EQOS
Building trust in AI
Privacy

Privacy Policy

EQOS (we, us, our) is committed to protecting personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). This policy explains how we manage personal information across our website, products, workshops, and other client engagements.

Last updated: 3 October 2025

Scope of this policy

This policy applies to personal information collected by EQOS through our website, when you contact us, attend events, participate in workshops, or partner with us on product delivery. Additional privacy statements may apply to specific products or services and should be read together with this policy.

Where your engagement with EQOS involves other organisations, their privacy notices may also apply. We take reasonable steps to ensure that we only work with partners who uphold standards consistent with the APPs.

Personal information we collect

The personal information we collect depends on our relationship with you. It can include:

  • Identity details such as your name, job title, organisation, and professional profile.
  • Contact information including email address, phone number, and preferred communication channels.
  • Business context covering project requirements, goals, budgets, documentation you share, and feedback on our services.
  • Technical information such as device identifiers, browser type, IP address (in truncated form), referral URLs, and usage analytics gathered through cookies and similar technologies.
  • Billing and contractual information if you procure paid services, including billing contact details and purchase orders.
  • Sensitive information only where it is reasonably necessary for our services (for example, accessibility requirements for workshops) and with your consent or as otherwise permitted by law.

You can choose to deal with us anonymously or under a pseudonym where lawful and practicable. If you do not provide information we request, we may be limited in how we can respond or tailor our services.

How we collect personal information

  • Directly from you when you complete forms, send enquiries, attend meetings, or participate in workshops.
  • Automatically through our website analytics, cookies, server logs, and interaction tracking.
  • From third parties such as referrers, partners, publicly available sources, and service providers that support business development or marketing where it is lawful to do so.

We collect personal information by lawful and fair means and only where it is reasonably necessary for our functions. Where we receive personal information we did not request, we handle it in accordance with the APPs.

How we use personal information

We use personal information to:

  • Respond to enquiries, provide proposals, and deliver agreed services.
  • Plan engagements, coordinate project delivery, and manage vendor or partner relationships.
  • Operate, maintain, and improve our website, digital products, and internal processes.
  • Send updates, newsletters, and marketing communications in line with your preferences.
  • Support research, insights, and analytics to improve customer experience in an aggregated form.
  • Detect, investigate, and manage security, fraud, or compliance issues.
  • Comply with legal obligations, respond to lawful requests, and exercise our legal rights.

We do not sell personal information.

When we disclose personal information

We only share personal information with third parties where it is necessary for the purposes above, we have your consent, or we are permitted or required by law. Typical recipients include:

  • Technology partners that provide cloud hosting, analytics, collaboration, and productivity tools.
  • Delivery partners and subject-matter experts engaged to support workshops or solution builds.
  • Professional advisers such as lawyers, auditors, accountants, and insurers under duty of confidence.
  • Regulators, law enforcement, or dispute resolution bodies where disclosure is required or authorised.
  • Potential investors or business partners subject to confidentiality obligations.

Where possible we de-identify information before sharing insights externally. We require third parties to use personal information only for the services they provide to us and to handle it securely.

International data handling

Our service providers may store or process personal information on servers located in Australia and in other jurisdictions, including the United States, the European Union, and Singapore. When we disclose personal information overseas we take reasonable steps to ensure the recipient protects it in line with the APPs, including through contractual safeguards and due diligence.

By engaging with EQOS, you authorise us to transfer personal information across borders for these purposes.

Cookies and analytics

We use cookies and similar technologies to provide core functionality, measure website performance, and understand how visitors engage with our content. Cookies may be session-based or persistent and can come from EQOS or our analytics partners.

You can adjust your browser settings to refuse cookies or notify you when cookies are being used, although this may impact site functionality. We currently do not respond to Do Not Track signals. Analytics data is aggregated and used only to improve our services.

Marketing preferences

We may send you information about EQOS events, insights, and services that we believe are relevant to your role. You can opt out at any time by using the unsubscribe option in our emails or by contacting us directly. We will action opt-out requests promptly.

Data security and retention

We implement administrative, technical, and physical safeguards to protect personal information from misuse, interference, loss, unauthorised access, modification, or disclosure. Measures include role-based access, encryption in transit, secure development practices, and continual monitoring.

Personal information is retained only for as long as required to fulfil the purposes outlined in this policy, meet legal obligations, resolve disputes, or enforce agreements. When information is no longer needed, we take reasonable steps to de-identify or securely destroy it.

Accessing or correcting your information

You can request access to the personal information we hold about you or ask us to correct it if you believe it is inaccurate, out of date, incomplete, or misleading. We will respond within a reasonable timeframe and may need to verify your identity before fulfilling your request. If we decline to provide access or correct information, we will explain why and outline available complaint options.

Notifiable data breaches

In the event of a data breach that is likely to result in serious harm, we will comply with the Notifiable Data Breaches scheme under the Privacy Act. This includes assessing the incident, notifying affected individuals and the Office of the Australian Information Commissioner (OAIC), and taking steps to mitigate potential harm.

Complaints and privacy enquiries

If you have questions about this policy or wish to make a privacy complaint, please contact us using the details below. We aim to acknowledge receipt within two business days and to resolve complaints within 30 days. If we need more time, we will let you know.

Please submit your enquiry through our online contact form and include any relevant details so we can assist you quickly.

If you are not satisfied with our response, you may contact the OAIC by calling 1300 363 992 or by visitingoaic.gov.au. You can also write to GPO Box 5218, Sydney NSW 2001.

Updates to this policy

We may update this policy to reflect changes in our practices, technology, or legal obligations. The updated version will be available on this page with a revised date. We encourage you to review it regularly.

Need more information?

We are ready to answer any questions about how EQOS protects data and supports responsible AI practice. Reach out and we will respond within one business day.

Contact EQOS