Your Privacy Matters

    Privacy Policy

    Last Updated: January 2025

    1. Introduction

    Business Valuations Brisbane ("we," "our," or "us") is committed to protecting your privacy and handling your personal information in accordance with the Australian Privacy Act 1988, the General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), and other applicable international privacy laws.

    This Privacy Policy explains how we collect, use, disclose, and safeguard your personal information when you use our services or interact with our website.

    2. Information We Collect

    2.1 Personal Information

    We may collect the following types of personal information:

    • Contact information (name, email address, phone number, business address)
    • Business information (company name, job title, industry)
    • Account credentials (username, encrypted passwords)
    • Payment information (billing address, payment card details)
    • Communication records (emails, chat logs, support tickets)
    • Project data and files provided for valuation services

    2.2 Automatically Collected Information

    When you visit our website or use our services, we automatically collect:

    • IP address and device information
    • Browser type and version
    • Operating system
    • Pages viewed and links clicked
    • Time spent on pages
    • Referring website addresses
    • Cookies and similar tracking technologies

    3. How We Use Your Information

    We use your personal information for the following purposes:

    • Providing and delivering our valuation services
    • Processing payments and maintaining billing records
    • Responding to inquiries and providing customer support
    • Improving and developing our services
    • Sending service updates, technical notices, and security alerts
    • Marketing communications (with your consent where required)
    • Complying with legal obligations and protecting our rights
    • Detecting and preventing fraud, security breaches, and illegal activities

    4. Legal Basis for Processing (GDPR)

    For users in the European Economic Area (EEA), UK, and Switzerland, we process personal data based on:

    • Contractual necessity: To perform our services under our agreement with you
    • Legitimate interests: To improve our services, ensure security, and conduct business operations
    • Consent: Where you have provided explicit consent for specific processing activities
    • Legal obligations: To comply with applicable laws and regulations

    5. Information Sharing and Disclosure

    We do not sell your personal information. We may share your information with:

    • Service providers: Third-party vendors who assist in providing our services (e.g., cloud hosting, payment processing)
    • Business partners: With your consent, for collaborative projects or integrated services
    • Legal authorities: When required by law, court order, or to protect our legal rights
    • Business transfers: In connection with mergers, acquisitions, or asset sales

    All third-party service providers are contractually bound to protect your information and use it only for specified purposes.

    6. International Data Transfers

    Your information may be transferred to and processed in countries other than your country of residence. We ensure adequate safeguards are in place for international transfers, including:

    • Standard Contractual Clauses approved by the European Commission
    • Adequacy decisions by relevant data protection authorities
    • Privacy Shield certifications (where applicable)
    • Binding Corporate Rules

    7. Data Security

    We implement appropriate technical and organizational measures to protect your personal information, including:

    • Encryption of data in transit and at rest
    • Regular security assessments and penetration testing
    • Access controls and authentication mechanisms
    • Employee training on data protection
    • Incident response and breach notification procedures
    • Regular backups and disaster recovery plans

    8. Your Privacy Rights

    8.1 Rights Under Australian Privacy Act

    Australian residents have the right to:

    • Access and obtain a copy of your personal information
    • Correct inaccurate or incomplete information
    • Request deletion of your information in certain circumstances
    • Lodge a complaint with the Office of the Australian Information Commissioner (OAIC)

    8.2 Rights Under GDPR (EEA, UK, Switzerland)

    Individuals in the EEA, UK, and Switzerland have additional rights:

    • Right to access your personal data
    • Right to rectification of inaccurate data
    • Right to erasure ("right to be forgotten")
    • Right to restrict processing
    • Right to data portability
    • Right to object to processing
    • Right to withdraw consent at any time
    • Right to lodge a complaint with a supervisory authority

    8.3 Rights Under CCPA/CPRA (California)

    California residents have the right to:

    • Know what personal information is collected, used, shared, or sold
    • Delete personal information held by businesses
    • Opt-out of the sale of personal information
    • Non-discrimination for exercising CCPA rights
    • Correct inaccurate personal information
    • Limit the use and disclosure of sensitive personal information

    9. Cookies and Tracking Technologies

    We use cookies and similar tracking technologies to enhance your experience. Types of cookies we use include:

    • Essential cookies: Necessary for website functionality
    • Performance cookies: Help us understand how visitors use our website
    • Functional cookies: Remember your preferences and settings
    • Marketing cookies: Used to deliver relevant advertisements

    You can control cookies through your browser settings. However, disabling certain cookies may affect website functionality.

    10. Data Retention

    We retain personal information for as long as necessary to:

    • Provide our services to you
    • Comply with legal, tax, and accounting obligations
    • Resolve disputes and enforce our agreements
    • Maintain business records for legitimate business purposes

    When personal information is no longer needed, we securely delete or anonymize it in accordance with our data retention policy and applicable laws.

    11. Children's Privacy

    Our services are not directed to individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have collected information from a child without parental consent, we will take steps to delete such information.

    12. Changes to This Privacy Policy

    We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. We will notify you of material changes via email or through a prominent notice on our website. The updated policy will indicate the date of the latest revision.

    13. Contact Us

    If you have questions about this Privacy Policy or wish to exercise your privacy rights, please contact us:

    Privacy Officer

    Business Valuations Brisbane

    4/144 Edward St, Brisbane City, QLD, 4000

    Email: contact@businessvaluationsbrisbane.com.au

    Phone: 1300 778 033

    14. Supervisory Authorities

    You have the right to lodge a complaint with the relevant data protection authority:

    • Australia: Office of the Australian Information Commissioner (OAIC) - www.oaic.gov.au
    • EU/EEA: Your local Data Protection Authority
    • UK: Information Commissioner's Office (ICO) - www.ico.org.uk
    • California: California Privacy Protection Agency - www.cppa.ca.gov