Privacy Policy


Publication Date: 25 August 2023

E.C.M. (AUST) PTY. LIMITED ACN 010 153 947 (“us”, “we”, or “our”) recognises the importance of your privacy and respects your right to control how your personal information is collected and used.

We are an Australian Privacy Principle Entity (“APP Entity”) as defined in the Privacy Act 1988 (Cth) (the “Act”). This Privacy Policy is aligned with the Australian Privacy Principles as set out in the Act and describes the way that we may collect, hold and disclose personal information. Your privacy is important to us and it is necessary that you understand how we collect, use and disclose your personal information.

This Privacy Policy explains why we collect personal information and how we collect, use, disclose, store and protect your personal information. It also explains how to contact us to correct, update or delete any personal information provided to us, or make a complaint if you have concerns.

We will only collect and process personal information about you where we have a lawful basis to do so. Lawful basis includes consent (where you have given us consent), contract (where the information is necessary to perform an agreement between you and us) and legitimate interests (including security, compliance with applicable laws, and enabling us to administer our business).

You hereby expressly and voluntarily grant your informed consent to us to deal with your personal information in accordance with the terms and conditions of this Privacy Policy. You have the right to withdraw or decline your consent at any time and have the right to object in the event that we do not comply with this Privacy Policy.

For ease of reference we’ve broken up this Privacy Policy into the following topics for your review:

  • Which entities does this Privacy Policy cover
  • What is personal information
  • What personal information do we collect
  • Why do we collect your personal information
  • When and how do we collect your personal information
  • When do we disclose your personal information
  • How do we store and protect your personal information
  • How long do we store personal information
  • What if you don’t want us to collect your personal information
  • What if you don’t want to receive further communications from us
  • How can you access, correct, update and/or delete personal information we have collected
  • What if we transfer your personal information out of Australia
  • How to contact our Privacy Officer
  • Changes to the Privacy Policy

Which entities does this Privacy Policy cover?

This Privacy Policy applies to us, E.C.M. (AUST) PTY. LIMITED ACN 010 153 947, as well as the trusted business partners who we engage to assist in the delivery of services to our customers.
What is personal information?

Personal information is defined as information or an opinion (including information or an opinion forming part of a database), whether true or not, and whether recorded in a material form or not, about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion.

What personal information do we collect?

We may collect or authorise us to access personal and financial information for the purpose of us providing you with the services that you have requested, managing our relationship with you and contacting you about services in which you may be interested.

In some circumstances, we may be required to collect or disclose government identifiers such as your Tax File Number. We will not disclose this information other than as required by law or when consented to by you.

Personal information we may collect may include (but not limited to):

  • name;
  • mailing or street address;
  • telephone number and other contact details;
  • age or date of birth;
  • payment information;
  • booking details;
  • any additional information relating to you that you provide to us; or
  • any other personal information that may be required in order to facilitate your dealings with us.

We may also collect non-personal information, which does not directly identify you, but provides insights into user demographics, preferences, and behavior. This information may include:

  • Browser type and version;
  • Device information;
  • IP address; and
  • Website usage data (e.g., pages visited, time spent on the site).

Why do we collect your personal information?

Generally, we collect personal information from you (or about you) to allow us to:

  • communicate with you about our services and your account;
  • providing a comprehensive service and to deliver accurate advice.;
  • tailor service or product offerings to suit your needs;
  • manage the efficient operation of our services;
  • process payments between you and us;
  • ensure your experience with us is a positive one;
  • notify you about new service offerings, products, promotions or upcoming events; and
  • comply with legal obligations and enforce our policies.

When and how do we collect your personal information?

We collect most personal information directly from you in a number of ways including:

  • Electronically;
  • Via telephone or general conversations;
  • Mail; or
  • Email.

We may also collect personal information about you from our related entities, third parties acting on your behalf (for instance, agents, brokers, financial advisors), government bodies, paid search providers or financial institutions etc. There may be some instances where personal information about you will be collected indirectly because it is unreasonable or impractical to collect personal information directly from you.

When do we disclose your personal information?

Your personal information will not be used contrary to this Privacy Policy but may be disclosed to third parties in the following circumstances:

  • for the purpose it was collected;
  • if we sell all or part of our business(es) and the purchaser also requires your personal information;
  • to enforce our legal rights or those of others;
  • to prevent actual or potential fraud or illegal activity; or
  • if we are required to do so by law.

If personal information is disclosed to a third party, we will take reasonable steps to ensure that the third party is subject to legally enforceable obligations to protect that information which are comparable to the requirements of the Australian Privacy Principles found in the Privacy Act 1988 (Cth).

