Privacy policy

This Policy outlines how we collect, use, store, disclose and safeguards personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). For all individuals associated and interacting with BAAS, including employees, contractors, clients, suppliers and website users.

This Policy applies to:

1. Ensure transparency and accountability in the handling of personal information;
2. Protect the privacy of all individuals interacting with BAAS;
3. Comply with applicable legislative and regulatory obligations.
4. Scope This Policy applies to:
   
   
   • All personal information collected, stored or processed by BAAS;
   • Information collected via our website, digital platforms, email, phone, or written correspondence;
   • Project, service and employment related activities;
   • All BAAS employees, contractors and third party service providers who process personal information on behalf of BAAS.

   Information relating solely to private or personal matters unrelated to BAAS operations is excluded.
   
   

5. Definitions
   
   
   • Personal information: Information or an opinion about an identified or reasonably identifiable individual.
   • Sensitive information: Includes information about racial or ethnic origin, political opinions, religious beliefs, health information or criminal record.
   • You / Your: Refers to the individual whose personal information is collected, used, or stored.
     
     
6. Collection of Personal Information
   
   BAAS collects personal information only where necessary and lawfully, and where reasonably practical, directly from the individual. Information may include:
   
   
   • Name, position, organisation and contact details;
   • Project or service enquiries;
   • Employment or contractor information;
   • Technical data collected automatically via website analytics (e.g. IP address, browser type, webpages visited).

   BAAS will notify individuals of the purpose for which personal information is collected and how it will be used.
   
   

7. Use and Disclosure of persona information personal information will be used only for:
   
   
   • Responding to service or project enquiries;
   • Delivering and managing BAAS services or projects;
   • Improving website functionality, products and services;
   • Complying with legislative, regulatory or contractual obligations;
   • Managing stakeholder or employment relationships.

   BAAS may disclose personal information:

   • To authorise service providers under confidentiality obligations;
   • Where required or authorise by law;
   • To protect the rights, safety, or property of BAAS, individuals or the public.
   • BAAS does not sell, rent or trade personal information.
     
     
8. Data Storage and Security BAAS implements reasonable administrative, technical, and physical security measures to protect personal information against:
   
   
   • Unauthorised access, use or disclosure;
   • Loss, modification or destruction;
   • Cybersecurity threats.
   • Security measures include:
   • Secure electronic storage systems;
   • Restricted access controls;
   • Staff privacy training;
   • Compliance with the Australian Government Information Security Manual (ISM)
     
     
9. Retention and Disposal Personal information is retained only as long as necessary for the purpose of collection or as required by law.
   

    When no longer required, information will be securely destroyed.
   
   

10. Notifiable Data Breaches
    

    If BAAS identifies a data breach likely to result in serious harm, we will:

    • Contain and assess the breach;
    • Notify affected individuals promptly;
    • Notify the Office of the Australian Information Commissioner (OAIC) in accordance with the NDB Scheme.
      
      
11. Cookies and Analytics
    
    Our website may use cookies and analytics tools to collect non identifying information about website usage. This information assists in improving website functionality, security and user experience.
    
    Users may disable cookies via their browser, but some features may not function optimally.
    
    
12. Access and Correction Rights Individuals have the right to:
    • Request access to personal information held by BAAS;
    • Request correction of any inaccurate, incomplete or outdated information;
    • Withdraw consent where personal information is used on a consent basis.

    Requests should be made in writing to [email protected]

    Identity verification may be required.
    
    

13. Cross Border Disclosure
    
    BAAS does not routinely disclose personal information overseas. If international disclosure is necessary (e.g. cloud hosting services), we will ensure that the recipient complies with privacy protections substantially similar to the Privacy Act 1988 (Cth).
    
    
14. Links to Third Party Websites
    
    Our website may link to external websites.
    
    BAAS is not responsible for the privacy practices or content of these sites. Users should review those websites’ privacy policies before submitting personal information.
    
    
15. Complaints and Enquiries If you believe BAAS has breached this Policy or the Privacy Act, please contact:
    

    Building and Acqua Solutions (BAAS) Email: [email protected]

    Phone: 0427 863 947

    If not satisfied with the response, you may contact the OAIC:

    https://www.oaic.gov.au/privacy/privacy-complaints
    
    

16. Policy Review
    
    This Policy is reviewed annually, if required by legislative or operational changes. Updates will be published on the website with the Last Updated date.
    
    
17. Legislative References

• • Privacy Act 1988 (Cth)
  • Privacy and Other Legislation Amendment Act 2024 (Cth)
  • Australian Privacy Principles (APPs 1–13)
  • Notifiable Data Breaches (NDB) Scheme
  • OAIC Australian Privacy Principles Guidelines (2024)
  • Australian Government Information Security Manual (ISM)