Privacy Policy

Privacy Policy

Privacy Act


Our business is bound by the Privacy Act 1988 (the Act) and the Australian Privacy Principles (APP). Our business is an APP entity as defined in s 6(1) of the Act.


We collect and hold personal information relating to our clients and to other people and entities associated with our clients as may be provided or disclosed to us in the course of business. Such personal information may include, but is not limited to, names, tax file numbers, addresses, telephone numbers, social media details, email addresses, occupations, wage records, credit references, credit records, bank account details, asset and investment details, financial planning records, taxation records, information on the National Personal Insolvency Index, medical records and relationship details.


Personal information is collected from our clients in the following ways: 

  • by providing it to us directly; 
  • by authorising third parties to provide it to us; 
  • by other parties providing it to us either voluntarily or pursuant to compulsory processes we conduct on our client’s behalf.


Grants & Funding Partners may also collect information from publicly available databases, social media and websites.


Grants & Funding Partners will not collect information that is not relevant or sensitive in nature unless it is required in the normal course of business.



How is personal information received and held? 


Personal information may be received and held either as a hard copy, paper, or a soft copy being electronic data, in any available form. In either case, we take the security of personal information very seriously. We secure hard copy documents carefully in and out of our office. We use cyber-security systems to protect soft copy documents. 



For what purpose is personal information collected, held, used and disclosed?


All data is processed by the business on a lawful basis. The purposes for which we collect, hold, use and disclose personal information are: 


  • to offer our products and services to our clients. In doing so we may disclose personal information to other people or entities involved in the provision of the product or service, such as government departments and individuals. Unless compelled by law, we will never disclose personal information without the client’s knowledge and consent;
  • to facilitate our internal and external administrative processes including financial and business operations and reporting requirements; 
  • to assess credit worthiness
  • to obtain, maintain and comply with the terms of our professional indemnity and other insurance policies; and
  • to comply with applicable laws.



Cookies and our Website


We use cookies on our website. Cookies are small files which are stored on your computer. They are designed to hold a modest amount of data ( and may include personal information) specific to a particular client and website, and can be accessed either by the web server or the client’s computer.


Grants & Funding uses and maintains a website for facilitating communication between Grants & Funding and its customers and like most other commercial websites, we may monitor traffic patterns, site usage and related site information. Cookies may be placed on your computer whenever you visit our site.


This allows the site to remember your computer and serves a number of purposes. Most browsers automatically accept cookies, you can choose whether or not to accept cookies via your browser’s settings. You may also delete cookies from your device at any time.


Cookies by themselves do not tell us your email address or otherwise identify you personally. In our analytical reports, we may obtain other identifiers including public IP addresses, but this is for the purpose of identifying the number of unique visitors to our web sites and geographic origin of visitor trends, and is not used to identify individual visitors


If you consent to Grants & Funding’s use of cookies on our website and later wish to withdraw your consent, you may manage and control Grants & Funding’s privacy controls through your browser, including removing cookies by deleting them from your browser history when you leave the site.



Tax File Numbers (TFN)


As a TFN Recipient under the Privacy Act 1988 and the Privacy (Tax File Number) Rule 2015, Grants & 

Funding Partners is subject to collection, storage, use, and disclosure requirements concerning TFNs. 

Grants & Funding does not disclose your TFN to any third parties without your consent.



How can personal information be accessed or corrected?


Clients may access their personal information and seek correction of it at any time by applying to our office in person or in writing. 


Clients will be formally identified before releasing or amending any personal information. 



Is personal information disclosed outside of Australia? 


Where necessary we will disclose personal information to overseas recipients, including a related body corporate. This would only be done if it is necessary for the delivery of the Services to our Clients. 



What is the complaints process relating to personal information? 


If there is a breach of this privacy policy, either of the Act or the Australian Privacy Principles (APP), a complaint may be made by the client to: 

  • our customer services team at gerry@grantsfundingpartners.net.au ; or
  • the Office of the Australian Privacy Commissioner. 



Data breaches 

All staff are responsible for protecting the confidentiality of client information and business information. Refer any data breaches, or suspected data breaches, to the customer services team as soon as possible. 



What is an eligible data breach? 


An eligible data breach, defined in s 26WE(2) of the Act, is when: 


(a) both of the following conditions are satisfied: 

(i) there is unauthorised access to, or unauthorised disclosure of, the information;

(ii) a reasonable person would conclude that the access or disclosure would be likely to result in serious harm to any of the individuals to whom the information relates; or 


(b) the information is lost in circumstances where: 

(i) unauthorised access to, or unauthorised disclosure of, the information is likely to occur; and

(ii) assuming that unauthorised access to, or unauthorised disclosure of, the information were to occur, a reasonable person would conclude that the access or disclosure would be likely to result in serious harm to any of the individuals to whom the information relates;



If there is a suspicion of a breach


If we suspect that there has been an eligible data breach, a reasonable and expeditious assessment will be conducted within 30 days. 


If we believe or have reasonable grounds to believe there has been a breach then a statement will be prepared setting out:

  • the business’s details; 
  • a description of the breach;
  • the kind or kinds of information concerned; and
  • recommendations about the steps that we will take in response to it. 


If practicable, we will advise the contents of the statement to each of the affected clients who may be at risk from the breach. If this is not practicable we will publish the statement on our website and take other reasonable steps to publicise its contents. Communications with individuals will be via their preferred communication method. 


The statement will be submitted to the Privacy Commissioner. 



Exception to reporting 


Mandatory notification requirements are waived if remedial action can be taken that results in a reasonable person concluding that the access or disclosure is not likely to result in serious harm to any of those individuals.

Share by: