Privacy Policy

The Bookkeeping People Privacy Policy

Last Updated: 1 January 2026

  1. Introduction

The Bookkeeping People Pty Ltd (A.B.N. 46 692 169 369) and www.bookkeepingpeople.com.au (collectively and individually referred to as “The Bookkeeping People”, “we”, “us”, “TBP” or “our”).

The Bookkeeping People is committed to protecting the privacy of the personal information provided to us, or otherwise collected by us, online or offline. This Privacy Policy applies to the products and/or services we provide on our Site www.bookkeepingpeople.com.au (“Site”) and our social media channels, and explains how we collect, hold, use, and disclose data in compliance with the requirements of the Privacy Act 1988 (Cth) and constitutes part of our Terms & Conditions.

We may, at any time and at our discretion, update this Privacy Policy from time to time to reflect changes in legislation, technology, and/or our operational practices. Where necessary, we will notify you of any updates to this policy. We will ensure that the current date, also known as the “Effective Date” or “Last Updated Date,” of the Privacy Policy will always be displayed at the very top of the Privacy Policy so you know it is the latest version.

Should you have questions regarding this Privacy Policy or privacy related questions, please contact us at info@bookkeepingpeople.com.au or call our office on 1300 31 31 69.

  1. Types of Data and Personal Information we may collect

We may collect personal information including:

  • Contact details (name, address, email)
  • Date of Birth and gender
  • Information in identification document (e.g. passport, driver’s license)
  • Tax file numbers and other government related identifiers.
  • Financial Information (e.g. bank accounts, credit cards)
  • Your tax related debts, such as a higher education loan program debt
  • Assets and liabilities
  • Educational qualifications and employment history
  • Personal income types and amounts including, but not limited to salary or wages, dividends, allowances, government allowances, pensions, interest, and rent received.
  • Occupation
  • Visa and work permit status
  • Shareholdings and details of investments
  • Superannuation details
  • Tax and financial statements.
  • Information regarding insurance
  • Personal information about your spouse and dependants.
  • Your business name (if applicable)
  • Basic information about your business and its history (If applicable)
  • Data about the products or services you purchase.
  • Data about your experience with our Site and our products and services
  • Data relating to your circumstances and such other information that is relevant to the products or services we provide to you.
  • Data relating to your circumstances and such other information that is relevant to the matter(s) in which you instruct us.
  • Data that identifies you (your IP address, login, browser type, time zone, browser plugins, geolocation, what operating system and version) – we do not link this with any personal Data.
  • Data on how you use our Site (URL clicks, products, and services views, how long you are on our pages and other actions)
  • If you are an employee or prospective employee, data relating to your qualifications, skills, and experience.
  • If you are a supplier of goods and services or a prospective supplier, information about your products, services, and pricing.
  • the content of any email you send to us.
  • the content of any recorded phone calls through our office line which are kept for training and internal purposes.

It may be necessary at times for TBP to collect sensitive information about you in order to provide specific services. The types of sensitive information we may collect include, but not limited to:

  • Health status
  • Ethnic origin
  • Details of any membership/s to professional associations
  • Criminal record

  1. When We Collect Information

We are committed to managing your personal and sensitive information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). When we collect, hold, use, or disclose your information, we do so through lawful and fair means, ensuring transparency and accountability throughout our processes.

In most cases, we will seek your consent before collecting, using, or disclosing your personal information. However, under APP 6, there are specific circumstances where your consent is not required. These include situations where:

  • The collection, use, or disclosure is required or authorised by Australian law or a court/tribunal order.
  • The use or disclosure is for a secondary purpose that you would reasonably expect, and it is related (or directly related, in the case of sensitive information) to the primary purpose of collection.
  • A permitted general situation or permitted health situation applies.
  • The disclosure is necessary for enforcement-related activities by an authorised body.

