Legal
This policy explains what personal information Automatrix collects, why we collect it, how we use and disclose it, and how you can access, correct, or complain about how we handle your information.
Automatrix ABN [INSERT ABN] ("Automatrix", "we", "us", "our") is a technology and business automation services company registered and operating in New South Wales, Australia. We provide business automation, software development, search engine optimisation, website development, systems integration, and related digital services.
This Privacy Policy applies to all personal information collected by Automatrix through our website at www.automatrix.au (the "Site"), through our service delivery activities, through our client onboarding and application processes, and in connection with any contract or engagement we enter into.
Applicable law: This policy is prepared in accordance with the Privacy Act 1988 (Cth), the Australian Privacy Principles (APPs) contained in Schedule 1 of that Act, the Privacy and Personal Information Protection Act 1998 (NSW) (where applicable), and relevant guidelines issued by the Office of the Australian Information Commissioner (OAIC).
Automatrix collects personal information only to the extent reasonably necessary to provide our services and conduct our business. The types of personal information we may collect are described below.
We do not intentionally collect sensitive information as defined under the Privacy Act (such as health information, racial or ethnic origin, political opinions, religious beliefs, criminal records, or biometric data). If you inadvertently provide sensitive information to us, we will handle it with the same level of care as other personal information and will use it only for the purpose for which it was disclosed. We will not use or disclose sensitive information for any other purpose without your consent.
If you provide us with personal information about another individual (such as a business partner, employee, or referee), you warrant that you are authorised to provide that information to us and that we may use it in accordance with this policy. You also agree to inform that individual of the matters set out in this policy.
We collect personal information in the following ways:
When you visit our Site, our web servers and analytics tools automatically collect certain technical information. This is standard practice and does not identify you as an individual unless combined with other information you have provided. See Section 7 (Cookies & Tracking) for more detail.
Occasionally we may receive information about you from third parties, including:
APP 5 Compliance: Where practicable, we collect personal information directly from you. When we collect from a third party, we will notify you of the collection as soon as reasonably practicable, unless notification would be unreasonable in the circumstances.
We collect, hold, use, and disclose personal information only for purposes that are directly related to our business functions and are reasonably necessary or directly related to those functions.
| Purpose | Legal Basis / Justification |
|---|---|
| Evaluating your application and determining whether our services are a fit for your business | Pre-contractual steps at your request |
| Providing, managing, and delivering our services to you under a service agreement | Performance of a contract |
| Issuing invoices, processing payments, and managing your account | Performance of a contract; legal obligation |
| Communicating with you about your project, requests, or concerns | Legitimate business interest; performance of contract |
| Conducting business audits, discovery sessions, and delivering recommendations | Performance of contract |
| Complying with our legal, regulatory, and tax obligations (including GST, ATO reporting) | Legal obligation under Australian law |
| Sending you marketing communications where you have consented or where permitted under the Spam Act 2003 (Cth) | Consent / legitimate interest |
| Improving our website, services, and client experience through analytics | Legitimate business interest |
| Protecting against fraud, misuse, and legal claims | Legitimate interest; legal obligation |
| Responding to enquiries, complaints, and OAIC or regulatory requests | Legal obligation; legitimate interest |
We will not use or disclose personal information for a secondary purpose unless:
Automatrix does not sell, rent, trade, or otherwise transfer your personal information to external parties for their own marketing purposes. We may disclose your personal information to third parties only in the following circumstances:
We engage trusted third-party service providers who assist us in operating our business. These parties are bound by confidentiality obligations and are only permitted to use your information to the extent necessary to provide their service to us. Such providers may include:
We may disclose information to our accountants, lawyers, or other professional advisors where strictly necessary for the provision of professional services to us, subject to professional confidentiality obligations.
We may disclose personal information where we are required to do so by Australian law, a court order, or a lawful request from a government or law enforcement agency (including the ATO, ASIC, or NSW Police Force). We will notify you of any such disclosure where we are permitted to do so by law.
In the event of a merger, acquisition, sale of business assets, or other structural change, personal information held by Automatrix may be transferred to a successor entity. We will notify affected individuals and ensure the successor entity is bound by equivalent privacy obligations.
We may disclose your personal information to other parties with your express consent, for example if you ask us to share project outcomes or case study material with a referral partner.
Some of our third-party service providers are based or operate infrastructure outside Australia, including in the United States and the European Union (e.g. Google, Stripe, Netlify, Zapier). When we disclose personal information to overseas recipients, we take reasonable steps to ensure that the overseas recipient does not breach the Australian Privacy Principles.
Where we disclose your information to an overseas recipient, we will:
APP 8 note: By submitting your information through our website and engaging our services, you acknowledge that your personal information may be processed by overseas service providers as described above. If you wish to opt out of particular overseas transfers, please contact us.
Cookies are small text files placed on your device by a website you visit. They are widely used to make websites work efficiently, to remember your preferences, and to provide information to website owners.
| Type | Purpose | Duration |
|---|---|---|
| Strictly Necessary | Required for the Site to function (e.g. session management). Cannot be disabled without breaking core functionality. | Session |
| Analytics (Google Analytics) | Collects anonymised data about how visitors use our Site (pages viewed, time on site, traffic source). Helps us improve the Site. IP anonymisation is enabled. | Up to 2 years |
| Preference / Functional | Remembers your choices or settings to improve your experience (e.g. admin session token for our internal admin panel). | Session |
You may control or delete cookies through your browser settings. Most browsers allow you to refuse all cookies, to accept only certain cookies, or to be notified when a cookie is set. Disabling cookies may affect the functionality of the Site.
