Privacy Policy

Effective starting: May 1st2021


Welcome to MY Scorecard
We operate hereinafter referred to as “Service”. Our Privacy Policy governs your visit to, and explains how we collect, safeguard and disclose information that results from your use of our Service. We use your data to provide and improve Service. By using Service, you agree to the collection and use of information in accordance with this policy. Unless otherwise defined in this Privacy Policy, the terms used in this Privacy Policy have the same meanings as in our Terms and Service Agreement. Our Terms and Service (“TOS”) govern all use of our Service and together with the Privacy Policy constitutes your agreement with us.
MY Scorecard is committed to protecting the confidentiality of information and privacy of our clients and other users of our websites and services.
All organisations that process personal data are required to comply with data protection legislation. The Data Protection Laws give individuals (known as 'data subjects') certain rights over their personal data whilst imposing certain obligations on the organisations that process their data.
MY Scorecard considers your right to privacy and the careful handling of your personal data to be extremely important. We make every effort to ensure that the information you provide us with remains private and is only used strictly in accordance with the policy detailed below.
This document provides details regarding MY Scorecard's Privacy Policy and the measures taken to ensure that your personal information is managed with due care and attention. This policy will be reviewed from time to time to take into account new laws and technology, changes to our operations and practices and to make sure it remains appropriate to the changing environment. Any information we hold will be governed by the most current version of the MY Scorecard's Privacy Policy.

What this policy covers


Throughout this policy the following terms have the following meanings :
  • Consent : means any freely given, specific, informed and unambiguous indication of an individual's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.
  • Data Controller : means an individual or organisation which, alone or jointly with others, determines the purposes and means of the processing of personal data.
  • Data Processor : means an individual or organisation which processes personal data on behalf of the data controller.
  • Personal Data : means any information relating to an individual who can be identified, such as by a name, an identification number, location data or an online identifier. Please refer to the section below regarding what comprise "personal data" within the scope of
    MY Scorecard's services.
  • Personal Data Breach : means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data.
  • Processing : means any operation or set of operations performed on personal data, such as collection, recording, organisation, structuring, storage (including archiving), adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction.
  • Profiling : means any form of automated processing of personal data consisting of the use of personal data to evaluate certain personal aspects relating to an individual, in particular to analyse or predict aspects concerning that natural person's performance at work, economic situation, health, personal preferences, interests, reliability, behaviour, location or movements.
  • Service : means the website operated by MY Scorecard.
  • Usage Data : is data collected automatically either generated by the use of Service or from Service infrastructure itself (for example, the duration of a page visit).
  • Cookies : are small files stored on your device (computer or mobile device).
  • Data Subject : is any living individual who is the subject of Personal Data.
  • The User : is the individual using our Service. The User corresponds to the Data Subject, who is the subject of Personal Data.

What Information We Collect About You ?

In order to carry out our business as HR Performance Management System application provider, MY Scorecard may collect your personal information from you, including Information you provide to us.
Account & Contact Data : When you register on our website to use or download one of our products, or to subscribe to one of our services
(MY Scorecard Online, Free Trial, MY Scorecard Mobile Apps, MY Scorecard Dex, MY Scorecard Management, etc), or fill in one of our contact forms, you voluntarily give us certain information. This typically includes your name, Company name, city, industry category, email address, and sometimes your phone number, postal address (when an invoice or delivery is required), and your business sector as well as a personal password. We never record or store credit card information from our customers, and always rely on trusted third-party PCI-DSS-compliant payment processors for credit card processing, including for recurring payment processing.
Browser Data : When you visit our website and access our online services, we detect and store your browser language and geolocation in order to customize your experience according to your country and preferred language. Our servers also passively record a summary of the information sent by your browser for statistical, security and legal purposes your IP address, the time and date of your visit, your browser version and platform, and the web page that referred you to our website.
Content You Provide Through Our Websites : The Services also include our websites owned or operated by us. We collect other content that you submit to these websites, which include social media or social networking websites operated by us. For example, you provide content to us when you provide feedback or when you participate in any interactive features, surveys, contests, promotions, sweepstakes, activities or events. including but not limited to your name, account and profile Information, contact details, qualifications, work history, your right to work in a particular country, language skills, professional qualifications and memberships, your work objectives and other information from attachments.
Information You Provide Through Our Support Channels : The Services also include our customer support, where you may choose to submit information regarding a problem you are experiencing with a Service. Whether you designate yourself as a technical contact, open a support ticket, speak to one of our representatives directly or otherwise engage with our support team, you will be asked to provide contact information, a summary of the problem you are experiencing, and any other documentation, screenshots or information that would be helpful in resolving the issue.
Payment Information : We collect payment and billing information when you register for certain paid Services. For example, we ask you to designate a billing representative, including name and contact information, upon registration. You might also provide payment information, such as payment card details, which we collect via secure payment processing services.

