OUR WEBSITE IS STILL UNDER CONSTRUCTION

NEW FEATURES & PRODUCTS COMING SOON.

THANK YOU FOR YOUR UNDERSTANDING

Privacy Policy

Introduction

SafetyCo Solutions Pty Ltd (“SafetyCo”, “we”, “us”, or “our”) is committed to protecting the privacy and personal information of our clients, employees, contractors, and website visitors. This Privacy Policy outlines how we collect, use, disclose, store, and protect your personal information, both through our website (https://www.safetyco.com.au) and through our service offerings, including medical testing and related bookings.

We comply with the Privacy Act 1988 (Cth), including the Australian Privacy Principles (APPs), and where applicable, State and Territory health records laws. This policy also addresses the handling of sensitive information such as health data.

Information We Collect

We collect various types of information to provide you with our safety services and products effectively. This includes information you provide directly to us, technical data from your website usage, and business-related information relevant to workplace safety compliance. We adhere to the principle of data minimisation, collecting only the information required for the intended purpose.

2.1 Personal Information

We may collect the following types of personal information:

Contact Information:

  • Full name, email address, phone numbers

  • Business name, job title, department

  • Postal address, billing address

Account Information:

  • Username, password (encrypted)

  • Account preferences and settings

  • Communication preferences

Business Information:

  • Company size, industry type

  • Safety requirements and compliance needs

  • Training records and certifications

Transaction Information:

  • Purchase history, order details

  • Payment information (processed securely by third-party providers)

  • Invoicing and billing records

Access to personal information is strictly role-based, ensuring that only staff members with a legitimate need to access this information for service delivery or support are granted such access.

2.2 Technical Information

Website Usage Data:

  • IP address, browser type and version

  • Operating system, device information

  • Pages visited, time spent on site

  • Referral sources, search terms used

Cookies and Tracking:

  • Session cookies for website functionality

  • Performance cookies for analytics

  • Marketing cookies (with consent)

How We Collect Information

Information collection occurs through various channels, from direct interactions with our team to automated systems on our website. We are transparent about our collection methods to ensure you understand when and how your information is gathered. We collect only what is necessary for the purpose of providing our services or meeting legal obligations.

3.1 Direct Collection

  • Website forms: Contact forms, quote requests, account registration

  • Phone and email: Direct communications with our team

  • In-person: Trade shows, site visits, training sessions

  • Surveys: Feedback forms and customer satisfaction surveys

3.2 Automatic Collection

  • Website analytics: Google Analytics and similar tools

  • Cookies: Essential and optional cookies (see Cookie Policy)

  • Email tracking: Open rates and click-through data for marketing emails

3.3 Third-Party Sources

  • Business directories: Publicly available business information

  • Industry databases: Safety compliance and certification records

  • Partner referrals: Information shared by authorised business partners

How We Use Your Information

Your information enables us to deliver quality safety services, maintain accurate records, and improve our offerings. We use your data primarily for business operations and service delivery, with secondary uses requiring your consent. Access to personal information is limited to personnel who need it to perform their duties, and only for the purposes outlined here.

4.1 Primary Purposes

Service Delivery:

  • Process orders and deliver products/services

  • Provide customer support and technical assistance

  • Maintain and update your account

Communication:

  • Respond to enquiries and requests

  • Send important updates about orders or services

  • Provide safety alerts and compliance notifications

Business Operations:

  • Invoice generation and payment processing

  • Maintain accurate customer records

  • Comply with legal and regulatory requirements

4.2 Secondary Purposes (with consent)

Marketing and Promotion:

  • Send newsletters and promotional materials

  • Inform you about new products and services

  • Invite you to events and training sessions

Improvement and Development:

  • Analyse website usage to improve user experience

  • Develop new products and services

  • Conduct market research and surveys

All uses of personal data beyond what is necessary for service delivery require your explicit, informed consent.

Information Sharing and Disclosure

We carefully control how your information is shared and only work with trusted partners who meet our privacy standards. Sharing occurs primarily to deliver services, process payments, and meet legal obligations. All third parties are bound by strict confidentiality and data processing agreements, and access is limited to the information required for their function.

