This Privacy Policy applies to all personal information collected by Traedere Pty Limited

​

(we, us or our) via the website located at https://www.traedere.com (Website).

1. What information do we collect?

The kind of Personal Information that we collect from you will depend on how you use the website. The Personal Information which we collect and hold about you may include your name, your email address and your phone number

​

2. Types of information

The Privacy Act 1998 (Cth) (Privacy Act) defines types of information, including Personal Information and Sensitive Information. Personal Information means information or an opinion about an identified individual or

an individual who is reasonably identifiable:

a) whether the information or opinion is true or not; and

b) whether the information or opinion is recorded in a material form or not.

​

If the information does not disclose your identity or enable your identity to be ascertained, it will in most cases not be classified as “Personal Information” and will not be subject to this privacy policy.

​

Sensitive Information is defined in the Privacy Act as including information or opinion about such things as an individual's racial or ethnic origin, political opinions, membership of a political association, religious or philosophical beliefs, membership of a trade union or other professional body, criminal record or health information.

​

Sensitive Information will be used by us only:

a) for the primary purpose for which it was obtained;

b) for a secondary purpose that is directly related to the primary purpose; and

c) with your consent or where required or authorised by law.

​

3. How we collect your Personal Information

a) We may collect Personal Information from you whenever you input such information into the Website, related app or provide it to Us in any other way.

b) We may also collect cookies from your computer which enable us to tell when

you use the Website and also to help customise your Website experience. As a

general rule, however, it is not possible to identify you personally from our use of

cookies.

c) We use different types of cookies including essential cookies for Website functionality, analytical cookies to improve user experience, and marketing cookies

that may be set by third parties. These cookies are retained for up to 7 days and

can be managed through your browser settings. Third-party cookies are subject

to their respective privacy policies, which we encourage you to review.

d) Before using cookies, we will obtain your explicit consent through a clear and

prominent cookie banner. You can modify your cookie preferences at any time

through our Cookie Management Centre, where you can selectively opt-in or opt out of different cookie categories except essential cookies. Your choices will be

stored and honored for 28 days.

e) We generally don’t collect Sensitive Information, but when we do, we will comply

with the preceding paragraph.

f) Where reasonable and practicable we collect your Personal Information from

you only. However, sometimes we may be given information from a third party, in

cases like this we will take steps to make you aware of the information that was

provided by a third party.

​

4. Purpose of collection

We collect Personal Information to provide you with the best service experience possible on the Website and keep in touch with you about developments in our business. We customarily only disclose Personal Information to our service providers who assist us in operating the Website. Your Personal Information may also be exposed from time to time to maintenance and support personnel acting in the normal course of their duties.​

By using our Website, you consent to the receipt of direct marketing material. We will only use your Personal Information for this purpose if we have collected such information direct from you, and if it is material of a type which you would reasonably expect to receive from use. We do not use sensitive Personal Information in direct marketing activity. Our direct marketing material will include a simple means by which you can request not to receive further communications of this nature, such as an unsubscribe button link.

You can manage your marketing preferences through your account settings or by contacting our Privacy Officer. We will process opt-out requests within 7 business days and maintain records of your preferences. Marketing communications will not exceed 2 messages per month, and each communication will clearly display preference management options. If you choose to opt-out, we will retain minimal Personal Information necessary to ensure compliance with your request.

Prior to sending any direct marketing communications, we will obtain your explicit consent through a clear opt-in process for each communication channel (email, SMS, phone, or post). You can modify these preferences individually through your account dashboard, selecting your preferred communication channels, frequency, and content types. Your consent choices will be recorded and honored within 7 business days of any changes. We maintain detailed records of consent timestamps, sources, and any subsequent modifications to ensure transparency and compliance.

​

5. Security, Access and correction

We store your Personal Information in a way that reasonably protects it from unauthorised access, misuse, modification or disclosure. When we no longer require your Personal Information for the purpose for which we obtained in, we will take reasonable steps to destroy and anonymise or de-identify it. Most of the Personal Information that is stored in our client files and records will be kept for a maximum of 7 years to fulfill our record keeping obligations.

We implement industry-standard security measures including encryption, access controls, and secure data centers to protect your Personal Information. When deletion is required, we use secure erasure methods including digital shredding and physical destruction of storage media. For digital records, we employ 7 day retention periods for active data and 3 years for archived data, after which automated purge protocols permanently remove the information using government-approved secure deletion standards.

​

Our security infrastructure employs AES-256 bit encryption for data in transit and at

rest, multi-factor authentication (MFA) for all system access, and regular penetration

testing by certified third-party auditors. We maintain SOC 2 Type II compliance and conduct quarterly security assessments. Our access controls operate on a principle of least privilege, with role-based permissions and automated access logging. All third party integrations undergo rigorous security vetting and must meet our stringent data protection requirements.

 

The Australian Privacy Principles:

a) permit you to obtain access to the Personal Information we hold about you in

certain circumstances (Australian Privacy Principle 12); and

b) allow you to correct inaccurate Personal Information subject to certain exceptions (Australian Privacy Principle 13).

Where you would like to obtain such access, please contact us in writing on the contact details set out at the bottom of this privacy policy.

​

6. Complaint procedure

If you have a complaint concerning the manner in which we maintain the privacy of your Personal Information, please contact us as on the contact details set out at the bottom of this policy. All complaints will be considered by our Privacy Officer and we may seek further information from you to clarify your concerns. If we agree that your complaint is well founded, we will, in consultation with you, take appropriate steps to rectify the problem. If you remain dissatisfied with the outcome, you may refer the matter to the Office of the Australian Information Commissioner.

​

7. Documentation and Response Timeline

We will acknowledge receipt of your complaint within 28 business days and provide you with a reference number. Our privacy team will investigate your complaint and maintain detailed records of all communications and findings. We aim to resolve all privacy complaints within 28 business days. If additional time is required, we will notify you in writing.

All complaint documentation will be retained for 12 months following resolution. If

the matter requires escalation, our Privacy Officer will personally review your case

within 7 business days of the escalation request.

​

8. Overseas transfer

Your Personal Information will not be disclosed to recipients outside Australia unless you expressly request us to do so. If you request us to transfer your Personal Information to an overseas recipient, the overseas recipient will not be required to comply with the Australian Privacy Principles and we will not be liable for any mishandling of your information in such circumstances.

​

9. GDPR

In some circumstances, the European Union General Data Protection Regulation

(GDPR) provides additional protection to individuals located in Europe. The fact that you may be located in Europe does not, however, on its own entitle you to protection under the GDPR. Our website does not specifically target customers located in the European Union and we do not monitor the behaviour of individuals in the European Union, and accordingly the GDPR does not apply.

Notwithstanding the above, we are committed to upholding strong international privacy standards and may voluntarily apply certain GDPR principles as best practice. This includes maintaining transparent data processing practices, implementing reasonable security measures, and respecting data minimisation principles where commercially feasible.

​

10. How to contact us about privacy

If you have any queries, or if you seek access to your Personal Information, or if you have a complaint about our privacy practices, you can contact us through: enquire@traedere.com.

​

11. International Data Protection Standards

Prior to any overseas transfer of Personal Information, we will implement appropriate safeguards including:

a) ensuring the recipient country has adequate data protection laws;

b) executing standard contractual clauses with the overseas recipient;

c) conducting privacy impact assessments; and

d) implementing technical security measures such as encryption.

We will maintain a register of approved overseas recipients and their compliance with these standards. You may request information about these safeguards at any time.