How we collect, use, and protect your personal information
Legal Document
Effective Date: 1 July 2025 | Version: 2.0 | Last Updated: 5 February 2026
1. Introduction
Rapid Developments Pty Ltd ("we," "us," "our") is committed to protecting the privacy and security of your personal information.
This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you:
Engage our business consulting or technology services
Visit our website at rapid-developments.com.au
Subscribe to our communications
Contact us through any channel
This policy complies with the Australian Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). While we may qualify for the small business exemption, we voluntarily commit to these privacy standards.
2. Information We Collect
2.1 Personal Information
We may collect the following types of personal information:
Contact Information: Email address, telephone numbers, business address
Business Information: Company details, business processes, operational data relevant to our services
Financial Information: Payment details, billing addresses, bank account details for invoicing
Technical Information: IP address, browser type, device information, website usage data
Professional Information: Professional history, qualifications, business relationships
Communication Records: Emails, meeting notes, phone call records related to our services
2.2 Information Collected Automatically
When you visit our website, we automatically collect:
IP address and approximate geographic location
Browser type and version
Operating system
Pages visited and time spent on pages
Referring website
Date and time of visits
2.3 Sensitive Information
Important Note
We do not actively collect sensitive information (such as health information, racial or ethnic origin, political opinions, religious beliefs, or sexual orientation) unless specifically required for a consulting engagement and with your explicit consent.
3. How We Collect Information
We collect information through:
Direct interactions: When you contact us, engage our services, complete forms, or correspond with us
Service delivery: During assessments, on-site visits, and project work
Contracts and agreements: Through proposals, service agreements, and invoicing
Website: Through contact forms, enquiry submissions, and automated technologies (cookies)
Third-party referrals: From business partners or referrers who introduce you to us (with consent)
Publicly available sources: Business directories, company registers, LinkedIn, and other public sources
4. How We Use Your Information
4.1 Primary Purposes
We use your information to:
Provide business consulting and technology services
Conduct assessments and prepare reports and recommendations
Communicate with you about our services and your engagement
Process payments, invoicing, and maintain financial records
Comply with legal, regulatory, and professional obligations
Respond to enquiries and provide customer support
4.2 Secondary Purposes
With your consent, we may use information to:
Send updates about business insights, articles, and industry information
Invite you to events, workshops, or webinars
Develop case studies and testimonials (anonymised or with express permission)
Improve our services, methodologies, and website
Conduct business analytics and reporting (in aggregate, non-identifying form)
4.3 Legal Bases
We process your information based on:
Contract: Where processing is necessary to perform our services
Consent: Where you have given specific consent for marketing or secondary uses
Legitimate interests: Where processing is necessary for our legitimate business interests (and does not override your interests)
Legal obligation: Where processing is required by law
5. Information Sharing and Disclosure
5.1 Who We Share Information With
Team Members: Employees and contractors on a need-to-know basis for service delivery
Subcontractors: Specialist contractors engaged to assist with service delivery, under strict confidentiality agreements
Service Providers: Third-party service providers who support our operations (see section 6)
Professional Advisors: Our legal, accounting, and insurance advisors where necessary
Government Authorities: When required by law, regulation, or legal process
5.2 What We Do NOT Do
We Do NOT:
Sell your personal information to third parties
Share your information with competitors
Use your data for purposes unrelated to our services without consent
Share your confidential business information with other clients
6. Third-Party Services and Overseas Disclosure
6.1 Service Providers We Use
We use the following categories of third-party services to operate our business:
Service Type
Purpose
Data Location
Cloud Hosting
Website and data storage
Australia (Sydney region)
CRM System
Client relationship management
May include US/EU servers
Email Services
Business communications
May include US/EU servers
Payment Processing
Invoice payments
Global (PCI-DSS compliant)
Analytics
Website usage analysis
May include US servers
Video Conferencing
Remote meetings
May include US/Global servers
Document Storage
File storage and collaboration
Australia where available
6.2 Overseas Disclosure
Some of our service providers operate servers outside Australia. By engaging our services, you consent to your information being processed in these locations. We take reasonable steps to ensure overseas recipients handle your information in accordance with Australian Privacy Principles, including:
Using providers with appropriate privacy certifications (e.g., ISO 27001, SOC 2)
Selecting Australian data regions where available
Entering into data processing agreements with key providers
6.3 AI and Automation Tools
We may use artificial intelligence and automation tools to assist with service delivery, including document analysis, process mapping, and report generation. When using such tools:
We do not input your confidential information into public AI tools
Enterprise AI tools used are subject to confidentiality and data processing agreements
Final outputs are reviewed by our team before delivery
You may request that AI tools not be used for your engagement
7. Cookies and Website Tracking
7.1 What Are Cookies
Cookies are small text files placed on your device when you visit a website. They help the website function, remember your preferences, and provide analytics.
