At Vorenyxalo, we understand that opening a business in Australia involves sharing sensitive financial and personal information. This policy explains how we collect, use, and protect your data when you engage our consultation services.
We're based in Lismore, NSW, and we operate under Australian Privacy Principles (APPs) as outlined in the Privacy Act 1988. We've written this in plain language because legal documents shouldn't require a law degree to understand.
Information We Collect
When you work with us to establish your business, we need certain information to provide accurate advice and meet our regulatory obligations.
Personal Information
- Your full name, date of birth, and contact details (email, phone, address)
- Tax File Number and Australian Business Number (if applicable)
- Identification documents required by law (driver's licence, passport)
- Employment history and current financial position
- Business plans, financial projections, and partnership details
Financial Information
- Bank account details and statements
- Credit history and existing business obligations
- Assets, liabilities, and income sources
- Investment preferences and risk tolerance
Technical Information
Our website collects basic usage data through standard web technologies. This includes your IP address, browser type, pages visited, and time spent on our site. We use this to improve our services and understand how clients find us.
How We Use Your Information
We only use your data for specific purposes related to our consultation services. Here's what that actually means in practice.
| Purpose | What We Do | Legal Basis |
|---|---|---|
| Service Delivery | Assess your business viability, prepare registration documents, provide financial structuring advice | Contract performance |
| Regulatory Compliance | Verify identity, report to ASIC and ATO when required, maintain records per legal requirements | Legal obligation |
| Communication | Send appointment reminders, share relevant updates about business regulations, respond to inquiries | Legitimate interest |
| Service Improvement | Analyse consultation outcomes, refine our processes, train staff on common client needs | Legitimate interest |
Who We Share Your Information With
We don't sell your data. Ever. But running a finance consultancy means we sometimes need to share information with specific third parties to deliver our services properly.
Government Authorities
Australian Taxation Office, Australian Securities and Investments Commission, and state-based revenue offices receive information when required by law. This typically happens during business registration, tax setup, or compliance reviews.
Professional Service Providers
We work with accountants, lawyers, and business brokers who help us serve you better. They only receive information necessary for their specific role, and they're bound by their own professional confidentiality obligations.
Technology Partners
Our document management system, email service, and cloud storage providers are all Australian-based or use Australian data centres. They process data on our behalf under strict confidentiality agreements.
Financial Institutions
When setting up business banking or applying for financing, we share relevant financial information with banks and lenders. You'll always know when this is happening and provide explicit consent.
Your Rights and Choices
Australian privacy law gives you specific rights over your personal information. Here's how you can exercise them with us.
Access Your Data
Request a copy of all personal information we hold about you. We'll provide this within 30 days, usually in PDF format unless you prefer something else.
Correct Inaccuracies
Tell us if something's wrong or outdated. We'll update your records immediately and notify anyone we've shared that information with if necessary.
Request Deletion
Ask us to delete your information, subject to our legal record-keeping requirements. Some data must be retained for seven years under tax law.
Withdraw Consent
If we're processing data based on your consent, you can withdraw it anytime. This won't affect processing that already occurred.
Object to Processing
Challenge how we use your information for purposes beyond our core services. We'll stop unless we have compelling legitimate grounds.
Lodge a Complaint
Contact the Office of the Australian Information Commissioner if you're unhappy with how we've handled your privacy concerns.
How We Protect Your Information
Security isn't just about technology—it's also about processes and people. Here's our layered approach.
Technical Safeguards
All digital files are encrypted both in transit and at rest. Our systems use industry-standard AES-256 encryption. Access requires multi-factor authentication, and we monitor for unusual activity 24/7.
Physical Security
Paper documents are stored in locked filing cabinets in a secure office with alarm systems and restricted access. Only authorized staff can access client files, and we maintain visitor logs.
Staff Training
Every team member completes privacy training before handling client data. We conduct refresher courses quarterly and update procedures as regulations change.
Incident Response
If a data breach occurs, we'll notify you within 72 hours as required by law. We'll explain what happened, what data was affected, and what we're doing about it.
Data Retention
We keep your information for as long as necessary to fulfil our obligations and protect both parties' interests.
Active Client Records
While you're working with us, we maintain complete files to provide continuity of service and comply with regulatory requirements.
Post-Engagement Period
After your business is established, we retain core documents for seven years. This aligns with ATO record-keeping requirements and allows us to assist with future queries.
Marketing Communications
If you've subscribed to updates, we keep your contact details until you unsubscribe. You can opt out anytime using the link in our emails.
Secure Disposal
When retention periods expire, we securely delete digital files and shred physical documents. Nothing goes in regular bins.
Cookies and Website Tracking
Our website uses minimal tracking. We're not building advertising profiles or selling your browsing habits.
Essential Cookies
These keep the site functioning—remembering your session, security preferences, and form inputs. They don't track you across other sites.
Analytics Cookies
We use basic analytics to understand which pages are helpful and where people get confused. This data is anonymized and helps us improve content.
Third-Party Cookies
We don't allow third-party advertising cookies. If you see tracking from other sources, check your browser extensions.
International Data Transfers
We prioritize keeping your data within Australia, but occasionally need to transfer information overseas.
Cloud Services
Our primary cloud provider uses Australian data centres. Backup systems may replicate to other regions, but data remains encrypted and subject to Australian privacy standards.
Third-Party Tools
Some software we use (like email platforms) may have servers overseas. We only use providers with strong privacy commitments and ensure they comply with APP requirements.
Your Overseas Activities
If your business operates internationally, we may need to share information with foreign authorities or banks as part of standard compliance procedures.
Children's Privacy
Our services are designed for adults establishing businesses. We don't knowingly collect information from anyone under 18. If we discover we've inadvertently collected such data, we'll delete it promptly.
Changes to This Policy
Privacy regulations evolve, and so do our practices. When we update this policy, we'll post the new version here with a revised date at the top.
For substantial changes, we'll email active clients directly. Continuing to use our services after an update means you accept the revised terms.
Questions About Your Privacy?
We're here to help. Reach out if anything's unclear or if you want to exercise any of your privacy rights.