Privacy Policy

Privacy is our priority

This Privacy Policy was last updated on 03 November 2021.
At Sapia, we have two privacy policies, to clearly set out the different ways that we collect, manage, use and disclose the information of:

  • Our clients, prospects and individuals who contact us directly; and
  • candidates who apply for roles with our clients.

This Privacy Policy applies to you if:

  • We’ve contacted you about Sapia (including to provide you with a demo);
  • you’ve contacted us for information, applied to work for us, or completed a product demo on our website;
  • you’re one of our corporate clients;
  • you’re browsing our website, or
  • you are one of our clients’ candidates who contact us for support.
  • If you have applied or are applying for a job with one of our clients who use our interview platform, please refer to our Candidate Privacy Policy.

Who are you?

Sapia&Co Pty Ltd (“Sapia”, “we”, “our”, or “us”) is a software provider, who offers talent intelligence software.

We provide our clients with an artificial intelligence solution which derives patterns from free-text answers collected from candidates during an interview process. Rather than just matching keywords, our technology reads, deciphers, understands, and makes sense of answers. In addition, we may process video responses and/or demographic information on behalf of our clients. We’ll refer to this technology as our “Platform” throughout the rest of this Privacy Policy.

We are committed to protecting your privacy. If you have any questions about this Privacy Policy, please contact us at or write to us by mail at PO Box 1405, St Kilda South, Melbourne, 3182 Victoria, Australia.

If you are a United Kingdom (UK) or European Economic Area (EEA) resident, our representative for data protection queries is Prighter, whose details are available here.

What personal data do you collect?

When interacting with you, we will collect specific information, including personal data (data that could be used to identify you). We may also collect information about you from publicly available sources. This may include, but is not limited to, LinkedIn or ZoomInfo. If we don’t collect your personal data, we may be unable to provide our services to you.

We have provided more information on when and why we collect your personal data in the sections below.

When you contact us by phone, email, social media, our messaging platform or via our “Contact” page with general queries, we will usually collect your name, social media handle and contact details because it’s in our legitimate interest to make sure we can adequately respond to your query.

When you book a personalized online demo, we will collect your name, work email, mobile phone number, organization name, job title and any additional info you provide to us. We collect this under our legitimate interests to respond to your query and potentially enter into a contract with you.

When you attend one of our events or a third-party event, we may collect your personal data, including your name, address, email address and phone number. We collect this information because it’s in our legitimate interests to know who’s attending our events and help promote our business at third party events.

When you subscribe to our company updates or we contact you with outbound marketing, we will collect personal data, including your name, email address, telephone number, job title, IP address, and how and when you interact with our website or Platform. Our clients are primarily businesses or individuals acting in their professional capacity; therefore, when we send you our news updates emails, we do this because of our legitimate interest to promote our business. You can unsubscribe from our updates or update your preferences at any time by clicking the unsubscribe link at the bottom of any of our emails or by emailing

When you browse our website, we collect information about how you use our website. This will only be done with your consent. We use this information to improve our website and to better understand how people use it. Our Cookie Policy sets out more detail on the information we collect and how we do this.

When using an employer account that has been created for you, we will collect personal data, including your name, company email, telephone number and job title. We do this to perform our obligations under the contract between us. To help us develop our Platform and serve you better, we will also collect information using third party services. This may include but is not limited to, Intercom and Hotjar. Data collected may include your IP address, browser details and operating system. We may also collect information about how and when you interact with the Platform (e.g., where you click, scroll your mouse, move in between pages). In this case, we never collect sensitive information such as email addresses, credit card details or passwords. Our Cookie Policy sets out more detail on the information we collect and how we do this.

When you apply for a job to work at Sapia, we may collect your name, contact details, recruitment information (e.g., right to work documentation and references), qualifications, accreditations, test results (inc. psychometric and coding) and any additional information we may receive from our recruitment partners. When you apply to work for us, we’ll also collect your answers to interview questions put to you by our Platform. In some cases, we may also collect video responses. We will use your personal data to assess your suitability for our available roles. We do this to perform a contract or take steps at your request before entering into a contract. Where we process your right to work documentation or criminal record information, we will do so to comply with our legal obligations.

Do you collect any sensitive information or special category data?

Suppose you are applying to work for us and are asked to complete an interview through our Platform. In that case, you may be asked questions about your age, health status, background, racial or ethnic origin, or other sensitive personal data. Our Platform will generally make answering these questions optional. However, if you provide us with sensitive personal data for this purpose, we will process it based on our legitimate interest and because it is necessary for our employment purposes.

