Contact Us

Flor-Hanly
16 Evans Avenue
North Mackay QLD 4740

PO Box 3456
Mackay North QLD 4740

(07) 4963 4800
admin@florhanly.com.au

Printview - Flor-Hanly EBF10275292 3477-0094-4927

1 Introduction

1.1 We , us and our means Flor-Hanly & Associates Pty Ltd ACN 137 744 355 and its officers, employees and agents.

1.2 In the course of doing business in Australia, there are circumstances where we collect personal information (including credit information). This privacy policy has been developed to ensure that such information is handled appropriately.

1.3 We are committed to complying with the Privacy Act 1988 (Cth) (Privacy Act) and the Anti-Money Laundering and Counter-Terrorism Finance 2006 Act (AML/CTF Act) in relation to all personal information we collect. Our commitment is demonstrated in this policy. The Privacy Act incorporates the Australian Privacy Principles (APPs). The APPs set out the way in which personal information must be treated.

1.4 This privacy policy also incorporates our policy on managing credit information (see section 9).

1.5 By providing your details, you consent to us collecting, holding, using and disclosing your personal information in accordance with this policy.

1.6 If you do not provide the information requested by us, we are not able to provide you with our services or otherwise engage with you.

Who does the privacy policy apply to?

1.7 This policy applies to any person for whom we currently hold, or may in the future collect, personal information. Broadly, we collect personal information from our current and prospective clients, other individuals that contact us with enquiries, current and prospective contractors, consultants and agents and prospective employees.

1.8 This policy does not apply to acts and practices in relation to employee records of our current or former employees, as these are exempt from the Privacy Act.

What information does the privacy policy apply to?

1.9 This policy applies to personal information. In broad terms, 'personal information' is information or opinions relating to a particular individual who can be identified.

1.10 Information is not personal information where the information cannot be linked to an identifiable individual.

Retention and destruction of personal information

1.11 Subject to our professional obligations, we will take reasonable steps to destroy or permanently de-identify personal information if that information is no longer needed for the purposes for which we are authorised to use it, including our obligations under the AML/CTF Act and Rules.

2 What kinds of information do we collect and hold?

Personal information

2.1 The personal information we may collect differs depending on the nature of our interaction with you, although such information may include:

(a) sensitive information (see paragraph 2.2);

(b) contact information, including full name, residential address, contact details and emergency contact details;

(c) financial and credit information;

(d) date and place of birth;

(e) employment arrangements and history;

(f) tax returns and tax file numbers;

(g) insurance information;

(h) banking details;

(i) details of any enquiries you make;

(j) government related identifiers;

(k) photo ID and unique identifier, such as a passport or driver s licence number, and

(l) any other personal information required to provide services to you or otherwise engage you to assist us to provide our services.

Sensitive information

2.2 Sensitive information is a subset of personal information and includes personal information that may have serious ramifications for the individual concerned if used inappropriately. Generally, we will only collect the following types of sensitive information about prospective or current contractors, consultants or agents or prospective employees:

(a) health information;

(b) racial or ethnic origin;

(c) criminal records, and

(d) biometric information.

2.3 For the purpose of AML/CTF customer due diligence, we may collect the following types of sensitive or higher-risk information about clients, beneficial owners or agents:

(a) adverse media information,

(b) membership of professional or trade associations; and

(c) membership of any political associations.

2.4 We will not collect sensitive information without the consent of the individual to whom the information relates unless permitted under the Privacy Act.

Web-generated information

2.5 Our website (https://www.florhanly.com.au/) may also automatically collect hardware and software information about your computer or device, including:

(a) your IP address;

(b) your browser type;

(c) the types of devices you are using to access our website;

(d) the language and operating system of the device being used;

(e) domain names, access times and referring website addresses; and

(f) page clicks, time spent and other automatically collected meta-data.

2.6 Our website may also collect usage information from users. Broadly, this information may relate to how you use and navigate the website, including:

(a) information about pages, content or advertisements you have browsed or clicked on;

(b) any content, information or material you disclose to us;

(c) the location from which you have come to the site and the pages you have visited; and

(d) information about the features you have used on our website.

3 How and when do we collect personal information?

3.1 We usually collect personal information directly from the individual concerned, for example, via emails, telephone calls, online forms, engagements agreements, physical or virtual meetings and questionnaires.

3.2 We may also collect personal information from third parties such as:

(a) government bodies (such as regulatory authorities, relevant departments etc);

(b) through referrals from individuals or other entities;

(c) third-party identity verification services, including Content Snare (Comply Cube) and Ignition;

(d) banks and financial institutions;

(e) registers of companies, trusts, government databases (such as ASIC or ABR) and other paid search providers;

(f) your current and previous employers;

(g) our employees, contractors and agents;

(h) through marketing and business development events; and

(i) your representatives and advisers.

