PROJECT: CHANGE PTY LTD ABN 60 165 416 679 and its related bodies corporate , including when operating under the business name Brighten Consulting Group (referred to as “Brighten”, “we”, “us” or “our”), respect your right to privacy and are committed to safeguarding the privacy of individuals, including our employees, suppliers, customers and website visitors, and to the protection of personal information that relates to them in accordance with the laws of Australia, including the Australian Privacy Principles (APPs) as set out in the Privacy Act 1988(Cth) (AU Privacy Act).
“Privacy Law” in this Privacy Policy means all applicable privacy laws, regulations and codes relating to privacy and personal information and includes, but is not limited to, the AU Privacy Act.
Where relevant laws apply to the way we handle the Personal Information we will comply with our obligations.
This Privacy Policy describes the way we collect, use, and disclose personal information (as defined below) that is covered by the applicable Privacy Law. It is not intended to cover categories of information that are not covered by the applicable Privacy Law. If you wish to make any inquiries regarding this Privacy Policy, you should contact us in any of the ways specified in clause 11.
References in this Privacy Policy to “you” are references to you as an individual and/or as a company, organisation or trust as and if applicable under the relevant Privacy Law.
We may, from time to time, review and update this Privacy Policy including to consider new laws, regulations and technology. All personal information held by us will be governed by our most recent Privacy Policy, posted on our website www.brightenconsulting.com.au. Our most recent Privacy Policy will apply to our collection, use and disclosure of Personal Information. At any time, you may withdraw consent to the continued use of your Personal Information, subject to legal and contractual restrictions.
“Personal Information” is information or an opinion by or about an identified individual, or an individual who is reasonably identifiable, whether the information is true or not, and whether recorded in a material form or not. Personal Information does not include information that is aggregated or anonymised.
“Sensitive Information” is Personal Information about an individual that includes health information, genetic information, biometric information or templates, or personal information that is also information or an opinion about an individual’s race or ethnicity, their religious, political or philosophical beliefs, opinions or affiliations, their sexual orientation or criminal record.
We collect Personal Information from clients and customers, employees, contractors, survey participants and other individuals that is reasonably necessary for one or more of our functions or activities, including: to deliver management consultancy services to our clients (in some cases with support from third party providers), to provide insights into the industries in which we work, to provide co-working spaces and to conduct our other business functions; to market and sell our products and services; to improve our products, our marketing and to better understand your needs, to provide you with information and updates, to make you aware of new and additional services and opportunities available to you, and to conduct employee related activities. We will only collect Personal Information that is adequate, relevant and limited to what is necessary for the purposes set out in this Privacy Policy.
Brighten may contact you using a variety of means including, but not limited to telephone, email, SMS and post.
You have the option to deal with us anonymously or by using a pseudonym. However, you acknowledge that where this is impractical or where the law or a court order provides otherwise, we are not required to provide these options to you.
If you choose not to provide your Personal Information to us, we may not be able to undertake certain activities for you (such as providing you with requested information, products or services, or including the information you provide to us in the course of our delivery of recommendations on a consultancy project to a client).
We may collect and hold Personal Information about you such as your name, gender, date of birth, contact details (including your address, phone numbers and emails, whether personal or for work), employment information, credit card or banking details, and in some cases, information related to your education.
We collect Personal Information directly from you in the following circumstances: in the course of delivering a project, when we consult with you directly or in a workshop, when you complete a survey, or when you correspond with us; when we otherwise supply you with services; when you request information about us or our products or services, provide feedback, change your content or email preferences, enter into an agreement or contract with us, fill in a form or a request for services, fill in a form on our website, attend an event, become an employee of Brighten, or otherwise contact us by telephone, facsimile, email, post or in person.
Where required by the applicable Privacy Law, we will seek your consent to the processing of your Personal Information for specific purposes or your explicit consent when processing Sensitive Information (if applicable).
If you provide Personal Information about other individuals to us, you must ensure that you have informed those individuals that you are providing their Personal Information to us and that you have obtained their consent and advised them of our Privacy Policy.
We may also collect Personal Information about you, such as names and email addresses, via third parties including from our clients, suppliers, through events or online marketing.
We may also process your Personal Information in performance of our contractual obligations when we receive it from a third party with whom you have entered a contract or at your request.
In some circumstances we may receive Personal Information that we have not requested. If this occurs, we will comply with our obligations the applicable privacy law. You acknowledge that we may de-identify and/or destroy this information unless we are required to keep it by law.
