Privacy Notice

Last updated on 26 October 2023


Event Workforce Group Holdings Pty Ltd. (along with its affiliates, Rosterfy Pty Ltd, Event Workforce Group (USA) Inc & Rosterfy Ltd) known as the "Rosterfy Group" (together "us", "we", "our") are committed to protecting your personal information (Privacy Notice).

This Privacy Notice details how we deal with your personal information and has been developed in accordance with the privacy laws applicable to our business, inclusive of the Australian Privacy Act 1988 (Cth), the General Data Protection Regulation (EU) 2016/679 (GDPR) as transposed into domestic legislation of any European Union member state; and any other applicable laws with in respect of which your personal data is subject from time to time (Privacy Laws).

This Privacy Notice will inform you as to how we look after your personal data.
From time to time, there may be more than one data controller of your information within our group where you have engaged different parts of our broader organisation to provide different or jointly delivered services.

This Privacy Notice does not apply to, and Rosterfy Group is not responsible for, any third party websites which may be accessible through links from this website (please see section 12 (Online services - Links to third party sites, services and content) below for more information.)


Scope of Privacy Notice

This Privacy Notice explains and describes:

    1. What kinds of personal information we collect.

    2. Complying with the Health Records Act 2001 (Vic)

    3. Device information

    4. How we collect your personal information.

    5. If you are under 18 years of age.

    6. How we use your personal information.

    7. Legal basis for usage of personal information

    8. Disclosure of your personal information to third parties.

    9. Marketing.

    10. Storage and security.

    11. What cookies are and how we use them.

    12. Online Services – Links to third party sites, services and content.

    13. Disclosure to overseas recipients.

    14. What happens if your personal information is transferred overseas.

    15. Exercising your rights and making a complaint.

    16. Our contact details.


1. What kinds of information do we collect?

The type of personal information that we collect from you may include the following: name, phone number, date of birth, gender, postal and residential address, emergency contact details, email address, social media addresses, employment and volunteer history, education and qualifications, shirt size, profile pictures, whether you have passed a background check, what date you last passed a background check and any other personal information that you submit to us, submit to your user portal or otherwise submit to our website or a Rosterfy Group Application (App).


2. Complying with the Health Records Act 2001 (Vic)

Event employment and volunteering is often physically demanding. Some duties require varying physical attributes. The purpose of collecting your history of previous physical injuries or health conditions is to ensure you are fit to carry out certain tasks at an event. For the purposes of Australian law,  you consent to the collection of your history of previous physical injuries or health conditions. You also consent to our disclosure of your history of previous physical injuries or health conditions to third parties as outlined in this Privacy Notice.


3. Device Information

We may collect information from or about the device where you install or access a Rosterfy Group Application, depending on the permissions you have granted. We may associate the information we collect from your different devices, which helps us provide consistent services across your devices. Here are some examples of the device information we collect:

    • attributes such as the operating system, hardware version, device settings, file and software names and types, battery and signal strength, and device identifiers.

    • device locations, including specific geographic locations, such as through GPS, Bluetooth, or Wi-Fi signals.

    • connection information such as the name of your mobile operator or ISP, browser type, language and time zone, mobile phone number and IP address.

4. How do we collect your personal information?

We collect your personal information directly from you, from your emergency contacts and from third parties. The main ways we collect personal information about you are when:

    • you access our websites;

    • you register with us;

    • you log onto the websites;

    • a third party, including our clients, provides it to us;

    • an accredited body for carrying out background checks provides us with information as authorised by you or by our client (with your consent);

    • you download, log onto or visit a Rosterfy Group Application;

    • a Rosterfy Group Application is running on your phone, tablet or other device (device);

    • you provide personal information about a person you want to act as your emergency contact; and

    • you otherwise submit personal information about yourself, or someone else, to us, our websites or a Rosterfy Group Application.

We will only collect your personal information from third parties if you give the third party your consent to provide the information to us or as otherwise permitted by applicable law.

We may collect information from other sources, such as social media platforms or payment gateways that share information about how you interact with our social media content, and any information gathered through these channels will be governed by the privacy settings, policies, and/or procedures of the applicable social media platform, which we strongly encourage you to review.


5. If you are under 18 years of age

If you are under 18 years of age you must ask your parent or legal guardian to approve your provision of personal information before you submit your personal details to us.