5.1 Authorised Sharing

We may share your information with:

Service Providers:

  • Payment processors (Stripe, PayPal, etc.)

  • Shipping and logistics companies

  • IT service providers and cloud storage

  • Marketing and analytics services

Business Partners:

  • Authorised distributors and resellers

  • Training providers and certification bodies

  • Equipment manufacturers (for warranty and support)

Legal Requirements:

  • Government agencies when required by law

  • Courts and tribunals in legal proceedings

  • Regulatory bodies for compliance purposes

5.2 Data Transfer Safeguards

  • All third parties are bound by confidentiality agreements

  • Data processing agreements ensure compliance with privacy laws

  • Regular audits of third-party security practices

Data Security

Protecting your information is our priority, and we implement comprehensive security measures across our technical infrastructure and organisational practices. Our multi-layered approach includes encryption, access controls, and staff training to ensure your data remains secure from unauthorised access, loss, or misuse.

6.1 Technical Safeguards

Encryption:

  • SSL/TLS encryption for data transmission

  • AES-256 encryption for stored sensitive data

  • Encrypted backups and secure storage

Access Controls:

  • Multi-factor authentication for staff accounts

  • Role-based access permissions

  • Regular access reviews and updates

Infrastructure Security:

  • Secure hosting with reputable providers

  • Regular security updates and patches

  • Firewall protection and intrusion detection

6.2 Organisational Safeguards

Staff Training:

  • Regular privacy and security training

  • Clear data handling procedures

  • Incident response protocols

Policies and Procedures:

  • Data retention and disposal policies

  • Breach notification procedures

  • Regular security assessments

Data Retention

We retain your information only as long as necessary for business purposes and legal compliance. Our retention periods are based on the type of information, our relationship with you, and regulatory requirements. When information is no longer needed, we securely dispose of it to protect your privacy.

7.1 Retention Periods

Customer Records:

  • Active customers: Duration of relationship plus 7 years

  • Inactive customers: 3 years from last interaction

  • Financial records: 7 years as required by law

Marketing Information:

  • Email subscribers: Until unsubscribe or 3 years of inactivity

  • Website analytics: 26 months (Google Analytics default)

  • Cookies: As specified in Cookie Policy

7.2 Secure Disposal

  • Secure deletion of digital records

  • Physical destruction of paper documents

  • Certificate of destruction for sensitive materials

Your Rights and Choices

Australian privacy law gives you important rights over your personal information. You can access, correct, or delete your information, and control how we communicate with you. We make it easy to exercise these rights and will respond to your requests promptly and transparently.

8.1 Access and Control

Right to Access:

  • Request copies of your personal information

  • Understand how your information is being used

  • Receive information in a portable format

Right to Correction:

  • Update incorrect or outdated information

  • Complete incomplete records

  • Request verification of corrected data

Right to Deletion:

  • Request removal of personal information

  • Subject to legal retention requirements

  • Confirmation of deletion provided

8.2 Communication Preferences

Marketing Communications:

  • Unsubscribe from email newsletters

  • Opt-out of promotional phone calls

  • Update communication preferences online

Cookies and Tracking:

  • Manage cookie preferences

  • Opt-out of analytics tracking

  • Control targeted advertising

Cookies and Website Analytics

Cookies help us provide you with a better website experience by remembering your preferences and understanding how you use our site. We use different types of cookies for essential functions, performance monitoring, and marketing (with your consent). You have full control over your cookie preferences and can manage them at any time.

9.1 Types of Cookies Used

Essential Cookies:

  • Session management and login

  • Shopping cart functionality

  • Security and fraud prevention

Performance Cookies:

  • Website analytics and usage statistics

  • Performance monitoring and optimisation

  • Error tracking and debugging

Marketing Cookies (with consent):

  • Targeted advertising

  • Social media integration

  • Conversion tracking

9.2 Managing Cookies

  • Cookie consent banner on first visit

  • Cookie preferences centre

  • Browser settings for cookie control

International Data Transfers

Some of our service providers operate internationally, which may require transferring your information overseas. We ensure adequate protection through approved legal mechanisms and carefully vet all international partners. Your information receives the same level of protection regardless of where it’s processed.