This Privacy Policy governs how we use, collect or disclose Personal Information provided on our Website. By using our Website you agree to the terms and conditions contained in this Privacy Policy.
We will not collect any Personal Information about users of our Website except when they knowingly provide it.
When you visit and browse our Website, our Website host may collect Personal Information for statistical, reporting and maintenance purposes. Subject to clause 6.2, the Personal Information collected by our Website host will not be used to identify you. The information may include: the number of users visiting our Website and the number of pages viewed; the date, time and duration of a visit; the IP address of your computer; the path taken through our Website; or the browser type, operating system or website visited immediately before coming to our Website.
Our Website host uses this information to administer and improve the performance of our Website, including to assist with the diagnosis of and to provide support for any issues with our Website or services. This information is used in an aggregated manner to analyse how people use our Website, so that we can improve our service.
Cookies are small text files that are transferred to a user’s computer hard drive by a website for the purpose of storing information about a user’s identity, browser type or website visiting patterns.
If you access our Website, a cookie is downloaded onto your computer’s hard drive when you first log on to our Website. We may use cookies to allow us to personalise your browsing on our Website. Most web browsers automatically accept cookies, but you can choose to reject cookies by changing your browser settings. However, this may prevent you from taking full advantage of our Website. Our Website may from time to time use cookies to analyse website traffic and help us provide a better website visitor experience.
Web beacons are images that originate from a third-party site to track visitor activities. We may use web beacons to collect aggregate data and provide this information to our Website host to administer and improve the performance of our Website.
If you follow any links to third-party external websites from our Website, the Privacy Policy will not apply to those websites which may have their own policies relating to privacy and data collection and website usage. Links to third-party websites do not constitute sponsorship or endorsement or approval of these websites. If you choose to access any linked website or to provide any Personal Information on such websites you should review their policies and terms of use to learn more about how they may use your Personal Information. We are not responsible for and will not be liable for the operations or policies of any third-party external website.
We use the Personal Information we collect about you for our business functions and activities, which may include the following:
(a) to provide you with information or services you have requested;
(b) to promote and market our services to you;
(c) to personalise and customise your experiences on our Website;
(d) to deliver our consulting services to our clients;
(e) to provide you with ongoing information about us and our activities;
(f) to use and disclose aggregated or de-identified information for the purposes of data analysis, research and reporting;
(g) to comply with regulatory or other legal requirements;
(h) to protect the copyright, trademarks, legal rights, property or safety of Brighten, its customers or third parties;
(i) for purposes related to the recruitment and employment of our personnel and providing internal services to our staff; and
(j) for any other use required or permitted by law or any other purpose communicated to you at the time that the Personal Information was collected or for which you subsequently provided your consent.
We may, if permitted by the applicable law use your Personal Information for a secondary purpose if that secondary purpose is related to the purposes listed in this clause 5.1, if we have your consent or if otherwise provided for under applicable Privacy Law. In some jurisdictions, you may have the right to opt-out of use of your Personal Information for secondary purposes.
Generally, we will only collect and use your Personal Information in accordance with this Privacy Policy. If we collect or use Personal Information in ways other than as stated in this Privacy Policy, we will ensure that we do so in accordance with applicable Privacy Law.
Depending on the applicable Privacy Law, we may use your Personal Information to provide you with direct marketing materials if you consent to receive direct marketing materials, or as may be permitted by the law in your jurisdiction, if we have an existing relationship with you or if you would reasonably expect us to send you direct marketing materials. If required, we will seek your consent to provide you with direct marketing materials if we have obtained your Personal Information from a third party. Direct marketing material may include promotional material about us or the products or services we offer.
You may opt out of receiving direct marketing material by clicking the unsubscribe facility in the direct marketing materials or by contacting us in any of the ways specified in the direct marketing materials or as set out in clause 11. We may continue to send you non-promotional communications, such as service-related emails and billing information.
Employee records may not be subject to Privacy Laws in the applicable jurisdictions. As such this Privacy Policy may not apply to the handling of employee-related information. Please contact us directly for information about our employee information handling practices.
Depending on the applicable Privacy Law and the nature of your relationship with us, we may disclose your Personal Information to our shareholders, officers and employees, other businesses within our group of companies, service providers who assist us in our business operations and recruitment activities (including third-party service providers based overseas), government agencies, other third parties, (including parties that we engage to provide you with services on our behalf or who are connected with or involved in our relationship with you), or otherwise as required by law.
