Contact

Privacy Policy

IAG Holdings Pty Ltd (ABN 69 650 586 422) (IAG, we, us or our) respects your privacy and is committed to handling personal information in accordance with the Privacy Act 1988 (Cth) (Privacy Act), the Australian Privacy Principles (APPs), the Spam Act 2003 (Cth) and other applicable Australian privacy laws.

This Privacy Policy explains how we collect, use, disclose, store and protect personal information collected through our website at iagadvisory.com.au (Website), including via our contact / enquiry form and careers pages, as well as personal information we collect in the course of our business more generally.

Where we provide services to government clients, additional privacy obligations may apply (including under the Privacy and Personal Information Protection Act 1998 (NSW), the Privacy and Data Protection Act 2014 (Vic) and the Information Privacy Act 2009 (Qld) and other equivalent State and Territory legislation). Where those obligations apply we will handle the relevant information in accordance with them and any contract with the client.

1. What personal information we collect

The personal information we collect about you depends on how you interact with us. It typically includes:

  • Identity and contact details: your name, email address, phone number, postal address, employer or organisation, role or position, and country/state of location;
  • Enquiry content: the content of any message, enquiry or other information you submit through our contact form or otherwise send us;
  • Recruitment information (if you apply for a role with IAG): your CV, cover letter, employment history, qualifications, references, right to work information and any other information you provide as part of an application;
  • Technical and usage information: IP address, device and browser type, operating system, referring URL, pages visited, time and date of visits, and other analytics data collected automatically when you use the Website (including via cookies and similar technologies).

We do not generally collect sensitive information (as defined in the Privacy Act) through the Website. If we need to collect sensitive information for a specific purpose (for example, in a recruitment context), we will obtain your consent or rely on another lawful basis.

2. How we collect personal information

(a)     Directly from you, when you complete the contact / enquiry form, subscribe to our newsletter, apply for a role, attend a meeting or event, or otherwise communicate with us;

(b)    Automatically, when you use the Website, through cookies, pixels, server logs and analytics tools (see clause 6);

(c)     From third parties, including: your employer or organisation; our clients (where you are a representative of, or contractor to, our client); recruitment platforms (such as LinkedIn or Seek) where you have made information available; referees you nominate; publicly available sources; and our service providers.

If you provide us with personal information about another individual, you must ensure you are authorised to do so, and you must inform that individual about this Privacy Policy.

3. Why we collect, use and disclose personal information

We collect, hold, use and disclose personal information for purposes including:

  • responding to your enquiries and communicating with you;
  • providing information about IAG, our services, capability statements, projects, events and insights;
  • delivering and managing our advisory services and our relationships with clients, prospective clients, suppliers and partners;
  • recruitment, including assessing applications, conducting reference and background checks, and administering employment;
  • administering, securing, operating, maintaining and improving the Website (including analytics and troubleshooting);
  • direct marketing and sending newsletters or other communications about IAG, our services and events (subject to your consent and your right to opt out at any time);
  • complying with our legal, regulatory, contractual, audit, insurance and risk management obligations; and
  • any other purpose disclosed to you at the time of collection or to which you have consented.

4. Who we disclose personal information to

We may disclose your personal information to:

  • our related bodies corporate within the IAG group of companies;
  • our clients (where you are an enquirer, contractor or representative relevant to a client engagement);
  • our service providers (including IT, hosting, cloud storage, email and CRM, marketing automation, analytics, recruitment, professional advisers, insurers and auditors);
  • government agencies, regulators, law enforcement and courts where required or permitted by law, or to establish, exercise or defend legal rights;
  • any actual or proposed acquirer of IAG or its business or assets, and that party’s advisers; and
  • any other party with your consent.

5. Overseas disclosure

Some of our service providers (in particular IT, cloud, email and analytics providers) may store or process personal information outside Australia, including in the United States, United Kingdom, European Union and other countries where our providers operate. Before disclosing personal information overseas we take reasonable steps to ensure that the recipient handles it consistently with the APPs, including through contractual protections.

6. Cookies, analytics and similar technologies

(a)     The Website uses cookies and similar technologies to help it function, to remember your preferences, to measure usage and to improve user experience. We may use third party analytics tools (such as Google Analytics) which collect information about your use of the Website on an anonymous or pseudonymous basis.

(b)    You can control cookies through your browser settings, and you can opt out of certain analytics tools through their respective opt-out mechanisms. Disabling cookies may affect the functionality of the Website.

7. Direct marketing

(a)     We may use your contact details to send you marketing communications about IAG and our services, including newsletters, insights and event invitations, where we have a lawful basis to do so under the Privacy Act and the Spam Act 2003 (Cth).

(b)    Each marketing email we send will include an unsubscribe link. You can opt out at any time by using the unsubscribe link, or by emailing info@iagadvisory.com.au. We will action opt-out requests within a reasonable period.

(c)     Even if you opt out of marketing, we may still contact you in relation to enquiries you have made, services we provide, and other administrative or legal matters.

8. Data quality, storage and security

(a)     We take reasonable steps to ensure the personal information we hold is accurate, complete, up to date and relevant. Please tell us if your contact details change.

(b)    We hold personal information in a combination of secure electronic and (where applicable) physical records. We use a range of administrative, technical and physical safeguards to protect personal information from misuse, interference, loss and unauthorised access, modification or disclosure. While we work to protect your information, no method of transmission or storage is 100% secure.

(c)     We retain personal information only for as long as necessary for the purposes for which it was collected, or as required by law or relevant professional or regulatory obligations.

9. Notifiable data breaches

We comply with the Notifiable Data Breaches scheme under Part IIIC of the Privacy Act. If we become aware of a data breach that is likely to result in serious harm to affected individuals, and the breach is not remediated, we will notify those individuals and the Office of the Australian Information Commissioner (OAIC) as required by law.

10. Accessing and correcting your personal information

(a)     You can request access to, or correction of, the personal information we hold about you by contacting us using the details in clause 13.

(b)    We will respond to access and correction requests within a reasonable period (usually within 30 days). We may need to verify your identity before responding.

(c)     We may decline a request, or charge a reasonable cost-recovery fee for providing access, where permitted by the Privacy Act. If we decline a request, we will give reasons in writing and explain how you can complain.

11. Complaints

(a)     If you believe we have breached the Privacy Act, the APPs or any other applicable privacy law, please contact our Privacy Officer using the details in clause 13. Please include enough detail for us to investigate.

(b)    We will acknowledge your complaint promptly and aim to provide a substantive response within 30 days.

(c)     If you are not satisfied with our response, you can complain to the Office of the Australian Information Commissioner (OAIC): www.oaic.gov.au  |  Phone 1300 363 992.

12. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal obligations or for other operational reasons. The updated policy will be posted on the Website and takes effect when posted. The “Effective” date at the top of this Policy shows when it was last updated. Material changes will be notified to you where required by law.