Urbis Ltd (ABN 50 105 256 228) and its related bodies corporate (Urbis, we, our, us) recognises the importance of protecting the privacy and the rights of individuals regarding their personal information.  This document is our privacy policy and it tells you how we collect and manage your personal information.

We respect your rights to privacy under the Privacy Act 1988 (Cth) (Privacy Act) and we comply with all of the Privacy Act’s requirements for the collection, management and disclosure of your personal information.

What is your personal information?

When used in this privacy policy, the term “personal information” has the meaning given to it in the Privacy Act.  In general terms, personal information is any information that can be used to personally identify you.  This may include your name, address, telephone number, email address and profession or occupation, amongst other things.  If the information we collect personally identifies you, or you are reasonably identifiable from it, the information will be considered personal information.

What personal information do we collect and hold?

We may collect the following types of personal information about you:

  • name;
  • mailing or street address;
  • email address;
  • telephone number;
  • facsimile number;
  • age or birth date and gender;
  • bank account details;
  • education, employment and work history;
  • details of the services you have acquired from us or which you have enquired about, together with any additional information necessary to deliver those services and to respond to your enquiries;
  • information you provide to us through customer surveys, market or social research or visits or interviews by our representatives from time to time; and
  • any additional information relating to you that you provide to us directly through our website or indirectly through use of our website or online presence, through our representatives or otherwise.

When using cookies we may collect information on browser access and session identifiers, profile expiration dates, response fields and access preferences (This is discussed further in the ‘Our website’ section below).  We may also collect some information that is not personal information because it does not identify you or anyone else.  For example, we may collect anonymous answers to surveys or aggregated information about how users use our website.

How do we collect your personal information?

We collect your personal information directly from you unless it is unreasonable or impracticable to do so.  When collecting personal information from you, we may collect it in various ways, including:

  • through your access and use of our website;
  • during conversations between you and our representatives including during interviews;
  • when you agree to participate in any research or consultations we are conducting or when you register to attend or attend one of our events;
  • when you take part in an online survey or consultation;
  • when you engage us to provide you with services;
  • when you sign up to receive any email communications or newsletters from us; or
  • if applicable, when you apply for employment or a contract role with us.

Where relevant, we may also collect personal information from third parties including:

  • your past or current employer;
  • from third party organisations such as government entities, non-government organisations and companies (for example credit reporting bodies and law enforcement agencies) including for research purposes; or
  • from our website service providers in circumstances where we use cookies and other website tracking technologies.

We generally do not collect sensitive information about you, unless you have consented to the collection of this information by us or we are required by law to collect this information.  “Sensitive information” includes health information, racial or ethnic background, sexual orientation or practices, criminal record, biometric information, religious, political or philosophical beliefs and membership of a union or political or professional association.

What happens if we can’t collect your personal information?

If you do not provide us with the personal information described above, some or all of the following may happen:

  • we may not be able to provide our services to you, either to the same standard or at all;
  • you may not be able to participate in any research that we conduct or attend an event that we host or organise;
  • we may not be able to provide you with information that you have requested; or
  • we may be unable to tailor the content of our website to your preferences and your experience of our website may not be as enjoyable or useful.

For what purposes do we collect, hold, use and disclose your personal information?

We collect personal information about you so that we can perform our business activities and functions and to provide the best possible quality of customer service.  We collect, hold, use and disclose your personal information for the following purposes:

  • to provide our services to you and to send communications requested by you;
  • to answer enquiries and provide information or advice about existing and new services;
  • for business administration purposes (including human resources, client management and debtor management);
  • for marketing purposes (including to create and maintain subscriber databases used for client profiling or events management purposes);
  • for research purposes (including to conduct market and consumer research, social research and public policy research programs);
  • to provide you with access to protected areas of our website;
  • to assess the performance of our website and to improve the operation of our website;
  • to conduct business processing functions including providing personal information to our related bodies corporate, contractors, service providers or other third parties;
  • if applicable, to consider your application for employment or a contract role with us and to manage the application process;
  • if you are or become an employee or contractor of ours, to manage and administer your employment or contracting relationship with us;
  • to update our records and keep your contact details up to date;
  • to process and respond to any complaint made by you; and
  • to comply with any law, rule, regulation, lawful and binding determination, decision or direction of a regulator, or in co-operation with any governmental authority.

Your personal information will not be shared, sold, rented or disclosed other than as described in this privacy policy.

Our website

Our privacy policy also applies to our website at


When you access our website, we may send a “cookie” (which is a small summary file containing a unique ID number) to your computer.  This enables us to recognise your computer, greet you each time you visit our website without bothering you with a request to register and enables us to manage authentication and optimise the user experience.  It also enables us to keep track of services you view so that, if you consent, we can send you news about those services.  We also use cookies to measure traffic patterns, to determine which areas of our website have been visited and to measure transaction patterns in the aggregate.  We use this to research our users’ habits so that we can improve our online services.  Our cookies do not collect personal information.  If you do not wish to receive cookies, you can set your browser so that your computer does not accept them.  We may log IP addresses (that is, the electronic addresses of computers connected to the internet) to analyse trends, administer the website, track user movements, and gather broad demographic information.


As our website is linked to the internet, and the internet is inherently insecure, we cannot provide any assurance regarding the security of information during transmission online from you to us.  We also cannot guarantee that the information you supply will not be intercepted during transmission over the internet to our website.  Accordingly, any personal information or other information which you transmit to our website online is transmitted at your own risk.

Refer to the further commentary in the ‘Security and data quality’ section below.


