CENTRE FOR APPLIED TRANSFORMATION PTY LTD – PRIVACY POLICY

Centre for Applied Transformation Pty Ltd (ABN 51 609 034 577) (we, us or our), understands that protecting your personal information is important. This Privacy Policy sets out our commitment to protecting the privacy of personal information provided to us, or collected by us, when interacting with you.

For individuals located in the European Economic Area (EEA), United Kingdom or Switzerland: Additional rights and protections apply to you under the General Data Protection Regulation (EU) 2016/679 (GDPR) and, for UK residents, the UK General Data Protection Regulation (as incorporated into UK law) and the Data Protection Act 2018 (UK GDPR). Please refer to Appendix 1 at the end of this policy for information specific to your additional rights and how we process your personal information in accordance with GDPR and UK GDPR requirements.

The information we collect

Personal information: is information or an opinion, whether true or not and whether recorded in a material form or not, about an individual who is identified or reasonably identifiable.

The types of personal information we may collect about you include:

  • basic identifying and contact information, such as your name, email or phone number;
  • details about payments to you from us and from you to us and other details of products and services you have purchased from us or we have purchased from you;
  • information you provide to us when you participate in any interactive features or services, including surveys, feedback forms, contests, promotions, activities or events;
  • your preferences in receiving marketing from us and our third parties and your communication preferences;
  • if we need to verify your identity (for example, because we have a legal obligation to do so), your government-issued identification and proof of address documents;
  • if you access any software or websites we make available to you, details about your use of such platforms, which may include username and password details, your internet protocol (IP) address, your search queries or browsing behaviour (including through the use of cookies, tracking pixels, and other analytics tools); or
  • where you are a worker of ours or applying for a role with us, your professional history such as your previous positions and professional experience, or whether you hold required authorisations or licences (if applicable).

Sensitive information is a sub-set of personal information that is given a higher level of protection. Sensitive information means information relating to your racial or ethnic origin, political opinions, religion, trade union or other professional associations or memberships, philosophical beliefs, sexual orientation or practices, criminal records, health information or biometric information. In the course of working with you, we may collect, or come across such sensitive information in different situations, including where you use our proprietary survey tool, take part in our coaching sessions or undertake an interview with us.

How we collect personal information

We collect personal information in a variety of ways, including:

  • when you provide it directly to us, including face-to-face, over the phone, over email, or online;
  • when you complete a form, such as registering for any events or newsletters, or responding to surveys;
  • when you use any software or website we operate and make available to you (including from any analytics and cookie providers or marketing providers. See the “Cookies” section below for more detail on the use of cookies); or
  • from publicly available sources.

Why we collect, hold, use and disclose personal information

Personal information: We collect, hold, use and disclose your personal information for the following purposes:

  • to work with you as a customer or supplier of our business;
  • to contact and communicate with you about our business, including in response to any support requests you lodge with us or other enquiries you make with us;
  • to contact and communicate with you about any enquiries you make with us via any website we operate;
  • for internal record keeping, administrative, invoicing and billing purposes;
  • for analytics, market research and business development, including to operate and improve our business, associated applications and associated social media platforms;
  • for advertising and marketing, including to send you promotional information about our events and experiences and information that we consider may be of interest to you;
  • to run promotions, competitions and/or offer additional benefits to you;
  • if you have applied for employment with us, to consider your employment application; and
  • to comply with our legal obligations or if otherwise required or authorised by law.

Sensitive information: We only collect, hold, use and disclose sensitive information for the following purposes:

  • any purposes you consent to, including your participation in our proprietary survey, which aids our research into your business development;
  • the primary purpose for which it is collected;
  • secondary purposes that are directly related to the primary purpose for which it was collected, including disclosure to the below listed third parties as reasonably necessary to work with you as a customer or supplier of our business;
  • to contact emergency services, or to speak with your family, partner or support person where we reasonably believe there is a serious risk to the life, health or safety of you or another person and it is impracticable for us to obtain your consent; and
  • if otherwise required or authorised by law.

Our disclosures of personal information to third parties

Personal information: We will only disclose personal information (excluding sensitive information) to third parties where it is necessary as part of our business, where we have your consent, or where permitted by law. This means that we may disclose personal information (excluding sensitive information) to:

  • our employees, contractors and/or related entities;
  • IT service providers, data storage, web-hosting and server providers;
  • marketing or advertising providers;
  • professional advisors, bankers, auditors, our insurers and insurance brokers;
  • payment systems operators or processors;
  • our existing or potential agents or business partners;
  • if we merge with, or are acquired by, another company, or sell all or a portion of our assets, your personal information may be disclosed to our advisers and any prospective purchaser’s advisers and may be among the assets transferred;
  • courts, tribunals and regulatory authorities, in the event you fail to pay for goods or services we have provided to you;
  • courts, tribunals, regulatory authorities and law enforcement officers, as required or authorised by law, in connection with any actual or prospective legal proceedings, or in order to establish, exercise or defend our legal rights;
  • third parties to collect and process data, such as analytics providers and cookies; and
  • any other third parties as required or permitted by law, such as where we receive a subpoena.

