1. Introduction
Investigate_X is a licensed investigative consultancy firm based in New South Wales, Australia. We are committed to protecting your privacy and handling your personal information in accordance with the Privacy Act 1988 (Commonwealth of Australia) and the Australian Privacy Principles. This commitment extends to all aspects of our business operations, including our investigative services, client consultations, fraud detection activities, and website interactions.
This Privacy Policy explains in detail how we collect, use, disclose, store, and protect your personal information when you engage our services, visit our website, or interact with our business in any capacity. We understand that the nature of our investigative work often involves handling highly sensitive and confidential information, and we have developed comprehensive policies and procedures to ensure the highest standards of privacy protection.
Our privacy practices are designed to comply not only with Australian federal privacy legislation but also with New South Wales privacy laws and relevant industry standards for investigative services. We regularly review and update our privacy practices to ensure they remain current with evolving legal requirements and industry best practices.
2. Information We Collect
2.1 Personal Information Collection
In the course of providing our investigative and consultancy services, we collect various types of personal information that is necessary for conducting thorough and effective investigations. This information includes your contact details such as your full name, residential and business addresses, telephone numbers, email addresses, and other communication preferences. We also collect business information including your company name, position, professional qualifications, and relevant employment history when this information is pertinent to our engagement.
Financial information may be collected when it is directly relevant to the investigation at hand, such as bank account details, transaction records, income statements, and other financial documents that may provide evidence or context for the matter under investigation. We collect documentation and evidence that you provide to us in support of your case, including photographs, emails, contracts, internal communications, witness statements, and any other materials that may be relevant to the investigative process.
All communications between you and our firm are recorded and maintained, including telephone conversations, email exchanges, meeting notes, written correspondence, and any other form of communication that occurs during our professional relationship. We also collect information about how you use our website, including your browsing patterns, pages visited, time spent on our site, and technical information about your device and internet connection.
2.2 Sensitive Information Handling
Due to the nature of our investigative work, we frequently encounter and must handle sensitive information as defined under the Privacy Act 1988. This includes information about alleged criminal activities, misconduct, fraud, theft, and other potentially unlawful behavior that forms the subject matter of our investigations. We may collect and process financial records, banking information, transaction histories, accounting records, and other financial documentation that reveals patterns of behavior or provides evidence of fraudulent activity.
Employment records, personnel files, disciplinary records, performance reviews, and workplace communications may be collected when conducting internal investigations or workplace misconduct inquiries. We may also obtain information through various investigation techniques including surveillance activities, background checks, database searches, interviews with witnesses and subjects, and analysis of digital communications and electronic data.
Health information may occasionally be collected when it is directly relevant to an investigation, such as in cases involving insurance fraud, workplace injury claims, or matters where an individual's physical or mental condition is pertinent to the investigation. Criminal history information, court records, and law enforcement data may be accessed through authorised channels when conducting background investigations or verifying information provided by subjects or witnesses.
3. How We Collect Information
Our information collection methods are diverse and tailored to the specific requirements of each investigation while ensuring compliance with all applicable privacy laws and professional standards. Direct communication with clients forms the primary method of information collection, including initial consultations, ongoing meetings, telephone discussions, email correspondence, and formal interviews conducted as part of our investigative process.
Service agreements, engagement letters, intake forms, questionnaires, and other documentation completed during the client onboarding process provide essential information about the matter to be investigated and the parties involved. Our investigation activities involve systematic evidence gathering through various lawful means, including document analysis, financial record review, digital forensics, surveillance operations where legally permitted, and interviews with relevant parties.
We may collect information from third parties when we have appropriate consent, legal authority, or where such collection is necessary for the investigation and permitted under privacy legislation. This includes obtaining information from former employees, business associates, suppliers, customers, and other individuals who may have relevant knowledge about the matter under investigation.
