Skip to content
Appoly

Legal

Privacy Policy

Last updated: 22 May 2026

This privacy policy explains how APPOLY PTY LTD (ABN 58 648 653 356) — referred to in this policy as "Appoly", "we", "us", or "our" — collects, holds, uses, and discloses personal information about visitors to appoly.com.au and people who engage with our services.

We are bound by the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles ("APPs") set out in that Act. This policy describes how we meet those obligations in practice.

What personal information we collect

Depending on how you interact with us, we may collect the following categories of personal information:

  • Contact details — name, email address, phone number, company, and the content of any message you send us through our contact form, by email, or by phone.
  • Service delivery data — information you provide so that we can deliver agreed services, including project requirements, access credentials to systems you ask us to integrate with, and feedback during the engagement.
  • Correspondence records — copies of correspondence between you and Appoly, including emails, meeting notes, and call summaries.
  • Website usage data — standard server logs and analytics including IP address, browser type, referring URLs, pages viewed, and approximate location derived from IP. We use this in aggregate to understand how the site is used and improve it.
  • Job application data — if you apply for a role, the information in your application (CV, cover letter, work history).

We do not knowingly collect sensitive information (as defined under the Privacy Act) unless it is necessary for a service we have agreed to deliver and you have given express consent.

How we collect it

We collect personal information directly from you when you:

  • Submit our contact form or send us an email
  • Book a discovery call
  • Engage us for paid work
  • Apply for a role
  • Visit our website (passively, via cookies and analytics)

We do not buy or scrape personal information from third parties for marketing purposes.

Why we use it

We use personal information for the following purposes:

  • To respond to enquiries and provide the services you have engaged us for
  • To send you communications you have asked to receive (proposals, project updates, follow-ups)
  • To meet our legal, regulatory, and accounting obligations
  • To improve the website and understand how visitors use it
  • To assess and respond to job applications
  • To detect, prevent, and respond to security incidents and fraud

We do not use personal information for direct marketing without your consent. If we do send marketing communications, every email includes a one-click unsubscribe.

How we store and protect it

Personal information is stored in systems with appropriate technical and organisational security controls, including encryption in transit and at rest, access controls limited to authorised personnel, multi-factor authentication on administrative accounts, and audit logging.

Where data is hosted outside Australia (for example with cloud providers in the United States, the European Union, or the United Kingdom), we rely on contractual safeguards consistent with APP 8 to ensure those overseas recipients handle the data in accordance with the Australian Privacy Principles.

How long we keep it

  • Contact enquiries — held for up to 24 months after our last interaction, then deleted unless we have an ongoing reason to retain (such as an active engagement).
  • Service delivery data — retained during the engagement and for 12 months after the engagement ends, unless we have agreed a different retention period in our contract.
  • Tax and financial records — retained for the period required under Australian tax law (typically five years from when records are created or transactions complete, per section 262A of the Income Tax Assessment Act 1936).
  • Job application data — retained for up to 12 months after the application is decided unless you ask us to keep it longer for future opportunities.

Who we share it with

We may share personal information with:

  • Trusted service providers we use to deliver our services (cloud hosting providers, payment processors, productivity and communication tools, email delivery services such as Mailgun) under contracts requiring them to protect your information.
  • Professional advisers — our lawyers, accountants, auditors, and insurers, where necessary and in confidence.
  • Group companies within the Appoly group, where doing so is necessary to deliver an engagement.
  • Government authorities and law enforcement where required by law or to protect our rights, the rights of our clients, or public safety.

We do not sell personal information to third parties.

Cookies and analytics

Our website uses essential cookies required for the site to function. We may also use analytics tools to understand site usage in aggregate. You can disable cookies in your browser, though some parts of the site may not function correctly without them.

Your rights under the Privacy Act

Under the Australian Privacy Principles, you have the right to:

  • Access the personal information we hold about you (APP 12)
  • Correct personal information that is inaccurate, out of date, or incomplete (APP 13)
  • Request deletion of personal information where we no longer have a lawful reason to retain it
  • Object to certain processing and to withdraw consent where consent was the basis for processing
  • Lodge a complaint with the Office of the Australian Information Commissioner (OAIC) if you believe we have mishandled your personal information

To exercise any of these rights, contact us at privacy@appoly.com.au. We will respond within 30 days.

Data breach response

We follow the Notifiable Data Breaches scheme under the Privacy Act. If we become aware of a data breach that is likely to cause serious harm to any individual whose personal information we hold, we will notify the OAIC and the affected individuals as soon as practicable.

Complaints

If you have a complaint about how we have handled your personal information, please contact us first at privacy@appoly.com.au. We will acknowledge your complaint within five business days and aim to resolve it within 30 days.

If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner at oaic.gov.au or by phone on 1300 363 992.

Changes to this policy

We may update this policy from time to time. Material changes will be notified on this page and, where appropriate, by email to clients with active engagements. The "Last updated" date at the top of this policy reflects the most recent revision.

How to contact us

For any privacy-related question, request, or complaint:

  • Email: privacy@appoly.com.au
  • Phone: +61 (0)3 8679 2291
  • Post: Privacy Officer, APPOLY PTY LTD, Suite 95 / 80 Market Street, South Melbourne VIC 3205