Privacy Policy

1. PURPOSE

EMA Consulting Pty Ltd (ABN 17 078 829 517) is committed to protecting your privacy and handling your personal information in accordance with the requirements of the Australian Privacy Principles (“APP”) as set out in the Privacy Act 1988 (Cth) (“Act”) and any registered APP codes. This Privacy Policy (“Policy”) explains how we collect, store, hold, use, and secure your personal information.

2. APPLICATION

This Policy is only intended to cover information that is covered by the Act.

3. DEFINITIONS

‘APPs’ – means the Australian Privacy Principles under the Privacy Act 1988 (Cth).

‘Act’ – means the Privacy Act 1988 (Cth).

‘Clients’ – means any person or organisation who engaged us in the provision of our services.

‘Employee’ – means any permanent, casual or temporary person employed directly by us.

‘Permitted Situation’ – means a permitted general situation or permitted health situation as described in the Act in which sensitive information may be collected, used, or disclosed.

4. WHAT WE COLLECT AND WHY

4.1 General

We will only collect information which is directly relevant to our business activities, which includes the provision of consulting services, products and product support, and public and private training courses. It is important for us to collect personal information in order to provide a complete and comprehensive service.

4.2 Personal Information

We may collect the following types of personal information about you:

(a) Identifying details, such as your full name, date of birth, residential or business address, and any other demographic information;

(b) Contact details, such as phone number, email address, and postal address;

(c) Employment information, such as qualifications, work history, employer and position title; and

(d) Transactional details, such as products or services purchased, order and payment history.

4.3 How we collect your Personal Information

We may collect your personal information in various ways, including:

(a) When you:

  • Sign up as a client or for a public seminar or webinar
  • Subscribe to our mailing list (we may occasionally use our mailing list for direct marketing purposes—for example, if our partner company releases a new product or we release a new service)
  • Email us and send any personal information in your email
  • Purchase a good or service from us, including any of our template contracts, policies, or guides
  • Act as a supplier of goods or services to us

(b) When we provide consulting services to our clients, including personal information that comes:

  • directly from you, for example when we take a witness statement during a workplace investigation
  • from a person other than you, for example when we are providing advice to one of our clients in relation to workplace matters
  • from one of our partner companies, for example when we provide consulting services as part of a product subscription offered by Buzz-ER Pty Ltd, whose privacy policy can be viewed here.

(c) For employment purposes, including for prospective employees who have applied for a job with us.

  • While employee records are typically exempt from the APPs, we endeavour to treat our current and former employees’ personal information with the same level of confidentiality as all other personal information.
  • This information may include:
    • details that identify by name, address, date of birth and other related areas;
    • contact history and references; and
    • business contact information such as clients, bank managers, accountants, legal advisors and consultants.

4.4 Sensitive Information

(a) We may collect and hold sensitive information where required to fulfil our business functions or activities. We will only collect sensitive information with your consent, in a Permitted Situation, or where otherwise required or authorised by law.

(b) Sensitive information we may collect includes but is not limited to:

  • information about your racial or ethnic origin.
  • membership with professional, trade or political associations.
  • your political, philosophical, or religious opinions or beliefs.
  • your criminal record.
  • your health information (such as vaccination records, where required for health and safety purposes in the context of business activities).

4.5 Information about vulnerable persons

We may collect personal information about a vulnerable segment of the community (such as children, or persons with disabilities), where it is necessary for the proper management of our organisation and business activities, such as in the course of providing consulting services to our clients.

4.6 Web Data

(a) We may use various kinds of software to collect information to assist with user experiences on our websites, but none of this information can be used to identify individual users.

(b) Small files called “cookies” may be attached to your web browser on your personal computer. These files identify and save information about your browser but are not used to identify any personal information about you. Cookies enhance your experience on our website and our related entities’ websites. You can disable cookies on your computer, but this may affect your experience on our websites as they may not operate in the most efficient or desired way.

5. USE OF ARTIFICIAL INTELLIGENCE (AI)

5.1 Our use of AI

(a) We may use Artificial Intelligence (AI) tools to support and enhance our services, for purposes such as:

  • Summarising documents;
  • Drafting written content;
  • Assisting with document formatting (such as flow charts or tables);
  • Supporting research; and
  • Performing data analysis.

(b) We are committed to transparency about our use of AI and ensure that all personal information processed through or by AI is handled in accordance with this Policy and applicable privacy laws, including the APPs.

(c) We do not use AI to make automated decisions about individuals or events without human involvement. All AI-generated outputs are subject to human review and oversight and we take reasonable steps to validate and verify the accuracy of AIgenerated content. (d) Where AI may process or infer sensitive information or information relating to vulnerable individuals, we may implement additional safeguards, including where required, obtaining consent or providing further notice (in accordance with APP 6).