Our website employs various technologies to collect information about visitors, including cookies, web beacons, analytics tools, and other tracking technologies that help us understand how our website is used and how we can improve our online services. We also access public records, databases, and other publicly available information sources as part of our standard investigative procedures.
Professional networks, industry contacts, and referral sources may provide information relevant to our investigations, always within the bounds of professional ethics and legal requirements. We maintain detailed records of how and when information is collected to ensure transparency and accountability in our information handling practices.
4. Purpose of Collection and Use
We collect and use personal information solely for legitimate business purposes related to our investigative and consultancy services. The primary purpose is to provide comprehensive investigative services including fraud detection, internal investigations, compliance assessments, risk evaluations, and consultancy advice on best practices for preventing and detecting fraudulent activities within client organisations.
Investigation and analysis activities require us to process personal information to establish facts, identify patterns of behavior, trace financial transactions, verify claims and statements, conduct background checks, and prepare detailed reports and recommendations based on our findings. We use personal information to communicate with clients, witnesses, and other relevant parties throughout the investigation process, providing updates on progress, requesting additional information, and coordinating meetings and interviews.
Legal compliance and regulatory obligations necessitate the collection and retention of certain personal information, including maintaining records for the statutorily required periods, reporting to law enforcement agencies when legally obligated, and providing information to regulatory bodies and licensing authorities as required by our professional obligations.
Business administration activities require the use of personal information for client management, invoicing and payment processing, maintaining professional relationships, managing our service delivery, and ensuring the quality and effectiveness of our investigative services. We use website information to improve our online presence, understand user preferences, enhance website functionality, and provide better service to our clients and website visitors.
Quality assurance and professional development purposes may require us to analyse case outcomes, review investigation methodologies, and assess the effectiveness of our procedures while always maintaining appropriate confidentiality and privacy protections.
5. Disclosure of Information
5.1 Permitted Disclosures and Legal Requirements
We may disclose personal information to law enforcement agencies when we are legally required to do so, when we have obtained appropriate consent, or when disclosure is necessary to prevent or investigate serious criminal activity. Such disclosures are made in accordance with our professional obligations and applicable legislation, ensuring that we balance our duty to our clients with our broader obligations to the community and the administration of justice.
Legal representatives, courts, and tribunal proceedings may require us to disclose information in our possession, and we comply with all valid subpoenas, court orders, and other legal processes while maintaining appropriate client privilege where it applies. We work closely with legal counsel to ensure that any disclosures are made appropriately and in accordance with legal requirements and professional standards.
Regulatory bodies and licensing authorities may require access to information as part of their oversight functions, compliance audits, or investigations into professional conduct. We maintain full cooperation with these bodies while protecting client confidentiality to the extent permitted by law and professional regulations.
Professional advisors including accountants, lawyers, other investigators, and expert witnesses may receive relevant information when their expertise is required for the effective conduct of an investigation. All such disclosures are made under strict confidentiality agreements and professional obligations that mirror our own privacy commitments.
Contractors and service providers who assist in our operations, including IT support providers, document management services, forensic specialists, and other professional service providers, may have access to personal information only to the extent necessary for them to provide their services to us. All such arrangements are governed by comprehensive confidentiality agreements and service contracts that require these parties to maintain the same high standards of privacy protection that we maintain.
5.2 Client Consent and Voluntary Disclosures
We may disclose information to other parties when you have provided explicit consent for such disclosure, including family members, business partners, legal advisors, or other parties you have specifically authorised to receive information about the investigation. All such disclosures are documented and occur only within the scope of the consent you have provided.
Insurance companies, financial institutions, or other organisations may receive information when disclosure is necessary for the resolution of claims, disputes, or other matters that form the subject of our investigation and where such disclosure has been specifically authorised by you or is required for the proper conduct of the investigation.
In cases where we believe that disclosure is necessary to prevent serious harm to individuals or to prevent illegal activity, we may disclose relevant information to appropriate authorities, always balancing the competing interests of privacy protection and public safety in accordance with established legal and ethical guidelines.
