27 Decemeber 2025
www.privacypramga.com (“the Site”) is operated by Privacy Pragma Consulting (ABN 81974577631) of Level 1, 470 St Paul’s Terrace, Fortitude Valley, Brisbane, Australia (“we”, “us” or “our”) and this Privacy Policy (“this Policy”) sets out how we may collect, use, store and share (i.e. ‘process’) information relating to identified or identifiable human beings (‘personal data’) when we do so for our own purposes (as opposed to for purposes of servicing any particular client).
We may update this Policy from time to time by posting the revised version on our Site.
IMPORTANT: The Site is aimed at businesses acting through their duly authorised representatives. We thus have no need for, and do not knowingly process, any data related to people younger than 18 years of age and if you are younger than that, you should not use our Site or otherwise attempt to engage with us.
1 - SITE VISITORS
The personal data we process in relation to people who visit the Site (‘visitor’ or ‘you’) is as follows:
Webform Data: The Site allows visitors to submit a ‘Contact’ webform. Completing and submitting such webform is voluntary, save that in doing so, an email address is required to enable us to respond accordingly. The email address as well as any other personal data you provide via such webform will only be used to consider the relevant query and respond accordingly. Note specifically that we don’t use your email address to send any unsolicited promotional communications unless you have actively opted-in via the Site to receive them.
Technical- & Behavioural Data: The Site may automatically collect the following via cookies and similar mechanisms (as described in our Cookie Notice): (a) technical data (ie data relating to things like your browser type and plug-ins; operating system; generalised location and time zone), which we need for the Site to function properly; and (b) behavioural data (i.e. data relating to like the pages viewed, page interactions and URL clickstreams to, through or from our Site), which we use in an aggregated and anonymous manner to analyse and improve our Site functionality and service offering, noting however that, as the Site doesn’t enable anyone to log in, such technical- and behavioural data won’t be personally-identifiable unless your particular IP address is unique/personal to you or your browsing session has become associated with a webform you submitted.
Third party cookies: Although we have taken measures to deactivate third party cookies from our Site, we make no guarantees in this regard and you acknowledge that third party cookies we don’t control may still be able to track your technical and/or behavioural data from your browsing session on our Site. (These are usually deployed by advertising networks for targeted advertising purposes or by web traffic analysis providers).
2 - CLIENTS & PROSPECTS
The personal data we process in relation to prospective - and actual clients is the same as would be processed in any type of business, essentially being contact details and correspondence. To elaborate:
Contact details: We collect prospective clients’ contact details (i.e. the name, position, email address and/or phone number of its employees/representatives) directly and indirectly in various ways, i.e. via their representatives’ participation at conferences, networking events, seminars etc; our Site ‘Contact’ webform (as explained above); and publicly available sources (eg prospective client’s website; LinkedIn etc). We use these contact details in order to contact the prospect to promote and explain our service offerings and carry out functions incidental thereto. Doing so falls within our overriding legitimate business interests and/or is done in preparation for entering into a service contract with that prospective client. Once a client, the contact details are used to manage the ongoing service relationship and account, including to perform incidental functions like billing and support queries. Clients must confirm the completeness and accuracy of the contact details provided and ensure that the people to whom the personal data relates have been notified and, where required by law, have consented.
Correspondence: We collect and store written communications between ourselves and prospective- and actual clients (be it received via our Site ‘Contact’ webform or via emails exchanged or otherwise), noting that phone- and/or video- calls are not recorded unless otherwise specifically indicated at the time. We use this to facilitate our ongoing discussions with prospects (which is in our legitimate business interests and/or in preparation for our service contract with them), for our own business development purposes more generally (which is in our legitimate interests), and to properly manage the ongoing customer relationships and accounts, including for incidental billing and support functions (as required under our service contract and/or in our legitimate business interests).
Possibly financial information & service history: If a client is a sole trader or partnership, then their bank account details as well as billing and service history would constitute personal data and we process these for purposes of our service contract with them and our ancillary record-keeping purposes.
Service-related data processing: Depending on the specific services provided to any particular client, the service scope may involve the processing of client’s business data, which in turn might include personal data, but any such data processing will be regulated by our service agreement with such client, not this Policy.
