Legal — Privacy

Privacy Policy

Effective: 23 April 2026  ·  Zimritech Pty Ltd  ·  ABN 64 283 455 433

1. About this policy

This Privacy Policy explains how Zimritech Pty Ltd ("Zimritech", "we", "us", or "our") collects, uses, holds, and discloses personal information. It applies to personal information collected through our website, client engagements, and any other interactions you have with us.

We are bound by the Privacy Act 1988 (Cth) ("Privacy Act") and the thirteen Australian Privacy Principles ("APPs") set out in Schedule 1 of that Act. We are also subject to the Notifiable Data Breaches ("NDB") scheme under Part IIIC of the Privacy Act.

Short version: We only collect what we need, we use it only for the purposes we tell you about, we keep it secure, and you can always ask us what we hold and request corrections.

2. Who we are

Zimritech Pty Ltd is an applied AI studio incorporated in Victoria, Australia. Our registered office is in Melbourne, VIC. We design, build, and operate AI systems — including agents, automations, and custom models — for businesses across Australia and internationally.

For all privacy enquiries, contact our Privacy Officer at privacy@zimritech.com.au.

3. Personal information we collect

We collect personal information that is reasonably necessary for our functions and activities. This may include:

Contact and identity information

  • Full name
  • Email address
  • Phone number
  • Company name and job title
  • LinkedIn profile (if voluntarily provided)

Business and engagement information

  • Details of your AI or automation requirements
  • Project scopes, deliverables, and correspondence
  • Invoicing and payment details (processed via third-party payment providers)
  • Feedback and satisfaction data

Technical and usage information

  • IP address and approximate location (city/region level)
  • Browser type and device information
  • Pages visited, time on page, referral source
  • Cookie identifiers (see Section 9)

We do not intentionally collect sensitive information (as defined in the Privacy Act, including health, racial or ethnic origin, political opinions, religious beliefs, or biometric data) unless you provide it voluntarily and we obtain your consent.

4. How we collect it

We collect personal information:

  • Directly from you — when you complete the contact form on our website, email us, book a discovery call, or enter a client engagement.
  • Automatically — through cookies, analytics tools (e.g., Google Analytics), and server logs when you visit our website.
  • From third parties — such as LinkedIn, referral partners, or publicly available sources, where relevant to a business enquiry.

Where it is lawful and practicable to do so, we will give you the option of interacting with us anonymously or using a pseudonym (APP 2). For example, you may browse our website without providing any identifying information.

5. Why we collect it

We collect and use personal information for the following primary purposes:

  • Responding to enquiries and booking discovery calls
  • Providing, managing, and improving our AI services and client projects
  • Sending service-related communications (project updates, invoices, support)
  • Complying with our legal and contractual obligations
  • Improving our website and understanding how visitors use it
  • Direct marketing (only where you have opted in — see Section 8)

We will only use or disclose personal information for a secondary purpose if you have consented, if you would reasonably expect us to use it that way, or if an exception in the Privacy Act applies (APP 6).

6. Disclosure to third parties

We may disclose personal information to the following categories of third parties:

Recipient Purpose
Cloud infrastructure providers (e.g., AWS, Google Cloud) Hosting, storage, and processing of our services
Analytics providers (e.g., Google Analytics) Website usage analysis and optimisation
Email and communication tools (e.g., Gmail, Notion) Internal communications and project management
Payment processors (e.g., Stripe) Invoice payment and billing
Accounting and legal advisers Financial reporting, compliance, and legal advice
Regulators and law enforcement Where required by law or to protect our legal rights

We do not sell personal information. We do not disclose it to third parties for their own marketing purposes without your explicit consent.

7. Cross-border disclosure

Some of our third-party service providers store or process data on servers located outside Australia, including in the United States, the European Union, and Singapore.