6. Data Security and Protection Measures
We implement security measures designed to protect personal information from unauthorised access, use, disclosure, alteration, or destruction.
Physical security measures include secure premises with controlled access systems, locked filing cabinets for physical documents, secure storage facilities for sensitive materials, and restricted access to areas where confidential information is processed or stored. All physical documents are stored in fireproof and waterproof containers when the sensitivity of the information warrants such protection.
Technical security measures encompass encrypted data storage using industry-standard encryption protocols for all digital information, secure transmission of data through encrypted communication channels, robust access controls that ensure only authorised personnel can access specific information, regular security updates and patches to all software and systems, comprehensive backup and disaster recovery procedures, and continuous monitoring for unauthorised access attempts or security breaches.
Administrative controls include comprehensive staff training on privacy obligations and security procedures, clearly defined roles and responsibilities for handling personal information, regular review and updating of security policies and procedures, background checks for all personnel with access to confidential information, and incident response procedures that ensure prompt and effective response to any security breaches or privacy incidents.
7. Data Retention and Disposal
Our data retention policies are designed to balance the legitimate need to maintain records for professional, legal, and business purposes while minimising the period for which personal information is retained and ensuring secure disposal when retention is no longer necessary. We retain personal information for the duration of our engagement with you and for such additional periods as may be required by law, professional standards, or legitimate business needs.
Legal and regulatory requirements mandate that we retain certain business records for a minimum of seven years after completion of our engagement, in accordance with Australian business record-keeping requirements and professional standards for investigative services. Some categories of information may need to be retained for longer periods, particularly where ongoing legal proceedings are involved or where regulatory requirements specify extended retention periods.
Professional obligations require us to maintain case files and investigation records for extended periods to support potential future proceedings, provide evidence for regulatory inquiries, respond to professional liability claims, and maintain the continuity of our professional services. We also retain information that may be necessary for the ongoing protection of witnesses, the preservation of evidence, and the maintenance of professional relationships.
When personal information is no longer required to be retained, we implement secure disposal procedures that ensure complete destruction of the information. Physical documents are shredded using cross-cut shredders or destroyed through professional document destruction services that provide certificates of destruction. Digital information is securely deleted using software that overwrites the data multiple times to prevent recovery, and any backup copies are similarly destroyed.
We maintain detailed records of our retention and disposal activities to demonstrate compliance with our privacy obligations and to provide transparency about our information handling practices. Regular reviews of retained information ensure that we do not keep personal information longer than necessary and that our retention practices remain current with legal requirements and industry best practices.
8. Your Rights and Our Obligations
Under Australian privacy legislation, you have comprehensive rights regarding your personal information, and we are committed to facilitating the exercise of these rights while balancing them against other legitimate interests and legal obligations. You have the right to access personal information that we hold about you, subject to certain exceptions that may apply in the context of ongoing investigations or where disclosure might compromise the investigation process or the safety of individuals involved.
When you request access to your personal information, we will provide you with a clear explanation of what information we hold, how it was collected, how it is being used, and to whom it has been disclosed. We will also explain any codes or abbreviations used in our records and provide the information in a format that is readily understandable. Access requests are processed promptly, and we aim to respond within 30 days of receiving a request.
You have the right to request correction of personal information that is inaccurate, incomplete, or out of date. When you request a correction, we will take reasonable steps to verify the accuracy of the information and make appropriate corrections. If we disagree with your request for correction, we will provide you with a written explanation of our decision and, if you request it, we will attach a statement to your record noting your disagreement with the information.
In certain circumstances, you may request deletion of your personal information, although this right may be limited where we have ongoing legal obligations to retain the information or where retention is necessary for the protection of legal rights. We will explain any limitations on deletion and work with you to address your concerns about our retention of your information.
You have the right to lodge a complaint about our privacy practices with our Privacy Officer or with the Office of the Australian Information Commissioner. We are committed to investigating all complaints promptly and fairly, and we will work with you to resolve any concerns about our handling of your personal information.