To opt out of Google Analytics tracking, you may install the Google Analytics Opt-out Browser Add-on.
Our Site does not currently respond to "Do Not Track" browser signals. We will review this position as industry standards and legal requirements evolve.
Automatrix takes reasonable steps to protect the personal information we hold from misuse, interference, loss, unauthorised access, modification, or disclosure. Our security measures include:
While we take reasonable precautions, no method of data transmission over the internet or electronic storage is completely secure. We cannot guarantee absolute security of your personal information. If you believe your personal information has been compromised, please contact us immediately using the details in Section 16.
We retain personal information for as long as is necessary to fulfil the purposes for which it was collected, to comply with our legal obligations, and to resolve disputes and enforce our agreements. Our general retention periods are as follows:
| Data Category | Retention Period | Reason |
|---|---|---|
| Client contract and project records | 7 years after contract end | Tax Act obligations; potential claims |
| Financial records (invoices, payments) | 7 years | Income Tax Assessment Act 1936/1997 (Cth); ATO requirements |
| Application enquiries (non-clients) | 2 years from date of enquiry | Business follow-up; analytics |
| Email and written correspondence | 5 years | Contract and dispute resolution |
| Website analytics data | 26 months (Google Analytics default) | Performance and improvement analysis |
| Marketing opt-out records | Indefinite (to honour opt-out) | Spam Act 2003 (Cth) compliance |
When personal information is no longer required, we will take reasonable steps to destroy or de-identify it securely and permanently. We do not retain personal information in a form that allows identification for longer than necessary.
Under the Privacy Act 1988 (Cth) and the Australian Privacy Principles, you have the following rights in relation to your personal information held by Automatrix:
You have the right to request access to the personal information we hold about you. We will respond to your access request within 30 days of receipt. We will provide access free of charge unless the request is unusually complex or time-consuming, in which case we may charge a reasonable fee (which we will advise you of in advance).
We may refuse access in certain circumstances permitted by law, such as where providing access would have an unreasonable impact on the privacy of other individuals, or where the request is frivolous. If we refuse access, we will provide written reasons.
If you believe that personal information we hold about you is inaccurate, incomplete, out of date, irrelevant, or misleading, you have the right to request correction. We will correct the information within 30 days of your request, or if we are unable to agree that the information requires correction, we will make a note on the record that you dispute its accuracy.
Where our processing is based on your consent (e.g. marketing communications), you may withdraw consent at any time. Withdrawal of consent will not affect the lawfulness of processing based on consent prior to its withdrawal.
You may opt out of receiving direct marketing communications from us at any time by using the unsubscribe mechanism in any commercial electronic message we send, or by contacting us directly (see Section 16). We will give effect to your opt-out within 5 business days.
You have the right to lodge a privacy complaint with us (see Section 16) or with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au or by calling 1300 363 992.
To exercise any of the above rights, please submit a written request to privacy@automatrix.au. We will require you to verify your identity before processing your request.
Automatrix is subject to the Notifiable Data Breaches (NDB) scheme under Part IIIC of the Privacy Act 1988 (Cth). If a data breach occurs that is likely to result in serious harm to one or more individuals whose personal information is involved, we will:
We maintain an internal data breach response plan and conduct regular reviews of our security measures to minimise the risk of a data breach occurring. If you believe your personal information held by us may have been subject to unauthorised access or disclosure, please contact us immediately at privacy@automatrix.au.
Automatrix complies with the Spam Act 2003 (Cth). We will only send you commercial electronic messages (including email and SMS) if:
Every commercial electronic message we send will:
We will honour all unsubscribe requests within 5 business days of receipt. Once you have unsubscribed, we will not send you further commercial electronic messages unless you re-subscribe.
Our services are directed exclusively at businesses and their adult representatives. We do not knowingly collect personal information from individuals under the age of 18 years. Our website is not intended for use by children.
If you become aware that a child has provided us with personal information without parental or guardian consent, please contact us at privacy@automatrix.au and we will take steps to delete that information as soon as practicable.
Our website and materials may contain links to third-party websites, platforms, or services (such as client websites, tool providers, or referral sources). We are not responsible for the privacy practices of third parties and this policy does not apply to any third-party website or service.
We encourage you to review the privacy policies of any third-party services you use in connection with our work, including platforms such as Google, Stripe, Zapier, Make, and Netlify.
Where we build integrations or automations for clients that involve third-party services, we act as a data processor on your behalf. Our obligations in that context are governed by your service agreement with us.
We may update this Privacy Policy from time to time to reflect changes to our practices, technology, legal requirements, or other factors. When we update this policy, we will:
Your continued use of the Site or our services after any changes to this policy constitutes your acceptance of those changes. We encourage you to review this policy periodically.
If you have any questions about this Privacy Policy, wish to access or correct your personal information, or wish to make a privacy complaint, please contact our Privacy Officer using the following details:
Automatrix — Privacy Officer
Email: privacy@automatrix.au
Postal: PO Box [INSERT], New South Wales, Australia
Website: www.automatrix.au
Office of the Australian Information Commissioner (OAIC)
Phone: 1300 363 992
Website: www.oaic.gov.au/privacy/privacy-complaints
GPO Box 5218, Sydney NSW 2001
