Privacy & Security Policy

1. Scope & who we are

This policy explains how we handle personal information when you browse our website, place an order, contact support, interact with our sales team, visit our showroom, or use related services (together, the “Services”).

We comply with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). Where we intentionally offer goods or services to individuals in the EU/UK, we also outline additional disclosures for the GDPR/UK GDPR.

2. What we collect

Sensitive information: We do not seek sensitive information. Please do not provide health, union, or similar sensitive data. If such data is essential (e.g., for site safety), we will seek your consent or rely on a permitted exception.

3. Why we collect (uses)

• To provide and support orders, delivery, installation coordination and warranty service.
• To manage your account, quotes, returns and service requests.
• To improve our website, products, logistics and customer experience.
• To detect, prevent and investigate fraud, abuse or security incidents.
• To meet legal, tax and compliance obligations (e.g., record-keeping).
• With your consent, to send marketing and product updates you can opt out of at any time.

4. Lawful basis & APPs

Under the APPs we collect, use and disclose personal information only for purposes that are reasonably necessary for our functions or activities, or as otherwise permitted by law.

For EU/UK customers (GDPR): our legal bases include contract (to fulfil orders), legitimate interests (e.g., site security, service improvement), consent (marketing, certain cookies), and legal obligation (tax, compliance).

5. Cookies & tracking

We use cookies and similar technologies to run the site, remember preferences, analyse performance and measure advertising.

• Strictly necessary – required for core functionality, checkout, security.
• Functional – remember preferences (e.g., store, currency, login state).
• Analytics – aggregate usage to improve performance and content.
• Advertising – measure campaigns and show relevant ads.

Preferences: You can manage non-essential cookies via our cookie banner or your browser settings. If you block cookies, some features may not work as intended. We currently do not respond to “Do Not Track” signals.

6. Sharing & international transfers

We share personal information only as needed to deliver the Services or as required by law:

• Manufacturers & service agents – for warranty, repairs and technical support.
• Carriers & logistics partners – for deliveries and returns.
• Payment processors & financiers – to process payments or finance applications.
• IT, hosting & security providers – to operate and protect our systems.
• Professional advisers – accountants, auditors, insurers and legal counsel.

Some recipients may be located outside Australia. Where we transfer personal information overseas, we take reasonable steps to ensure the recipient protects it in a way that is substantially similar to the APPs or otherwise complies with applicable law. For EU/UK data, we use appropriate safeguards (e.g., standard contractual clauses) where required.

7. Security

• Encryption in transit (TLS) and encryption at rest where supported by our providers.
• Role-based access controls, least-privilege, MFA for administrative access.
• Network, application and account security monitoring; regular patching.
• Vendor due diligence and data processing agreements with key suppliers.
• Staff training and acceptable-use policies.
• Incident response & NDB: We assess suspected data incidents promptly. If an eligible data breach is likely to result in serious harm, we will notify affected individuals and the OAIC as required under Australia’s Notifiable Data Breaches scheme.

8. Retention

We keep personal information only for as long as necessary for the purposes set out in this policy, including to comply with legal, tax and accounting obligations, to resolve disputes and to enforce agreements.

• Order & tax records: typically 7 years (AU requirements).
• Support tickets & warranty files: typically 2–7 years depending on product lifecycle.
• Call recordings/transcripts (where applicable): typically up to 24 months.
• Analytics & logs: typically 12–24 months.

When no longer needed, information is de-identified or securely destroyed.

9. Your rights

Australia (APPs): You may request access to, or correction of, the personal information we hold about you. We may need to verify your identity and, where permitted, charge a reasonable fee for access.

EU/UK (GDPR): Depending on the circumstances, you may have rights to access, rectification, erasure, restriction, portability and objection, and to withdraw consent where processing is based on consent.

10. Marketing choices

• You can unsubscribe from emails via the link in our messages or by contacting us.
• For SMS, reply STOP or contact us.
• Advertising cookies can be managed via our cookie banner or your browser/device settings.

11. Calls, recordings & AI

• We may record calls or retain transcripts of calls/chats for quality assurance, training and dispute resolution. Where required, we will notify you at the start of the interaction.
• We may use assistive AI tools to summarise conversations, triage requests and improve support. We restrict use to authorised tools and do not permit third parties to use your content to train their general-purpose models without our instruction and safeguards.
• You may ask us not to record a call; if we cannot accommodate, we’ll offer alternative contact methods.

12. Finance & payments

• Payments are processed by secure, PCI-compliant gateways. We do not store full card data on our systems.
• If you apply for equipment finance/leasing with a third-party provider, your application information is handled by that provider under their privacy policy. We may receive status updates or basic information to coordinate your order.
• We may perform fraud checks to protect you and us from unauthorised transactions.

13. CCTV & in-store

When you visit our premises, we may operate CCTV for safety, security and loss prevention. Footage may be disclosed to law enforcement where lawful and retained for a limited period unless required for an investigation.

14. Children

Our Services are designed for business and adult customers. We do not knowingly collect personal information from children. If you believe a child has provided personal information, please contact us so we can take appropriate steps.

15. Complaints

If you have a privacy concern or complaint, please contact us first at [email protected]. We will respond as soon as reasonably practicable (usually within 30 days).

If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner (OAIC) via oaic.gov.au.

16. Changes to this policy

We may update this policy to reflect changes to our practices, technologies, or legal requirements. The “Last updated” date shows the latest version. Significant changes will be notified on our website or by direct notice where appropriate.

FAQs (quick read)