6. HOW WE COLLECT AND HOLD INFORMATION

6.1 Collection

(a) How we collect personal information depends on each business relationship. We may collect it:

  • directly from you via telephone, internet contact, in person during a visit
  • through our secure online platform, Buzz-ER, where clients subscribe to products (such as MyEMS) and enter data.
  • indirectly through referrals or list purchases.
  • from feedback forms at training courses and breakfast seminars.
  • while providing consulting services to our clients, such as advice on a workplace matter that may involve you.

(b) We will not collect any personal information except where that information has knowingly been provided to us or the collection of the information is directly relevant to our business, such as the provision of advice to a client.

(c) If we come into possession of any unsolicited personal information, we will destroy or de-identify it as soon as practicable, if it is appropriate to do so.

(d) Where applicable, personal information collected may be processed using AI tools in accordance with this Policy.

6.2 Storage and security

(a) Our electronic database and manual information management facilities which are used to hold personal information are maintained secure at all times. This includes protection from unauthorised or illegal network access as well as appropriate security levels.

(b) Internal access will be controlled such that the relevant persons are authorised only for the minimum access that is required by them to enable them to perform their job function.

(c) Other ways in which we hold information may include in hard copy files, and on our cloud-based databases.

(d) We endeavour to keep all personal information secure and up to date (to the extent necessary to perform our business functions). Our staff members are all trained in confidentiality and the appropriate access and use of personal information to ensure the information is only accessed and used as required for the provision of our services.

(e) We continually monitor and keep up to date with our obligations under the notifiable data breach scheme and will comply with those obligations in the event of a notifiable data breach. Our staff members are all trained in our notifiable data breach policies and understand their individual obligations and can escalate any issues appropriately.

6.3 Use and disclosure

(a) We will only use or disclose personal information for the purpose for which it was collected, or otherwise as permitted or required by law. Other purposes for which we may use or disclose personal information include:

  • to notify our contacts of developments or upcoming events, such as new training courses or industrial relations news that affects our clients
  • to obtain feedback from our clients about our products, services, and training
  • while seeking legal advice, such as when we act as an agent on behalf of a client
  • where required by law, such as a court order, in which case we will (if reasonably practicable) notify you of that use or disclosure

(b) We may share your information to one of our partner companies during the provision of services to you. For example, if you have expressed an interest in a product that one of our partner companies produces, we may pass your contact details to that partner company so they can get in touch with you. Where personal information is used by us, access is restricted to persons who require it to carry out their job function.

(c) Where applicable, personal information used in AI tools is handled in accordance with this Policy.

6.4 Disclosure to overseas recipients

(a) In the course of providing our services, we may use companies that process or store information on our behalf on overseas servers. These companies will ordinarily be bound by different laws or have their own privacy policy that offers protections similar to the Act and this Policy. We will endeavour to keep this Policy updated with relevant information where we become aware that a company we use stores this information on overseas servers.

(b) Some of our free resources for clients are provided through Cognito Forms, whose servers are located in the United States. When you use these resources, any information you enter may be transferred across national borders and is subject to Cognito Forms’ Terms of Service and Privacy Policy, in addition to this Policy.

6.5 Access and correction

(a) We endeavour to keep all of our records of personal information up to date where relevant—for example client contact details. We encourage you to contact us if any of your personal or contact information changes, so we can update our records accordingly. We may also periodically contact you to confirm that our records are accurate and current.

(b) You may request access to your personal information held by us. There may be circumstances where that access is not permitted, such as when it breaches confidentiality or commercial sensitivity of our business or a client’s business.

(c) If you would like to request access to or correct your personal information held by us, or have any other questions about how we collect, use, and store your personal information, please contact the General Manager on:

Phone: 08 8203 1700
Email: [email protected]

(d) A person, other than you may make a request for access to or correction of your personal information if that person is your parent or guardian, or if they are authorised to act on your behalf under applicable guardianship or power of attorney legislation.

7. COMPLAINTS

If you believe there has been a breach of the APPs, or a registered APP code that binds us, please contact us in writing at [email protected].

We will endeavour to respond to any complaints within thirty (30) days or within such other time frame as is reasonable in the circumstances.

If you are not satisfied with how we have handled your complaint, you may refer your complaint to the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.

8. CHANGES TO THIS POLICY

This Policy may be updated from time to time to reflect changes in our operations and the current legislative requirements. We encourage you to check our website regularly so you can stay informed on how we protect your information.

This Policy was last reviewed and modified on 2 September 2025.