Privacy Policy
How Centrefit Group Pty Ltd handles your personal information
Centrefit Group Pty Ltd (“Centrefit”, “we”, “us”) is committed to protecting your personal information. This Privacy Policy describes how we collect, use, store, disclose, and otherwise handle personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).
1. What personal information we collect
We collect the information we need to deliver and support your services. This includes:
- Identity: full name, date of birth, driver’s licence or passport number, ABN/ACN.
- Contact: postal and service address, email, phone numbers.
- Financial: bank account details for Direct Debit (BSB, account number, financial institution).
- Service & usage: NBN location ID, technology type, traffic metadata, service fault records, call records for VoIP users.
- Premises: system design notes, network layout, access-control credentials issued, CCTV placement (for our security/IT customers).
- Website: IP address, browser type, pages visited, referral source (via server logs and basic analytics).
2. How we collect your information
We collect information directly from you when you:
- Place an order or submit a quote request on our website or over the phone.
- Interact with our support team, field technicians, or account managers.
- Use our services (for example, placing a VoIP call generates a call record).
In limited cases we collect information from third parties — for example, nbn co (when qualifying your address), Kinetix Networks (our wholesale carrier), credit-reporting bodies (for business-credit applications), and referees you nominate.
3. Why we collect it & how we use it
We use your information to:
- Qualify your address against the nbn® network and activate, manage and bill your service.
- Verify your identity as required by telecommunications law.
- Process Direct Debits, invoices, refunds, and handle unpaid balances.
- Provide technical support, investigate faults, and honour our service-level commitments.
- Send transactional communications (order confirmations, invoices, network notifications, outage alerts).
- Comply with our obligations under law (including law-enforcement requests and emergency-services compliance).
- Improve our services — with aggregated, de-identified data only.
We do not send marketing emails to customers who have not opted in, and every marketing email includes a one-click unsubscribe.
4. Who we share it with
We share the minimum necessary information with:
- nbn co — for service qualification, installation appointments, and fault tickets.
- Kinetix Networks — our wholesale carrier partner, who in turn interfaces with nbn co on our behalf.
- Resend, Vercel, and Supabase — our transactional email provider, hosting platform, and database provider respectively. All three are bound by contractual data-handling obligations.
- Xero — for invoicing and reconciliation.
- Our financial institution — to process Direct Debits.
- Law-enforcement and regulators — where we are required by law to disclose (e.g. lawful intercept, ASIO requests, court orders).
- Debt-collection agencies — only if an account is substantially overdue and we have given you fair notice.
We do not sell your personal information to anyone.
5. Overseas disclosure
Some of our providers host data outside Australia. In practice:
- Vercel (our hosting) — primarily processed in Australia; may be cached in the United States.
- Supabase (our database) — Australian region.
- Resend (transactional email) — United States.
- Google Workspace (our internal email) — United States, with data-residency options applied where available.
Where data is processed overseas, we require contractual protections equivalent to the APPs.
6. How we store & secure it
Personal information is stored in access-controlled systems, encrypted in transit (HTTPS) and at rest. Access is role-based and logged. Bank account details are stored with restricted internal access, used only for Direct Debit processing, and never shared with third parties outside the banking chain. Paper records (if any) are stored in locked cabinets and destroyed via secure document disposal.
Despite these safeguards, no system is 100% secure. If a data breach occurs that is likely to result in serious harm, we will notify you and the Office of the Australian Information Commissioner (OAIC) in accordance with the Notifiable Data Breaches scheme.
7. How long we keep it
| Record type | Retention |
|---|---|
| Customer identity documents | 2 years after account closure, then securely destroyed |
| Billing & tax records | 7 years (per ATO and ASIC requirements) |
| Service records (faults, orders) | 3 years after service termination |
| Call detail records (VoIP) | 2 years (per data-retention legislation) |
| CCTV design & credential data (security customers) | For the life of the contract, plus 12 months |
| Marketing contacts | Until you unsubscribe |
8. Your rights
Under the APPs, you have the right to:
- Access the personal information we hold about you.
- Correct inaccuracies in that information.
- Complain about how we’ve handled your information.
- Request that we stop marketing to you.
- Deal with us anonymously for general enquiries (where practical).
To exercise any of these rights, email us at support@centrefit.com.au. We’ll respond within 30 days.
9. Cookies & website analytics
Our website uses essential cookies (for session state) and may use basic analytics cookies to help us understand aggregate traffic patterns. We do not use third-party advertising trackers, Meta Pixel, or TikTok pixels. You can disable cookies in your browser without losing the ability to browse.
10. Children
Our services are not directed at individuals under 18. We do not knowingly collect information from minors.
11. Complaints about privacy
If you believe we’ve mishandled your personal information, please contact us first — we want to put it right. Email support@centrefit.com.au or use our Complaints Handling Policy.
If you’re not satisfied with our response, you can complain to:
- The Office of the Australian Information Commissioner (OAIC) — oaic.gov.au or 1300 363 992.
- The Telecommunications Industry Ombudsman (TIO) — tio.com.au or 1800 062 058.
12. Changes to this policy
We may update this policy from time to time. The current version is always published at this page. Material changes will be notified to customers by email at least 30 days before taking effect.
13. Contact us
Centrefit Group Pty Ltd
Unit 1, 25 Paisley Drive, Lawnton QLD 4501
Phone: (07) 3188 5115
Email: support@centrefit.com.au