AU privacy policy

GBST Holdings Ltd ACN 010 488 874 and its related bodies corporate (“GBST” or “We”, “Our” or “Us”) are committed to your privacy and safeguarding your personal information collected by GBST. We respect and value the privacy of everyone who visits this website, www.gbst.com (“Our Site”), and will only collect and use personal information in ways that are described here, and in a manner that is consistent with Our obligations and your rights under the law.

This Privacy Policy explains our collection, use and disclosure of personal information, including how it is stored, and how to contact us to either access or correct any personal information, or to make a privacy related complaint.

By continuing to interact with GBST, you are consenting to the collection, use, disclosure and holding of your personal information in accordance with this Privacy Policy.

1. GBST’s obligations

GBST’s operations in Australia are subject to the Privacy Act 1988 (Cth) (Privacy Act), as amended from time to time, and the Australian Privacy Principles (“APPs”) contained therein.

2. What is personal information, and why do we need it?

Personal information is any information or an opinion about an identified individual or an individual who can be reasonably identified from the information or opinion. Information or an opinion may be personal information regardless of whether it is true.

We collect, hold, use and disclose personal information for the following purposes:

  1. Providing products or services to you;
  2. Improving our products and services;
  3. Surveys, contact and feedback forms and registration pages;
  4. Conducting our internal business operations, including meeting any relevant regulatory or legal requirements;
  5. Assessing applications for employment; and
  6. Communicating between our authorised personnel and related bodies corporate to provide you with our products and services.

3. Your right to anonymity

You have the right to remain anonymous or use a different name (pseudonym or alias) when interacting with us. However, it may not always be possible for this to occur.  For example, when we assess your eligibility for a program or service, or when we are authorised or required to deal with you as an identified individual, you may have to provide certain personal information. We will inform you if you are unable to remain anonymous or use a pseudonym when dealing with us.

4. What information do we collect and how do we use it?

GBST may collect and hold personal information such as your name, address, email, and telephone number. We typically collect personal information through website inquiries, client or employee onboarding and marketing initiatives.

We may collect ‘sensitive’ information such as professional memberships and relevant health information, but we will ask for your consent beforehand.

From time to time, we may also receive unsolicited personal information, being information that we have not taken active steps to collect. Examples include misdirected mail and unsolicited employment applications.

When we receive such information, we will decide within a reasonable period whether we could have lawfully collected it. If we determine that we could not have collected the information, we will destroy or de-identify it as soon as practicable. Alternatively, if we determine that we could not have collected the information but are otherwise required to retain it, then we will do so in accordance with our storage of personal information practices as outlined below at section 9 of this Privacy Policy.

5. Cookies

A cookie is a message, or a packet of information given to a web browser by a web server, which it stores for later use, so when someone visits the web site again their browser recognises their preferences.

GBST web servers may generate session cookies and/or persistent cookies.

Session cookies, if and when generated, are stored in your browser’s memory and are destroyed automatically when you close the browser. The cookies exist only for the time you are accessing our server, and when you close your browser at the end of your interaction with GBST the cookies are no longer existing on your computer and cannot be used for further identification of your machine.

Persistent cookies, if and when generated, are stored on your web browser and are deleted by your browser at a later date. They store your preferences and/or configurations for your convenience and ease of use of our facilities.

Both types of cookies are transmitted to and from your browser automatically as part of your access to our web servers. This access is predominantly via SSL (Secure Sockets Layer) and so the cookies are encrypted between your browser and our web servers.

All cookies are used solely for the purposes of maintaining your favourite settings, optimisation of our websites and/or ensuring only authorised access is possible to your account. GBST does not use the information contained therein for any other purpose.

You can configure your browser to accept all cookies, reject all cookies or alert you when a cookie is sent. If you disable the use of cookies on your web browser or remove or reject cookies from our web sites or linked sites, then you may not be able to gain access to the content and facilities in those web sites.

6. Who do we disclose your personal information to, and why?

GBST may disclose personal information to external service providers and other third-party entities so that they may perform services for us or on our behalf. We will only make such disclosures to the extent necessary to provide you with our services. We also share personal information between our related bodies corporate in order to perform our regular activities.

