1. We respect your privacy
Gravitas Enterprises Pty Ltd (“Gravitas”) respects your right to privacy and is committed to safeguarding the privacy of our customers and website visitors. We adhere to the Australian Privacy Principles contained in the Privacy Act 1988 (Cth). These principles and this policy govern the way in which we collect, use, disclose, store, secure and dispose of your personal information.
“Personal information” is information we hold which is identifiable as being about you. Examples of personal information we may hold about you include names, addresses, email addresses and phone numbers.
2. Collection of personal information
Gravitas Enterprises Pty Ltd will, from time to time, receive and store personal information you enter onto our website, provided to us directly or given to us in other forms.
You may provide basic personal information to us to enable us to send information, provide updates and respond to your request.
Additionally, we may also collect any other information you provide while interacting with us.
3. How we collect your personal information
4. Use of your personal information
Gravitas may use personal information collected from you to provide you with information, updates and our services. We may also make you aware of new and additional products, services and opportunities available to you. We may use your personal information to improve our products and services and better understand your needs.
Gravitas Enterprises Pty Ltd may contact you by a variety of measures including, but not limited to telephone, email, sms or mail.
5. Disclosure of your personal information
We may disclose your personal information to any of our employees, officers, insurers, professional advisers, agents, suppliers or subcontractors insofar as reasonably necessary for the purposes set out in this Policy. Personal information is only supplied to a third party when it is required for the delivery of our services.
We may from time to time need to disclose personal information to comply with a legal requirement, such as a law, regulation, court order, subpoena, warrant, in the course of a legal proceeding or in response to a law enforcement agency request.
We may also use your personal information to protect the copyright, trademarks, legal rights, property or safety of Gravitas, its customers or third parties.
If there is a change of control in our business or a sale or transfer of business assets, we reserve the right to transfer to the extent permissible at law our user databases, together with any personal information and non-personal information contained in those databases. This information may be disclosed to a potential purchaser under an agreement to maintain confidentiality. We would seek to only disclose information in good faith and where required by any of the above circumstances.
6. Security of your personal information
Gravitas is committed to ensuring that the information you provide to us is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure information and protect it from misuse, interference, loss and unauthorised access, modification and disclosure.
7. Access to your personal information
You may request details of personal information that we hold about you in accordance with the provisions of the Privacy Act 1988 (Cth). A small administrative fee may be payable for the provision of information. If you would like a copy of the information, which we hold about you or believe that any information we hold on you is inaccurate, out of date, incomplete, irrelevant or misleading, please email us at [email protected].
We reserve the right to refuse to provide you with information that we hold about you, in certain circumstances set out in the Privacy Act.
8. Complaints about privacy
If you have any complaints about our privacy practices, please feel free to send in details of your complaints by mail to 400 George Street, Sydney, NSW 2000 or by email to [email protected]. We take complaints very seriously and will respond as soon as practicable after receiving notice of your complaint.
10.1 When you visit our website
When you visit our website (https://www.gravitasco.com.au/) we may collect certain information such as browser type, operating system, website visited immediately before coming to our site, etc. This information is used in an aggregated manner to analyse how people use our site, such that we can improve our service.
10.3 Third party sites
Our site may from time to time have links to other websites not owned or controlled by us. These links are meant for your convenience only. Links to third party websites do not constitute sponsorship or endorsement or approval of these websites. Please be aware that Gravitas is not responsible for the privacy practices of other such websites. We encourage our users to be aware, when they leave our website, to read the privacy statements of each and every website that collects personal identifiable information.
11. Our client’s data
We work with several clients who include, for example, retailers, banks, insurance companies, and telecommunications providers. Our core business involves receipt and handling of data for the purpose of providing services to those clients. We have strict contractual obligations on our clients and partners to obtain any necessary permissions from their customers or suppliers before disclosing information to Gravitas. The data we receive from our clients contains information about their transactions with their customers or suppliers. Our clients provide this data in de-identified form, after they remove the personal identifiers of any individual person, so that an individual person is not identified or reasonably identifiable by us. We generally do not handle personal information in our core business, except where that personal information relates to our clients’ use of tools we provide to them, such as the contact details of our clients’ authorised users.
In exceptional circumstances, where we agree to work on client engagements that involve analysis of personal information held by our clients, we ensure that such work is done in accordance with strict protocols and safeguards that have been established by us, in consultation with our clients, to comply with relevant privacy and data protection laws, and to mitigate associated risks. These engagements are reviewed and approved by our senior leadership, and data relating to these engagements is only accessed by a limited number of specially authorised Gravitas personnel, where required for the delivery of services to the relevant clients. These engagements are usually performed by accessing personal information of our clients’ customers or suppliers that are located in our clients’ systems, behind their firewalls, and in such circumstances we do not disclose or transmit any personal information to Gravitas. When we work in our clients’ environments, we always abide by the privacy controls and policies set by our clients with respect to our access. In exceptional circumstances if we are requested by our clients to store personal information about our clients’ customers or suppliers on our systems, it is held in a data handling environment isolated and separated from our de-identified data environment (described in 11.1 above), with strict controls, including technical, physical and operational safeguards. When these engagements conclude, we return or destroy the data, as directed by our clients.
Outside the exceptional circumstances described above, where we receive any personal information from our clients in error (including where any information we receive from our client is capable of re-identifying an individual), we will promptly notify the client and delete such information.