Inflexys

Last updated: 07/05/2026

Inflexys PTY LTD. ("we", "us", "our") is committed to protecting your privacy and handling your personal information in accordance with the Privacy Act 1988 (Cth), including the Australian Privacy Principles (APPs).

This Privacy Policy explains how we collect, use, disclose and protect your personal information when you use our website located at www.inflexys.com ("Website") or otherwise interact with us.

By providing us with your personal information, you consent to its collection, use and disclosure in accordance with this Privacy Policy.

1. What personal information we collect

1.1 We only collect personal information that is reasonably necessary for one or more of our business functions or activities.

1.2 The types of personal information we may collect can include:

  • Identification details (for example, your name, username, title);
  • Contact details (for example, postal address, email address, telephone number);
  • Transaction and payment information (for example, billing details, order history);
  • Website usage information (for example, IP address, browser type, device identifiers, pages viewed and the dates and times of visits); and
  • Any other information you choose to provide to us (for example, through contact forms, enquiries, feedback or participation in promotions).

1.3 Where we collect sensitive information (as defined in the Privacy Act), we do so only with your consent or where required or authorised by law, and we take additional steps to protect that information.

2. How we collect personal information

2.1 We collect personal information directly from you where it is reasonable and practicable to do so, including when you:

  • Use our Website;
  • Contact us by email or through online forms;
  • Subscribe to our services; or
  • Participate in surveys, promotions, events or other activities we organise.

2.2 We may also collect personal information from third parties, such as:

  • Service providers and partners (for example, payment processors, analytics providers);
  • Publicly available sources; and
  • Other parties where you have authorised them to provide information to us.

2.3 When we collect personal information, we take reasonable steps to ensure that the personal information we collect is accurate, up to date, complete and relevant to the purposes for which it is collected.

3. Notification when we collect personal information

3.1 At or before the time we collect personal information about you, or as soon as practicable afterwards, we take reasonable steps to ensure you are aware of the following:

  • Our identity and how you can contact us;
  • The fact that we are collecting personal information about you and, if it is not collected directly from you, the circumstances of that collection;
  • The purposes for which we are collecting, or will use, your personal information;
  • Any law that requires or authorises us to collect your personal information;
  • The main consequences (if any) for you if all or part of the personal information is not provided;
  • Whether we are likely to disclose your personal information to overseas recipients, and if so, the countries in which such recipients are likely to be located (where it is practicable for us to specify those countries or otherwise make you aware of them).

4. Why we collect, use and disclose personal information

4.1 We collect, hold, use and disclose personal information for purposes reasonably necessary for our business functions and activities, including to:

  • Operate, maintain and improve our Website and services;
  • Provide you with services you have requested and manage our relationship with you;
  • Communicate with you, including responding to your enquiries, feedback and complaints;
  • Process payments;
  • Personalise your experience on our Website and tailor our communications to you;
  • Conduct research, analytics, quality assurance and business development;
  • Comply with our legal and regulatory obligations; and
  • Exercise and defend our legal rights and claims.

4.2 We do not use or disclose your personal information for purposes other than the purposes for which we collected it (the primary purpose), unless an appropriate legal basis applies, as set out below.

5. When we use or disclose personal information

5.1 We do not use or disclose personal information about you unless an appropriate legal basis applies. We may use or disclose your personal information where:

  • We collected the personal information for that particular purpose (the primary purpose), or for a different (secondary) purpose that is related to (and, in the case of sensitive information, directly related to) the primary purpose of collection, and you would reasonably expect us to use or disclose the information for that secondary purpose;
  • You have provided your consent;
  • A "permitted general situation" exists. For example, where we have reason to suspect that unlawful activity relating to our functions or activities has been, is being or may be engaged in, or where we reasonably believe there is a serious threat to the life, health or safety of any individual or to public health or safety; or
  • The use or disclosure is required or authorised by or under an Australian law or a court or tribunal order, or is reasonably necessary on behalf of an enforcement agency.

5.2 The third parties to which we may disclose your personal information include:

  • Our service providers and contractors who assist us in operating our business (for example, IT and cloud service providers, payment processors, marketing and analytics providers, professional advisers);
  • Government and regulatory authorities, law enforcement agencies and courts or tribunals, where required or authorised by law; and
  • Any other third parties where you have authorised us to disclose your information to them.

6. Direct marketing

6.1 We may use your personal information to send you direct marketing communications about our services that we believe may be of interest to you.

6.2 When we use or disclose personal information for the purpose of direct marketing, we:

  • Ensure that the information we use is not sensitive information;
  • Ensure that either you have consented to us using or disclosing your information for direct marketing, or you would reasonably expect us to use or disclose the information for direct marketing, or (where it is impracticable to seek your consent) that the use or disclosure is otherwise permitted under the Privacy Act;
  • Take reasonable steps to inform you that you may opt out of receiving marketing communications from us;
  • Include a simple means in each direct marketing communication by which you can easily opt out of receiving further marketing communications (for example, an unsubscribe link in emails); and
  • Respect any request you make to opt out of receiving direct marketing communications from us.

