interests (to administer our business)


To personalise your experience: To send you marketing or promotional information; to send you reminders about services or products that you have expressed an interest in, to help you see and find our products and services.

  • Legal basis for this data usage: Consent, Legitimate interests (to send marketing communications to potential customers or customers where we are allowed to; to help us serve relevant advertisements where we are allowed to)


To improve GoFIGR: To improve GoFIGR or any of GoFIGR’s group companies’ products and services, including analytics, research and development or to otherwise manage our business, and including our website.

  • Legal basis for this data usage: Legitimate interests (to improve our business); Consent


To enable us to comply with the law: To comply with any legal or regulatory obligations or requirements that apply to us, including carrying out any identity (anti-fraud) checks that we are required to undertake or to comply with any record-keeping requirements that apply to us.

  • Legal basis for this data usage: Legal obligation


To manage our business relationships: To manage the contract or business relationship we either have with you or your employer.

  • Legal basis for this data usage: Legitimate interests (to manage our contracts and business relationships)


To enforce our rights where needed: To seek professional advice, to enforce or protect our rights, to establish and defend legal claims; to conduct investigations or take action in relation to crime and fraud prevention, risk management, and violation of our terms and conditions for services.

  • Legal basis for this data usage: Legitimate interests (enforcing or protecting our legal rights)


With your consent: We use information about you where you have given us consent to do so for a specific purpose not listed above. See further details about consent below.

  • Legal basis for this data usage: Consent.

Consent

‍If you have consented to our use of information about you for a specific purpose, you have the right to change your mind at any time, but this will not affect any processing that has already taken place.  Where we are using your information because we or a third party (e.g. your employer) have a legitimate interest to do so, you have the right to object to that use though, in some cases, this may mean no longer using the GoFIGR Offerings.

Direct marketing

Under EU/UK data protection legislation, we may send you direct marketing messages either based on preferences you have shared with us or based on products and services which are similar to those which you have already purchased, used or interacted with.
You can always opt-out of receiving marketing messages at any time. If you do not wish to receive marketing messages from us, you can do so by following the unsubscribe link included in the marketing message or by contacting us (see ‘Contact Us’ below).

Who do we share your data with?

Sometimes it is necessary for us to share your personal data with third parties. Your personal data is shared only when we consider it to be necessary and according to the safeguards, and for the purposes, detailed in this privacy notice. We do not sell personal information for monetary consideration.
Third parties: we disclose information to third parties that help us operate, provide, improve, integrate, customise, support and market our GoFIGR Offerings. For example, we work with third-party service providers to provide website and application development, hosting, maintenance, backup, storage, virtual infrastructure, payment processing, analysis, marketing, and other services for us, which may require them to access or use information about you. If a service provider needs to access information about you to perform services on our behalf, they do so under close instruction from us, including appropriate security and confidentiality procedures designed to protect your information. We also may disclose information about you to third parties when you give us consent to do so.

Compliance with enforcement requests and applicable laws: In exceptional circumstances, we may disclose your information about you to a third party if we believe that sharing is reasonably necessary to (a) comply with any applicable law, regulation, legal process or governmental request, including to meet national security requirements, (b) enforce our agreements, policies and terms of service, (c) protect the security or integrity of our products and services, (d) protect GoFIGR, our customers or the public from harm or illegal activities, or (e) respond to an emergency which we believe in good faith requires us to disclose information to assist in preventing the death or serious bodily injury of any person.

Affiliated companies: We disclose information we have about you to other GoFIGR corporate affiliates in order to operate and improve products and services and to offer other GoFIGR affiliated services to you. This includes companies that own or operate the GoFIGR Offerings.

Business transfers: We may disclose or transfer information we collect under this privacy policy in connection with any merger, sale of company assets, financing, or acquisition of all or a portion of our business to another company. You will be notified via email and/or a prominent notice on the GoFIGR Offerings if a transaction takes place, as well as any choices you may have regarding your information.


Service Provider Data Collected or Shared Purpose Place of Processing
Amazon Web Services (AWS) Contact details and user data Provides hosting, and used to power our application and platform Australia (Sydney) where possible. USA for non-regional specific AWS services
Google Cloud Platform (GCP) Analytical data and/or contact details and any email attachment(s) you share with us Provides data for analytics, AI, Google Maps geolocation, mail, calendar, and Workplace Gdrive USA
Bubble.io Personal data collected as part of providing our services Provides a part of our website and tech stack needed to provide services to you USA
LightCast Professional experience(s), education(s), and/or qualification(s) and/or skill(s) data Provides data insights used to provide services as part of GoFIGR platform USA
Hotjar Usage and Analytics Provides usage analytics to help improve GoFIGR’s platform USA
Pipedrive Contact Information, including Lead Details, Communication and activity history Used for managing customer relationships, and lead information EU and/or USA
ProxyCurl Public LinkedIn URL Used to retrieve public LinkedIn information about a specific user or company USA and/or Singapore
Overseas transfers of personal data

