Privacy Policy
& Data Practices.

This Privacy Policy applies to all personal information collected, used, stored, or disclosed by Tech Force Global Pty Ltd in connection with our website (techforceglobal.com.au), our software platforms, and all business operations. It applies to clients, prospective clients, platform users, website visitors, job applicants, and business contacts.

We are bound by the Australian Privacy Act 1988 (Cth) and the 13 Australian Privacy Principles (APPs) contained within Schedule 1 of that Act. Where our clients operate in the healthcare sector, we acknowledge our obligations with respect to health information as a sensitive category of data under APP 3.

• Personal information collected through our website and web-based platforms
• Information provided during sales, implementation, and support engagements
• Data processed through our platforms on behalf of client organisations
• Information collected from job applicants and business partners
• Communications via email, phone, live chat, and contact forms

We collect personal information only where it is reasonably necessary for our business functions and activities. We collect information by lawful and fair means, and where reasonably practicable, directly from you.

• IP address, browser type, operating system, and device identifiers when you visit our website
• Pages visited, time on site, referral source, and navigation paths via analytics tools
• Session and authentication logs within our platform environments
• Error logs and performance diagnostics (de-identified where possible)

We use personal information only for the primary purpose for which it was collected, or for a directly related secondary purpose you would reasonably expect. We will not use your information for unrelated purposes without your consent.

• Platform delivery: Provisioning, configuring, and maintaining your TFG platform environment
• Client onboarding: Conducting discovery sessions, scoping implementations, and managing go-live
• Helpdesk & support: Responding to and resolving technical support requests
• Billing & account management: Processing invoices, managing subscriptions and renewals
• Communication: Sending service notices, product updates, and responses to enquiries
• Legal & compliance: Meeting our obligations under Australian law — including the Corporations Act, ATO requirements, and applicable regulatory frameworks

• Improving our platforms and services through aggregated, de-identified usage analytics
• Sending relevant product updates, feature releases, or industry insights (opt-out available at any time)
• Assessing and improving the effectiveness of our sales and marketing activities
• Evaluating job applications for current or future roles at TFG

Our website uses cookies and similar tracking technologies to operate correctly, understand how visitors interact with the site, and improve your experience. Cookies are small text files placed on your device by your browser when you visit our site.

You can control and delete cookies through your browser settings at any time. Disabling strictly necessary cookies may affect core site or platform functionality. We do not track you across unrelated third-party websites or build advertising profiles from your visit to our site.

We do not disclose personal information to third parties except in the limited circumstances described below. All third-party service providers engaged by TFG must handle personal information in accordance with Australian privacy law and our data processing standards.

• Service providers & subprocessors: Cloud hosting providers, payment processors, email delivery platforms, and helpdesk tools necessary for service delivery. These providers act under strict contractual data processing agreements and may not use data for their own purposes.
• Professional advisers: Lawyers, accountants, and auditors bound by professional confidentiality, where required for business operations or legal compliance.
• Legal obligations: Where required or authorised by Australian law, a court order, or a regulatory body with lawful authority — including the OAIC, ATO, ASIC, or NDIA.
• Business transactions: In the event of a merger, acquisition, or asset sale, subject to confidentiality obligations and notification to affected individuals prior to any transfer.
• With your explicit consent: Any other disclosure made only with your clear prior authorisation.

• Sell, rent, or trade your personal information to any third party
• Share your data with advertisers, data brokers, or lead generation services
• Disclose personal information for purposes unrelated to our services without your explicit consent
• Allow third-party providers to use your data for their own commercial purposes

TFG implements technical, administrative, and physical safeguards designed to protect personal information from unauthorised access, disclosure, alteration, and destruction — proportionate to the sensitivity and volume of information we hold.

• All data in transit encrypted using TLS 1.2 or higher — HTTPS enforced across all services
• Data at rest encrypted using AES-256 across all storage systems and databases
• Role-based access controls (RBAC) limit data access strictly to authorised personnel
• Multi-factor authentication (MFA) enforced for all internal administrative access
• Regular automated vulnerability scanning and periodic penetration testing
• Security monitoring and alerting with defined incident escalation procedures

• All TFG staff with access to personal information are bound by confidentiality obligations
• Privacy and security awareness training conducted annually for all relevant personnel
• Access to production data is limited on a strict need-to-know basis and audit-logged
• Third-party service providers are assessed for security posture before engagement

We retain personal information only for as long as necessary for the purposes for which it was collected, or as required by Australian law — including the Corporations Act 2001 and applicable tax legislation. Client platform data is retained for the duration of the service agreement and for 7 years post-termination for regulatory compliance, unless otherwise agreed in writing. When personal information is no longer required, we take reasonable steps to destroy or permanently de-identify it.

Under the Australian Privacy Act 1988 and the Australian Privacy Principles, you have a number of rights in relation to personal information we hold about you. We are committed to facilitating these rights promptly and without unnecessary barriers.

Submit a written request to [email protected] with subject line "Privacy Request". We will acknowledge within 2 business days and respond substantively within 30 days. We may need to verify your identity before processing. We will not charge a fee in standard circumstances. If a request is clearly unfounded or excessive, we may charge a reasonable fee or decline, and will notify you of your right to complain to the OAIC.

TFG may update this Privacy Policy periodically to reflect changes in our business practices, services, regulatory requirements, or applicable law. We are committed to keeping this policy current, transparent, and accessible.

• Material changes: Where a change materially affects how we handle your personal information, we will notify you by email (where we hold your contact details) and post a prominent notice on our website at least 14 days before the change takes effect
• Minor changes: Administrative updates or enhancements to your privacy protections will be published on this page without advance notice
• Version history: The version number and "Last Updated" date shown in the header of this policy are updated with every revision
• Continued use: Your continued use of TFG's website or platforms after a notified policy change constitutes acceptance of the updated policy

In addition to scheduled annual reviews, this policy will be updated in response to: amendments to the Privacy Act 1988 or APPs; new OAIC guidance; significant changes to our platform capabilities or data processing activities; or findings from internal or external privacy audits. Historic versions are available upon written request.

If you have a question about this policy, wish to make a privacy request, or believe TFG has handled your personal information in a way inconsistent with the Australian Privacy Principles — please contact us first and allow us the opportunity to resolve the matter.

If you are not satisfied with our response to a privacy complaint, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) — the independent body responsible for privacy regulation in Australia.

• Website: www.oaic.gov.au
• Phone: 1300 363 992
• Post: GPO Box 5218, Sydney NSW 2001

There is no cost to lodge a complaint with the OAIC. The Commissioner has the power to investigate complaints, make determinations, and seek enforceable undertakings in relation to privacy breaches under the Act.