How does MY Scorecard collect your data ?

In most cases, MY Scorecard collects personal data directly from you by telephone, email or via our website, mobile app and desktop app. For example, data will be collected from you when you:
  • Supply an application form.
  • Fill out and submit a registration form.
  • Submit any other information in connection with your application for registration.
  • Directly or indirectly supply information to your Company to be registered on MYSC Application.
To the extent that you access our website or read or click on an email from us, we may also collect certain data automatically or through you providing it to us, such as a browser cookie.
MY Scorecard requires you to provide signed consent (including digital signing) to enable us to collect personal data from you or third parties. Such consent should only be given after you have read and understood this Privacy Policy.

How we use the information ?

The reason that MY Scorecard uses your personal information is so that we can provide you with our services by managing your tasks or projects related to your role. We use your personal information so that we can understand your skills, experience and qualifications. More specifically,
MY Scorecard may use your information for the following reasons :
  • To provide you and/or your employer with your personal report.
  • To inform you and/or employer about any relevant industry developments.
  • To send you details of any events or promotions.
  • To maintain and promote MY Scorecard's business relationships.
  • To be able to use MY Scorecard application.
Our Legal Bases For Processing Your Data
MY Scorecard processes personal data in relation to its own staff and candidates and is a data controller for the purposes of the Data Protection Laws. MY Scorecard will only process personal data where it has a legal basis for doing so.
MY Scorecard requires that you give your consent to the processing of your personal data in relation to MY Scorecard's services and application. We believe this explicit consent is essential for both MY Scorecard and you to ensure both parties clearly understand their rights and the intentions of all involved in the consultation process. This basis for processing is in accordance with Article 6(1)(a) of the GDPR, which states "you have given consent to the processing of his/her personal data for one or more specific purposes".
Legitimate Interests
As a HR Performance Management System application provider, it is in both MY Scorecard's interest and yours, as a user of Services, for
MY Scorecard to process your information in order to provide you with the most effective and efficient service. This basis for processing is in accordance with Article 6(1)(f) of the GDPR, which states "processing is necessary for the purposes of the legitimate interests pursued by
MY Scorecard or by a third party, except where such interests are overridden by the interests or fundamental rights or freedoms of you which require protection of personal data".
Whilst MY Scorecard does not require a formal contract to be signed by you, the user, we believe that there is an agreement between you and MY Scorecard for MY Scorecard to provide you with services. This agreement is made explicit after you provide MY Scorecard with your personal information for the purposes of MY Scorecard providing you with services and after you provide your consent for MY Scorecard to hold and process your information. As such, in accordance with Article 6(1)(b) of the GDPR, MY Scorecard processes your personal information "for the performance of a contract to which you are party or in order to take steps at the request of you prior to entering into a contract".
Disclosure of Personal Data
MY Scorecard may disclose your personal data to third parties :
  • To a professional association or registration body that has a legitimate interest in the disclosure of your personal and sensitive information.
  • In order to comply with any requests from regulatory or law enforcement authorities to release such personal data if they so require.
  • To share your information with other consultants within the MY Scorecard for the purposes of providing you with services in other locations.
  • To utilise third party service providers who perform functions on our behalf (including external consultants and professional advisers such as lawyers, auditors and accountants, technical support functions and IT consultants carrying out testing and development work on our IT systems) where we have an appropriate processing agreements (or similar protections) in place.
  • Third party outsourced IT and document storage providers where we have an appropriate processing agreements (or similar protections) in place.
  • Marketing technology platforms and suppliers.
  • If MY Scorecard or its business merges with or is acquired by another business or Company, we may share personal information with the new owners of the business or Company. You would be sent notice of such event.
  • To enhance our HR Performance Management System service.
Management and Security of Personal Data
MY Scorecard takes the responsibility of the management and security of your personal data extremely seriously. And in accordance with the General Data Protection Regulation, MY Scorecard, acting as a data controller and data processor, follows the key principles of data protection. These require that personal data be:
  1. Processed lawfully, fairly and in a transparent manner.
  2. Collected for specified and legitimate purposes and not further processed in a manner that is incompatible with those purposes.
  3. Adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed.
  4. Accurate and kept up to date, every reasonable step is taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased or rectified without delay.
  5. Kept for no longer than is necessary for the purposes for which the personal data are processed.
  6. Processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful processing and against accidental loss, destruction or damage, using appropriate technical or organizational measures, and that
  7. MY Scorecard shall be responsible for, and be able to demonstrate, compliance with the principles.
Retention Period
MY Scorecard will retain your personal data during the period that you and/or employer are our user wishing to use our services. Our relationship with you as a user may continue for several years but at any time, should you wish for your data to be erased, MY Scorecard will act promptly to delete your data from all of our databases in a timely manner, with approval of your employer.
Data Maintenance
Our aim is to make sure that the personal information that we hold is accurate and up to date. We realise that information changes frequently with changes in personal circumstances. Should your details change, please contact your employer to inform them. If you and/or your employer have created a profile with MY Scorecard through our website or apps, then you and/or your employer are able to update your personal information whenever you want. In order to do this, log into your profile and edit the information you have submitted.
Aggregate Information About Website Visitors