From time to time, we may transfer your personal data to parties outside of the EU/UK, e.g. to one of our group companies or to third party service providers with servers located in the United States.
Where we do so, we ensure a similar degree of protection is afforded to your personal data as in the EU/UK. We do this by sending your data to countries that the EU/UK has deemed to provide essentially equivalent protection or by entering into EU/UK approved standard contractual clauses (including the European Union standard contractual clauses alongside the UK addendum) with the relevant party.

How do we protect your personal data?

We care about protecting your personal data. That's why we take steps to make sure that we have in place appropriate security measures to protect your personal data from being damaged, changed, lost, used in the wrong way, or accessed by people who do not have permission.  
In particular, we maintain appropriate physical, organisational and technical measures so as to prevent any loss, misuse, unauthorised access, disclosure, or modification of personal data. This includes access controls, encryption, security audits of our systems and protection of data integrity. Where we use third party service providers to help provide the GoFIGR Offerings, we have contracts in place with those third-party service providers which require them to implement security measures to protect the data they hold and have in place appropriate security measures.

However, please remember that you provide personal data at your own risk: unfortunately, no data transmission over the internet is guaranteed to be 100% secure.

How long do we keep your personal data?
We will retain your personal data for so long as we have a valid purpose, and for so long as required to comply with applicable law, establish legal defences and resolve disputes. When determining this retention period, we take into account any record retention requirements under law and any limitation periods relevant to legal action.

After such time, we will either delete or de-identify your information or, if this is not possible (for example, because the information has been stored in backup archives), then we will securely store your information and isolate it from any further use until deletion is possible.

Cookies
Cookies are used on the website. If you disable or refuse cookies, please note that some parts of the GoFIGR website may become inaccessible or not function properly. We explain our use of cookies further in our Cookie Notice.

Your rights
You have various rights in relation to the personal data which we hold about you. Some of these rights may not always apply, as there are sometimes requirements and exemptions which may mean we need to keep processing the personal data or not disclose it, or other times when the rights may not apply at all. We will always tell you if we think we do not have to comply.

You can exercise your rights by sending us an email at privacy@gofigr.ai
We will seek to deal with your request without undue delay, and in any event within any time limits provided for in the UK GDPR or EU GDPR (this is generally one month, subject to any extensions that may be available to us, which we will always tell you about).

  • You have the right to access information we hold about you: You have the right to obtain a copy of your personal data from us and obtain other supplementary information from us.
  • You have the right to make us correct any inaccurate personal data about you: You have the right to request that we correct any inaccurate or incomplete personal data that we hold about you.
  • You have the right to port your data to another service: We will give you a copy of your data so that you can provide it to another service. If you ask us and it is technically possible, we will directly transfer the data to the other service for you.
  • You have the right to be ‘forgotten’ by us: You can do this by asking us to erase any personal data we hold about you in certain circumstances, including if it is no longer necessary for us to hold that personal data.
  • You can object to us using your personal data: You can object to us using your personal data if we are using it for the purpose of our legitimate interests, including where we are using it for direct marketing purposes.
  • You have the right to restrict our processing: You have the right to restrict our processing of your personal data in certain circumstances. This means that you may be able to limit the way that we use your personal data.
  • You have the right to withdraw consent: Where we are processing your personal data based on your consent, you have the right to withdraw your consent at any time.
  • You have the right to lodge a complaint with the ICO: You can make a complaint to the UK Information Commissioner’s Office, the UK data protection regulator, as directed on their website at www.ico.org.uk.


Notice to End Users
Many of our products are intended for use by organisations. Where the GoFIGR Offerings are made available to you through an organisation (e.g., your employer), that organisation is the administrator of the GoFIGR Offerings and is responsible for the accounts and/or GoFIGR sites over which it has control. If this is the case, please direct your data privacy questions to your account administrator, as your use of the GoFIGR Offerings is subject to that organisation’s policies.

We are not responsible for the privacy or security practices of an administrator’s organisation, which may be different than this policy. Please contact your organisation or refer to your administrator’s organisational policies for more information.

Contact us

Your experience with GoFIGR is important to us.
If you have any questions, concerns or complaints about this Privacy Policy, or how we handle your personal data, please contact our Privacy Officer at privacy@gofigr.ai. We always try to respond within a reasonable period.