The types of service providers that may be provided with your personal information are:

  • Organisation involved in facilitating or assisting the operation of the website and delivering of our services where required;
  • Other tax specialists, financial advisers, legal advisers and other organisations involved in providing specialist advice where required;
  • Your appointed representatives or services providers such as your solicitor, financial adviser, or bank;
  • Government authorities and other organisations when required by law; and
  • Other organisations that you have consented to your personal information being disclosed to.

How do we store and protect your personal information?

We take all reasonable measure to ensure that your personal information is stored safely to protect it from misuse, loss unauthorised access, modification or disclosure, including electronic and physical security measures. We cannot guarantee that personal information cannot be accessed by an unauthorised person or that unauthorised disclosures will not occur.

We have obligations to notify you if you are affected by an eligible data breach. We will take all reasonable precautions to take remedial action to prevent such an event. However, as we cannot guarantee that remedial action will be sufficient to prevent all instances of a breach, we will take steps to notify you of an eligible data breach as soon as practicable, and provide recommendations as to what steps you should take to mitigate any serious loss or damage.

How long do we store your personal information?

We retain information for as long as required, allowed or we believe it to be necessary for the provision of our services to user and operation of our business but do not undertake retention obligations. We may dispose of information at our discretion without notice, subject to applicable law that specifically requires the handling or retention of information. You must keep your own separate back-up records.

What if you don’t want us to collect your personal information?

You are not obliged to provide us with your personal information, however, this may impede our ability to provide you with our services.
What if you don’t want to receive further communications from us?

Should you wish to remove yourself from our contact database you may do so at any time by contacting us via the contact details below.
How can you access, correct, update and/or delete personal information we have collected?

At any time you may contact us (details below) and request your personal information be modified or deleted.

We will deal with all requests for access to, modification or deletion of personal information as quickly as possible, but no later than 30 calendar days from the date of your request. We will inform you as soon as we can if we believe additional time will be required to process your request and the reasons why. For example, requests for a large amount of information, or information which is not currently in use, may require further time before a response can be given.

We will provide you your personal information in a structured, commonly used, machine-readable format.

There is no fee for requesting access to your personal information or for us to make corrections. However, we may charge a fee for our costs involved in collating and providing you with access to any personal information. That fee is payable before access is given.

In some cases, we will refuse to give you access to personal information we hold about you. This includes, but is not limited to circumstances where giving you access would:

  • be unlawful;
  • reveal personal information about another individual;
  • prejudice an investigation of unlawful activity;
  • prejudice enforcement related activities conducted by, or on behalf of, an enforcement body;
  • reveal information related to a prosecution if all proceedings relating to the prosecution have not been completed;
  • pose a serious threat to the life, health or safety of any individual, or to public health or public safety; or
  • be contrary to the national interests of Australia.

Further, we will refuse access where we reasonably believe that unlawful activity, or misconduct of a serious nature, is being or may be engaged in against us and giving access would be likely to prejudice the taking of appropriate action in relation to that matter.

If we refuse to give you access we will provide you with reasons for our refusal, unless doing so would be unreasonable in the circumstances. We will also take reasonable steps to give you access in a way that meets your needs without giving rise to the reasons of our refusal. Further, we will provide details of how you may make a complaint about our decision.

Please note that the access and correction requirements under this Privacy Policy operate alongside and do not replace other informal or legal procedures by which an individual can be provided access to, or correction of, their personal information.

What if we transfer your personal information out of Australia?

We only transfer information outside of Australia when it is necessary for the performance of a service you have requested from us, performance of an agreement between you and us or the performance of a contract between us and a third-party where that contract is in your interest.

We may disclose personal information outside of Australia as a result of the use by us of IT service providers who assist in managing our servers, networks, and software including but not limited to “Cloud”-utilising providers. These providers may be based overseas or use overseas infrastructure to perform services for us.

How to contact in relation to this policy or making a complaint

If you have any questions about our Privacy Policy or the way which we handle your personal information or you wish to make a complaint of a potential breach of this policy or the Privacy Act, please contact us on the contact details below.

We will endeavour to respond to your request within 30 days and will inform you if we believe further time will be required to process your request. If you are unhappy with our response, you are entitled to contact the Office of the Australian Information Commissioner.

Mail: 570 Royal Esplanade, Manly QLD 4179
Phone: +61 (07) 3393 3811

Changes to this Privacy Policy?

We reserve the right to modify or amend this Privacy Policy at any time. If any significant amendments occur, notification will be provided by publication on our website 14 days prior to the changes being implemented unless the circumstances of the amendments makes it unreasonable to provide such a notice period.

If you object to any changes, you may close your account.