1. MIC Advisors Pty Ltd ACN 689 087 625 (MIC Advisors, we, us or our) operates the MIC Advisors website https://micadvisors.com.au/ (the Website) and offers evidence-led diagnostics and strategic advisory services (Services).

2. We are committed to respecting and protecting the privacy of your Personal Information.

3. This privacy policy (Privacy Policy) explains how we will collect, use, disclose, store, and protect Personal Information collected from you. This Privacy Policy also describes the way in which you may access or correct your Personal Information that we hold, and how to contact us if you have any complaints in relation to your privacy.

4. We will handle your Personal Information in accordance with the Privacy Act 1988 (Cth) (Privacy Act) and its Australian Privacy Principles (APPs).

5. ‘Personal Information’ includes information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether or not the information is true and whether or not the information is recorded in a material form. For example, this may include your name, age, gender, postcode and contact details.

6. Sensitive Information is a subset of Personal Information and includes information or an opinion about an individual’s:

a) racial or ethnic origin

b) political opinions or associations

c) religious or philosophical beliefs

d) membership of a professional or trade association or trade union

e) sexual orientation or practices

f) criminal record

g) health information or genetic or biometric information

7. ‘Website’ includes interlinked web pages made available by MIC Advisors that are located under the single domain name: https://micadvisors.com.au/

8. We may collect Personal Information from you so that you can access and use our Website and for the purpose of developing, marketing and supplying our goods and services.

9. We collect your Personal Information when you:

a) visit our website;

b) subscribe to our newsletter;

c) contact us via our website;

d) submit an enquiry via our website or otherwise by email or similar;

e) give us a permission for direct marketing;

f) participate in our marketing campaigns, market surveys, opinion polls, or other events organized by us;

g) communicate with us through our customer service or social media channels;

h) share, publish, comment or otherwise engage with content on our social media channels;

i) interact with us via phone or email;

j) provide any billing or payment information during the course of us providing our goods and services to you; and

k) agree to receive marketing or newsletter communications from us.

10. In addition, we may from time to time use some of your Personal Information for other purposes such as:

a) to verify your information and identity, perform know your customer and credit checks (if we require) and to protect against fraud and other unlawful activities;

b) to detect and prevent abuse of our services;

c) to continually improve our goods and services and the relevance of our marketing materials;

d) for developing, marketing and supplying our goods and services;

e) to fulfil our reporting obligations to any relevant tax and regulatory bodies; and

f) to share certain information with relevant third parties in order to provide goods and services and marketing messages.

11. We collect much of the data directly from you when you visit our website or when we provide our Services to you or your employer. We may also collect and process data on you in connection with your use of our website or other services. In addition, we may use public registers or update services to collect and process address and status information.

12. When you enquire about, contact us, sign up to our newsletters, acquire or enlist for any of our goods or services, we collect the Personal Information that you give us such as your name, your telephone number, your address and email address, and your date of birth. We do this so that we can provide you with our goods or services. We also keep Personal Information so that we can respond to queries.

13. You are not required to disclose your Personal Information to us. However, if you do not provide the information requested, you may not be able to receive the full benefit of our Website and Services.

14. We will only collect Sensitive Information where:

a) you have provided your consent and the information is reasonably necessary for our functions or activities; or

b) the collection is otherwise permitted or required by law.

15. Where we collect Sensitive Information, we will use and disclose it only for the purpose for which it was collected, or a directly related purpose, unless you have consented otherwise or the use or disclosure is required or authorised by law.

