Privacy Policy

1. Introduction

This Privacy Policy applies to Veltrion Group Pty Ltd (we, us, our, or Veltrion) and explains how we collect, hold, use, disclose, store, protect and otherwise manage personal information.

Veltrion is committed to handling personal information responsibly, transparently and in accordance with the Privacy Act 1988 (Cth), the Australian Privacy Principles (APPs), and other applicable privacy and data protection obligations.

This Privacy Policy applies to personal information collected through our websites, platforms, client relationships, supplier relationships, marketing activities, recruitment processes, digital infrastructure services, strategy and growth services, embedded team services and related business operations.

2. About Veltrion

Veltrion Group Pty Ltd provides digital infrastructure, website design and development, custom software, domain management, hosting, strategic growth services, fundraising operations, backend systems support, and embedded team services.

Our business may involve working with clients, charities, suppliers, employees, contractors, candidates, donors, website users, business contacts and other individuals.

3. Types of information we collect

The types of personal information we collect depend on your relationship with Veltrion and the way you interact with us.

3.1 Contact and identity information

• full name;
• email address;
• phone number;
• postal, business or billing address;
• company name, position title and business details;
• Australian Business Number, Australian Company Number or other entity details where relevant;
• identity verification information where reasonably required.

3.2 Account, transaction and service information

• account registration details;
• usernames and login-related information;
• service enquiries, proposals, invoices and payment records;
• billing and transaction information;
• project records, technical support records and service communications;
• domain, hosting, DNS, software or platform-related information.

3.3 Technical and website information

• IP address;
• browser type and version;
• device type and operating system;
• time zone and approximate location information;
• referring pages, pages viewed and time spent on pages;
• cookies, pixels, tags, analytics data and usage information;
• log files, server logs and security event information.

3.4 Recruitment, employment and workforce information

• resumes, CVs and cover letters;
• employment history, qualifications and references;
• right-to-work information;
• payroll, taxation and superannuation information;
• performance, onboarding and workforce deployment records;
• information required for embedded team, contractor or employee placement arrangements.

3.5 Sensitive information

Sensitive information has the meaning given in the Privacy Act 1988 (Cth) and may include information about health, racial or ethnic origin, political opinions, religious beliefs, trade union membership, criminal record and similar matters.

Veltrion does not generally collect sensitive information unless it is reasonably necessary for our functions or activities, you have provided consent, or collection is required or authorised by law.

4. How we collect personal information

Veltrion may collect personal information:

• directly from you when you contact us, submit forms, register for an account, make enquiries, request services, apply for a role, provide information during onboarding, or communicate with our team;
• through our websites, platforms, applications, hosting systems, support systems and related technologies;
• from customers, suppliers, referrers, partners, recruitment platforms, payment processors, infrastructure providers and professional advisers;
• from publicly available sources, business directories and professional networking platforms;
• through cookies, analytics technologies, pixels, tags, log files and similar technologies.

Where reasonable and practicable, we collect personal information directly from the individual concerned.

5. Cookies and analytics

Veltrion may use cookies, pixels, tags, log files, analytics tools and related technologies to operate our websites, improve functionality, analyse usage, monitor security, improve performance and support marketing activities.

Cookies may include essential cookies, analytics cookies, marketing cookies and preference cookies.

Where required by applicable law, we will seek consent before placing non-essential cookies on your device. You may manage cookie preferences through your browser settings or any cookie preference tool made available on our website.

6. Why we collect, use and disclose personal information

Veltrion may collect, use and disclose personal information for purposes including:

• providing and managing our services;
• responding to enquiries and communicating with you;
• processing transactions, invoices, payments and account records;
• providing website, software, domain, hosting and infrastructure services;
• delivering strategy, fundraising, growth and backend systems services;
• recruiting, onboarding and managing employees, contractors and embedded team members;
• administering customer accounts and support requests;
• monitoring infrastructure, system availability and security events;
• detecting, preventing and investigating fraud, misuse, security threats or unlawful activity;
• improving our websites, systems, services and customer experience;
• conducting marketing and business development activities where permitted by law;
• meeting legal, regulatory, accounting, taxation and compliance obligations;
• protecting Veltrion’s legal rights, commercial interests and operational integrity.

