Bravas Technology Pty Ltd
Who We Are
Bravas Technology Pty Ltd (ABN 93 689 477 594) (“Bravas”, “we”, “us”, “our”) is an Australian technology consulting and integration business providing software implementation, integrations, digital solutions, and related professional services.
Our registered office is located at: Suite 302, 13/15 Wentworth Ave, Sydney NSW 2000, Australia.
This Privacy Notice explains how we collect, use, store, disclose, and protect personal information when operating our business globally.
This notice applies to personal information collected through our website, digital platforms, email communications, marketing activities, events, and service delivery in Australia, the United Kingdom, the European Union, and the United States.
Our Commitment to Privacy
We are committed to protecting your privacy and handling personal information in accordance with applicable privacy laws, including:
- Privacy Act 1988 (Cth) and Australian Privacy Principles (APPs)
- UK General Data Protection Regulation (UK GDPR)
- EU General Data Protection Regulation (EU GDPR)
- Applicable United States privacy laws, including the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA), where applicable.
We take reasonable steps to ensure personal information is handled lawfully, fairly, transparently, and securely.
When We Will Process Your Personal Information (GDPR Lawful Bases)
Where UK GDPR or EU GDPR applies, we will only process personal information if one or more of the following legal bases apply.
Consent
We may rely on consent where required, including for:
- Marketing or promotional communications
- Newsletters, events, or insights you opt into
- Testimonials, case studies, or images where explicitly agreed
You may withdraw consent at any time.
Legitimate Interests
We may process personal information where it is necessary for our legitimate business interests, provided those interests are not overridden by your rights. Examples include:
- Operating and improving our services
- Professional communications with business contacts
- Ensuring platform security and integrity
- Internal analytics and service improvement
Contract
We process personal information where necessary to:
- Enter into or perform a contract
- Deliver consulting, implementation, or integration services
- Manage onboarding, billing, and account administration
Legal Obligation
We may process personal information to comply with legal or regulatory obligations, including financial, tax, corporate, and record-keeping requirements.
Why We Collect Personal Information
We collect personal information to:
- Deliver our services
- Communicate with clients, partners, and prospects
- Respond to enquiries and provide support
- Manage contracts and payments
- Send service updates and permitted marketing
- Improve systems and services
- Comply with legal and regulatory obligations
Types of Personal Information We Collect
This may include:
- Identity and contact details
- Business and account information
- Billing and transaction records
- Technical and usage data
- Communications and correspondence
- Marketing preferences
We do not intentionally collect sensitive personal information unless required or voluntarily provided.
Documents You Choose to Share With Us
As part of our consulting services, you may choose to share documents to assist us, including:
- Policies, procedures, and manuals
- Training materials and course content
- Operational, safety, or compliance documentation
- Reports or data exports from third-party systems
We:
- Use these documents only to deliver agreed services
- Treat them as confidential
- Apply reasonable security controls
- Limit access to authorised personnel
- Retain them only as long as necessary
Where documents contain personal information, they are handled in accordance with this Privacy Notice and applicable privacy laws.
How We Collect Personal Information
We collect personal information:
- Directly from you
- Automatically via our website and systems
- From authorised third parties or public sources
How We Use and Disclose Personal Information
We may disclose personal information to:
- Trusted service providers (cloud hosting, analytics, payments)
- Professional advisers (legal, accounting)
- Government authorities where required by law
- Protect our rights, systems, or users
We do not sell personal information and do not knowingly engage in targeted advertising or profiling that would constitute a “sale” or “sharing” under US privacy laws.
International Data Transfers
Personal information may be processed in Australia, the United States, the United Kingdom, the European Union, or other jurisdictions where our service providers operate. Where required, we implement appropriate safeguards such as contractual protections, confidentiality obligations, and recognised transfer mechanisms.
Cookies and Website Analytics
We use cookies and similar technologies to:
- Enable website functionality
- Analyse usage and performance
- Improve user experience
You can manage cookies through your browser settings.
Data Security and Retention
We apply appropriate technical and organisational measures to protect personal information and retain it only for as long as required for business, contractual, or legal purposes.
