Privacy Policy — BRT Consulting
Effective date: 21 August 2025
Entity: BRT Fire Design Consulting Pty Ltd (ABN [48 691 495 842]) (“BRT Fire Design and Consulting”, “we”, “us”, “our”)
Contact: [privacy@brt-fdc.com.au] | +61 0491 008 493 | PO BOX 52, Glen Aplin, QLD, 4381
1. Scope
This policy explains how we collect, use, disclose, and protect personal information in connection with:
- our website(s), social media, and marketing activities;
- enquiries, proposals, tenders, and engagement of our consulting services; and
- project delivery (including design development, BIM coordination, and construction-phase services).
It applies to clients, prospective clients, suppliers/subcontractors, and other individuals we interact with in Australia. Additional rights for EU/UK residents appear in the GDPR Addendum (Section 13).
2. Our commitment
We handle personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs), and—where applicable—the Notifiable Data Breaches (NDB) scheme and the Spam Act 2003 (Cth).
3. What we collect
Depending on how you interact with us, we may collect:
Identity & contact – name, role/title, employer, email, phone, postal address.
Business & project details – company information, project locations, scope/specifications, drawings/models, site photos (which may incidentally contain personal information).
Commercial information – quotes, contracts, purchase orders, invoices, payment details (note: card processing is via third-party gateways; we do not store full card numbers).
Communications – emails, meeting notes, messages, feedback, and support requests.
Website/analytics – IP address, device/browser, pages viewed, referring URL, cookies and similar technologies (see Section 9).
CCTV/site attendance (if applicable) – footage at our premises or sign-in logs for WHS compliance.
We do not intentionally collect sensitive information (e.g., health information) unless it is necessary and you consent or we are required/authorised by law.
4. How we collect it
- directly from you (forms, emails, phone, meetings, workshops);
- via project platforms you invite us to (e.g., BIM collaboration tools);
- from publicly available sources and professional directories; and
- from third parties where permitted (e.g., prime contractors, consultants, or referees).
5. Why we collect and use personal information
We use personal information to:
- assess enquiries, prepare proposals and contracts, and deliver our services;
- coordinate design and construction (including QA, RFIs, and issue tracking);
- manage accounts, billing, compliance, insurance, and risk;
- operate, maintain, and improve our website and services;
- send service messages and optional marketing (you can opt out at any time); and
- meet legal, regulatory, and assurance obligations (e.g., record-keeping, WHS).
6. Direct marketing
We may send updates about fire protection, standards, and services if you have engaged us or opted in. You can unsubscribe via the link in any message or by contacting us. We comply with the Spam Act 2003 (Cth).
7. Disclosure to third parties
We may disclose personal information to:
- project partners and subcontractors engaged on your matter;
- cloud and IT service providers (e.g., hosting, email, storage, analytics, e-signature, project platforms);
- professional advisers (legal, accounting, insurance);
- regulators and authorities where required by law; and
- prospective buyers or investors (confidentially) in connection with a business transaction.
We take reasonable steps to ensure third parties handle personal information in a manner consistent with the APPs.
8. Overseas disclosure
Some providers may store or access information from locations outside Australia. Where we disclose personal information overseas, we take reasonable steps under APP 8 to ensure recipients do not breach the APPs (e.g., contractual safeguards, provider due diligence). Contact us for a current list of key data-hosting countries used by our major vendors.
9. Cookies and analytics
Our website may use cookies and similar technologies to enable core functionality, remember preferences, and measure performance (e.g., traffic volumes, pages visited). You can adjust your browser settings to refuse cookies, though some features may not work as intended.
10. Security
We implement administrative, technical, and physical safeguards appropriate to the sensitivity of the information, including access controls, encryption in transit (TLS), MFA on key systems, least-privilege permissions, logging, and staff training. If a data breach is likely to cause serious harm, we will notify affected individuals and the Office of the Australian Information Commissioner (OAIC) in line with the NDB scheme.
11. Retention and de-identification
We keep personal information only as long as reasonably necessary for the purposes described or to meet legal/assurance requirements (e.g., tax records typically seven years, project records for an appropriate period considering statutory and contractual obligations). When no longer required, we de-identify or securely destroy it.
12. Your choices and rights
- Anonymity/pseudonymity: where practicable (APP 2), you may interact with us without identifying yourself.
- Access & correction: you may request access to, or correction of, your personal information (APP 12 & 13). We may need to verify identity and, in limited cases, refuse access as permitted by law (we’ll explain why).
- Opt-out of marketing: use the unsubscribe link or contact us.
Requests should be sent to the contact in Section 15.
13. GDPR Addendum (EU/UK residents)
Where we offer services to, or monitor the behaviour of, individuals in the EEA/UK, we rely on these lawful bases as applicable: contract performance, legitimate interests (e.g., service improvement, security), legal obligation, and consent (for optional activities).
Additional rights may include data portability, erasure, restriction, and objection. You also have the right to complain to your local supervisory authority. We may transfer data using appropriate safeguards (e.g., SCCs/IDTA).
14. Children
Our services are for professionals and businesses and are not directed to children under 16.
15. How to contact us
Privacy Officer — BRT Design and Consulting
Email: privacy@brtconsulting.com.au
Phone: +61 0491 008 493
Address: 72 Cala Lane Glen Aplin, QLD, 4381
16. Complaints
If you believe we’ve breached the APPs, please contact us in writing. We’ll acknowledge your complaint and aim to respond within 30 days. You may also contact the OAIC: 1300 363 992 or oaic.gov.au.
17. Changes to this policy
We may update this policy from time to time. The latest version will be posted on our website with the effective date.