7.2 Cookies We Use
Essential Cookies
Required for core website functionality. These cannot be disabled without affecting site operation.
Session management
Security features
Form submissions
Analytics Cookies
Help us understand how visitors use our website. Data is collected in aggregate form.
Pages visited and time on site
Traffic sources and referrers
Geographic region (approximate)
Device and browser information
We use Google Analytics with IP anonymisation enabled where available.
Cookies We Do NOT Use
Advertising or marketing cookies
Social media tracking pixels
Third-party advertising networks
7.3 Managing Cookies
You can control cookies through your browser settings:
Block all cookies (may affect website functionality)
Our website responds to "Do Not Track" browser signals by limiting analytics collection where technically feasible.
8. Data Security
8.1 Security Measures
We implement appropriate technical and organisational measures to protect your information, including:
Encryption of data in transit (SSL/TLS) and at rest where appropriate
Password-protected systems with multi-factor authentication
Access controls limiting information access to authorised personnel
Regular security assessments and updates
Secure storage of physical documents
Confidentiality agreements with all team members and contractors
Regular data backups
8.2 Data Breach Response
In the event of a data breach that is likely to result in serious harm, we will:
Take immediate steps to contain the breach and mitigate harm
Assess the breach to determine the risk of serious harm
Notify affected individuals as soon as practicable if serious harm is likely
Notify the Office of the Australian Information Commissioner (OAIC) if required
Document the breach and our response
8.3 No Guarantee
While we take security seriously, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security of data transmitted to us or stored in our systems.
9. Data Retention
We retain personal information for the following periods:
Category
Retention Period
Reason
Active client records
Duration of engagement + 7 years
Legal, professional, reference
Financial records
7 years
Tax and accounting requirements
Project deliverables
7 years post-completion
Professional liability, reference
Prospective client enquiries
2 years from last contact
Follow-up, business development
Marketing subscribers
Until unsubscribe + 1 year
Honour unsubscribe requests
Website analytics
26 months
Trend analysis
After the retention period, we securely delete or de-identify information so it can no longer be associated with you.
10. Your Rights
10.1 Rights Under Australian Privacy Law
You have the right to:
Access: Request access to personal information we hold about you
Correction: Request correction of inaccurate or incomplete information
Deletion: Request deletion of your information (subject to legal requirements)
Opt-out: Opt out of marketing communications at any time
Complain: Lodge a complaint with us or the OAIC if you believe we have breached privacy laws
10.2 How to Exercise Your Rights
To Make a Request
Email: privacy@rapid-developments.com.au
We will respond to access or correction requests within 30 days. We may need to verify your identity before processing your request.
10.3 Access Requests
We will provide access to your personal information unless:
Access would pose a serious threat to life, health, or safety
Access would unreasonably impact the privacy of others
The request is frivolous or vexatious
The information relates to legal proceedings
Access would be unlawful
Denying access is authorised by law
If we deny access, we will provide reasons in writing.
11. Marketing Communications
11.1 Consent-Based Marketing
We only send marketing communications (newsletters, articles, event invitations) with your express consent. Service-related communications (invoices, project updates, support responses) are not considered marketing.
11.2 Unsubscribe
You can opt out of marketing communications at any time by:
Clicking the "unsubscribe" link in any marketing email
Emailing privacy@rapid-developments.com.au
Contacting us directly
We will action unsubscribe requests within 5 business days.
11.3 Spam Act Compliance
All commercial electronic messages comply with the Spam Act 2003, including:
Consent obtained before sending
Clear sender identification
Functional unsubscribe facility
Accurate contact information
12. Third-Party Links
Our website and communications may contain links to third-party websites. We are not responsible for the privacy practices of these sites. We encourage you to read the privacy policies of any third-party sites you visit.
13. Changes to This Policy
We may update this Privacy Policy to reflect changes in:
Legal or regulatory requirements
Our business practices and services
Technology and security measures
Material changes will be:
Posted on our website with an updated effective date
Notified to active clients by email
Highlighted at the top of this policy for 30 days
We encourage you to review this policy periodically.
14. Complaints
14.1 Internal Complaints
If you have concerns about how we handle your personal information:
Contact our Privacy Officer (details below)
Describe your concern in as much detail as possible
We will investigate and respond within 30 days
If you are not satisfied with our response, you can escalate internally
14.2 External Complaints
If you are not satisfied with our response, you may lodge a complaint with:
Office of the Australian Information Commissioner (OAIC)