6. How we use of your personal information

This Privacy Notice processes personal information of website users, registered users, clients’ employees, volunteers, candidates, business contacts and other third parties.

We will only use your personal information for the purposes for which it was given to us, or for purposes which are directly related to the provision of our services.

Your personal information may be used by us for the following purposes:

    • To establish or perform in terms of a contract, to:

      • provide the services on a Rosterfy Group Application;

      • register you as a new user;

      • place you in a paid or volunteer position;

      • assess your eligibility for a paid or volunteer position with one of our clients;

      • inform you about future employment or volunteer opportunities;

      • respond to any questions, comments or queries submitted by you; and

      • communicate with you and between you and volunteers.

    • To comply with a legal obligation, including:

      • a request from law enforcement, courts, or other competent authorities.

    • For our legitimate interests:

      • to facilitate the operation of our digital workforce management platform;

      • to enhance and improve your use of our websites, a Rosterfy Group Application and our products and services;

      • for internal business purposes, such as undertaking research, developing system analytics, measuring and developing our services, tracking employee and volunteer usage rates;

      • for us to send relevant marketing communications related to Rosterfy Group, and other information or materials, that or which we feel may interest you; provided your consent.

      • inform you about future employment or volunteer opportunities;

      • to administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data);

      • respond to any questions, comments or queries submitted by you;

      • to prevent fraud;

      • to ensure network and information security, including preventing unauthorised access to electronic communications networks and stopping damage to computer and electronic communication systems; and/or

      • to report possible criminal acts or threats to public security to a competent authority.

    • Where you have given your consent, such as:

      • to receive newsletters with information and services, including relevant marketing communications related to Rosterfy Group, and other information or materials.


7. Legal basis for usage of personal data

Where we use your personal information, we rely on one of the following legal grounds:

Performance of a contract: We may need to collect and use your personal data to enter into a contract with you or to perform in terms of a contract that you have with us and where we respond to your requests and provide you with services in accordance with our terms of business.

Legitimate interests: Where we consider use of your information as being (a) non-detrimental to you, (b) within your reasonable expectations, and (c) necessary for our own, or a third party's legitimate purpose, we may use your personal information, which may include:

Compliance with a legal obligation: We may be required to process your information due to legal requirements, including employment laws, tax laws and other regulatory provisions applicable to Rosterfy Group as a provider of workforce services.

Consent: You may be asked to provide your consent respect of any processing of your personal data for our marketing purposes where you or your employing organisation is not a client of Rosterfy Group, or in respect of certain special categories of personal data such as your health or racial background for which we are legally obliged to gain your consent due to the sensitive nature of such information and the circumstances in which it is gathered or transferred. Where we are reliant upon your consent, you may withdraw this at any time by contacting us in accordance with section 15 (Contact us) below, however please note that we will no longer be able to provide you with the products or services that rely on having your consent.


8. Disclosure of personal information

In certain circumstances, it may be necessary for us to disclose your personal information to third parties in order to assist us in providing our services, or where disclosure is required by us to meet our legal and regulatory obligations. Third parties may include:

    • current Rosterfy Group clients for the purpose of providing our services to them;

    • digital marketing service providers;

    • internal recipients within the Rosterfy Group;

    • technology support services and data storage providers;

    • if you sign up to the Community platform, your profile may be publicly available on the platform;

    • technology support services and data storage providers;

    • government and law enforcement agencies and regulators; and

    • entities established to help identify illegal activities and prevent fraud.

We may also disclose your personal information to anyone authorised by you, or to whom you have provided your consent or where another permitted general situation applies (as defined in the Privacy Laws).

We may in providing our services and operating our business, allow access to your personal data to the different entities within share your personal information inside the Rosterfy Group for our internal administrative purposes such as billing, promoting our events and services, and providing you or your organisation with services, provided in all instances that such processing is consistent with section 7 (Legal basis for usage of personal data) above and applicable law.

We may also disclose your personal information to potential investors in the Rosterfy Group or if an entity within the Rosterfy Group goes through a business transition, such as a merger, acquisition, or a sale of some or all of its business.

9. Marketing

We use personal information about you for the primary purpose of providing you with our services. We may also use it for other purposes for which you might reasonably expect us to use that information.