4 How do we hold personal information?

4.1 Our usual approach to holding personal information is to store it:

(a) physically, in paper files stored securely at our premises; and/or

(b) electronically in computer systems, applications, databases and cloud servers, either operated by us or our third-party service providers.

4.2 We implement and maintain processes and security measures to protect personal information which we hold from misuse, interference or loss and from unauthorised access, modification or disclosure. Some of these processes and systems include:

(a) using secure servers to store personal information;

(b) using unique usernames, passwords and other protections on systems that can access personal information;

(c) holding certain sensitive documents securely;

(d) arranging for our employees to complete training about information security;

(e) maintaining a data breach policy; and

(f) monitoring and reviewing our policies.

5 Why do we collect, hold, use or disclose personal information?

5.1 We take reasonable steps to hold, use and disclose personal information for the primary purpose for which we collect it. The primary purpose for which information is collected varies depending on the individual that we are collecting from, but is generally as follows:

(a) in the case of a current or prospective client, to provide our services and comply with our professional obligations;

(b) in the case of other individuals that contact us (including users of our website), to assist us to respond to your enquiries or complaints;

(c) in the case of a current contractor, consultant or agent, to assist us in providing our services; and

(d) in the case of a prospective contractor, consultant, agent or employee, to assess your suitability for employment or engagement.

5.2 We may also collect, hold, use and disclose personal information for secondary purposes that are within your reasonable expectations and that are related to the primary purpose of collection.

5.3 We also collect your personal information to comply with the AML/CTF Act. This includes to:

(a) establish and verify identification of clients/agents/beneficial owners before providing certain services to you or the person you are acting on behalf of;

(b) comply with initial and ongoing Customer Due Diligence requirements;

(c) comply with ongoing monitoring and enhanced due diligence where required;

(d) assess and manage potential money laundering, terrorism financing, proliferation financing risks or related compliance risks associated with the provision of our services;

(e) make reports required by law under the AML/CTF Act, and

(f) meet record keeping obligations under the AML/CTF Act.

5.4 From time to time, we may disclose personal information to third parties such as:

(a) government bodies (such as regulatory authorities, relevant departments, etc);

(b) our external auditors and other professional advisers;

(c) our contractors, consultants, employees, agents and service providers;

(d) law enforcement agencies;

(e) parties considering the acquisition of the whole or a part of our business; and

(f) other third parties with whom we have a commercial relationship.

5.5 We may also share your personal information with AUSTRAC to meet our legal and regulatory obligations under the AML/CTF Act or the AML/CTF Rules.

5.6 We will only disclose personal information to third parties if:

(a) we are required or authorised by law to do so;

(b) we have received express consent to the disclosure, or consent may be reasonably inferred from the circumstances; or

(c) we are otherwise permitted to disclose the information under the Privacy Act.

6 Artificial Intelligence (AI) Software

6.1 We may use personal information for the purposes of developing, using and training AI tools within our business. Confidential client data will not be used to train public models unless expressly agreed and legally permitted.

6.2 We may use AI software to:

(a) perform identity verification checks;

(b) analyse data and prepare reports;

(c) automate administrative tasks, and

(d) record and summarise meetings, with the appropriate notification/consent.

6.3 We may use the following types of personal information when using AI software:

(a) identification information, including, your:

(i) name;

(ii) address;

(iii) email address;

(iv) telephone numbers;

(v) date of birth;

(vi) occupation;

(vii) current or former employers;

(b) your personal circumstances;

(c) entities you are involved in or associated with;

(d) other information that we consider necessary for the provision of our products and services and the operation of our business;

(e) financial information;

(f) photographs, film and/or recordings or any other digital representation;

(g) relationship information;

(h) family information; and

(i) employment information for an employee whether previous, current and prospective.

7 Direct marketing

7.1 We may use your personal information to send you marketing communications, including emails, SMS, newsletters, event invitations or other material relating to our products or services. You have the right to opt out of receiving these communications at any time.

7.2 You may opt-out of receiving direct marketing communications from us by:

(a) clicking the unsubscribe link at the bottom of any of our direct marketing communications;

(b) replying STOP to any marketing text message we send, or

(c) by contacting our Privacy Officer at comply@florhanly.com.au or calling us on (07) 4963 4800.

7.3 Once you request to opt-out of direct marketing, we will process your request as soon as practicable, usually within 30 days.