Before disclosing personal information overseas, we take reasonable steps to ensure the recipient is subject to a law or binding scheme that effectively upholds principles for protection of that information substantially similar to the APPs (APP 8.1). Where this is not practicable, we take contractual or other measures to protect the information.

By providing your personal information to us, you acknowledge that we may disclose it to overseas recipients in the circumstances described above.

8. Direct marketing

We may use your contact details to send you marketing communications about our services, case studies, or events — but only where you have opted in or where we have an existing client relationship and you would reasonably expect to receive such communications (consistent with the Spam Act 2003 (Cth)).

Every marketing email will include a clear and functional unsubscribe mechanism. If you opt out, we will honour that request within five business days. You can also opt out at any time by emailing privacy@zimritech.com.au.

We do not use sensitive information for direct marketing purposes.

9. Cookies & tracking

Our website uses cookies — small text files stored in your browser. We use:

  • Essential cookies — required for the website to function (e.g., session state). These cannot be disabled without breaking the site.
  • Analytics cookies — used to understand how visitors interact with the website (e.g., Google Analytics). These collect aggregated, de-identified data.
  • Preference cookies — used to remember your settings (e.g., accent colour in our design tweaks panel).

Cookie data that identifies you constitutes personal information under the Privacy Act. We handle it accordingly. You can manage or disable cookies in your browser settings; however, disabling essential cookies may impair site functionality.

For more detail, see our Cookies Policy.

10. Security

We take reasonable steps to protect the personal information we hold from misuse, interference, loss, and unauthorised access, modification, or disclosure (APP 11). Our security measures include:

  • Encryption in transit (TLS) and at rest for sensitive data
  • Access controls and role-based permissions
  • Regular security reviews and patch management
  • Confidentiality obligations for all staff and contractors

No method of transmission over the internet is entirely secure. If you have concerns about transmitting sensitive information, please contact us to discuss alternatives.

When personal information is no longer needed for any purpose for which it may lawfully be used, we will take reasonable steps to destroy or de-identify it (APP 11.2).

11. Data breach notification

Under the NDB scheme, if a data breach is likely to result in serious harm to any individual whose information is involved, we will:

  1. Notify the Office of the Australian Information Commissioner ("OAIC") as soon as practicable.
  2. Notify affected individuals directly, or by public notification if direct contact is not reasonably practicable.
  3. Take immediate steps to contain the breach and prevent further harm.

If you become aware of or suspect a data breach involving your information held by us, please contact privacy@zimritech.com.au immediately.

12. Access & correction

You have the right to request access to the personal information we hold about you (APP 12) and to request correction of that information if it is inaccurate, out of date, incomplete, irrelevant, or misleading (APP 13).

To make an access or correction request, email privacy@zimritech.com.au with sufficient detail to identify the information concerned. We will respond within 30 days. In most cases we will provide access free of charge, but we may impose a reasonable fee to cover our costs if the request is unusually complex.

We may decline access in limited circumstances permitted by the Privacy Act (e.g., where access would pose a serious threat to the life, health, or safety of any individual, or where the information relates to legal proceedings). We will give you written reasons if we decline.

13. Complaints

If you believe we have mishandled your personal information or breached the APPs, please contact our Privacy Officer first:

We will acknowledge your complaint within 5 business days and aim to resolve it within 30 days. If we cannot resolve it to your satisfaction, you may lodge a complaint with the OAIC:

  • Website: www.oaic.gov.au
  • Phone: 1300 363 992
  • GPO Box 5218, Sydney NSW 2001

14. Changes to this policy

We may update this policy from time to time to reflect changes in our practices, technology, legal requirements, or other factors. The effective date at the top of this page will be updated accordingly. We encourage you to review this policy periodically. For material changes, we will notify active clients by email.

15. Contact us

For all privacy matters, please contact:

Privacy Officer — Zimritech Pty Ltd
Email: privacy@zimritech.com.au
General: support@zimritech.com.au
Location: Melbourne, VIC, Australia
Response time: within 2 business days