Bastion EBA Privacy Policy


This privacy policy explains how Bastion EBA Pty Ltd (“we” or “us”) handles personal information and complies with the requirements of the Australian Privacy Act 1988 (Cth) ("Privacy Act"). If you have any further questions in relation to this policy, please contact our Privacy Officer.

Please note that employee records are not generally subject to the Privacy Act and therefore this policy does not apply to the handling of information about our employees. 



What Personal Information Do We Collect? 

The types of personal information we collect from clients, customers and other individuals include:
•    names, job titles, contact and address details
•    date of birth and gender (for recruitment purposes)
•    educational qualifications and employment history (for recruitment purposes)
•    your Internet Protocol (IP) address

It is generally not practical to remain anonymous or use a pseudonym when dealing with us as usually we need your personal information in order to provide our services to you.



How Do We Collect Information?

Generally we collect information directly from individuals and our clients when we deal with them either face to face, via email or via telephone conversations. We may also collect information from you when you subscribe to receive our publications or use our website. 

Sometimes it may be necessary for us to collect your personal information from a third party. For example, we may collect your personal information from your personal representative, another Bastion Collective entity or a publicly available record.



How Do We Hold and Ensure the Security of Your Personal Information?

We hold personal information in hard copy and electronic formats. We take security measures to protect the personal information we hold. This includes physical (we require a security key to enter our offices) and technology measures. 

In some cases, we engage third parties to host electronic data (including customer relationship management data and email distribution services) on our behalf and we ensure these parties comply with our obligations under the Privacy Act. When we store your information in our customer relationship management system, some or all of this personal information may be available to partners and authorised staff for use in accordance with this policy.

We require our employees and data processors to respect the confidentiality of any personal information held by us.

We do not retain personal information once there is no longer a legal or business need for us to do so.


How Do We Use Personal Information?

The main purposes for which we collect, hold and use personal information are:
•    to provide our services;
•    to respond to requests or queries;
•    to maintain contact with clients and other contacts;
•    to keep clients and other contacts informed of the services we offer and industry developments that may be of interest to them;
•    to notify clients/other contacts of our service offerings;
•    to obtain payment for our services;
•    for recruitment purposes; 
•    for seeking your feedback; 
•    to meet any regulatory obligations; 
•    to perform analysis of our website; and
•    for other purposes related to our business.

If you choose not to provide us with personal information, we may be unable to do these things.

If we collect, hold or use personal information in ways other than as stated in this policy, we will ensure we do so pursuant to the requirements of the Privacy Act.


Direct Marketing

We may collect, hold and use personal information about individuals to market our services, including by email. At any time you may elect not to receive marketing information from us by using the unsubscribe function in our marketing emails.


Disclosure of Personal Information

We do not routinely disclose personal information to other organisations unless:
•    use or disclosure is permitted by this policy;
•    we believe it is necessary to provide you with a product or service which you have requested
•    some or all of our assets or operations are or may be transferred to another party as part of the sale of some or all of our business;
•    you give your consent; or
•    such disclosure is otherwise required or permitted by law, regulation, rule or professional standard.

As stated above, we use third party suppliers to maintain databases and email distribution systems. We require our service providers to adhere to our privacy guidelines and not to keep, use or disclose personal information we provide to them for any unauthorised purposes.


Privacy On Our Website

In addition to personal information you provide to us directly, we may also collect personal information from you via our websites.

Cookies, web beacons and other technologies are used by us and our service providers on our website and through email to automatically collect certain types of information. The collection of this information allows us to ensure our website is working effectively and provides us with information about who is visiting our website.

Cookies are small text files that may be placed on your computer or internet-enabled device whenever you visit our website. This means our site remembers your computer or device and helps us to identify public IP addresses, the number of visitors to our site and trends of those visitors for our analytical reports.

Although most browsers automatically accept cookies, you can choose whether or not to accept cookies via your browser's settings. You may also delete cookies from your device at any time. However, please be aware that if you do not accept cookies, you may not be able to fully experience some of our web sites' features.

A web beacon is a small image file on a web page that can be used to collect certain information from your computer, such as an IP address, the time the content was viewed, a browser type, and the existence of cookies previously set by the same server.


We understand the importance of protecting children’s privacy, especially in an online environment.

Our websites are not intentionally designed for or directed at children under the age of 13.

It is our policy to never knowingly collect or maintain information about anyone under the age of 13.


Access to Information

We will provide access to personal information upon request by an individual, except in the limited circumstances in which it is permitted for us to withhold this information.

When you make a request to access personal information, we will require you to provide some form of identification (such as a driver's licence or passport) so we can verify that you are the person to whom the information relates. 

If at any time you want to know what personal information we hold about you, you may email us at 


Concerns and Complaints

If you wish to express any concerns you may have or make a complaint to us about our handling of your personal information, you can contact us at or by mail at 14-18 Cremorne Street, Richmond VIC 3121. You will be asked to set out the details of your complaint in writing.

We will reply to you within 30 days of receipt of your email and, where appropriate, will advise you of the general reasons for the outcome of the complaint.

If you are not satisfied with the outcome of your complaint, you can refer your complaint to the Office of the Australian Information Commissioner.


Effect of Policy
Bastion EBA aims to review this policy annually to keep it up to date. We may update our policy at any time by publishing a new version on this website. The amended policy will apply between us whether or not we have given you specific notice of any changes.