Our website may contain links to other websites operated by third parties.  We make no representations or warranties in relation to the privacy practices of any third party website and we are not responsible for the privacy policies or the content of any third party website.  Third party websites are responsible for informing you about their own privacy practices.

Who do we disclose your information to?

We may disclose your personal information for the purpose disclosed when it was collected or a purpose which is reasonably expected and in other circumstances (including with your consent) to:

  • our employees, related bodies corporate, contractors, service providers and other third parties for the purposes of the operation of our website or our business, ask you to participate in research, invite you to attend our events, fulfilling requests made by you, and to otherwise provide services to you. These third parties may include, without limitation, web hosting providers, IT systems administrators, mailing houses, couriers, payment processors, data entry service providers, electronic network administrators, debt collectors, and professional advisors such as accountants, solicitors, business advisors and consultants;
  • suppliers and other third parties with whom we have commercial relationships, for business, marketing, and related purposes;
  • clients with whom we have commercial relationships and those who have engaged us to undertake market, consumer or social research for which your personal information was collected; and
  • any organisation for any authorised purpose with your express consent.

We may combine or share any information that we collect from you with information collected by any of our related bodies corporate (within Australia).

Direct marketing materials

We may send you direct marketing communications and information about our services that we consider may be of interest to you.  These communications may be sent in various forms, including mail, SMS, fax and email, in accordance with applicable marketing laws, such as the Spam Privacy Act 2003 (Cth).  If you indicate a preference for a method of communication, we will endeavour to use that method whenever practical to do so.  In addition, at any time you may opt-out of receiving marketing communications from us by contacting us (using the details in the ‘Contacting us’ section below) or by using the opt-out facilities provided in the marketing communications.  We will then ensure that your name is removed from our marketing distribution lists.

Our marketing communications database containing your personal information is hosted by a third party organisation solely for the purposes of undertaking our direct marketing, with email direct marketing undertaken on our behalf by another third party organisation.

Do we disclose your personal information to anyone outside Australia?

We may disclose personal information to our related bodies corporate and third party suppliers and service providers located overseas for some of the purposes listed above.

We take reasonable steps to ensure that the overseas recipients of your personal information do not breach applicable privacy obligations relating to your personal information.

We may disclose your personal information to entities located outside of Australia, including the following:

  • our related bodies corporate, located in Singapore; and
  • our data hosting, online survey platforms and other IT service providers, some of which are located in the United States of America.

Security and data quality

We take reasonable steps to ensure your personal information is protected from misuse and loss and from unauthorised access, modification or disclosure.

We have secure firewalls in place and our servers and hardware (including standalone servers and hardware used for online survey and research projects) utilise a high standard of security.  We utilise several other IT security measures and procedures including windows defender and endpoint protection for scanning of local and network files, Office 365 for spam, virus and malware security and safe links and safe attachments protections. 

Workstations at Urbis are password protected and any electronic files for survey and research projects which contain sensitive data are given their own additional password protection which is restricted to those working on the project.  Paper copies of documents used in survey and research projects such as consent forms are stored in locked cupboards and archived to a secure archive facility on completion of the project.

We may hold your information in either electronic or hard copy form.  Personal information is destroyed or made non-identified when no longer needed or when we are no longer required by law to retain it (whichever is the later).

How can you access and correct your personal information?

You may request access to any personal information we hold about you at any time by contacting us (using the details in the ‘Contacting us’ section below).  Where we hold information that you are entitled to access, we will try to provide you with suitable means of accessing it (for example, by posting or emailing it to you).  We may charge you a reasonable fee to cover our administrative and other reasonable costs in providing the information to you.  We will not charge for simply making the request and will not charge for making any corrections to your personal information.

There may be instances where we cannot grant you access to the personal information we hold.  For example, we may need to refuse access if granting access would interfere with the privacy of others or if it would result in a breach of confidentiality.  If that happens, we will give you written reasons for any refusal.

If you believe that personal information we hold about you is incorrect, incomplete or inaccurate, then you may request that we correct it.  We will consider if the information requires correction.  If we do not agree that there are grounds for correcting your personal information, then we will add a note to the personal information stating that you disagree with it.

What is the process for complaining about a breach of privacy?

If you believe that your privacy has been breached, please contact us using the contact information for our Privacy Officer below and provide details of the incident so that we can investigate it.  We will treat your complaint confidentially, investigate your complaint and aim to ensure that we contact you and your complaint is resolved within a reasonable time (and in any event within the time required by the Privacy Act, if applicable).

If we take more than 30 days to respond to your privacy complaint, or if you are dissatisfied with the outcome, you can make a complaint to the Privacy Commissioner at the Office of the Australian Information Commissioner (OAIC).  The contact details for the OAIC are:

Tel:                   1300 363 992

TTY:                 Call 133 677 then ask for 1300 363 992


Fax:                  +61 2 9284 9666

Post:                GPO Box 5218, Sydney NSW 2001


Contacting us

If you have any questions about this privacy policy, any concerns or a complaint regarding the treatment of your privacy or a possible breach of your privacy, please use the contact link on our website or contact our Privacy Officer using the details set out below.  We will treat your requests or complaints confidentially.  Our representative will contact you within a reasonable time after receipt of your complaint to discuss your concerns and outline options regarding how they may be resolved.  We will aim to ensure that your complaint is resolved in a timely and appropriate manner.

Please contact our Privacy Officer at:    

Privacy Officer

Olderfleet, Level 10, 477 Collins Street, MELBOURNE, Victoria 3000

Tel:         1800 244 863


Changes to our privacy policy

We may change this privacy policy from time to time.  Any updated versions of this privacy policy will be posted on our website and will be effective from the date of posting.

This privacy policy was last updated September 2017.