Sensitive information: We will only disclose sensitive information with your consent or where permitted by law. This means that we may disclose sensitive information to:

  • our employees, contractors and/or related entities;
  • IT service providers, data storage, web-hosting and server providers;
  • professional advisors;
  • if we merge with, or are acquired by, another company, or sell all or a portion of our assets, your personal information may be disclosed to our advisers and any prospective purchaser’s advisers and may be among the assets transferred;
  • courts, tribunals, regulatory authorities and law enforcement officers, as required or authorised by law, in connection with any actual or prospective legal proceedings, or in order to establish, exercise or defend our legal rights;
  • third parties to collect and process data, such as analytics providers and cookies; and
    any other third parties as required or permitted by law, such as where we receive a subpoena.

Overseas disclosure

Storage and access: We store your personal information in Australia. However, your information may be accessed from or transferred to locations outside Australia in these circumstances:

  •  When our service providers are located overseas
  •  When we work with overseas business partners
  •  When using cloud-based services or data storage solutions

Our approach to overseas disclosure:

Before disclosing your personal information overseas, we take reasonable steps to ensure that the recipient treats your information in accordance with applicable law by only sending what is necessary, requiring recipients to protect your information through contractual agreements which require the recipient to comply with the privacy standards in applicable law or through other mechanisms that provide comparable safeguards and by monitoring how recipients handle your information.

Your rights and controlling your personal information

Your choice: Please read this Privacy Policy carefully. If you provide personal information to us, you understand we will collect, hold, use and disclose your personal information in accordance with this Privacy Policy. You do not have to provide personal information to us, however, if you do not, it may affect our ability to work with you as a customer or supplier of our business.

Information from third parties: If we receive personal information about you from a third party, we will protect it as set out in this Privacy Policy. If you are a third party providing personal information about somebody else, you represent and warrant that you have such person’s consent to provide the personal information to us.

Restrict and unsubscribe: To object to processing for direct marketing/unsubscribe from our email database or opt-out of communications (including marketing communications), please contact us using the details below or opt-out using the opt-out facilities provided in the communication.

Access: You may request access to the personal information that we hold about you. An administrative fee may be payable for the provision of such information. Please note, in some situations, we may be legally permitted to withhold access to your personal information. If we cannot provide access to your information, we will advise you as soon as reasonably possible and provide you with the reasons for our refusal and any mechanism available to complain about the refusal. If we can provide access to your information in another form that still meets your needs, then we will take reasonable steps to give you such access.

Correction: If you believe that any information we hold about you is inaccurate, out of date, incomplete, irrelevant or misleading, please contact us using the details below. We will take reasonable steps to promptly correct any information found to be inaccurate, out of date, incomplete, irrelevant or misleading. Please note, in some situations, we may be legally permitted to not correct your personal information. If we cannot correct your information, we will advise you as soon as reasonably possible and provide you with the reasons for our refusal and any mechanism available to complain about the refusal.

How to contact us about your rights or to make a complaint

Step 1: Contact our privacy officer

  • Email: brent.sheridan@c4at.com
  • Phone:  +61 2 9167 3732
  • Post: Suite 607, 80 William St, Woolloomooloo, New South Wales 2011, Australia

Step 2: Our response

We will:

  • Verify your identity before processing your request
  • Investigate thoroughly (for complaints) or process your request (for rights)
  • Respond to you in writing within reasonable timeframes and as required by law
  • Explain what actions we will take and keep you updated on progress
  • Not charge you for making a request (except for reasonable access fees if applicable)
  • Help you understand and exercise your rights

Step 3: If you're not satisfied (complaints only)

If you're not satisfied with our response to your complaint, you can:

  • Ask for a review by our senior management, or
  • Contact external bodies:
  • Australian residents: Office of the Australian Information Commissioner (Phone: 1300 363 992, Website: www.oaic.gov.au)
  • UK residents: Information Commissioner’s Office (Wycliffe House, Water Lane, Wilmslow, Cheshire, SK9 5AF, helpline number: 0303 123 1113, website: https://www.ico.org.uk/make-a-complaint)

You don't have to contact us first before going to the ICO, but we'd appreciate the opportunity to try to resolve your concerns directly with you.

This is the same process whether you want to access your information, correct mistakes, change marketing preferences, or make a complaint about our privacy practices.

Storage and security

We use multiple layers of security to protect your information.