We may use your personal information to form a view on what we think you may want or need, or what may be of interest to you. This is how we decide which products, services and offers may be relevant for you. You will receive marketing communications from us if you have requested information from us or purchased goods or services from us and you have not opted out of receiving that marketing. 

You can opt out of receiving electronic communication at any time by unchecking the relevant box or, by following the unsubscribe instructions on any communications sent to you. Where you opt out of receiving information about future opportunities or marketing material, we will still send you essential information that we are required to send you relating to the services we provide.


10. Storage and security

The security of your personal information is paramount to us and we use all reasonable endeavours to keep your information in a secure environment and to protect your personal information from misuse, interference, loss, unauthorised access, modification or disclosure. Our information security policy is supported by a variety of processes and procedures, and we store information in access controlled premises or electronic databases requiring logins and passwords.

All employees, officers or contractors of Rosterfy and third party providers with access to personal information are subject to access controls and confidentiality obligations, and we require our third-party data storage providers to comply with appropriate information security industry standards.

Whilst we continually strive to ensure that our systems and controls are updated to reflect technological changes, the transmission of information via the internet is not completely secure, and as such we cannot guarantee the security of your data transmitted to our online services which is at your own risk. If you reasonably believe that there has been unauthorised use or disclosure of your personal information please contact us using the details below in section 16.

We keep records of the personal information we gather from you including storage in the cloud.

When we no longer need your personal information for the purposes we collected it for, unless we are required under applicable law or a court or tribunal order to retain it, we will take reasonable steps to destroy, securely delete, or de-identify your personal information as appropriate.


11. Cookies Policy

Our website and services delivered online use cookies and other similar technologies, for example, to distinguish you from other users when you browse our websites or use our online services and to allow us to improve our online services.

Cookies are small text files that are placed on your computer by websites that you visit. They are widely used in order to make websites work, or work more efficiently to improve the user experience, as well as to provide certain information to the owners of the site.

We may, for example, collect information about the type of device you use to access our online services, the operating system and version, your IP address, your general geographic location as indicated by your IP address, your browser type, the content you view and features you access on our online services, the web pages you view immediately before and after you access our online services, whether and how you interact with content available on our online services, and the search terms you enter on our online services.

Rosterfy Group's website sets cookies which remain on your computer for differing times. Some expire at the end of each session and some remain for longer so that when you return to our website, you will have a better user experience.

Which cookies we use

Detailed below are the cookies we use and why and how long they last.

Google Analytics

We collect standard internet log information and details of visitor behaviour patterns by using Google Analytics cookies. We do this to compile reports and to help us find out things such as the number of visitors to the various parts of our website, so that this can be improved. This information does not identify visitors or collect any personal details. We do not make any attempt to find out the identities of those visiting our websites. We will not associate any data gathered in this way with any personal data from any source.

To provide website visitors with more choice on how their data is collected by Google Analytics, Google have developed the Google Analytics Opt-out Browser Add-on. The add-on communicates with the Google Analytics JavaScript (ga.js) to indicate that information about the website visit should not be sent to Google Analytics. The Google Analytics Opt-out Browser Add-on does not prevent information from being sent to the website itself or to other web analytics services. For more information about Google Analytics Opt-out Browser Add-on please see the link here.]

Control of cookies

Web browsers allow you to exercise some control of cookies through the browser settings. Most browsers enable you to block cookies or to block cookies from particular sites. Browsers can also help you to delete cookies when you close your browser. You should note however, that this may mean that any opt-outs or preferences you set on our website will be lost. To find out more about cookies, including how to see what cookies have been set and how to manage and delete them, visit which includes information on how to manage your settings for the major browser providers


12. Online Services – Links to third party sites, services and content

In addition to our online services, which we control directly, we also use and provide links to websites which are controlled by third parties, which may include:

    • Twitter, LinkedIn and YouTube, where we have certain Rosterfy Group accounts and profiles.

    • Facebook, where we have a social page.

    • Amazon AWS

    • Google Cloud Platform

    • Twillio

    • Mandrill

    • Google (Analytics)

    • Stripe Payment Gateway

If you use or follow a link to any of these third-party websites, please be aware that these websites have their own privacy policies and that we cannot accept any responsibility for their use of information about you.

