Annex Privacy Policy

We are bound by the Privacy Act 1988 (Cth) (Privacy Act) and the Australian Privacy Principles (APPs). This policy explains how and why we collect, use, hold and disclose your personal information.

”We”, “us” and “our” means Annex Digital Pty Ltd ACN 619 502 117 of Level 8, 12 Moore Street, Canberra ACT 2601.

You consent to us collecting, holding, using and disclosing your personal information in accordance with this policy.

What is personal information?

Personal information is any information or an opinion about an identified individual or an individual who can be reasonably identified from the information or opinion. Information or an opinion may be personal information regardless of whether it is true.

What personal information do we collect and hold?

We collect information about you and your interactions with us, for example, when you use any of our services, call us, or visit our website. The information we collect from you may include your identity and contact details such as your email address, phone number or postal address, your history of use of our services and details of enquiries or complaints you make.

If you are applying for employment with us, we may also collect information from you such as your professional experience, educational history and qualifications, and other information that may be included on your CV. We may also ask for information necessary to complete right to work and background checks. This will be explained further to you at the relevant stage of the job application process.

We may also collect information about how you access, use and interact with our website. This information may include:

  • the location from which you have come to the site and the pages you have visited; and
  • technical data, which may include IP address, the types of devices you are using to access the website, device attributes, browser type, language and operating system.

We use cookies on our website. A cookie is a small text file that our website may place on your device to store information. We may use persistent cookies (which remain on your computer even after you close your browser) to store information that may speed up your use of our website for any of your future visits to the website. We may also use session cookies (which no longer remain after you end your browsing session) to help manage the display and presentation of information on our website. You may refuse to use cookies by selecting the appropriate settings on your browser. However, please note that if you do this, you may not be able to use the full functionality of our website.

Why do we collect, hold and use your personal information?

We collect, hold and use your personal information so that we can:

  • provide you with our services, and manage our relationship with you;
  • contact you, for example, to respond to your queries or complaints, or if we need to tell you something important;
  • comply with our legal obligations and assist government and law enforcement agencies or regulators; or
  • where you apply for a job with us:some text
    • consider your application, including running interviews and assessments; and
    • carry out right to work and background checks necessary to determine whether it is legal and appropriate for you to work for us.

If you do not provide us with your personal information we may not be able to provide you with our services, consider your application for employment, communicate with you or respond to your enquiries.

Personal information collected from third parties

We will collect your personal information directly from you whenever you interact with us, however we may also collect information from third party public sources such as LinkedIn, organisations providing security clearance services, government agencies, delivery partners, business referees and former employers.

How do we store and hold personal information?

We store most information about you in computer systems and databases operated by either us or our external service providers. Some information about you is recorded in paper files that we store securely.

We implement and maintain processes and security measures to protect personal information which we hold from misuse, interference or loss, and from unauthorised access, modification or disclosure.

These processes and systems include:

  • the use of identity and access management technologies to control access to systems on which information is processed and stored;
  • requiring all employees to comply with internal information security policies and keep information secure; and
  • monitoring and regularly reviewing our practise against our own policies and against industry best practice.

We will also take reasonable steps to destroy or de-identify personal information once we no longer require it for the purposes for which it was collected or for any secondary purpose permitted under the APPs.

Who do we disclose your personal information to, and why?

We may transfer or disclose your personal information to our related companies.

We may disclose personal information to external service providers so that they may perform services for us or on our behalf.

We may also disclose your personal information to others outside our group of companies where:

  • we are required or authorised by law to do so;
  • to provide and market our services;
  • you may have expressly consented to the disclosure or the consent may be reasonably inferred from the circumstances; or
  • we are otherwise permitted to disclose the information under the Privacy Act.

If the ownership or control of all or part of our business changes, we may transfer your personal information to the new owner.

Do we disclose personal information to overseas recipients?

As we use third-party service providers such as AWS and Microsoft to assist us with data storage, your personal information may be disclosed to recipients in the United States from time to time. To the extent that you provide us with your personal information, you consent to us disclosing your information to our third-party service providers in the United States.

Access to and correction of your personal information

You may access or request correction of the personal information that we hold about you by contacting us. There are some circumstances in which we are not required to give you access to your personal information.

We will respond to your requests to access or correct personal information in a reasonable time and will take all reasonable steps to ensure that the personal information we hold about you remains accurate, up to date and complete.


If you have a complaint about the way in which we have handled any privacy issue, including your request for access or correction of your personal information, you should contact us.

We will consider your complaint and determine whether it requires further investigation. We will notify you of the outcome of this investigation and any subsequent internal investigation.

If you remain unsatisfied with the way in which we have handled a privacy issue, you may approach an independent advisor or contact the Office of the Australian Information Commissioner ( for guidance on alternative courses of action which may be available.

Contact details

If you have any questions, comments, requests or concerns, please contact us at:

Ph: 02 6190 1215
Mail: Level 8, 12 Moore Street, Canberra ACT 2601

Please address all correspondence to: Leigh Gittoes

Changes to this policy

From time to time, we may change our policy on how we handle personal information or the types of personal information which we hold. Any changes to our policy will be published on our website. You may obtain a copy of our current policy from our website or by contacting us at the contact details above.

Last updated: 8 September 2021