3 - VENDORS
The personal data processed in relation to our vendors/suppliers is typical of any other type of business, i.e. contact details (i.e. the name, position, email address and phone numbers of their employees/representatives and of the vendors themselves if they’re sole traders or partnerships); their correspondence with us; and, if they’re sole traders or partnerships, their banking details, invoices and service history. We collect this personal data directly from them via their websites or representatives, with our vendors being responsible for the completeness and accuracy thereof and for ensuring that the people to whom the data relates have been notified and, where required by law, have consented. Personal data related to prospective vendors is collected from publicly available sources (e.g. prospective vendor’s website or LinkedIn), via participation at conferences and other networking events, or via referrals from our existing business associates. We need such personal data to appropriately engage with the vendor for purposes of managing our relationship with it, as required by our contract with it, alternatively in our legitimate business interests.
4 - GENERAL
Data retention: We only retain personal data as needed to satisfy each of the above-specified purposes and for such period thereafter as required or permitted by law. In determining the appropriate retention period, we consider the amount, nature, and sensitivity of the personal data, the potential risk of harm from unauthorised use or disclosure thereof, the purposes for which we process it, and any particular legal requirements.
Data location/s: Our systems (and thus data) are hosted in various countries whilst our staff are located in (and accessing data from) Australia. As our Site is open to visitors from anywhere, if you reside elsewhere (eg the EU), you acknowledge that the laws of Australia and other countries may not be as protective of your privacy as the laws in your country of residence. However, note that for our clients, we take all reasonable steps to ensure that we offer a level of data protection that is considered adequate from the perspective of the data protection laws in the country relevant to those clients.
Data Security: We store personal data electronically and sometimes in hard copy form, treating it all as private and confidential, under password-protection or lock and key. We use well-established, reliable system providers who have robust security measures in place (eg Microsoft, Google).
Data disclosure: We are not in the business of selling, and do not sell, any personal data to others. We only disclose personal data to the extent necessary for the above-specified purposes to our outsourced service providers/systems that perform functions/services on our behalf (most notably being the ‘GoDaddy’ platform powering our Site, and our emailing-, file storage-, and billing systems) as well as our professional advisors. We may further disclose personal data if required or permitted by local law or in a good faith belief that such disclosure is reasonably necessary to: (i) comply with law or legal process (e.g. court order); (ii) enforce our Terms & Conditions, this Policy, or other contracts we’ve entered into; (iii) respond to your requests for service/support; and/or (iv) protect anyone’s rights, property or personal safety. This includes exchanging information with others for fraud protection, spam/malware prevention, and similar purposes.
No automated decision-making: Decisions impacting people in a material way are not taken automatically.
Anonymisation of data: If we conduct a survey which is not fully anonymous, the results may be aggregated and/or anonymised for our further internal business development purposes. Otherwise, we only anonymise personal data as an alternative to deletion where deletion is not reasonably possible.
Your data-related rights: You have the right to not receive any direct marketing messages from us (and you can opt-out by contacting info[@]privacypragma.com); to request information about the personal data of yours we process; to get copies thereof; and to demand the correction of incorrect data. If our personal data processing is based on your consent, you may at any time freely withdraw your consent to the future processing thereof. Depending on your country of residence and specific circumstances, you may also have the right to object to or restrict the extent of processing, and to data deletion and/or portability. You can contact us to exercise such rights at any time and we will respond to you within 30 days or such shorter period as may be required under local law (bearing in mind that we may request certain information from you to verify your identity before responding to your request). Please use the following contact details: info[@]privacypragma.com. (Although you may have the right to complain to your country’s data protection authority, we encourage you to first contact us to facilitate swift resolution of your compliant.)
Privacy queries and complaints: If you have an enquiry regarding your privacy more generally or you wish to raise a complaint, please contact info[@]privacypragma.com.
Links to third party websites: Our Site may contain links to and from other third party websites / applications (eg LinkedIn). Clicking on those links or enabling those connections may allow third parties to collect or share your personal data. We have no control over and are not responsible, nor liable for those third parties and the content, privacy practices or website terms they follow. Please check their policies before you submit any personal data to them.