Processed data Basis for processing
  • Your name, home address, email address and phone number.
  • Your date of birth.
  • Your banking, payment and billing details;
  • Your social media accounts (eg: Facebook, Instagram and LinkedIn) where you have connected to us.
  • Any information you voluntarily share with us when you interact with us via phone, email, social media or any other form of communication
  • Your marketing preferences such as whether you wish to receive communications from us;
  • Any other information you share with us as part of your interactions with us; and
  • Information about your purchases, payment methods, deliveries, returns, claims and reservations.
  • The details of your employer.
  • Technical and usage information collected when you interact with our website, which may include IP address, browser type, device information, approximate location derived from IP address, and website usage data (including through cookies and analytics tools used for website functionality, performance and search engine optimisation).
  • Sensitive Information that may be disclosed to us during interactions with you (eg: during interviews, through surveys you complete, etc).
  • Performance of a contract.
  • Compliance with a legal obligation.
How long do we store the data?
For as long as it is necessary, for example, to defend a legal claim or to comply with accounting and other legal obligations.

16. We also collect your Personal Information through cookies as explained in this Privacy Policy below.

17. We process your data to provide customer service, such as responding to your feedback, claims or other messages for example in our social media channels, and to conduct customer satisfaction surveys. We may also record calls to customer service, which will always be notified to you in advance. By collecting CCTV recordings while attending our premises, we also want to ensure your safety.

Processed data Basis for processing
  • Your contact with our customer service and other communications with you, for example in social media channels.
  • CCTV recordings from cameras placed in our stores and other facilities.
  • Call recordings when you contact our customer service.
  • Your responses to our customer satisfaction surveys.
  • Performance of a contract.
  • Compliance with a legal obligation
  • MIC Advisors’ legitimate interest (conducting the company’s business, improving customer experience).
How long do we store the data?
Until the contact has been processed, any claim period has expired, and MIC Advisors’ legal liability has been clarified and completed. CCTV recordings are retained for approximately one month, unless a recording relates to an unsolved claim or other issue, in which case the recording is retained until the issue has been solved and possible legal liabilities have been clarified and completed.

18. We process your data to market our goods and services. We may carry out electronic direct marketing if you have given your consent to it. We may also analyse your interests in order to market products and services that are as interesting to you as possible. In addition, we may process your Personal Information in order to optimize our website, product recommendations, and product collection to better match your preferences. To do this, we may create an account (which may be a guest account for non-logged in users) based on the information you provide and the information we collect in accordance with this privacy policy. For example, information about whether you have opened emails we send you and clicked links in them may be stored in your account.

Processed data Basis for processing
  • Direct marketing consents and other permissions given by you.
  • The browser, operating system, device model, IP address, connection time and duration of connection you use in connection with our website or other online service, the web pages through which you came to our site, the pages you view on our site, and any other analytics information (such as the choices you make and search terms you use), cookies and other identifiers.
  • Data we receive from third parties that complements the data we process in accordance with applicable laws.
  • MIC Advisors’ legitimate interest (conducting the company’s business, improving customer experience and targeting direct marketing).
  • Consent if required.
How long do we store the data?
Until the consent has been revoked. The data of customers is stored as described above. We store browser and server based tracking data in accordance with our cookie policy.

19. The development of our goods and services is of paramount importance to us. If you participate in one of our market surveys or opinion polls, for example on our Website, we process your data in order to better understand our customers and thus offer better Services.

Processed data Basis for processing
  • Your participation and information in market surveys or opinion polls.
  • MIC Advisors’ legitimate interest (conducting the company’s business, and improving customer experience).
  • Consent if needed.
How long do we store the data?
Until the survey or poll has ended and its purpose has been fulfilled.

20. We may use your data to organise events and promotions to identify you and ensure your participation. If you participate in a sweepstakes or competition, we may process the data you provide for the purpose of organizing and administering the sweepstakes or competition and, if you are a winner, communicating with you.

Processed data Basis for processing
  • Your participation and the data you provide in our marketing campaigns and events.
  • Photos and video recordings of our events (if we photograph you specifically, we will ask for your consent to publish the photo).
  • If you have connected to our website, social media channel or other service using your social media profile, we may collect public information available on that profile.
  • MIC Advisors’ legitimate interest (conducting the company’s business, and improving customer experience)
  • Consent if required.
How long do we store the data?
The information you provide will be stored for approximately 7 years after the end of the event or campaign.