MY Scorecard gathers statistics about all visitors to our websites worldwide. We only use such data in aggregate so that the information we gather does not identify individual behaviour. We use such information to monitor the most effective parts of our websites in order for us to be able to improve our online offering for the benefit of our users.
A cookie is a simple text file that is stored on your computer or mobile device by a website's server. Each cookie is unique to your web browser. It will contain some anonymous information, such as a unique identifier and the site name.
MY Scorecard also uses 'analytical' cookies in order to enable us to improve the way our website functions, for example, by making sure users are able to find what they need easily.
When you visit MY Scorecard's website, upon your consent, we will access your browser cookies. We use them to remember your login details, to track overall web traffic and to access information in cache about your session in order to assist you in the use of our website. Information such as your last search will be cached. However, this kind of information will be deleted each time you close your web browser. Most browsers will allow you to block access to your cookies. However, by blocking MY Scorecard's access to your cookies, your use of our websites will be restricted.
Your Rights Under GDPR (General Data Protection Regulation)
Under GDPR, the data subject has certain important rights. These include (but are not limited to) the following :
1. The Right for Access to Data and Data Portability
  • You have the right to receive your personal data, which you have provided to us previously, in a structured, commonly used and machine-readable format. Further you have the right to request us to transmit your personal data to another data controller in circumstances where:
    • The processing is based on your consent or a contract.
    • The processing is carried out by automated means.
  • Where feasible, MY Scorecard will send the personal data to a named third party upon your request.
2. The Right to Have Data Rectified
You may request MY Scorecard to rectify any inaccurate or incomplete personal data concerning yourself, with approval of your employer. If MY Scorecard has given your personal data to any third parties we will tell those third parties that we have received a request to rectify your personal data unless this proves impossible or involves disproportionate effort. Those third parties should also rectify the personal data they hold. However, MY Scorecard is not in a position to audit those third parties to ensure that the rectification has occurred.
3. The Right to Be Forgotten
  • This refers to your right to have your personal data completely deleted from our database, including from any third parties who may have access to that data. Further, the request to "be forgotten" must be as easy as it was to give consent, with approval of your employer.
  • You may request, at any time, to have your personal data deleted completely from all MY Scorecard's databases. Upon receipt of such a request, we will ask you whether you want your personal data to be removed entirely or whether you are happy for your details to be kept on a list of individuals who do not want to be contacted in the future (for a specified period or otherwise). We cannot keep a record of individuals whose data has been erased completely so you may be contacted again by MY Scorecard should we come into possession of your personal data at a later date.
  • If MY Scorecard has given the personal data to any third parties, it will tell those third parties that we have received a request to erase the personal data, unless this proves impossible or involves disproportionate effort, with approval of your employer. Those third parties should also rectify the personal data they hold. However, MY Scorecard is not in a position to audit those third parties to ensure that the rectification has occurred.
  • It should be noted that where there are legal requirements for MY Scorecard to store data for a certain period of time, related to our business, which includes elements of your personal data, we will not be able to delete that data until after the statutory retention period.
4. The Right to Restrict The Processing of Your Data
  • You have the right to ask MY Scorecard to restrict its processing of your personal data where :
    • You challenge the accuracy of the personal data we are storing.
    • The processing is unlawful but you oppose its erasure.
    • MY Scorecard no longer needs your personal data for the purposes of the processing, but your personal data is required for the establishment, exercise or defence of legal claims.
    • You have objected to processing (on the grounds of a public interest or legitimate interest) pending the verification of whether the legitimate grounds of MY Scorecard override those of the individual.
  • If MY Scorecard has given your personal data to any third parties we will tell those third parties that we have received a request to restrict the personal data, unless this proves impossible or involves disproportionate effort. Those third parties should also rectify the personal data they hold. However, MY Scorecard is not in a position to audit those third parties to ensure that the rectification has occurred.
5. The Right to Lodge a Complaint
  • You have the right to object to your personal data being processed based on a public interest or a legitimate interest. You also can object to the profiling of your data based on a public interest or a legitimate interest.
  • Upon receiving a claim from you and/or your employer, MY Scorecard shall cease processing unless it has compelling legitimate grounds to continue to process the personal data which override the individual's interests, rights and freedoms or for the establishment, exercise or defence of legal claims.
  • You also have the right to object to your personal data being used for direct marketing
6. The Right to Object to Automated Decision Making
  • MY Scorecard will not subject individuals to decisions based on automated processing that produce a legal effect or a similarly significant effect on the individual, except where the automated decision :
    • Is necessary for the entering into or performance of a contract between the data controller and the individual.
    • Is authorised by law.
    • The individual has given their explicit consent.
  • MY Scorecard will not carry out any automated decision-making or profiling using the personal data of a child.
7. Enforcement of Rights
All requests regarding individual rights should be sent to the contact detail listed at the bottom of this policy document. MY Scorecard shall act upon any data subject access request, or any request relating to rectification, erasure, restriction, data portability or objection or automated decision making processes or profiling within one month of receipt of the request. MY Scorecard may extend this period for two further months where necessary, taking into account the complexity and the number of requests.
Where MY Scorecard considers that a request is manifestly unfounded or excessive due to the request's repetitive nature then we may either refuse to act upon the request or may charge a reasonable fee, taking into account the administrative costs involved.
8. Changes to This Privacy Policy
MY Scorecard may amend this Privacy Policy from time to time. We suggest that you visit our website regularly to keep up to date with any changes.

