Privacy Policy

QA-Data Pty Ltd (“we”, “us”, “our”) values your privacy and is committed to protecting the personal information you share with us. This Policy outlines your rights and how we collect, store, use, disclose, and manage personal information while providing our professional online investigation services across Australia. If you do not agree with this Privacy Policy, please do not provide us with personal information and do not use our services.

 

1. Our Legal Obligations

We operate Nationally and comply with the following laws:

 

Federal

Privacy Act 1988 (Cth) | Australian Privacy Principles (APPs) | Notifiable Data Breaches (NDB) Scheme

 

State/Territory

Information Privacy Act 2014 (ACT)

Privacy and Personal Information Protection Act 1998 (NSW)

Privacy and Data Protection Act 2014 (VIC)

Information Privacy Act 2009 (QLD)

Personal Information Protection Act 2004 (TAS)

Information Act 2002 (NT)

Information Privacy Principles Instruction (SA)

Privacy and Responsible Information Sharing Act 2024 (WA)

 

2. Collection of Personal Information

We only use information that is reasonably necessary for our legitimate business purposes, in compliance with APP 3. We may collect personal information in the following ways:

  • Directly from you, when you engage our services, make enquiries, provide documentation.

  • Indirectly from public or third-party sources, including open-source intelligence, online databases, or lawful data providers operating under appropriate privacy and contractual safeguards.

  • From third parties, such as clients, professional advisers, referrers, or other individuals involved in an investigation, where lawful and appropriately authorised.

  • Automatically via our website, through cookies, analytics, and server logs, which may collect technical data such as your IP address, browser type, operating system, access times, referring URLs, and usage statistics.

 

3. Types of Personal Information Collected

Personal information we collect depends on your interaction with us. It may include:

  • Identity details: name, date of birth, gender, photograph, and address.

  • Contact details: phone number, email address, and postal address.

  • Employment, financial, or tenancy information where legally obtainable.

  • Investigation-related information: open-source and public records, online data, interviews, behavioural observations, and relevant documents.

  • Sensitive information such as Court, ASIC, property, and business-registry data, or other legally relevant data (collected only where lawful and necessary).

  • Technical information: IP address, device identifiers, and browsing data when interacting with our platforms.

Engagement and transaction information:

  • Records of instructions, communications, payments, and deliverables.

 

4. Storage and Protection of Personal Information

Our data is stored securely on encrypted servers, protected databases, and restricted-access systems. Access to all personal data is limited to authorised personnel who require it for legitimate business purposes. When information is no longer needed, it is securely destroyed, anonymised, or de-identified.

 

5. Purpose of Collection, Use, and Disclosure

We collect, use, and disclose personal information for legitimate business and operational reasons, including:

  • Providing investigation and data services, receiving instructions, conducting investigations, and preparing reports.

  • Communicating with clients about services, updates, or invoices.

  • Meeting our legal and regulatory obligations.

  • Conducting internal business processes such as compliance reviews, auditing, and risk management.

  • Improving our services, website functionality, and user experience through analytics and feedback.

 

6. Disclosure of Personal Information

Our data servers and cloud infrastructure are hosted within Australia, ensuring compliance with domestic data protection standards. Disclosure occurs only when necessary for business or legal purposes, including:

  • To trusted service providers such as IT, cloud storage, or billing providers each bound by confidentiality and privacy obligations.

  • To law enforcement or regulatory bodies when required by law or to protect our legal rights and safety.

  • Legal professionals, insurers, or clients.

 

7. Data Security Measures

We take extensive precautions to safeguard your information, including:

  • Data encryption in storage and during transmission.

  • Role-based access controls.

  • System backups and secure destruction processes.

  • Ongoing staff training in privacy and cyber-security.

  • Maintained data breach response plan.

 

8. Access and Correction

You have the right to request corrections if information is inaccurate, outdated, or incomplete. You can contact us via info@qa-data.com.au to discuss the personal information we may hold. We may refuse access where legally permitted (i.e. Information relates to an active investigation).

 

9. Complaints and Enquiries

If you are unsatisfied with our response, you may refer the matter to the Office of the Australian Information Commissioner for further review.