Technical safeguards

  • Enterprise-grade encryption for data storage and transmission
  • Regular security testing and monitoring
  • Automated threat detection systems

Operational security

  • Staff training on security and privacy
  • Strict access controls based on job requirements
  • Regular security audits and incident response procedures testing

Physical security

  • Secure premises with controlled access
  • Secure disposal of physical documents
  • Equipment security protocols

Public information

Please note that any information you choose to share publicly on online platforms (such as comments or reviews) can be accessed and used by others. We cannot control or protect information that you make publicly available.

How long we keep your information

We keep your personal information only as long as we need it for the purposes we collected it, or as required by law. When we no longer need it, we securely destroy or de-identify it.

User-Generated Content

We may enable you to post reviews, comments, photos and other user-generated content. Any content you choose to submit will be accessible by anyone, including third parties not associated with us. We have no control over how others may use or misuse information you make publicly available. We are not responsible for the privacy, security or accuracy of any user-generated content you choose to post or for the use or misuse of that information by any third parties.

Cookies and Analytics

What We Use

We use cookies, tracking pixels, and similar technologies on our website and in our emails to improve your experience and our services.

Cookies

  • Small text files stored on your device
  • Help remember your preferences
  • Enable certain website functions
  • Make your interactions with our website more efficient

Tracking Pixels

  • Tiny, invisible images in web pages and emails
  • Help us understand how you interact with our content
  • Allow us to measure email engagement
  • Enable more relevant content delivery

How we use these technologies

Essential Functions

  • Remember your login status
  • Maintain your session security
  • Store your preferences
  • Enable core website features

Analytics and Performance

  • Understand how our website is used
  • Measure page views and traffic
  • Analyse user navigation patterns
  • Identify areas for improvement

Personalisation

  • Remember your preferences
  • Tailor content to your interests
  • Improve your browsing experience
  • Provide relevant recommendations

Your control

You can manage these technologies by:

  • Adjusting your browser settings to block or delete cookies
  • Using privacy-focused browser extensions
  • Configuring your email client to block images
  • Using our cookie preference settings

Note: Blocking all cookies may affect website functionality and your user experience.

Google Analytics

We use Google Analytics to understand how people use our website. This involves cookies that collect information about your browsing activity. You can opt out of Google's advertising features through your Google account settings, browser add-ons, or your device's privacy settings. Google provides various tools and options to control how your data is used for advertising purposes. You can learn more about how Google uses your data and your available options on Google's privacy pages.

Meta advertising tools

We use Meta's advertising tools (such as Meta Pixel) to understand how our ads perform and to show you more relevant advertisements on Meta platforms like Facebook and Instagram when you visit our website or app. You can manage whether we connect information from our website with your Meta account for advertising purposes by adjusting your settings within your Meta account preferences.

Links to other websites

Our website may contain links to other party’s websites. We do not have any control over those websites and we are not responsible for the protection and privacy of any personal information which you provide whilst visiting those websites. Those websites are not governed by this Privacy Policy.

Use of Artificial Intelligence (AI)

Overview: We may use artificial intelligence and machine learning technologies, including AI Technologies provided by third parties (AI Technologies) in our business operations and the provision of our Services. We will only use AI Technologies when legally permitted and necessary for our business operations.

How we use AI Technologies: We may use AI Technologies for the following purposes:

  • to conduct analysis and processing; and
  • to personalise your experience with our services.

Data Protection and Security: Where we use service providers who provide AI Technologies to us, we will take reasonable steps to ensure that such service providers handle your personal information according to privacy law, including by ensuring that we have contracts in place requiring the service provider to protect personal information.

We will not input your personal information into any platform provided by an AI Technology service provider which then trains its model based on that information.

Your Rights and our Commitments: We will treat information generated or inferred by the AI Technologies about individuals as personal information and you maintain all rights over your personal information as outlined in this privacy policy, regardless of whether AI Technologies are used in processing. When using AI Technologies with your personal information:

  • Transparency and control: we will inform you when AI Technologies are being used to make decisions that may significantly affect you. We will implement processes to verify the accuracy of AI-generated outputs and we will take reasonable steps to maintain human oversight and review of significant AI-generated decisions. Our staff are trained to understand the limitations of AI systems and verify outputs before they are relied upon; and
  • Security: we implement appropriate technical and organisational measures to ensure that our use of AI Technologies maintains the security and integrity of your personal information. This includes regular testing and monitoring of AI outputs for accuracy and reliability; and
  • Risk mitigation: We regularly assess and document the risks associated with our use of AI Technologies in processing personal information and implement appropriate mitigation measures. This includes ongoing monitoring of AI Technologies and regular reviews of their performance and impact.

Amendments

We may, at any time and at our discretion, vary this Privacy Policy by publishing the amended Privacy Policy on our website. We recommend you check our website regularly to ensure you are aware of our current Privacy Policy.

For any questions or notices, please contact us at:
Centre for Applied Transformation Pty Ltd (ABN 51 609 034 577)
Email: brent.sheridan@c4at.com

© LegalVision ILP Pty Ltd