Our online services may include integrated content or links to content provided by third parties (such as video materials). This Privacy Notice does not address the privacy, security, or other practices of the third parties that provide such content.

We engage third parties that support the operation of our online services, such as analytics providers. These third parties may use technologies to track your online activities over time and across different websites and online platforms. Please see section 11 (Cookies Policy) above for more information.


13. Disclosure to overseas recipients

We may disclose your personal information to overseas recipients, such as an entity within the Rosterfy Group an overseas client or an overseas service provider for the purposes outlined in this Privacy Notice or otherwise as allowed or required by law. By way of example, this may happen if one or more of our third party service providers with whom we share personal data in accordance with section 8 (Disclosure of personal information) are located, or have their servers located, outside your country or the country from which the data were provided.

Whenever we transfer your personal data out of the EU/UK, we ensure a similar degree of protection is afforded to it by ensuring at least one of the following safeguards is implemented:

  • We will only transfer your personal data to countries that have been deemed to provide an adequate level of protection for personal data.

  • Where we use certain service providers, we may use specific contracts approved for use in the EU/UK which give personal data the same protection it has in the EU/UK.

Please contact us if you want further information on the specific mechanism used by us when transferring your personal data out of the EU/UK.

If we transfer your information outside of Australia, we will ensure that your privacy rights continue to be protected and that the overseas recipient handles your personal information in accordance with the Australian Privacy Principles.


14. Exercising your rights and making a complaint

Under certain circumstances, you have rights under Privacy Laws in relation to your personal information. These rights may include:

    • the right to request access your personal information;

    • the right to request corrections or updates to your personal information;

    • the right to request erasure of your personal information;

    • the right to request the portability of personal information that you have provided to us in a structured, commonly used and machine-readable format;

    • the right to withdraw your consent at any time where we are relying on consent to process your personal data. However, this will not affect the lawfulness of any processing carried out before you withdraw your consent. If you withdraw your consent, we may not be able to provide certain products or services to you. We will advise you if this is the case at the time you withdraw your consent.

    • you also have the right to object to, or request the restriction of, our use of your personal information.

If you exercise any of the abovementioned rights, we will respond to your request within a reasonable period of time. This will be subject to any exemptions provided under the Privacy Laws. You may request this information by writing to our Privacy Officer by using the details set out in section 15  (Contact us) below.

We may refuse to provide access where we have legitimate reasons for doing so under applicable Privacy Laws, and in exceptional circumstances may charge a fee for access if the relevant legislation allows us to do so, in which case we will provide reasons for our decision

If you wish to make a complaint, you may do so by providing your complaint in writing to the contact details listed below. You may also make a complaint verbally. We will seek to respond to any complaint within a reasonable period of time. We may seek further information from you in order to provide a comprehensive and complete response.

If you are in Australia, you may also make a complaint to the Office of the Australian Information Commissioner (OAIC). You may contact the Australian Information Commissioner via telephone on 1300 363 992, by submitting a complaint or inquiry online at or by writing to the OAIC at GPO Box 5218 Sydney NSW 2001.

If you are in the UK, you have the right to make a complaint at any time to the Information Commissioner's Office (ICO), the UK regulator for data protection issues ( 

If you are in the EU, you have the right to lodge a complaint with your supervisory authority, whose contact details can be found here

We would, however, appreciate the chance to deal with your concerns before you approach the relevant authority so please contact us in the first instance.


15. Contact us

If you have any questions, or if you wish to contact us for any of the reasons described above, including to correct or access the information we hold about you or to make a complaint, please contact our Privacy Officer:

The Privacy Officer (Global)

121 King Street, Melbourne, Vic 3000. Australia


The Privacy Officer (all regions) for Rosterfy Group is Chris Grant.


Status of this statement

As technologies and information governance practices develop, and data privacy laws (and surrounding guidance) evolve, we may need to revise and vary the terms of this Privacy Notice at any time. You should check this Privacy Notice regularly so that you are aware of any variations made to this Privacy Notice.

We will post any Privacy Notice changes on this page and, if the changes are significant or may materially impact upon your rights, we will provide a more prominent notice or contact you by other means (including, for certain services, email notification of Privacy Notice changes).

Home Page Artwork Clear Background-2-Jan-11-2023-05-34-36-0394-PM