Where we have relied on your consent as the basis for collecting or using your personal information, you may withdraw that consent at any time, although withdrawal of consent may limit our ability to continue providing certain services to you. We will explain the consequences of withdrawing consent and work with you to address your concerns while meeting our professional obligations.
9. Website Privacy and Digital Interactions
Our website employs various technologies to enhance user experience and gather information about how our services are accessed and used. We use both essential cookies that are necessary for the basic functionality of our website and non-essential cookies that help us analyse user behavior and improve our online services. Essential cookies include those required for security, maintaining user sessions, and ensuring that website forms function correctly.
Analytics cookies and similar technologies help us understand how visitors interact with our website, which pages are most frequently accessed, how long visitors spend on different sections of our site, and what pathways visitors take through our website. This information helps us improve our website design, enhance user experience, and ensure that we are providing the most relevant and useful information to our visitors.
Third-party services integrated into our website, such as Google Analytics, contact forms, and social media plugins, may collect additional information about your visit. We carefully select third-party service providers and ensure that they maintain appropriate privacy protections, although we recommend that you review the privacy policies of these third-party services to understand how they handle your information.
Our website may contain links to other websites, including those of professional associations, regulatory bodies, and other organisations relevant to our industry. We are not responsible for the privacy practices of these external websites, and we recommend that you review their privacy policies before providing any personal information to them.
When you contact us through our website, whether through contact forms, email links, or other communication methods, your communications are treated with the same level of confidentiality and privacy protection as all other client communications. We use secure communication channels where possible and ensure that all website-based communications are appropriately protected.
We regularly review and update our website privacy practices to ensure they remain current with technological developments and legal requirements. We also provide clear information about our privacy practices and make this privacy policy easily accessible from all pages of our website.
10. International Information Transfers
While our operations are primarily based in Australia and we generally store and process personal information within Australia, there may be circumstances where we need to transfer information overseas as part of our investigative activities or business operations. When such transfers are necessary, we ensure full compliance with Australian privacy law requirements for overseas information transfers.
Before transferring personal information overseas, we conduct a thorough assessment of the privacy protections available in the destination country and implement additional safeguards where necessary to ensure that your information receives the same level of protection it would receive in Australia. This may include contractual arrangements with overseas recipients that require them to handle information in accordance with Australian privacy standards.
Cloud-based services and technology platforms used in our operations may involve the storage or processing of information on servers located overseas. We carefully evaluate all such services to ensure they provide appropriate privacy protections and maintain transparent policies about where and how information is stored and processed.
International investigations or matters involving overseas jurisdictions may require us to work with foreign investigators, legal systems, or regulatory bodies. In such cases, we ensure that information sharing occurs only within appropriate legal frameworks and professional standards, and we maintain oversight of how information is handled by overseas parties.
We maintain detailed records of any overseas information transfers, including the reasons for the transfer, the safeguards implemented, and the oversight measures in place to ensure ongoing protection of your information. This documentation is available to you upon request and forms part of our accountability measures under Australian privacy law.
11. Complaints and Contact Information
We are committed to addressing any concerns or complaints about our privacy practices promptly, fairly, and transparently. Our Privacy Officer is responsible for overseeing our privacy compliance, investigating complaints, and working with individuals to resolve privacy-related issues. You can contact our Privacy Officer directly by email at privacy@investigatex.com.au, or by writing to us at our business address.
When you make a privacy complaint, we will acknowledge receipt of your complaint within seven days and begin our investigation immediately. Our complaint investigation process includes a thorough review of the circumstances giving rise to your complaint, consultation with relevant staff members, examination of our policies and procedures, and identification of any steps needed to address your concerns and prevent similar issues in the future.
We aim to complete our investigation and provide you with a detailed response within 30 days of receiving your complaint. Our response will include an explanation of our investigation, our findings, any corrective actions we have taken or will take, and information about your rights to escalate the matter if you are not satisfied with our response.