7.4 Please note that even if you opt out of marketing, we may still send you essential, non-marketing administrative and transactional messages regarding our services, including important information regarding legislative and regulatory changes that may affect you.

8 Will we disclose personal information outside Australia?

8.1 We will disclose personal information outside of Australia if you expressly request us to do so.

8.2 In some cases, we may indirectly disclose personal information overseas through disclosures to our service providers that have data servers located overseas. For example, we disclose personal information to service providers that are located, or otherwise have data servers located, in the Philippines, India and the USA.

8.3 Where we disclose your personal information to parties located overseas (or which have data centres located in other countries), we take reasonable steps to ensure that those parties will handle the personal information in accordance with the Australian Privacy Principles. We are not required to take such steps if we believe that the overseas recipient is already subject to a law that has the effect of protecting personal information in a substantially similar way to the relevant law in Australia, or with your consent.

9 How do we manage your credit information?

What kinds of credit information may we collect?

9.1 We may collect and hold credit information in the course of offering and providing our services, which may include:

(a) your identification information;

(b) information about any credit that has been provided to you;

(c) your repayment history and any defaults or overdue payments;

(d) if terms and conditions of your credit arrangements are varied;

(e) if any court proceedings are initiated against you in relation to your credit activities;

(f) information about any bankruptcy or debt agreements involving you;

(g) any publicly available information about your credit worthiness; and

(h) any other information about your credit history and activities.

How and when do we collect credit information?

9.2 In most cases, we will only collect credit information if it is relevant to provide our services.

9.3 We may collect credit information either directly from you or from:

(a) third parties including parties to whom we provide services that you are involved with;

(b) government bodies (such as the Australian Taxation Office);

(c) banks and other credit providers;

(d) other individuals and entities via referrals; and

(e) your suppliers and creditors.

9.4 We do not collect and hold credit information from credit reporting bodies unless it is incidentally collected in providing our services to you.

How do we store and hold the credit information?

9.5 We store and hold credit information in the same manner as outlined in section 4 of this policy.

Why do we collect the credit information?

9.6 Our usual purpose for collecting, holding, using and disclosing credit information about you is to enable us to provide you with our services.

9.7 We may also collect the credit information to process payments and for other purposes incidental to providing our services.

How can I access my credit information, correct errors or make a complaint?

9.8 You can seek access to and request a correction to your credit information or complain about a breach of your privacy in the same manner as set out in section 10 of this policy.

10 How do you make complaints and access and correct your personal information or credit information?

10.1 It is important that the information we hold about you is up-to-date. If you believe that any information we hold about you is incorrect, please contact us so we can make the necessary change(s).

10.2 If the personal information and or credit information we hold is not accurate, complete and up-to-date, we will take reasonable steps to correct it, where it is appropriate to do so.

Access to information and correcting personal information

10.3 You may request access to the personal information held by us or ask us for your personal information to be corrected by using the contact details in this section.

10.4 We will grant you access to your personal information within a reasonable period, subject to the request circumstances.

10.5 In keeping with our commitment to protect the privacy of personal information, we may not disclose personal information to you without proof of identity.

10.6 We may deny access to personal information if:

(a) the request is unreasonable;

(b) providing access would have an unreasonable impact on the privacy of another person;

(c) providing access would pose a serious and imminent threat to the life or health of any person;

(d) providing access would compromise our professional obligations; or

(e) there are other legal grounds to deny the request.

10.7 We may charge a fee for reasonable costs incurred in responding to an access request. The fee (if any) will be disclosed prior to it being levied.

Complaints

10.8 If you wish to complain about an interference with your privacy, then you must follow the following process:

(a) The complaint should firstly be made to us in writing, using the contact details in this section. We will have a reasonable time to respond to the complaint.

(b) If the privacy issue cannot be resolved, you may take your complaint to the Office of the Australian Information Commissioner https://www.oaic.gov.au/privacy/privacy-complaints.

Who to contact

10.9 A person may make a complaint or request to access or correct personal information about them held by us. Such a request should be made in writing to the following address:

Address to: The Privacy Officer, Flor-Hanly

Postal address: PO Box 3456 Mackay North QLD 4740

Telephone number: (07) 4963 4800

Email address: comply@florhanly.com.au

11 Changes to the policy

11.1 We may update, modify or remove this policy at any time without prior notice. Any changes to the privacy policy will be published on our website.

11.2 This policy is effective 1 July 2026. If you have any comments on the policy, please contact the privacy officer with the contact details in section 10 of this policy.

 

 

Copyright © Flor-Hanly 2026.
Liability limited by a scheme approved under Professional Standards Legislation