Your Rights
Australian Users
Access and correction rights under the Privacy Act
UK/EU Users
You may have rights to:
- Access, rectify, or erase personal data
- Restrict or object to processing
- Data portability
- Withdraw consent
- Lodge a complaint with a supervisory authority
United States Users
Depending on your state of residence, you may have rights to:
- Request access to personal information we hold about you
- Request correction or deletion of personal information
- Opt out of certain data uses where applicable
We will respond to verified requests in accordance with applicable US privacy laws.
Complaints
If you believe your privacy has been breached, please contact us so we can investigate. If unresolved:
- Australian users may contact the OAIC
- UK/EU users may contact their supervisory authority
- US users may contact their relevant state regulator
Changes to This Privacy Notice
We may update this Privacy Notice periodically. The latest version will always be available on our website.
Contact Us
Privacy Officer
Bravas Technology Pty Ltd
Suite 302, 13/15 Wentworth Ave
Sydney NSW 2000, Australia
Email: support@bravastech.com
US Privacy Addendum - CCPA / CPRA
This US Privacy Addendum applies to personal information of individuals who reside in the United States, including California, where applicable. It supplements the Bravas Technology Pty Ltd Privacy Notice and applies only to the extent required by applicable US privacy laws, including the California Consumer Privacy Act (CCPA) as amended by the California Privacy Rights Act (CPRA).
Scope and Applicability
This Addendum applies where Bravas Technology Pty Ltd (“Bravas”, “we”, “us”, “our”) collects or processes personal information of US residents in the course of providing our services, operating our website, or conducting business activities.
Bravas does not operate as a data broker and does not sell personal information.
Categories of Personal Information Collected
In the preceding 12 months, Bravas may have collected the following categories of personal information (as defined under CCPA/CPRA):
- Identifiers – name, email address, business contact details
- Commercial information – service engagement records, invoices
- Internet or network activity – IP address, browser data, website usage
- Professional or employment-related information – job title, company name
- Communications – emails, support requests, meeting correspondence
We do not intentionally collect sensitive personal information as defined under CPRA.
Purposes for Collection and Use
We collect and use personal information for the following business purposes:
- Providing consulting, implementation, and integration services
- Communicating with clients, partners, and prospects
- Managing contracts, billing, and payments
- Operating, securing, and improving our systems and services
- Legal, compliance, and record-keeping obligations
Disclosure of Personal Information
We may disclose personal information to:
- Service providers that support our business operations (e.g. cloud hosting, analytics, payment processing)
- Professional advisers (legal, accounting, financial)
- Government or regulatory authorities where required by law
We do not sell personal information and do not share personal information for cross-context behavioural advertising.
Types of Personal Information We Collect
This may include:
- Identity and contact details
- Business and account information
- Billing and transaction records
- Technical and usage data
- Communications and correspondence
- Marketing preferences
We do not intentionally collect sensitive personal information unless required or voluntarily provided.
No Sale or Sharing of Personal Information
Bravas does not:
- Sell personal information for monetary or other valuable consideration
- Share personal information for targeted or behavioural advertising
Accordingly, Bravas does not provide a “Do Not Sell or Share My Personal Information” link.
Retention of Personal Information
Personal information is retained only for as long as reasonably necessary to:
- Fulfil the purposes described in our Privacy Notice
- Comply with legal, accounting, or regulatory obligations
- Resolve disputes or enforce agreements
When no longer required, personal information is securely deleted or de-identified.
Your Rights Under US Privacy Laws
Depending on your state of residence (including California), you may have the right to:
- Request access to personal information we hold about you
- Request correction of inaccurate personal information
- Request deletion of personal information, subject to legal exceptions
- Receive information about how personal information is used and disclosed
We will not discriminate against you for exercising your privacy rights.
How to Submit a Privacy Request
US residents may submit privacy requests by contacting us at:
Email: support@bravastech.com
To protect your information, we may need to verify your identity before processing a request.
Authorised Agents
Where permitted by law, you may use an authorised agent to submit a request on your behalf. We may require proof of authorisation and identity verification.
Updates to This US Privacy Addendum
We may update this Addendum from time to time to reflect changes in legal requirements or business practices. Updates will be published alongside our Privacy Notice.