If there is an actual or prospective change of control in our business or a sale or transfer of business assets, we reserve the right to transfer to the extent permissible at law our user databases, together with any Personal Information and non-personal information contained in those databases. This information may be disclosed to a potential purchaser under an agreement to maintain confidentiality.
We may also disclose your Personal Information to our service providers in certain limited circumstances, for example when our Website experiences a technical problem or to ensure that it operates in an effective and secure manner.
Personal information is only disclosed to a third party when it is required for the delivery of our services. To the extent that we do share your Personal Information with a service provider, we would only do so if that party has agreed to a confidentiality regime in relation to their services and access to your Personal Information.
We may also share non-personal, de-identified and aggregated information for research or promotional purposes in connection with providing requested information or services to you, or for the purpose of improving our services. We will not sell your Personal Information to third parties for their own purposes, including for marketing purposes.
Unless otherwise specified in this Privacy Policy, we will not disclose any of your Personal Information to any other organisation unless the disclosure is required by law, is otherwise permitted by the applicable Privacy Law, or is with your consent.
Your Personal Information may be disclosed outside of your home country to an entity in a foreign country (Overseas Entities).
It is possible that the Overseas Entities may be subject to foreign laws that do not provide the same level of protection of information as in your home country or that provide a greater level of protection than in your home country. We take reasonable steps to ensure that these Overseas Entities do not breach the applicable Privacy Law and that they are obliged to protect the privacy and security of your Personal Information and use it only for the purpose for which it is disclosed.
Brighten is committed to ensuring that the information you provide to us is secure. To prevent unauthorised access to or disclosure of Personal Information, we have taken steps to put in place suitable physical, electronic and managerial procedures designed to safeguard and secure Personal Information and protect it from misuse, interference, loss and unauthorised access, modification and disclosure.
We aim to keep your Personal Information secure and up to date. We will comply with our obligations under applicable Privacy Law in relation to any
Personal Information that we handle, including information which is held on our computer systems. Personal Information that is held by us in hard copy is stored securely and is only disclosed or used for the purposes described in this Privacy Policy.
The Notifiable Data Breaches Scheme (NDB scheme) in Part IIIC of the AU Privacy Act sets out obligations for notifying affected individuals, and the Australian Information Commissioner, about an “eligible data breach” (as defined in the AU Privacy Act) which is likely to result in serious harm.
To the extent required by law, where a data or privacy breach occurs and serious harm to affected individuals has occurred or is likely, we will notify those individuals and the relevant supervisory authority in accordance with our obligations under applicable Privacy Law.
You may contact our Privacy Officer via the contact details below should you require additional information.
We will keep your Personal Information only for as long as required for our business purposes and otherwise as required by Australian and New Zealand law.
Where we no longer need to keep your Personal Information in accordance with this clause 9, we will take steps required by the applicable Privacy Law to destroy or de-identify your Personal Information.
If you wish to have your Personal Information destroyed or de-identified, please let us know and we will take steps required by the applicable Privacy Law to do so (unless we need to keep it for legal, auditing or internal risk management reasons, or as otherwise required or permitted by law).
We will take reasonable steps to ensure that the Personal Information that we hold is accurate, up-to-date and complete. You can request a correction of, or update to, your Personal Information at any time by contacting us in any of the ways specified in clause 11. We welcome any changes to your Personal Information to keep our records up to date.
You are entitled to request access to Personal Information that we hold about you. If you request access to your Personal Information, we will grant your request to the extent required or permitted by applicable Privacy Law. If we refuse your request to access your Personal Information, to the extent required under applicable Privacy Law, we will provide you with written reasons for the refusal.
To exercise any of your rights in relation to Personal Information, including making a request for access, please contact us in any of the ways specified in clause 11. We are entitled to charge you a fee to comply with your request for information.
If you feel that your privacy has not been respected or that we have conducted ourselves inconsistently with this Privacy Policy, or applicable Privacy Law in respect of your Personal Information, or for any other queries, problems, complaints or communication in relation to this Privacy Policy, please contact us in any of the following ways:
Name: Brighten Consulting Group (PROJECT: CHANGE PTY LTD)
Att: Privacy Officer
Email: geraldine@brightenconsulting.com.au
When contacting us please provide as much detail as possible in relation to your query, problem or complaint. We take all complaints seriously and will respond to your complaint in accordance with any applicable timeframes imposed by law and otherwise within a reasonable period. We request that you cooperate with us during this process and provide us with any relevant information that we may need.