Privacy Policy

Universal Gaskets Pty Ltd (ABN 95 000 543 653) ("Universal Gaskets", "we", "our", "us") is committed to protecting the personal information of our customers, suppliers, and website visitors. This policy explains what personal information we collect, why we collect it, how we use and disclose it, how we store and secure it, and how you can exercise your rights to access and correct it.

We handle personal information in accordance with the Australian Privacy Principles ("APPs") set out in Schedule 1 to the Privacy Act 1988 (Cth) (the "Privacy Act"). This policy is published in plain language for customer-facing transparency and does not modify or limit our obligations under the Privacy Act.

1. What Personal Information We Collect

We collect personal information that is reasonably necessary for our business activities. The kinds of personal information we typically collect include:

• Identity and contact information — name, business email address, business phone number, employer or company name, and job title (where supplied).
• Commercial information — purchase orders, quote requests, technical drawings or sketches you supply, delivery addresses, invoicing and payment information, and order history.
• Account information — where we provide access to interactive tools or member-only resources, your account email address and a securely-hashed password (we never store your password in a form we can read).
• Website usage information — pages visited, referring page, browser type, device type, and IP address. This is collected automatically via standard web server logs and lightweight analytics. We do not currently use third-party advertising trackers.

We do not knowingly collect sensitive information (as defined in the Privacy Act, e.g. health information, racial or ethnic origin, political opinions). If you provide such information unsolicited, we will treat it as required by the APPs and may delete it where retention is not necessary.

2. How We Collect It

We collect personal information directly from you in the ordinary course of doing business. Examples include when you email or telephone our sales team, send us a purchase order, request a quote, register for an interactive tool, or visit our website. Where it is reasonable and practicable, we will only collect personal information from you directly.

In some cases we may collect personal information from third parties: from your employer where you are listed as the technical or purchasing contact for an order, from credit-reporting bodies where credit terms are extended, or from publicly-available business directories.

3. Why We Collect It and How We Use It

We use personal information for the primary purposes of:

• responding to enquiries, preparing and issuing quotations, and answering technical questions;
• fulfilling, invoicing, and delivering orders;
• providing technical support and after-sales service;
• operating, maintaining, and securing our website and interactive tools;
• maintaining records required by Australian taxation, consumer, work health and safety, and corporations laws;
• conducting credit assessments and managing customer accounts where credit terms are extended;
• communicating with you about your orders, our products, and changes to our terms or this policy.

We will only use your personal information for a secondary purpose if that purpose is related to the primary purpose, you would reasonably expect us to use it that way, or you have consented.

4. Who We Disclose It To

We do not sell, rent, or trade personal information. We may disclose personal information to:

• our employees and contractors who need it to perform their roles, under appropriate confidentiality arrangements;
• third-party service providers who help us operate our business, including freight carriers (to deliver your order), payment processors, accounting and tax advisers, IT and hosting providers, and email service providers;
• credit-reporting bodies, debt-collection agencies, or our legal advisers where you have an overdue account or where we are recovering a debt;
• government agencies, courts, or regulators where we are required to do so by law or by a properly-issued legal request;
• a successor entity in the event of a sale, restructure, or transfer of our business.

Where we engage third-party providers, we take reasonable steps to ensure they handle personal information in accordance with the Privacy Act and our contractual requirements.

5. Overseas Disclosure

We are based in Australia and our business operations are conducted in Australia. Some of the third-party services we use (for example, email hosting, cloud storage, and analytics) may store data on servers located outside Australia, including in the United States and the European Union. Where this occurs, we take reasonable steps to ensure those providers handle personal information consistently with the APPs, or that one of the exceptions in APP 8.2 applies. By providing personal information to us you consent to its disclosure to overseas service providers on this basis.

6. Data Security and Storage

We hold personal information in a combination of secure paper records and electronic systems. Electronic records are protected by access controls, encryption in transit (TLS), and password authentication. Account passwords are stored as one-way cryptographic hashes; we cannot retrieve your password and will never ask you for it.

We retain personal information only for as long as it is reasonably required for our business purposes or to meet our legal obligations (for example, taxation records must be kept for a minimum of five years under Australian law). When personal information is no longer needed and we are not required to retain it, we take reasonable steps to securely destroy or de-identify it.

While we take reasonable steps to protect your personal information, no system is perfectly secure. If we become aware of a data breach that is likely to result in serious harm, we will notify affected individuals and the Office of the Australian Information Commissioner ("OAIC") in accordance with the Notifiable Data Breaches scheme.

7. Cookies and Website Analytics

Our website uses minimal cookies and local storage, primarily to remember your theme preference and to store acceptance of disclaimers on interactive tools. We may use lightweight analytics to understand which pages are most useful to our customers. We do not currently use third-party advertising or behavioural-tracking cookies. Most browsers allow you to refuse or delete cookies via their settings; doing so may prevent some interactive features from working correctly.

8. Your Rights — Access and Correction

You may request access to the personal information we hold about you, and ask us to correct any information that is inaccurate, out-of-date, incomplete, or misleading. We will respond to access and correction requests within a reasonable time (usually within 30 days), and we will not charge you for making the request. We may need to verify your identity before releasing personal information.

To make an access or correction request, contact us using the details in section 11 below.

9. Marketing Communications

We may occasionally send you information about our products, services, or technical resources where we reasonably believe it would be of interest to you in your professional capacity. Every electronic marketing communication we send will include a clear unsubscribe option, and we will act on unsubscribe requests promptly. We do not send marketing communications to consumer email addresses obtained from third parties.

10. Third-Party Links

Our website contains links to other websites operated by third parties (for example, standards bodies, suppliers, or industry associations). We are not responsible for the privacy practices of those third-party sites and we recommend you review their privacy policies before providing personal information.

11. Contact and Complaints

To make an access request, a correction request, a complaint about our handling of personal information, or any other privacy-related enquiry, please contact us:

• Email: sales@universalgaskets.com.au (please mark the subject line "Privacy enquiry")
• Phone: 1300 286 028
• Post: Universal Gaskets Pty Ltd, 13 Chicago Ave, Blacktown NSW 2148, Australia

We will acknowledge complaints within a reasonable time and aim to respond substantively within 30 days. If you are not satisfied with our response, you may refer your complaint to the Office of the Australian Information Commissioner: oaic.gov.au, or by telephone on 1300 363 992.

12. Changes to This Policy

We may update this policy from time to time to reflect changes in our practices or legal obligations. The current version is identified by the date and version number at the top of this page. Where changes are material, we will take reasonable steps to draw your attention to the update.