21. Where necessary, we process your Personal Information to prevent fraud and to comply with applicable laws (such as trade sanctions and anti-bribery laws).

Processed data Basis for processing
  • Information from public registers maintained by public authorities, if such registers are available in your country
  • Updated contact and other information from delivery service providers, update services or public registers
  • Information we receive from third parties that complements the information we process, in accordance with applicable laws.
  • Compliance with a legal obligation
  • MIC Advisors’ legitimate interest (conducting the company’s business).
How long do we store the data?
For as long as required by law or as necessary, for example, to defend a legal claim or to comply with accounting and our other legal obligations.

22. MIC Advisors does not collect your payment information. All payment information is securely processed by authorized third-party payment service providers.

23. We may disclose your Personal Information to companies belonging to MIC Advisors. In addition, we use external service providers in the processing of your Personal Information. We oblige such service providers contractually to ensure a sufficient level of data security to protect your Personal Information and to comply with applicable laws. These service providers may act as processors of Personal Information, in which case we commit them not to use your data for their own purposes, but they may also act as separate controllers, for example with regard to Personal Information required for payment transfers, deliveries, and targeted marketing.

24. We may also disclose your Personal Information to authorities if we are required by law to do so, for example if it is necessary to prevent or investigate fraud or other illegal activities. We may also disclose your Personal Information to other parties by order of a competent court. In addition, we may disclose your Personal Information in connection with a possible sale of business or other corporate transaction to the buyer of the business or other relevant party related to the transaction.

25. Certain aspects of our business (including the Website and our payment systems) are integrated with third-party software and systems (third-party vendors) and, to provide the Services, we will need to disclose Personal Information to these third-party providers to the limited extent required to enable and support these integrated functions and to support the Services. We will endeavour to only disclose Personal Information to third parties with privacy policies in place that are committed to Personal Information security and complying with privacy laws.

26. We will not otherwise disclose your Personal Information to third parties unless it is consistent with the purpose for which we collected it, you have consented, or we are otherwise permitted or required to do so by law. This may include disclosure of your Personal Information in the following circumstances:

a) disclosure to our consultants, contractors and suppliers in order to:

  1. develop our goods and services;
  2. provide you with the goods and services (including the content making up the services);
  3. market our goods and services;

b) disclosure to payment providers (see further below);

c) disclosure to comply with our legal obligations, including, but not limited to, where we are required to provide information under a subpoena or Court order or other mandatory reporting requirements under law;

d) to communicate with the privacy regulator (eg: the Office of the Australian Information Commissioner) if you make a privacy complaint or that body makes an inquiry of us; or

e) where this is reasonably necessary for the establishment, exercise or defence of any legal claim.

27. Where Personal Information is transferred or disclosed to such third parties, their access, storage and use will be subject to their privacy policies. To the full extent permitted at law, we are not liable for any loss, damage or claim arising out of a third party’s access, storage or use of your Personal Information where we have transferred or disclosed the Personal Information to such third party in a manner consistent with this Privacy Policy, we were authorised by you (including express or implicit consent), or by law to provide that third party with your Personal Information.

28. As a rule of thumb, we generally do not transfer Personal Information overseas however we will do so where our suppliers require it (for instance, our cloud provider has data storage overseas or our payment providers have servers overseas).

29. In the event that we need to disclose Personal Information overseas, we will comply with the requirements of the Privacy Act when disclosing Personal Information overseas.

30. We will only disclose your Personal Information overseas if:

a) our service providers have platforms or databases based overseas; and

b) you have provided your prior consent;

and one or both of the following apply:

c) the receiving person or organisation (such as a supplier described above) is subject to a law, binding scheme or binding contract that provides substantially similar protection to the APPs which you can access and enforce; or

d) if the disclosure is otherwise required or authorised by law.

31. We will in all cases take reasonable steps to ensure that any such recipient of your Personal Information does not breach the APPs.