If you would like more information about these exceptions or how we apply the APPs in our practice, please contact our office at info@bookkeepingpeople.com.au  

  1. How We Collect Information

The Bookkeeping People uses a variety of formats for the collection of personal and sensitive information. These include:

  • Requiring clients to complete a Client Profile or other forms.
  • Receipt of emails, letters, and other correspondence.
  • Telephone calls
  • Appointments in person
  • Publicly available records
  • Through a customer’s personal representative
  • Completing an online Enquiry form
  • When you interact with us on social media
  • When you complete any sign-up forms, landing pages or send us a direct message via social media or an email to any of our nominated emails.
  • When you subscribe to our newsletter
  • You accept our cookies and other tracking technologies on any device you use to interact with us.
  • You voluntarily submit your data to us for any reason.
  • Third-party providers (e.g. ATO, ASIC, insurance brokers)

  1. Data Storage Length

We retain your personal information only for as long as necessary to fulfill the purposes for which it was collected, or as required by applicable laws and regulations. Once the information is no longer needed for these purposes, we take reasonable steps to securely destroy or de-identify it, unless retention is authorised or mandated by law.

We will only use or disclose your personal information for the purpose for which it was originally collected, unless:

  • You have provided consent for another use or disclosure,
  • You would reasonably expect the information to be used or disclosed for a related purpose, or
  • The use is for direct marketing, as outlined in our privacy policy.

  1. Use and Disclosure of Data

Under data laws, we are only allowed to use your data for specific reasons and where we have the legal basis to do so. We will use your data for the purposes it was collected and related purposes that include:

  • Operating our Site
  • Providing you with products, information, and services
  • Customer support
  • Improving our Site
  • Making your experience on our Site more efficient and enjoyable
  • Market research e.g. we may contact you for feedback about our services.
  • Provide you with information about events, other products or services or opportunities that may be of interest.
  • Marketing (with your consent)
  • Monitoring your compliance with our Website Terms and Conditions
  • Our employees, contractors, and/or related entities (who may be located overseas).
  • Third party credit card transaction gateway providers.
  • Third party service providers for the purpose of enabling them to assist us in provide our services to you, including (without limitation) IT service providers, online marketing or advertising service providers and professional advisors.
  • The organisation that issued your government ID documents, via the Australian Government’s Document Verification Service (DVS) and an Australian DVS service provider.
  • Our existing or potential agents or business partners.
  • Anyone to whom our business or assets (or any part of them) are, or may (in good faith) be, transferred.
  • Courts, tribunals, regulatory authorities and law enforcement officers, as required by law, in connection with any actual or prospective legal proceedings, or in order to establish, exercise or defend our legal rights.
  • Third parties, including agents or sub-contractors, who assist us in providing information, products, services, or direct marketing to you such as Facebook and Google. This may include parties located, or that store data, outside of Australia.
  • Third parties to collect and process data, such as Google Analytics. This may include parties that store data outside of Australia.

TBP uses some service providers overseas to process data and help deliver services to you. We may disclose your personal information to these providers from time to time. Such overseas disclosure would be to Vietnam or another country as advised.

When required, your personal information will only be disclosed to an overseas person or business in the following circumstances:

  • Where the overseas recipient has signed a contract with us which creates legal obligations to comply with Australian Privacy Law (i.e. the APPs).
  • If the recipient is subject to similar privacy law as Australian privacy law, and you can personally access avenues to enforce the protection of those laws.
  • If you provide written consent for Marcos Advisory to disclose the information after we provide you with full information; or
  • If the disclosure is required or authorised by or under an Australian law or a court/tribunal order.

On collection of your personal information, we will inform you whether it is likely we will disclose the information to an overseas recipient and, if so, where those recipients are likely to be located.

We may disclose your data for the purposes it was collected and:

  • As required by law subject to our obligations
  • With your consent
  • Within our business
  • To send you marketing material (with your consent)
  • Share with third parties to enable us to provide our products and/or services.
  • In order to sell our business (if we were to ever sell, we may need to transfer data held to the new owner)

We share data with third parties in the following circumstances:

  • Other companies in our group of companies, as necessary to operate our Site.
  • Our suppliers and service providers working for us e.g. payment processors.
  • Our professional and legal advisors
  • Third parties engaged in fraud prevention and detection.
  • Law enforcement or other government authorities
  • Where we have your consent to do so or otherwise where we are legally permitted to do so.
  • Share with third parties who enable us to provide our products and services which may include:
  • payment processors such as but not limited to Stripe, PayPal, Xero, Shopify who may process your payment for any products and services bought from us.
  • Social media and analytics such as but not limited to Facebook, Instagram, and Google Adwords for purpose of custom audience generation and the development of targeting criteria.
  • Other third parties such as but not limited to Leadpages, Zoom, Active Campaign, HubSpot for processing and holding Data that enables us to ensure you are kept informed of all course information, logins and marketing material, offers, promotions, newsletters, blogs and video training.