GBST may disclose personal information to the following:

  1. Third party suppliers, but only to the extent required to provide our products and services;
  2. Professional advisers including; auditors, accountants and lawyers, within normal business practices;
  3. Overseas entities (further described in section 7); and
  4. When required or authorised by law.

If we are required to provide your personal information to other organisations, we will ensure that they appropriately safeguard your privacy.

7. Disclosing personal information overseas

Some of our related bodies corporate, third party contractors and service providers may perform certain services overseas. As a result, personal information collected by us may be disclosed to a recipient in a foreign country. We may outsource certain functions to providers who operate overseas. The countries in which such overseas recipients are likely to be located are the United Kingdom and Vietnam.

We take reasonable steps to ensure these overseas recipients comply with the APPs by implementing contractual arrangements that require the same standard of protection.

8. How to access, correct or update your personal information at GBST

Only authorised persons have access to your personal information, which we keep in a secure environment. You may enquire about:

1) the personal information that we hold about you, including how we got hold of it;

2) making corrections of inaccurately recorded personal information; and/or

3) requesting the deletion of your personal information,

by contacting our Privacy Officer. Requests to delete personal information will be subject to any applicable legal reporting, document filing, or retention obligations imposed on us. However, we undertake to attend to your request within 30 days.

While GBST undertakes all reasonable steps to protect your personal information, sending and receiving information over the Internet is always at your own risk. No guarantee can be given that information sent over the Internet is completely secure.

9. Storage of personal information

We store most information about you in computer systems and databases operated by either us or our external service providers. Some information about you is recorded in paper files that we store and destroy securely. External service providers are carefully selected and required to comply with our information security protocols, which are no less stringent than obligations imposed under the Privacy Act.

We implement both technical and organisational measures to protect personal information which we hold from misuse, interference or loss, and from unauthorised access, modification or disclosure.

These technical and organisational measures include:

(a) the use of identity and access management technologies to control access to systems on which personal information is processed and stored;

(b) requiring all employees to comply with internal information security and training policies; and

(c) monitoring and regularly reviewing our practise against our own policies and against industry best practice.

We will also take reasonable steps to destroy or de-identify personal information once we no longer require it for the purposes for which it was collected or for any permitted secondary purpose, unless we are required by law to retain it further.

10. Do we use your personal information for marketing?

We will use your personal information to offer you products and services we believe may interest you, but we will not do so if you tell us not to. These products and services may be offered by us, our related companies, our other business partners or our service providers.

Where you receive electronic marketing communications from us, you may opt out of receiving further marketing communications by following the opt-out instructions provided in the communication. We will ensure that your request has been processed before circulating any further material.

11. Making a complaint

To ensure your privacy is safeguarded, GBST has appointed a Privacy Officer to monitor our compliance with the various privacy obligations required by law, as well as those that we voluntarily take on.

If you believe that we have not dealt with your personal information in accordance with this Privacy Policy or the APPs, you may make a complaint in writing to us, addressed to our Privacy Officer.

We will acknowledge your complaint in writing within 7 days of receipt, and process and respond to your complaint within 30 days. If we cannot resolve your complaint within 30 days of receipt, we will contact you with an explanation why and ask permission for an extension of time.

If (after 30 days) you are not satisfied with our response, you can raise your concerns with the Office of the Australian Information Commissioner:

Onlinewww.oaic.gov.au
Phone: 1300 363 992 (inside Australia); +61 2 9942 4099 (outside Australia)
Fax: +61 2 6123 5145
Mail: GPO Box 5288, Sydney NSW 2001

Should you have any questions or complaints about privacy issues, please contact GBST at:

Contact: Privacy Officer
Emailprivacyofficer@gbst.com

Phone: +61 2 9253 6555
Mail: GBST Holdings Ltd, Level 5, 55 Market Street Sydney NSW 2000

12. Changes to our Privacy Policy

We may revise this Privacy Policy from time to time. If we make any revisions, we will notify you by revising the date of publication at the bottom of this Privacy Policy. We encourage you to review our Privacy Policy whenever you use our products and services, and to stay informed about our information practices and the ways you can help protect your personal information.

For further information on privacy see the Office of the Australian Information Commissioner’s website at www.oaic.gov.au

This policy was last updated on 4 April 2025.

 

 

© GBST 2025. All rights reserved.
Website design Digital by GBST