6.3 If you do not wish to receive marketing communications from us, you may opt out at any time by using the unsubscribe facility provided in the communication or by contacting us using the details in clause 13 below.

7. Overseas disclosure of personal information

7.1 We may disclose your personal information to overseas recipients where this is necessary for our business functions or activities, for example to:

  • Cloud hosting and IT service providers;
  • Payment processors; or
  • Other service providers or partners located outside Australia.

7.2 Unless a limited exemption under the Privacy Act applies, we only disclose personal information to an overseas recipient where we have taken reasonable steps to ensure that the overseas recipient does not breach the APPs (other than APP 1) in relation to your personal information.

7.3 We may also disclose personal information to an overseas recipient where:

  • We reasonably believe that the recipient of the information is subject to a law or binding scheme that provides a level of protection for personal information that is at least substantially similar to the protections in the Privacy Act, including mechanisms for you to enforce those protections;
  • The disclosure is required or authorised by or under an Australian law or a court or tribunal order; or
  • A declaration of equivalency has been made by the Governor General permitting the overseas transfer of personal information to a recipient in a country with laws substantially similar to the Privacy Act. We acknowledge that, at the date of this Privacy Policy, no declarations of equivalency have been made by the Governor General.

7.4 Where it is practicable to do so, we will notify you of the countries in which any overseas recipients of your personal information are likely to be located, either at the time of collection or as soon as practicable afterwards.

8. Data security

8.1 We take reasonable steps to protect the personal information we hold from misuse, interference and loss, and from unauthorised access, modification or disclosure.

8.2 The reasonable steps we take include both technical and organisational measures, such as:

  • Using secure servers, encryption and access controls;
  • Restricting access to personal information to authorised personnel on a need to know basis;
  • Maintaining appropriate IT and network security controls;
  • Implementing internal policies, procedures and staff training on privacy and data security; and
  • Regularly reviewing and updating our security measures in light of current technologies and threats.

8.3 Where we no longer need personal information for any purpose for which it may lawfully be used or disclosed, we take reasonable steps to destroy the information or ensure that it is de identified, unless we are required by law or a court or tribunal order to retain it.

9. Data breaches and notifications

9.1 We take all reasonable measures to prevent data breaches. However, if a data breach occurs, we assess and manage the breach in accordance with our obligations under the Privacy Act, including the Notifiable Data Breaches (NDB) scheme.

9.2 Where we have reasonable grounds to believe that an "eligible data breach" (as defined in the Privacy Act) has occurred—being a data breach that is likely to result in serious harm to one or more individuals—we:

  • Take reasonable steps to contain the breach and mitigate any risk of harm;
  • Carry out a prompt and thorough assessment of the suspected breach; and
  • Notify the Office of the Australian Information Commissioner (OAIC) and affected individuals as required by the Privacy Act, including by preparing and publishing a statement that describes the eligible data breach and the steps we recommend individuals take in response.

10. Access to and correction of your personal information

10.1 We take reasonable steps to ensure that the personal information we hold about you is accurate, up to date, complete and relevant.

10.2 You may request access to the personal information we hold about you, and you may request that we correct that information if you believe it is inaccurate, out of date, incomplete, irrelevant or misleading.

10.3 We will respond to your request for access or correction within a reasonable period and in accordance with the Privacy Act. We may need to verify your identity before we can provide you with access or make corrections.

10.4 In some circumstances, we may refuse access to or correction of your personal information where we are permitted or required to do so by law. If we refuse your request, we will provide you with reasons and inform you of how you may complain about our decision.

11. Complaints about privacy

11.1 If you have any concerns or complaints about how we have handled your personal information or think we have breached the APPs, please contact us using the details in clause 13.

11.2 We take privacy complaints seriously. We will:

  • Acknowledge receipt of your complaint;
  • Investigate your complaint and seek to resolve it within a reasonable period; and
  • Inform you of the outcome of our investigation.

11.3 If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC). The OAIC's contact details are available at www.oaic.gov.au.

12. Use of our Website and cookies

12.1 When you use our Website, we may collect personal information and other information about your use of the Website, including through the use of cookies and similar technologies.

12.2 We use this information to help us operate, maintain and improve our Website, to understand how visitors use it, and to personalise content and advertising.

12.3 You can usually choose to disable cookies in your browser settings, but this may affect the functionality of the Website.

13. How to contact us

If you have any questions about this Privacy Policy, wish to access or correct your personal information, or wish to make a complaint, please contact us at:

Inflexys PTY LTD.

28 Civic Wy, Oran Park NSW 2570, Australia

contact@inflexys.com

14. Changes to this Privacy Policy

14.1 We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements or other reasons.

14.2 The updated Privacy Policy will be posted on our Website with a revised "Last updated" date. We encourage you to review this Privacy Policy periodically to stay informed about how we handle your personal information.