10.1 Transfer Safeguards

  • Adequate protection through approved mechanisms

  • Standard contractual clauses with international partners

  • Regular review of international partner security practices

10.2 Countries Involved

  • Data may be transferred to:

    • Cloud storage providers (AWS, Microsoft Azure)

    • Software service providers in various countries

    • International shipping and logistics partners

Updates to This Policy

Privacy practices and legal requirements evolve over time, so we may need to update this policy occasionally. We will notify you of significant changes and ensure you understand how they affect you. The current version is always available on our website, and we maintain transparency about what changes and when.

11.1 Policy Changes

  • We may update this policy to reflect changes in our practices

  • Significant changes will be communicated via email or website notice

  • Continued use of our services constitutes acceptance of updates

Health Monitoring

1. Scope

This Privacy Policy applies to all personal information collected by SafetyCo, including:

  • Information provided through our website

  • Information submitted via forms or portals for medical testing bookings

  • Information collected in the course of our services provided to individuals and businesses

2. What Personal Information We Collect

The types of personal information we may collect include, but are not limited to:

  • Full name, date of birth, gender

  • Contact details (phone number, email address, address)

  • Employment details (job title, employer name)

  • Health-related information relevant to our services

  • Medicare or other identification numbers (only if required)

  • Emergency contact details (where relevant)

We only collect personal and sensitive information that is necessary to provide our services, including the coordination and booking of medical tests.

3. How We Collect Personal Information

We collect personal information:

  • Directly from individuals, through online forms, email, phone, or in-person communications

  • From employers who are coordinating employee medical testing (with consent)

  • Through third-party platforms used to manage bookings and assessments

If information is collected from a third party (e.g., an employer), we rely on them to have obtained appropriate consent from the individual.

4. Purpose of Collection

We collect your personal information for the following purposes:

  • To coordinate, book, and manage medical tests and health assessments

  • To provide occupational health and safety services

  • To communicate with you or your employer about your booking or results

  • To comply with legal, regulatory, or insurance requirements

  • To improve our services and systems

5. Use and Disclosure of Personal Information

We will only use or disclose your personal information for the purposes for which it was collected or as required or authorised by law.

We may disclose personal information to:

  • Healthcare providers (e.g. doctors, clinics, pathology services) conducting the medical assessments

  • Your employer, where consent has been provided, for workplace-related services

  • IT providers or booking platforms under secure and confidential agreements

  • Government agencies, where legally required

We do not sell or rent your personal information to third parties.

6. Consent and Authorisation

Where we collect sensitive information, such as health information, we will seek your consent before doing so, unless otherwise permitted by law. Consent may be obtained directly from you or via your employer, provided you have been informed and have agreed.

7. Storage and Security of Information

Your information is stored securely in electronic systems with restricted access. We implement administrative, technical, and physical safeguards to protect your data, including:

  • Encryption of data during transfer and at rest

  • Secure access controls and authentication

  • Staff training in privacy and data handling

We retain information only as long as necessary to fulfil the purpose for which it was collected or to meet legal and regulatory obligations.

8. Access to and Correction of Personal Information

You may request access to your personal information or ask us to correct it if you believe it is inaccurate, incomplete, or out of date. Requests can be made by contacting us using the details provided below.

9. Third Party Services and Data Transfers

Our website and booking systems may contain links to external websites or use third-party platforms. We are not responsible for the privacy practices of those sites. If personal information is transferred outside Australia, we will take reasonable steps to ensure it is handled in accordance with the APPs.

10. Data Breaches

In the unlikely event of a data breach, we will follow our internal response procedures and notify affected individuals and the Office of the Australian Information Commissioner (OAIC) where required by law.

11. Changes to This Policy

We may update this policy from time to time to reflect changes in our operations or legal requirements. Any updates will be published on our website.