  1. Google Analytics

We use Google Analytics to help us understand how visitors interact with our website. Google Analytics collects information such as your device type, browser, IP address, pages visited, and time spent on our site. This data is used to analyse website traffic and improve our services.

Google Analytics may use cookies and similar technologies to collect and store information. The data collected is transmitted to and stored by Google on servers located outside Australia. For more information on how Google manages your data, please refer to https://policies.google.com/privacy.

If you wish to opt out of Google Analytics tracking, you can install an extension here.

  1. Cookies and Tracking Technologies

Our website uses cookies and similar tracking technologies to enhance your browsing experience, analyse site traffic, and support our marketing efforts. You can choose to disable cookies through your browser settings. However, please note that some features of our website may not function properly if cookies are disabled.

  1. Links to Third-Party Websites

Our website may contain links to external websites operated by third parties. Please be aware that we are not responsible for the privacy practices or the content of these external sites. We encourage you to review the privacy policies of any third-party websites you visit, as their privacy practices may differ from ours.

The inclusion of a link to a third-party website does not imply our endorsement of that site or its content. Accessing and using such websites is at your own risk.

  1. MARKETING

We will always let you know before we collect any data from you what the intended use is and if we intend to use it for marketing and if third parties are involved, we will obtain your consent (which you can withdraw at any time). You can change your mind about marketing material by opting out by:

  • completing the contact us form on our contact page; or
  • unsubscribing within the email if you have previously subscribed to our newsletter.

  1. Data Security

Safeguarding the privacy of your information is important to us. We realise that our customers trust us to protect their data and whilst we cannot guarantee the security of any information you transmit to us, or receive from us, we take that task seriously and maintain reasonable and appropriate physical, electronic and procedural safeguards to help protect your data.

We hold personal information in a combination of secure computer storage facilities and paper-based files and take steps to protect the personal information we hold from misuse, loss, interference, unauthorised access, modification, or disclosure.

The Bookkeeping People trains its employees carefully on handling personal information and confidentiality of such information.

Once we have no purpose for holding your personal information, we will take all reasonable steps to destroy or de-identify the information.

We use data storage service providers based in Australia. If we transfer personal data outside of Australia, we will ensure that your privacy rights are adequately protected by ensuring these service providers have the same or similar measures in place to protect data shared.

We employ a range of physical and electronic procedures in place to ensure that privacy is safeguarded; however, the internet is not secure, and we cannot guarantee the security of any information sent to us via the internet.

Sometimes breaches of personal information occur, which can range from non-threatening to serious. When a data breach is considered serious it is likely to cause harm to the individual that the personal information is about. This is called an eligible data breach.

If a circumstance arises that is considered an eligible data breach, we will notify the individual and the Office of the Australia Information Commissioner. In this notification we will make recommendations to the individual on the steps they should take to protect themselves in relation to the breach of information.

  1. Payment Security

When processing payments online, we partner with trusted third-party gateway providers who offer bank-grade security and comply with the Payment Card Industry Data Security Standard (PCI DSS)—a global benchmark for secure handling of credit card data mandated by major card schemes such as Visa, Mastercard, American Express, and Discover.

To protect your financial information, the following safeguards are in place:

  • Real-time authorisation: Payments are fully automated with immediate confirmation.
  • Card number protection: Your full credit card number is never visible to us or any external party.
  • Encrypted data storage: All transaction data is securely encrypted and stored within our gateway provider’s PCI-compliant data centre.
  • Direct fund transfer: Our gateway provider does not access your funds. All payments are transferred directly from your credit card to our merchant account.
  • Authorised processing: Our provider is an authorised processor for all major Australian banks.

We have chosen to collaborate with providers known for their secure and reliable payment solutions, so you can feel confident that your personal and financial information. While we take every reasonable step to safeguard your data, no system is entirely immune to risk. Therefore, we cannot guarantee absolute security under all circumstances.

If you have any questions about our payment security practices or would like more information about PCI DSS compliance, please contact our office at info@bookkeepingpeople.com.au or 1300 31 31 69.

  1. Access and Correction

You have the right to access any personal information regarding you The Bookkeeping People holds. This is subject to some limited exceptions, which the Privacy Officer can provide further information on.