We collect this personal data to understand the diversity of job candidates, but only at a general level. After collection, this personal data is anonymised before being shared with any sub-processors or disclosed outside your region (more on this below).

We also collect this personal data to enable our Platform to learn via machine learning algorithms. Again, this helps us improve our Platform for our clients and for job candidates.

What do you do with my information?

The data collected by Sapia is processed by us, and by certain sub-processors on our behalf, for the reasons specified above. We will never sell your personal data to any third party.

In addition to the uses identified elsewhere in this Privacy Policy, we may use your personal data to contact you about billing, account management, and other administrative matters; post customer testimonials and comments on our website, which may contain personal data (only with your consent); send information to you regarding changes to our Terms of Service, Privacy Policy (including the Cookie Policy), or other legal agreements; investigate and help prevent security issues and abuse, or meet legal requirements.

Do you share my personal data with anyone?

We may share your personal data with various parties:

Business partners, suppliers, subcontractors, and group companies for the performance of the contract we enter into with them or you.

Promotional events and marketing organizations, we do not sell data for marketing purposes. Still, we may share your data with an event organizer, including running workshops with co-presenters. We will always tell you before (usually on the event registration form), and you will be given a chance to opt out before we do this.

Regulators/Authorities/Enforcement Agencies if we are under a duty to disclose or share your personal data to comply with any legal obligation, enforce or apply our terms of use and other agreements; or protect the rights, property or safety of our clients or others. This includes exchanging information with other companies and organizations for the purposes of fraud protection.

Prospective buyers of our business under our legitimate interest to ensure that the buyer can continue our company.

Sub-processors to help us provide our services. Like most organizations, we may also share your data with some third-party services and tools. These are known as sub-processors.

By disclosing your personal data, including sensitive information, to us, you consent to this information being provided to third parties to run the Platform and provide services to you. These third parties may include parties based in the United States of America. Contact us for more information.

Do you transfer personal data internationally?

We process and store the data we collect from you using third-party sub-processors, including HubSpot, Intercom, and Amazon Web Services (AWS). HubSpot keeps your information in the USA and Intercom stores information in the EU. Data in AWS may be processed or stored anywhere in the world – ask us for more details.

If you are applying for a job to work with us at Sapia, we will store your recruitment information in Australia.

Sapia is a global organization with clients and employees across the world. To provide you with our services, we need to transfer personal data between our teams for the purposes described in this Privacy Policy. This Privacy Policy continues to apply even when we transfer information outside of your country of residence.

Whenever we transfer your personal data outside of the UK and the EU, we ensure it receives additional protection as required by law. To keep this Privacy Policy as short and easy to understand as possible, we haven’t set out the specific circumstances when these protection measures are used. However, you can contact us for more information.

How long will you keep my personal data or the data of our candidates?

We will only retain your personal data for as long as we need it unless we are required to keep it for longer to comply with our legal, accounting, or regulatory requirements. If you ask us to delete your personal data, we will either permanently de-identify or delete it unless we require it for legal reasons.

In some circumstances, we may carefully anonymise personal data received from job candidates so it can no longer be associated with specific candidates. We may use this anonymised information indefinitely without notifying you or the candidates. We use this anonymised information to improve our Platform through machine learning and tests for adverse impact. Please review our candidate-specific Privacy Policy for further details on managing, using, and disclosing candidates’ personal information.

How do I access or control the personal data you have?

You have various rights under applicable data protection and privacy laws, including the right to:

  • access your personal data (also known as a “subject access request”);
  • correct incomplete or inaccurate data we hold about you;
  • ask us to erase the personal data we hold about you;
  • ask us to restrict our handling of your personal data;
  • ask us to transfer your personal data to a third party;
  • object to how we are using your personal data; and
  • withdraw your consent to us handling your personal data.

To exercise any of your data privacy rights, you should contact us at We will respond to your request within a reasonable timeframe and notify you of our action.

You also have the right to lodge a complaint about how we collect and use your personal data with your relevant supervisory authority. Contact details are freely available, but we have included links to some common supervisory authorities below:


European Union

United Kingdom

What if I have any questions?

We’ve worked hard to create a Privacy Policy that’s easy to read and clear. If you would like more information, please contact our Data Protection Officer at You can also reach us by mail at PO Box 1405, St Kilda South, Melbourne, 3182 Victoria, Australia.

If you are a United Kingdom (UK) or European Economic Area (EEA) resident, our representative for data protection queries is Prighter, whose contact details are available here.