This Privacy Policy explains how we collect, hold, use, disclose and protect personal information, and how individuals may access or correct that information or make a complaint. It is designed for an Australian private-sector accounting practice and is intended to comply with the Privacy Act 1988 (Cth), including the Australian Privacy Principles (APPs), and, where applicable, other laws relevant to the handling of particular categories of information.

1. Scope and Commitment

We are committed to protecting your privacy and handling personal information in an open, transparent, fair and lawful manner.

This Privacy Policy describes our approach to gathering personal information, as well as how we hold, use, disclose, secure, retain and otherwise manage that information in connection with our professional services and business operations.

This Privacy Policy may be supplemented from time to time by collection notices, engagement terms, website notices or privacy statements that apply to specific services, recruitment activities or areas of our website.

We may amend this Privacy Policy from time to time by publishing an updated version on our website. The date at the end of this Policy indicates when it was last updated.

2. Collection of Information

Personal information means information or an opinion about an identified individual, or an individual who is reasonably identifiable.

We generally collect personal information directly from you or from a person authorised by you. We may collect it when you communicate with us by telephone, email, post, online form, client portal, facsimile, in person, through our website, or when you otherwise provide documents or information in connection with our services.

In some circumstances, we may collect personal information from other sources where it is reasonably necessary for our functions and activities. This may include information from your employer, family members, representatives, referral partners, business associates, related bodies corporate, publicly available records, government agencies, regulators, financial institutions, superannuation funds, insurers, software platforms and other professional advisers.

name, date of birth and identification details;

contact information, including postal or residential addresses, telephone numbers and email addresses;

financial information, including assets, liabilities, occupation, income, bank account information, account activity, payment history and taxation information;

government-related identifiers, such as Tax File Numbers, Australian Business Numbers and similar identifiers where collection is permitted by law;

shareholdings, investment details, business records and details of trusts, companies, partnerships or self-managed superannuation funds;

details of superannuation, insurance or lending arrangements;

education, employment history, remuneration and visa or work permit status where relevant, including for recruitment or payroll-related services;

personal information relating to spouses, dependants or other associated persons where relevant to the services we are providing; and

records of communications, engagement documentation and information you provide through our website or online systems.

3. Sensitive Information and Website Data

We do not generally collect sensitive information unless it is reasonably necessary for the services we provide, required or authorised by law, or you have consented. In limited circumstances, this may include information relevant to recruitment, employment, insurance, litigation support or regulatory matters. Examples may include health information, criminal record information, professional memberships or other sensitive information directly relevant to the work being undertaken.

We may also collect non-personal or technical information about your use of our website and online services, including cookies or similar tracking technologies, browser type, operating system, IP address, domain name and website usage data. We use this information for internal purposes such as administering our systems, maintaining security, diagnosing problems, generating statistics and trends, improving the quality of our website and services, and enhancing user experience.

We may store and maintain content that you provide in connection with our website or online services, including through contact pages, client portals, event registrations, survey responses or other interactive features we make available.

4. Use of Personal Information

We collect, hold, use and disclose personal information for purposes reasonably necessary to conduct our business and provide our professional services.

providing accounting, taxation, bookkeeping, payroll, advisory, audit and assurance, finance, lending, family office, forensic accounting, management consulting, superannuation and related professional services;

responding to requests, enquiries or instructions, and maintaining our client relationships;

preparing, reviewing and lodging documents with the Australian Taxation Office, ASIC and other regulators or authorities;

verifying identity, authority to act, conflicts of interest, independence obligations or compliance requirements;

managing engagements, quality assurance, internal administration, risk management, insurance and record keeping;

engaging and managing service providers, contractors, consultants, suppliers and technology platforms used in the operation of our business;

recruitment, employment-related administration and associated business operations;

conducting surveys, requesting feedback and improving our services;

notifying clients and contacts about our services, seminars, events, updates or industry developments where permitted by law;

protecting our rights, property and security, and the rights and security of clients, staff and users of our systems;

considering or implementing a corporate transaction such as a sale, merger, acquisition, restructure or divestment; and

complying with legal, regulatory, professional and contractual obligations or for any other purpose permitted or required by law.

