Privacy Policy

We collect what we need to do the work, store it carefully, and don't sell it. This document sets out the detail: what personal information we hold, how we use it, who we share it with, and how to access or correct it. We comply with the Australian Privacy Act 1988 (Cth).

---

1. About this Policy

This Privacy Policy describes how Coppin Grove Digital Pty Ltd (ABN 47 693 481 579) (Coppin Grove Digital, CGD, we, our, or us) collects, holds, uses, and discloses personal information. We are committed to handling personal information in accordance with the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles, even where the small-business exemption may apply.

This Policy applies to personal information we collect through this website, through our products and operated systems (including FlowDocs and any other systems we deploy or host), and through our direct communications with customers, prospects, and individuals connected with our customers' businesses.

We may update this Policy from time to time. The most current version will be published at this URL.

2. Types of personal information we collect

We collect only the personal information we need to deliver our services. Depending on your interaction with us, this may include:

• Contact details — name, email address, phone number, company name, and professional role.
• Account credentials for systems we operate — used to authenticate access to FlowDocs and other CGD-hosted systems.
• Client-supplied credentials for the client's own operational systems — including credentials for CargoWise tenants, carrier portals, customs platforms, ERP, and document repositories, where a customer authorises us to access these systems on their behalf. These credentials are treated as sensitive, held only for as long as needed for the engagement, and returned or destroyed at the customer's request.
• Business data we process on a customer's behalf during engagements — including cargo manifests, invoices, customs paperwork, and similar operational documents that are subjects of the integrations we build.
• Server logs from this website and from any product portal we operate — IP address, browser type, request paths, and timestamps.
• Email correspondence with us.

We do not collect sensitive information (as defined in the Privacy Act) unless it is reasonably required for a specific lawful purpose and you have provided your consent.

3. How we collect personal information

We collect personal information:

• Directly from you, when you contact us, engage our services, or use a system we operate.
• As a normal function of operating our systems — for example, server logs are generated when you visit this website or use a product portal.
• From third parties only with your consent or where expressly authorised by law — for example, from a referrer, a recruiter, or an authorised representative of your organisation.

This website uses no third-party analytics or tracking. We do not load Google Analytics, Plausible, Fathom, or equivalent tools, and we do not set advertising or cross-site tracking cookies.

4. Use of personal information

We use personal information to:

• Provide the services we have been engaged to provide.
• Communicate with you about engagements, services, support, security incidents, and operational matters.
• Issue invoices and process payments.
• Improve our services, products, and operations.
• Comply with our legal and regulatory obligations.
• Send marketing communications about our services, only with your consent and only to existing business contacts, in accordance with the Spam Act 2003 (Cth). You may withdraw consent at any time by replying to any such message or contacting us at the address below.

5. Disclosure to third parties

In the course of operating our business, we may need to disclose personal information to:

• Cloud hosting and processing sub-processors, in categories including hosting, processing, storage, and email delivery. A specific list of sub-processors is maintained internally and supplied on request.
• Regulatory and government bodies, where required by law, court order, or other legal process.
• Our legal, accounting, insurance, and financial advisers.
• A prospective acquirer, in the event of a business sale or asset transfer, subject to confidentiality.

We do not sell or rent personal information.

6. International transfers

We host and process personal information primarily within Australia (default cloud region: AWS Asia Pacific (Sydney)). Some sub-processors may store or process personal information outside Australia. Where international transfers occur, we take reasonable steps to ensure that protection equivalent to the Australian Privacy Principles applies, or we obtain your consent.

7. Cookies and tracking

This marketing website does not set tracking cookies. The systems we operate (such as FlowDocs) may set strictly necessary cookies to maintain your authenticated session — these are essential to the system's operation and are not used for tracking.

8. Data security and storage

We take reasonable steps to protect personal information from misuse, interference, loss, and unauthorised access, modification, or disclosure. Measures include encryption in transit, access controls based on least privilege, and restricted handling of credentials. No method of storage or transmission is perfectly secure, but we maintain industry-standard practices appropriate to the sensitivity of the information we hold.

9. Retention

We retain personal information only for as long as necessary for the purposes for which it was collected, or as required by law. When information is no longer needed, we destroy it or de-identify it.

10. Access to and correction of personal information

You have the right to request access to personal information we hold about you, and to request correction if it is inaccurate, out-of-date, incomplete, irrelevant, or misleading. Send your request to us using the contact details below. We may need to verify your identity before responding. We will respond within a reasonable time. If we decline a request, we will provide written reasons and information about how to lodge a complaint.

11. Complaints

If you believe we have breached this Policy or applicable privacy law, please contact us in writing. We will investigate your complaint and respond within a reasonable time. If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner at oaic.gov.au.

12. Contact

Coppin Grove Digital Pty Ltd
ABN 47 693 481 579
Email: hello@coppingrovedigital.com.au

---

Questions about this document? hello@coppingrovedigital.com.au

← back to home