This Privacy Policy explains GRAB Corporation Pty Ltd ATF The Hanna Family Trust trading as HD IT collects, uses, stores, and discloses personal information. It applies to all personal information handled through our website located at www.hdit.com.au and any related online services we operate.

GRAB Corporation Pty Ltd ATF The Hanna Family Trust trading as HD IT acts as a PII Controller for personal information collected via this website.

1. What is personal information?

Under the Privacy Act 1988 (Cth), personal information is information or an opinion about an identified individual or an individual who is reasonably identifiable.

If the information does not identify you, or cannot reasonably identify you, it is not considered personal information.

2. The types of personal information we collect

We may collect the following categories of personal information:

• Contact details such as name, email address, and phone number.
• Information you submit via website forms or enquiries.
• Usage information, including IP address, browser type, device information, pages viewed, and session activity.
• Information captured automatically through cookies or analytics tools such as Google Analytics.
• We do not collect sensitive information.

We will only collect sensitive information if you have provided it voluntarily and it is reasonably necessary for our functions and activities, or where required by law.

3. How we collect personal information

We collect personal information directly from you when you:

• Submit a form on our website.
• Contact us via email or other communication channels.
• Provide information for service enquiries or requests.

We also collect information automatically through cookies and tracking technologies. You can manage cookie preferences through your browser settings.

4. Why we collect personal information (Purposes)

We use personal information for the following purposes:

• Providing and improving our website and services.
• Responding to enquiries and communicating with you.
• Sending service updates or direct marketing (you may opt out at any time).
• Ensuring security, performance, and reliability of our systems.
• Analytics, reporting, and service optimisation.
• Meeting legal and regulatory obligations.
• Supporting internal governance requirements.

Each category of data is used only for the purpose for which it was collected or for a related purpose you would reasonably expect.

5. Legal basis for processing

Where required, our processing of personal information is based on:

• Your consent when you submit information voluntarily.
• Our legitimate interests in operating, securing, and improving our services.
• Compliance with legal obligations under Australian law.
• Performance of a contract or steps taken at your request prior to entering a contract.

6. Storage, hosting, and security

Your personal information may be hosted or processed using:

• Crucial Hosting
• Microsoft 365
• Microsoft Azure

We apply reasonable administrative, technical, and physical safeguards to protect personal information against loss, misuse, unauthorised access, modification, or disclosure. Measures may include encryption, access controls, logging, monitoring, and secure development practices.

7. Disclosure to third parties

We may disclose personal information to:

• Website hosting and infrastructure providers.
• Analytics providers such as {{analytics_tool_1}}.
• Third-party service tools including {{third_party_tool_1}}, {{third_party_tool_2}}.
• Contractors or professional advisers assisting us with operations.
• Authorities where required by law.

We only disclose what is necessary for the third party to perform their function. Each provider is required to handle information securely.

8. Overseas disclosures

Some service providers may store or process personal information in countries outside Australia. Countries may include those where {{hosting_platform_1}} or {{third_party_tool_1}} operate their infrastructure.

Where personal information is transferred overseas, we take reasonable steps to ensure that it is protected consistently with the Australian Privacy Principles.

9. Retention of personal information

We retain personal information only for as long as necessary for:

• The purpose for which it was collected.
• Legal or regulatory requirements.
• Internal governance and audit obligations.

When no longer required, information is securely destroyed or de-identified.

10. Your rights

Under the Australian Privacy Principles, you have the right to:

• Request access to personal information we hold about you.
• Request correction if information is inaccurate, incomplete, or out of date.
• Remain anonymous or use a pseudonym where lawful and practical.

To exercise these rights, contact us using the details below.

11. Withdrawal of consent

Where processing is based on your consent (such as submitting a form or receiving marketing), you may withdraw consent at any time by contacting us or using the unsubscribe option.

12. Direct marketing

We may send you marketing communications where legally permitted. You may opt out at any time.

We do not use sensitive information for direct marketing.

13. Automated decision-making

GRAB Corporation Pty Ltd ATF The Hanna Family Trust trading as HD IT does not use automated decision-making that produces legal or significant effects on individuals. If this changes, we will update this policy.

14. Complaints

If you have a privacy concern:

1. Contact us using the details below.
2. We will review your complaint and may request additional information.
3. We will respond within a reasonable timeframe.

If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner.

15. Notifiable Data Breach Scheme

If a data breach is likely to cause serious harm, we will notify affected individuals and the OAIC in line with the Notifiable Data Breach Scheme.

16. Contact us

If you have questions about this policy or wish to exercise your privacy rights, contact:

Email: info@hdit.com.au
Address: Suite 105, 460 Church St, Parramatta  NSW

17. Last Updated: This Privacy Policy was last updated on 16/12/2025