Last updated: 13 October 2025
LPC (“we”, “us”, “our”) provides consulting services in Australia.
Privacy contact: [insert name or role, e.g., Privacy Lead]
Email: [email protected]
This policy explains how we handle personal information under the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).
Note: Some Australian small businesses with ≤ AUD $3m annual turnover may be exempt from the Privacy Act. We choose to follow the APPs across our operations regardless. If specific legal obligations apply to us (e.g., health service provider rules), we comply with them.
Identification and contact details (name, role, business contact info).
Engagement information (proposals, statements of work, workshop notes).
Organisation and billing details (ABN/company number, invoicing contact).
Website/communications data (emails you send us, cookie/analytics data—see Cookies).
Sensitive information only where necessary and lawful, and usually with your consent.
We collect information directly from you, your organisation, publicly available sources, and trusted service providers (e.g., email and hosting).
We use personal information to:
deliver and improve our services and client relationships;
respond to enquiries and provide proposals;
manage operations, security and IT;
meet legal and regulatory requirements; and
send service updates or occasional marketing (you can opt out at any time).
We may share personal information with:
Australian or overseas service providers (IT hosting, email, analytics, accountants);
professional advisers and insurers;
clients (where work outputs necessarily include business contact details);
regulators or law enforcement when legally required.
If we disclose personal information to recipients outside Australia (for example, cloud hosting or when travelling for work), we will take reasonable steps to ensure those recipients handle it in a way that is consistent with the APPs. In some cases we may remain accountable for their handling of your information.
We retain personal information only as long as needed for the purposes described or as required by law, and then securely delete or de-identify it.
We use administrative, technical and physical safeguards appropriate to the risk, including access controls, encryption in transit where feasible, staff confidentiality commitments, least-privilege access, and secure disposal.
You may request access to, or correction of, your personal information. We’ll respond within a reasonable time and may need to verify your identity. If we refuse access or correction (permitted by law), we’ll tell you why and how to complain.
You can opt out of marketing communications at any time via unsubscribe links or by contacting us. We don’t sell personal information.
Our website may use cookies and analytics to operate the site and understand interest in our services. Where consent is required, we’ll ask via a banner. See our Cookie Notice for details, including how to manage preferences. [insert link or summary]
If an eligible data breach occurs (likely to cause serious harm), we will notify affected individuals and the Office of the Australian Information Commissioner (OAIC) as soon as practicable and include steps you should take.
If you’re concerned about how we’ve handled your information, contact us first using the details above. We’ll respond promptly.
If you’re not satisfied, you can lodge a complaint with the OAIC: oaic.gov.au
We may update this policy from time to time. We’ll post the updated version with a new “Last updated” date.
