- Who we are
Symsafe Pty Ltd (“Symsafe”, “we”, “us”, “our”) provides internet services to Australian businesses and households. We handle personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). - Scope / Applicability
This policy applies to:
- – All users and visitors of our websites (including prospective customers)
- – Customers and account holders (current or former)
- – Individuals whose personal information we collect in business interactions (e.g. support, billing)
It covers how we collect, use, disclose, store, protect, allow access to, correct, de-identify or dispose of personal information, including via our websites, services, applications, and third-party providers.
- What personal information we collect
We collect information reasonably necessary to provide and support our services, including, where relevant:
- Identity & contact details: name, business name, ABN/ACN (if applicable), address, email, phone
- Service & account information: plan, usage data, IP addresses, service logs, interactions, support tickets
- Billing & payment information: billing address, payment method (via PCI-compliant processor), invoices, transaction history
- Technical & diagnostics data: device identifiers, system logs, error reports
- Credit / finance information: applications for credit, guarantor or director details as needed
- Website analytics & tracking data: pages visited, referrer URL, session duration, device/browser type, approximate geolocation (by IP)
We do not (unless separately agreed or required by law) collect sensitive information (e.g. health, biometric) without express consent.
- How we collect personal information
We collect information via:
- Directly from you: when you fill online forms, place orders, contact support, submit applications
- Automatically: through our systems, website logs, analytics, tracking pixels, cookies, tags
- Third parties: upstream suppliers, credit reporting bodies, contractors, or service partners, where permitted by law
At or before (or as soon as practicable after) collection, we will notify you (or make you aware) of key matters required by APP 5 (see Section 5).
- Notice at collection / disclosure of APP 5 matters
When we collect personal information, we take reasonable steps to notify you of or make you aware of:
- Our identity and contact details
- The fact and circumstances of the collection
- The purposes for which we collect the information
- Whether collection is required by law or contract
- Consequences if information is not provided
- Who we normally disclose the information to
- Whether we are likely to disclose the information overseas, and where
- The existence of this Privacy Policy and how to access it
For website forms, we include a short notice or link to this policy at point of collection. For automatic collection (cookies/tracking), we indicate in our cookie banner or dedicated page.
- Purposes of collection, use and disclosure
We use and disclose personal information only for:
- Provisioning, operating, maintaining, supporting and improving our services
- Billing, invoicing, payment processing, fraud prevention
- Identity verification and credit assessment
- Fault resolution, technical support, customer service
- Compliance with legal/regulatory obligations, e.g. law enforcement requests
- Communicating with you about service changes, policy updates, notifications
- Direct marketing of related services (with your consent and in compliance with the Spam Act)
- Analytics, research, performance measurement
We will only use or disclose personal information for a secondary purpose if permitted by law (including under APP 6) or with your consent.
- Cookies, tracking pixels & third-party trackers
7.1 Categories of cookies / tracking technologies
We use (or may use) the following categories of cookies or tracking technologies:
Category | Purpose | Examples | Duration / Third parties |
Strictly necessary | Essential website functionality (e.g. login, session state) | Session cookies | First-party, short life |
Functional / preferences | Remembering preferences or features | Language, interface settings | First-party / possibly third-party |
Analytics / performance | Aggregate usage data to optimise site | Google Analytics, site metrics | Often third-party, subject to opt-out |
Advertising / marketing | Targeted ads, remarketing, tracking across sites | Facebook Pixel, ad networks | Third-party, may involve cross-site tracking |
7.2 Transparency and control
- Our website displays a cookie banner / consent manager that allows you to accept or reject non-essential cookies (analytics, marketing).
- You may change your cookie preferences or withdraw consent via a “Cookie settings” interface on the site.
- Disabling or rejecting certain cookies may degrade or disable some site features.
- We regularly audit our use of cookies, pixels, tags and remove or reconfigure as needed to minimise data collected.
7.3 Tracking pixels & tags
We may deploy third-party tracking pixels or tags (e.g. from advertising or analytics platforms). These may transmit data (IP address, URL, user behaviour) to third parties. We undertake due diligence to ensure third-party providers comply with privacy standards. If such data is transferred overseas, we take reasonable steps to ensure compliance under APP 8 (e.g. contractual safeguards). You can opt-out of such tracking via cookie settings.
- Overseas disclosures
Some of our service providers and partners are located outside Australia (for example, hosting providers, analytics vendors, backup services). We may disclose your personal information to them. We take reasonable steps to ensure that overseas recipients handle your information in a manner consistent with the APPs, including:
- Implementing contractual or de-identification safeguards (e.g. standard contractual clauses)
- Limiting the scope of transferred data
- Verifying that recipients are reputable and comply with privacy/ security standards
If we have knowledge of specific jurisdictions or recipients, we may list them publicly or upon request.
- Data retention, de-identification and disposal
We retain personal information for no longer than necessary for the purpose(s) for which it was collected (and in line with legal obligations). Retention periods may vary by category:
- Billing / financial records: e.g. 7 years (or consistent with taxation law)
- Service logs, diagnostics: shorter periods (e.g. months to years depending on usefulness)
- Analytics / aggregated data: de-identification where possible, or anonymisation
When data is no longer needed, we securely delete or anonymise it so it cannot be re-identified.
- Security of personal information
We implement reasonable technical and organisational measures to protect personal information from misuse, interference, loss, unauthorised access, modification or disclosure. These may include encryption, secure access controls, regular audits, staff training, and incident response procedures. We periodically review security arrangements. - Access, correction and disclosure
You may request:
- Access to the personal information we hold about you
- Correction of information that is inaccurate, out-of-date, incomplete, irrelevant or misleading
We will respond within a reasonable timeframe (e.g. 30 days, unless otherwise required by law). If we refuse or partially refuse, we will provide reasons and describe how you can make a complaint. Any charges for access will not be excessive and will be limited to direct costs (e.g. copying).
Requests should be made via:
Email: privacy@symsafe.com.au
We may require identity verification before granting access or correction.
- Notifiable Data Breaches (NDB)
If an eligible data breach occurs (i.e. likely to cause serious harm), we will notify:
- Affected individuals
- The Office of the Australian Information Commissioner (OAIC)
in accordance with the Notifiable Data Breaches scheme under the Privacy Act.
- Marketing communications & direct marketing
Where you give consent (or where permitted by law), we may send you service-related marketing communications. We comply with the Spam Act 2003. Every marketing email contains an easy opt-out or unsubscribe mechanism. You may also contact privacy@symsafe.com.au to opt-out. - Credit reporting
If you apply for commercial credit (or act as a guarantor or sign as director), we may collect, use and disclose credit-related personal information (identity, credit applications, repayment history, defaults, serious credit infringements) to/from credit reporting bodies such as Equifax, illion, Experian. We do so under applicable credit reporting legislation. For full details, refer to our Credit Reporting Policy (if applicable). - Complaints handling
If you believe we have breached this privacy policy or the APPs, contact us at privacy@symsafe.com.au. We will:
- Acknowledge your complaint
- Investigate and respond within a reasonable time (e.g. 30 days)
- If you’re unsatisfied with our response, you may escalate to the OAIC (see www.oaic.gov.au)
- Changes to this policy / Version history
We may update this policy from time to time. We publish the revised version on our website and update the “Last updated” date. Where material changes are made, we may notify users by email or a banner on the site.
Contact us
Email: privacy@symsafe.com.au
Postal: PO Box 50, Dee Why, NSW, 2099, Australia
Phone: 1300 002 001