Privacy Policy


1. We respect your privacy

  • 1.1 

    Gravitas Enterprises Pty Ltd (“Gravitas”) respects your right to privacy and is committed to safeguarding the privacy of our customers and website visitors. We adhere to the Australian Privacy Principles contained in the Privacy Act 1988 (Cth). These principles and this policy govern the way in which we collect, use, disclose, store, secure and dispose of your personal information. 

  • 1.2

    “Personal information” is information we hold which is identifiable as being about you. Examples of personal information we may hold about you include names, addresses, email addresses and phone numbers.


2. Collection of personal information

  • 2.1
    Gravitas Enterprises Pty Ltd will, from time to time, receive and store personal information you enter onto our website, provided to us directly or given to us in other forms.

  • 2.2

    You may provide basic personal information to us to enable us to send information, provide updates and respond to your request.

  • 2.3
    Additionally, we may also collect any other information you provide while interacting with us.



3. How we collect your personal information

  • 3.1

    Gravitas collects personal information from you in a variety of ways, including when you interact with us electronically or in person, when you access our website and when we provide our services to you. We may receive personal information from third parties. If we do, we will protect it as set out in this Privacy Policy.


4. Use of your personal information

  • 4.1
    Gravitas may use personal information collected from you to provide you with information, updates and our services. We may also make you aware of new and additional products, services and opportunities available to you. We may use your personal information to improve our products and services and better understand your needs.

  • 4.2
    Gravitas Enterprises Pty Ltd may contact you by a variety of measures including, but not limited to telephone, email, sms or mail.


5. Disclosure of your personal information

  • 5.1
    We may disclose your personal information to any of our employees, officers, insurers, professional advisers, agents, suppliers or subcontractors insofar as reasonably necessary for the purposes set out in this Policy. Personal information is only supplied to a third party when it is required for the delivery of our services.

  • 5.2
    We may from time to time need to disclose personal information to comply with a legal requirement, such as a law, regulation, court order, subpoena, warrant, in the course of a legal proceeding or in response to a law enforcement agency request.

  • 5.3

    We may also use your personal information to protect the copyright, trademarks, legal rights, property or safety of Gravitas, its customers or third parties.

  • 5.4

    If there is a change of control in our business or a sale or transfer of business assets, we reserve the right to transfer to the extent permissible at law our user databases, together with any personal information and non-personal information contained in those databases. This information may be disclosed to a potential purchaser under an agreement to maintain confidentiality. We would seek to only disclose information in good faith and where required by any of the above circumstances.

  • 5.5

    By providing us with personal information, you consent to the terms of this Privacy Policy and the types of disclosure covered by this Policy. Where we disclose your personal information to third parties, we will request that the third party follow this policy regarding handling your personal information, and that they otherwise will comply with the Australian Privacy Principles.


6. Security of your personal information

  • 6.1

    Gravitas is committed to ensuring that the information you provide to us is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure information and protect it from misuse, interference, loss and unauthorised access, modification and disclosure.

  • 6.2

    The transmission and exchange of information is carried out at your own risk. We cannot guarantee the security of any information that you transmit to us, or receive from us. Although we take measures to safeguard against unauthorised disclosures of information, we cannot assure you that personal information that we collect will not be disclosed in a manner that is inconsistent with this Privacy Policy.


7. Access to your personal information

  • 7.1

    You may request details of personal information that we hold about you in accordance with the provisions of the Privacy Act 1988 (Cth). A small administrative fee may be payable for the provision of information. If you would like a copy of the information, which we hold about you or believe that any information we hold on you is inaccurate, out of date, incomplete, irrelevant or misleading, please email us at [email protected].

  • 7.2
    We reserve the right to refuse to provide you with information that we hold about you, in certain circumstances set out in the Privacy Act.


8. Complaints about privacy

  • 8.1

    If you have any complaints about our privacy practices, please feel free to send in details of your complaints by mail to 400 George Street, Sydney, NSW 2000 or by email to [email protected]. We take complaints very seriously and will respond as soon as practicable after receiving notice of your complaint.


9. Changes to Privacy Policy

  • 9.1

    Please be aware that we may change this Privacy Policy in the future. We may modify this Policy at any time, in our sole discretion and all modifications will be effective immediately upon our posting of the modifications on our website or notice board. Please check back from time to time to review our Privacy Policy.


10. Website

  • 10.1 When you visit our website

    When you visit our website ( we may collect certain information such as browser type, operating system, website visited immediately before coming to our site, etc. This information is used in an aggregated manner to analyse how people use our site, such that we can improve our service.

  • 10.2 Cookies
    We may from time to time use cookies on our website. Cookies are very small files which a website uses to identify you when you come back to the site and to store details about your use of the site. Cookies are not malicious programs that access or damage your computer. Most web browsers automatically accept cookies but you can choose to reject cookies by changing your browser settings. However, this may prevent you from taking full advantage of our website. Our website may from time to time use cookies to analyses website traffic and help us provide a better website visitor experience. In addition, cookies may be used to serve relevant ads to website visitors through third party services such as Google Adwords. These ads may appear on this website or other websites you visit.

  • 10.3 Third party sites
    Our site may from time to time have links to other websites not owned or controlled by us. These links are meant for your convenience only. Links to third party websites do not constitute sponsorship or endorsement or approval of these websites. Please be aware that Gravitas is not responsible for the privacy practices of other such websites. We encourage our users to be aware, when they leave our website, to read the privacy statements of each and every website that collects personal identifiable information.


11. Our client’s data

  • 11.1 

    We work with several clients who include, for example, retailers, banks, insurance companies, and telecommunications providers. Our core business involves receipt and handling of data for the purpose of providing services to those clients. We have strict contractual obligations on our clients and partners to obtain any necessary permissions from their customers or suppliers before disclosing information to Gravitas. The data we receive from our clients contains information about their transactions with their customers or suppliers. Our clients provide this data in de-identified form, after they remove the personal identifiers of any individual person, so that an individual person is not identified or reasonably identifiable by us. We generally do not handle personal information in our core business, except where that personal information relates to our clients’ use of tools we provide to them, such as the contact details of our clients’ authorised users.

  • 11.2 

    In exceptional circumstances, where we agree to work on client engagements that involve analysis of personal information held by our clients, we ensure that such work is done in accordance with strict protocols and safeguards that have been established by us, in consultation with our clients, to comply with relevant privacy and data protection laws, and to mitigate associated risks. These engagements are reviewed and approved by our senior leadership, and data relating to these engagements is only accessed by a limited number of specially authorised Gravitas personnel, where required for the delivery of services to the relevant clients. These engagements are usually performed by accessing personal information of our clients’ customers or suppliers that are located in our clients’ systems, behind their firewalls, and in such circumstances we do not disclose or transmit any personal information to Gravitas. When we work in our clients’ environments, we always abide by the privacy controls and policies set by our clients with respect to our access. In exceptional circumstances if we are requested by our clients to store personal information about our clients’ customers or suppliers on our systems, it is held in a data handling environment isolated and separated from our de-identified data environment (described in 11.1 above), with strict controls, including technical, physical and operational safeguards. When these engagements conclude, we return or destroy the data, as directed by our clients.

  • 11.3 

    Outside the exceptional circumstances described above, where we receive any personal information from our clients in error (including where any information we receive from our client is capable of re-identifying an individual), we will promptly notify the client and delete such information.