How to Access and Control Your Information ?

You have certain choices available to you when it comes to your information. Below is a summary of those choices, how to exercise them and any limitations.
Your Choices or Your Employer Choices : You have the right to request a copy of your information, to object to our use of your information (including for marketing purposes), to request the deletion or restriction of your information, or to request your information in a structured, electronic format. Below, we describe the tools and processes for making these requests. You can exercise some of the choices by logging into the Services and using settings available within the Services or your account. Where the Services are administered for you by an administrator see "Notice to End Users" below, you may need to contact your administrator to assist with your requests first. For all other requests, you may contact us as provided in the Contact Us section below to request assistance.
Your request and choices may be limited in certain cases for example, if fulfilling your request would reveal information about another person, or if you ask to delete information which we or your administrator are permitted by law or have compelling legitimate interests to keep. Where you have asked us to share data with third parties, for example, by installing third-party apps, you will need to contact those third-party service providers directly to have your information deleted or otherwise restricted. If you have unresolved concerns, you may have the right to complain to a data protection authority in the country where you live, where you work or where you feel your rights were infringed.
Access and Update Your Information : Our Services and related documentation see on “Tutorial Video” give you the ability to access and update certain information about you from within the Service. For example, you can access your profile information from your account and search for content containing information about you using key word searches in the Service. You can update your profile information within your profile settings and modify content that contains information about you using the editing tools associated with that content.
Deactivate Your Account : If you no longer wish to use our Services, you or your administrator may be able to deactivate your Services account. If you can deactivate your own account, that setting is available to you in your account settings. Otherwise, please contact your administrator. If you are an administrator and are unable to deactivate an account through your administrator settings, please contact the appropriate support team ( Please be aware that deactivating your account does not delete your information, your information remains visible to other Service users based on your past participation within the Services.
Delete Your Information : Our Services and related documentation (see website) give you the ability to delete certain information about you from within the Service. For example, you can remove content that contains information about you using the key word search and editing tools associated with that content, and you can remove certain profile information within your profile settings. Please note, however, that we may need to retain certain information for record keeping purposes, to complete transactions or to comply with our legal obligations.
Request That We Stop Using Your Information : In some cases, you may ask us to stop accessing, storing, using and otherwise processing your information where you believe we don't have the appropriate rights to do so. For example, if you believe a Services account was created for you without your permission or you are no longer an active user, you can request that we delete your account as provided in this policy. Where you gave us consent to use your information for a limited purpose, you can contact us to withdraw that consent, but this will not affect any processing that has already taken place at the time. You can also opt-out of our use of your information for marketing purposes by contacting us, as provided below. When you make such requests, we may need time to investigate and facilitate your request. If there is delay or dispute as to whether we have the right to continue using your information, we will restrict any further use of your information until the request is honoured or the dispute is resolved, provided your administrator does not object (where applicable).

How We Transfer Information We collect internationally ?

MY Scorecard is an international Company, headquartered in Indonesia. Our databases are located in Indonesia, upon receipt of your personal information, it will be transferred quickly (and securely) to our systems hosted in Indonesia. Further, in order to ensure that your data is secure, when we transfer data outside of Indonesia, we will only transfer to those locations where the target location is compliant with data protection legislation and by means of transfer which have adequate safeguards applied.
Implementation of Policy
This Policy shall be deemed effective as of 1st May 2021. No part of this Policy shall have retroactive effect and shall thus apply only to matters occurring on or after this date.
You can contact our Support Team at or at the following address.
MY Scorecard