If you are not satisfied with our response to your privacy complaint, you have the right to lodge a complaint with the Office of the Australian Information Commissioner, which has regulatory responsibility for privacy matters in Australia. The OAIC can investigate complaints about privacy breaches and has various powers to address privacy violations and provide remedies for individuals who have been affected by privacy breaches.
We maintain comprehensive records of all privacy complaints and our responses to them, and we use this information to continuously improve our privacy practices and prevent similar issues from occurring in the future. We also report on privacy complaints and breaches to our senior management and board of directors to ensure that privacy protection remains a priority throughout our organisation.
12. Changes to This Privacy Policy
We regularly review this Privacy Policy to ensure it remains current with changes in our business practices, technological developments, and evolving privacy legislation. When we make changes to this Privacy Policy, we will update the "Last Updated" date at the beginning of this document and post the revised policy on our website.
For minor changes that do not materially affect your rights or our handling of your personal information, we will simply update the policy and make it available on our website. For significant changes that materially affect how we collect, use, or disclose personal information, we will provide additional notice through direct communication with our clients and other appropriate means.
Continued use of our services after we have posted changes to this Privacy Policy constitutes your acceptance of those changes. However, if you object to any changes, you may contact our Privacy Officer to discuss your concerns and explore options for addressing them while maintaining our professional relationship.
We maintain archived versions of previous Privacy Policies to demonstrate our ongoing commitment to transparency and accountability in our privacy practices. These archived versions are available upon request and provide a historical record of our privacy commitments and practices over time.
13. Definitions and Interpretation
For the purposes of this Privacy Policy, "personal information" means information or an opinion about an identified individual or an individual who is reasonably identifiable, whether the information or opinion is true or not, and whether the information or opinion is recorded in a material form or not. This includes all information that could reasonably be used to identify you, either alone or in combination with other information.
"Sensitive information" refers to specific categories of personal information that require additional privacy protections under the Privacy Act 1988, including information about an individual's racial or ethnic origin, political opinions, religious beliefs, philosophical beliefs, membership of professional or trade associations, criminal record, health information, genetic information, biometric information, and sexual orientation.
"Investigation" means any systematic inquiry or examination conducted by Investigate_X for the purpose of establishing facts, gathering evidence, detecting fraud or misconduct, assessing compliance with laws or policies, or providing advice and recommendations based on investigative findings. This includes all forms of investigation activities whether conducted for private clients, government agencies, or other organisations.
"Disclosure" means providing, releasing, transferring, or otherwise making available personal information to another person or organisation outside of Investigate_X, whether intentionally or unintentionally, and whether the disclosure is authorised or unauthorised.
"Record" means any form of recorded information, whether in physical or electronic format, including documents, files, databases, emails, photographs, audio recordings, video recordings, computer files, and any other form of information storage that contains personal information.
14. Governing Law and Jurisdiction
This Privacy Policy is governed by and construed in accordance with the laws of New South Wales and the Commonwealth of Australia, particularly the Privacy Act 1988 (Commonwealth), the Australian Privacy Principles, and the Privacy and Personal Information Protection Act 1998 (NSW). Our privacy practices are also guided by relevant industry codes and professional standards applicable to investigative services.
Any disputes arising from or relating to this Privacy Policy or our privacy practices will be subject to the exclusive jurisdiction of the courts of New South Wales, Australia. However, we encourage the resolution of privacy concerns through our internal complaint process and, if necessary, through the Office of the Australian Information Commissioner before pursuing formal legal proceedings.
This Privacy Policy forms an integral part of our overall Terms of Service and client service agreements, and should be read in conjunction with those documents to obtain a complete understanding of our commitments and obligations regarding your personal information and privacy rights.
Contact Information: Investigate_X
Email: admin@investigatex.com.au
ABN: 88 525 117 610
Master Licence: 412514331
We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.