Such requests should be made in writing to info@bookkeepingpeople.com.au and we will acknowledge your request within 14 days and respond to it within a reasonable time.

The Bookkeeping People may charge a fee only to cover the cost of locating, retrieving, reviewing, and copying any material requested. We will not charge for submitting a request or for us to action that request.”

If your request is approved, we will provide you with access to the information in the manner requested if it is reasonable and practicable to do so. You may request access to your personal information or ask us to correct it if inaccurate.

We may refuse your request where it is allowed or required by law, e.g. unless doing so would compromise the rights and freedoms of others, such as another individual’s confidentiality or intellectual property rights. If we do refuse to grant your request, we will give you written notice explaining why we denied the request.

You can contact us to ask us to correct any information we hold about you that you believe is inaccurate. Please contact us at:

Email: info@bookkeepingpeople.com.au
Phone: 1300 31 31 69
Mail: GPO Box 1403, Sydney NSW 2001

  1. Complaints

If you have any complaints regarding how your data is handled or believe we have breached this Policy and/or your rights under the Act, please contact us via our contact page, via email to info@bookkeepingpeople.com.au or by calling our office at 1300 31 31 69.

We are committed to addressing your concerns promptly and fairly. Upon receiving your complaint, we will acknowledge it without delay and aim to provide a response within a reasonable timeframe—typically within 30 days of receipt. If your complaint requires a more detailed investigation, resolution may take longer. In such cases, we will keep you informed with regular progress updates.

To ensure the integrity of the process, we may verify the identity of the complainant and, where appropriate, request additional information to assist in resolving the matter.

Where required by law, we will provide our determination in writing.

Please note that we reserve the right to decline to investigate or respond to complaints that we reasonably consider to be vexatious or frivolous.

If you are not satisfied with our response to your complaint, you may seek a review by contacting the Office of the Australian Information Commissioner using the information available at OAIC. Further information can be found at https://www.oaic.gov.au/privacy/privacy-complaints.

  1. Notifiable Data Breach Scheme

The Office of the Australian Information Commissioner (OAIC) oversees privacy functions under the Privacy Act 1988 (Cth). The Privacy Amendment (Notifiable Data Breaches) Act 2017 introduced the NDB scheme, which mandates that organisations covered by the Privacy Act must notify affected individuals and the OAIC when a data breach is likely to result in serious harm.

A data breach may involve:

  • Loss or theft of devices containing personal information
  • Unauthorised access to or disclosure of personal or sensitive data
  • Mistaken disclosure of personal information to the wrong recipient

Notifications must include:

  • A description of the breach
  • The types of information involved.
  • Recommendations for steps individuals should take in response.

At The Bookkeeping People, we have implemented a comprehensive privacy program and regularly train our staff on privacy obligations.

If you would like more information about our privacy practices or the NDB scheme, please contact our office at info@bookkeepingpeople.com.au or call us at 1300 31 31 69.

  1. Data Breach Response Plan

If The Bookkeeping People becomes aware of a data breach involving personal or sensitive information, we will respond promptly and in accordance with legal requirements. Our response plan includes:

  • Immediate Containment: We will take steps to contain the breach and prevent further unauthorised access or data loss.
  • Assessment: We will assess the nature and extent of the breach, including the type of information involved and the potential risk of harm to affected individuals.
  • Notification: If the breach is likely to result in serious harm, we will notify affected individuals and the Office of the Australian Information Commissioner (OAIC) as soon as practicable. Notifications will include details of the breach, the information involved, and recommended steps for individuals to protect themselves.
  • Remediation: We will take action to mitigate any harm and prevent future breaches, such as improving security measures and updating policies or staff training.
  • Documentation: All breaches and response actions will be documented for accountability and ongoing improvement.
  • Review: Our data breach response plan and security practices will be reviewed and updated regularly to ensure ongoing effectiveness.

If you have any questions about our data breach response procedures, please contact our office at info@bookkeepingpeople.com.au or call us at 1300 31 31 69.  

  1. Governing Law

This Privacy Policy and your use of this Site is governed in all respects by the laws of Australia.

  1. Changes to This Policy

This policy is reviewed annually and updated as required to reflect changes in legislation, technology, or our business practices. The latest version will always be available on our website at www.bookkeepingpeople.com.au.