7. Disclosure of personal information

Veltrion may disclose personal information to third parties where reasonably necessary for our business operations, service delivery, legal compliance or legitimate commercial interests.

These third parties may include:

• cloud, hosting and infrastructure providers, including Amazon Web Services;
• payment processors, banks and financial service providers;
• software, CRM, accounting, payroll, recruitment and operational platform providers;
• professional advisers, including lawyers, accountants, auditors and insurers;
• contractors, subcontractors, consultants and embedded team members;
• clients, where disclosure is necessary for workforce placement or service delivery;
• affiliated or related entities, including Capantra Pty Ltd and HSPO Ltd, where reasonably required for service delivery, administration, infrastructure, systems, compliance or operational purposes;
• government agencies, regulators, courts, tribunals or law enforcement agencies where required or authorised by law.

Veltrion does not sell personal information.

8. Overseas disclosure

Personal information may be transferred to, stored in or accessed from locations outside Australia, including where our affiliates, infrastructure providers, cloud providers, software providers, contractors or operational systems are located outside Australia.

Countries or regions may include the United Kingdom, New Zealand, the United States and other jurisdictions in which our service providers or affiliates operate.

Where personal information is disclosed overseas, Veltrion takes reasonable steps to ensure that overseas recipients handle personal information in a manner consistent with applicable privacy and data protection obligations, unless an exception under applicable law applies.

9. Security of personal information

Veltrion takes reasonable steps to protect personal information from misuse, interference, loss, unauthorised access, modification and disclosure.

Security measures may include:

• access controls and role-based permissions;
• multi-factor authentication where appropriate;
• encryption or secure transmission technologies where appropriate;
• system monitoring, logging and security controls;
• confidentiality obligations for personnel and contractors;
• backup, recovery and operational continuity measures;
• review and improvement of security practices over time.

No system, transmission or storage method is completely secure. Veltrion cannot guarantee absolute security but will take reasonable steps appropriate to the nature of the information and services involved.

10. Data retention

Veltrion retains personal information for as long as reasonably necessary for the purposes for which it was collected, including to provide services, maintain records, comply with legal obligations, resolve disputes, enforce agreements and protect our legal and commercial interests.

As a general guide, client, transaction and business records may be retained for up to 7 years or longer where required by law or legitimate business needs. Communications and enquiry records may be retained for shorter or longer periods depending on their nature and relevance.

When personal information is no longer required, Veltrion will take reasonable steps to destroy, delete, anonymise or de-identify it.

11. Direct marketing

Veltrion may use personal information to send you updates, service information, marketing communications, event invitations or business development communications where permitted by law.

You may opt out of marketing communications at any time by using the unsubscribe function in the relevant communication or by contacting us. We may still send operational or service-related communications where required or appropriate.

12. Access and correction

You may request access to personal information that Veltrion holds about you, subject to exceptions under applicable law.

You may also request correction of personal information if you believe it is inaccurate, out of date, incomplete, irrelevant or misleading.

We may need to verify your identity before responding to an access or correction request.

13. GDPR and international privacy rights

In some circumstances, individuals located in the European Economic Area, United Kingdom or other jurisdictions may have additional rights under applicable privacy or data protection laws.

These rights may include rights to access, rectify, erase, restrict processing, object to processing, withdraw consent, request data portability or lodge a complaint with a supervisory authority.

Veltrion will assess and respond to such requests in accordance with applicable law.

14. Privacy complaints

If you have a concern or complaint about how Veltrion handles personal information, please contact us using the details below.

We will acknowledge privacy complaints within 5 business days where practicable and aim to provide an initial response within 15 business days. More complex matters may require additional time, in which case we will provide updates where appropriate.

If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner at www.oaic.gov.au.

15. Changes to this Privacy Policy

Veltrion may update this Privacy Policy from time to time to reflect changes in our business, services, technology, legal obligations or privacy practices.

The updated version will be published on our website and will take effect from the date of publication unless otherwise stated.

16. Contact us

Privacy Officer
Veltrion Group Pty Ltd
Level 3, 28 The Esplanade, Perth, Western Australia, 6000, Australia

Email: privacy@veltrion.com