1. Overview
At Scope Operations Pty LTd T/a Astrowave [ABN 99 633 193 469] (we, us, or our), we are committed to protecting your privacy and making sure your personal information is secure to the best of our ability. This Privacy Policy explains how we collect, use, store and disclose your information to comply with the Privacy Act 1988 (Cth) (Act) and includes recent amendments made to the Act under the Privacy and Other Legislation Amendment Bill 2024 (Cth).
When you visit our website or social media accounts, interact with us to use our services and/ or buy any products from us, and provide us with your information, you agree to the collection of that information and our use of it as set out in this privacy policy.
2. Commencement date
This policy will commence from 01 January 2025. It replaces all other previous privacy policies.
3. Types of personal information we collect
The types of personal information we may collect about you include:
your name, images, and complete contact details;
your age and/or date of birth;
payment details;
any customer survey results and customer service history;
website access and usage information;
information required for automated decision-making processes (including where we use artificial intelligence or other software); and
additional personal information that you or a third party provide to us.
4. Collection and use of personal information
We may collect, hold, use and disclose personal information to:
provide access to and use our website and services;
communicate with you;
conduct administrative activities such as invoicing and record keeping;
conduct marketing, analytics and research;
fulfill legal obligations and respond to disputes; and
consider employment applications.
5. Disclosure of personal information to third parties
We may disclose personal information to:
third party service providers to enable them to provide their services;
our employees and contractors;\our existing or potential agents or business partners;
sponsors or promoters of any competition we run;
anyone to whom our business or assets (or any part of them) are, or may (in good faith) be, transferred;
credit reporting agencies, courts, tribunals, and regulatory authorities, in the event you fail to pay for goods or services we have provided to you;
courts, tribunals, regulatory authorities, and law enforcement officers, as required by law, in connection with any actual or prospective legal proceedings, or to establish, exercise, or defend our legal rights;
third parties, including agents or sub-contractors, who assist us in providing information, products, services, or direct marketing to you. This may include parties located, or that store data, outside of Australia; and
third parties for data collection and processing, such as Google Analytics or other relevant businesses. This may include parties that store data outside of Australia.
By providing us with personal information, you consent to the disclosure of your information outside of Australia and acknowledge that we are not required to ensure that overseas recipients handle that personal information in compliance with the Privacy Act (Act) and the Australian Privacy Principles (APPs).
Note the Act and the APPs may not regulate third parties overseas. If any third party engages in any act or practice that contravenes the APPs, it would not be accountable under the Act.
6. How we treat personal information that is also sensitive information
Information classified as “Sensitive Information” has a higher level of protection under the APPs. Sensitive information means information relating to your racial or ethnic origin, political opinions, religion, trade union or other professional associations or memberships, philosophical beliefs, sexual orientation or practices, criminal records, health information or biometric information.
We only collect Sensitive Information with your explicit consent or where required by law. If we need to collect Sensitive Information we will inform you of the specific reason and obtain your consent before doing so.
So long as you consent, your sensitive information (if we hold any) may only be used and disclosed for purposes relating to the primary purpose for which the sensitive information was collected.
7. Automated decision-making & AI transparency
If we use automated systems such as Artificial Intelligence (AI) or algorithms either now or at any time in the future, we will:
inform you when a decision affecting you has been made automatically;
provide transparency on the criteria used in automated processes; and
allow you to request human review of an automated decision where legally required or where decisions significantly impact your rights.
8. Data security and breach reporting
If a data breach occurs that is likely to result in serious harm, we will:
assess the breach within 30 days as required under the Notifiable Data Breaches NDB (NDB) Scheme;
notify the Office of the Australian Information Commissioner (OAIC) and affected individuals as soon as practicable; and
provide details on the nature of the breach and actions taken to mitigate harm.
9. Serious invasions of privacy
Individuals are able to commence legal action if their privacy is recklessly or intentionally invaded. This applies where personal information is misused knowingly and the invasion causes distress, even if no financial harm occurs.
10. Doxxing
It is now a criminal offence to publish personal information online with the intent to harass, threaten, or cause harm. We take measures to prevent unauthorised disclosure of personal information online and comply with laws in this regard.
Our security measures include encryption, access controls, and regular cybersecurity audits.
11. Your rights and controlling your personal information
At all times, you have the right to:
request access to your personal data;
correct inaccurate or outdated information;
request deletion of your personal information, subject of course to our legal obligations; and
opt out of receiving marketing communications at any time by using the unsubscribe function in our emails or by contacting us directly. We will comply with the Spam Act 2003 (Cth) and will not send marketing communications without your express or inferred consent.
12. Overseas transfer
Your personal information may be transferred to an overseas jurisdiction with substantially similar data protection laws such as the United States of America, the United Kingdom, or countries within the European Union (EU). These countries have data protection laws, which protect personal information in a way that is at least substantially similar to the APPs, and there will be mechanisms available to you to enforce the protection of your personal information under that overseas law.
We take reasonable steps to ensure overseas recipients handle personal information in accordance with APPs. Where personal information is transferred outside Australia, we will ensure appropriate safeguards, such as contractual obligations or data protection agreements, are in place where required. For individuals in the European Union (EU), data transfers outside the EU will be carried out in compliance with Article 46 of the GDPR, ensuring appropriate safeguards.
13. GDPR
In some circumstances, the European Union General Data Protection (GDPR) provides additional protection to individuals located in Europe. Where this is the case, there may be additional rights and remedies available to you under the GDPR if your personal information is handled in a manner inconsistent with that law.
14. Storage and security
We are committed to ensuring that the personal information we collect is secure. In order to prevent unauthorised access or disclosure, we have put in place suitable physical, electronic and managerial procedures to safeguard and secure the personal information and protect it from misuse, interference, loss and unauthorised access, modification and disclosure.
We cannot guarantee the security of any information transmitted to or by us over the Internet. The transmission and exchange of information is carried out at your own risk. Although we take measures to safeguard against unauthorised disclosures of information, we cannot assure you that the personal information we collect will not be disclosed in a manner that is inconsistent with this Privacy Policy.
15. Cookies, web beacons and Google analytics
We use cookies and tracking technologies to enhance user experience and measure website performance. By using our website and social media accounts, you consent to use our cookies.
While cookies don’t tell us your email address, they do allow third parties, like Google and Facebook, to track you as part of our retargeting campaigns. If and when you choose to provide our website with personal information, this information may be linked to the data stored in the cookie. You can manage or disable cookies through your web browser settings.
Web beacons monitor the behaviour on our website and collect data about your web page viewing.
We also use Google Analytics to collect and process data from time to time.
16. Links to other websites
We do not have any control over Third Party Websites and we are not responsible for the protection and privacy of any personal information that you provide whilst visiting any such sites. Third Party Websites are not governed by this Privacy Policy, even if you followed a link from our website to the Third Party Website.
17. Amendments
We may update this privacy policy as laws change. The latest version will always be available on our website.
For any questions or notices, please contact our Privacy Officer at:
Astrowave Pty Ltd [ABN 99 633 193 469]
Email: hello@astrowave.com.au
Last update: 01 January 2025
Policy Version and Revision Information
Policy authorised by: Krystle Divertie
Version number: 3
Date of original issue: 01.01.2023
Current issue date: 01.01.2025
Next review date: 01.01.26