5. Marketing Communications

We may use your contact details to send you newsletters, practice updates, invitations, service information or other communications we consider may be relevant to you. You may opt out of receiving marketing or promotional communications at any time by using the unsubscribe function in an email or by contacting us using the details below.

Where required by law, we will only send such communications with your consent.

6. Disclosure to Third Parties

We generally only disclose personal information for the purposes described in this Policy, with your consent, or where required or authorised by law.

related entities, business partners, referral partners and associates;

service providers performing administrative, technology, cloud hosting, cybersecurity, payroll, document management, data processing or other business support functions;

banks, lenders, insurers, superannuation funds and other financial institutions;

professional advisers, auditors, contractors, consultants and insurers;

government agencies, courts, tribunals, regulators, law enforcement bodies and dispute resolution bodies;

persons or entities considering acquiring an interest in our business or assets; and

other persons where you have directed or authorised us to make the disclosure.

7. Overseas Disclosure

Some of our service providers or technology platforms may store or process information outside Australia. Where we disclose personal information overseas, we will take reasonable steps in the circumstances to ensure the overseas recipient handles the information consistently with applicable Australian privacy requirements, including APP 8 where relevant.

8. Tax File Numbers and Government Identifiers

Where we collect Tax File Number information or other government-related identifiers, we will do so only where permitted or required by law and for purposes connected with the services we provide or our legal obligations.

Tax File Number information will be handled in accordance with applicable law, including the Privacy (Tax File Number) Rule 2015 and relevant taxation legislation.

9. Information Security and Retention

We take reasonable steps to protect personal information from misuse, interference and loss, and from unauthorised access, modification or disclosure. Depending on the circumstances, these measures may include physical security, secure disposal procedures, password protection, access controls, staff confidentiality obligations, secure portals, reputable cloud-based systems, encryption and other technical and organisational safeguards.

We may hold personal information in physical form, on our own systems and servers, and on third-party systems used in the course of our business.

We retain personal information for as long as reasonably necessary for the purposes for which it was collected and to comply with taxation, corporate, professional, insurance, employment and other legal record-keeping obligations. When information is no longer required, we take reasonable steps to destroy or de-identify it.

10. Access and Correction

You may request access to the personal information we hold about you, or request correction if you believe it is inaccurate, incomplete, out of date, irrelevant or misleading. We may need to verify your identity or authority before actioning a request.

We will respond to requests for access or correction within a reasonable period and in accordance with applicable law. In some cases, we may refuse access or decline to make a requested amendment where permitted by law, in which case we will provide reasons where required.

If responding to an access request requires substantial retrieval, collation or reproduction work, we may charge a reasonable fee. If any charge is to apply, we will let you know in advance.

11. Data Breaches

We maintain processes, and may maintain a Data Breach Response Plan, for identifying, containing, assessing and responding to suspected data breaches.

If we have reasonable grounds to believe that an eligible data breach has occurred within the meaning of the Notifiable Data Breaches scheme, we will assess the incident and, where required by law, notify affected individuals and the Office of the Australian Information Commissioner.

12. Questions and Complaints

If you have any questions or concerns about this Privacy Policy, or if you wish to make a complaint about how we have handled your personal information, please contact our Privacy Officer using the details below.

We take privacy complaints seriously and will investigate and respond within a reasonable period.

If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner. Where a complaint specifically concerns NSW health information and applicable NSW law, you may also be able to contact the Information and Privacy Commission NSW.

13. Contact Details

Privacy Officer
HQB Accountants Auditors Advisors
13-15 Park Avenue, Coffs Harbour NSW 2450
Email: enquiries@hqb.com.au           
Phone: 02 6652 2333

14. Additional Information

Further information about privacy and the Australian Privacy Principles is available from the Office of the Australian Information Commissioner.

15. Last Updated

March 2026