32. We have implemented appropriate technical and organizational security measures to protect Personal Information against accidental or unlawful destruction, loss or alteration, unauthorized disclosure or access, and other unlawful or unauthorized processing. Security measures. The databases and their backups can only be accessed by certain persons, all persons processing Personal Information must have personal authorization, only our specifically authorized employees or authorized third parties have access to our premises or the right to process the data, and anyone who is granted access to Personal Information is obliged to keep it confidential. Access levels depend on the type of data required for access to or processing of data by the person’s job description. In addition, we regularly communicate and train our personnel on data protection.

33. In no instance will we sell or transfer your Personal Information to a third party for their marketing purposes.

34. You can influence the processing of your Personal Information in the following ways:

a) You give consent: if we intend to engage in any marketing communications, we may send you such communications in accordance with any previous consent you have provided or any marketing communication preferences that you have notified to us, and in accordance with the requirements under the Privacy Act and the Spam Act 2003 (Cth).

b) You may choose not to provide us with your Personal Information: Some features of our websites and other services may not be available to you unless you provide us with your Personal Information (for example, we may not be able to process your order without the necessary information).

c) You have the right to access your data: You have the right to request access to your Personal Information or copies thereof by contacting our customer service. You can also obtain information about their type, processing and disclosure.

d) You can withdraw your consent to direct marketing: You can withdraw your consent to direct marketing at any time. All our marketing messages include an unsubscribe link. If you withdraw your consent, we will promptly update our database and no longer send direct marketing messages. However, we may still contact you if it is necessary, for example because of the products or services you have ordered.

e) You can withdraw your other consent: In addition to direct marketing, you can withdraw your consent to other processing of Personal Information at any time by contacting our customer service. If you withdraw your consent, we may still process your Personal Information on other legal grounds, for example to comply with applicable laws. However, please note that your community program account will be deleted and the benefits you received through your account will be reset. The withdrawal of consent does not affect the lawfulness of processing prior to the withdrawal.

f) You can review and edit your Personal Information: If you have an account with us, you can edit your Personal Information yourself. If you do not have an account, you can contact our customer service, who will correct or delete any incorrect, unnecessary, or outdated data or complete the missing data at your request.

g) You can block cookies and delete cookies: You can choose which cookies you accept and change your choices later. You can find more information in our cookie policy.

h) You can request the erasure or restriction of processing of your Personal Information: If you believe that your Personal Information is inaccurate or incorrect, that the processing is not lawful, that we process your data contrary to the purpose of the processing, or if you wish to object to the processing, you can contact our customer service and request that the data be erased or restricted. We will investigate your request as soon as reasonably possible before deciding on further action.

i) You can object to the processing of your Personal Information: You may have the right to object to the processing of your Personal Information on a justified basis. Please contact our customer service if you wish to object the processing of your Personal Information.

j) You can request the portability of your Personal Information to another service provider: You have the right to receive the Personal Information you have provided to us in a structured, commonly used, and machine-readable format.

k) You can lodge a complaint with the Office of the Australian Information Commissioner: If you believe that we are processing your Personal Information in a way that violates your legal rights, you can lodge a complaint with your local supervisory authority.

35. Please note that when exercising the rights listed above, you may be asked for additional information to verify your identity. Such additional information will not be used for any other purpose and will be deleted once your identity has been verified.

36. We are committed to complying with the mandatory ‘notifiable data breach’ scheme (the NDB scheme) under the Privacy Act. The NDB scheme applies when an ‘eligible data breach’ of Personal Information occurs.

37. An ‘eligible data breach’ occurs when:

a) there is unauthorised access to or unauthorised disclosure of Personal Information, or a loss of Personal Information, that an organisation holds;

b) this is likely to result in serious harm to one or more individuals; and

c) the organisation has not been able to prevent the likely risk of serious harm with remedial action.

38. An organisation may take remedial steps to prevent the likelihood of serious harm occurring for any affected individuals after a data breach has occurred, in which case, the data breach is not an ‘eligible data breach’.

39. Where we have reasonable grounds to believe that we have experienced an eligible data breach (and remedial action cannot be used), we will promptly notify affected individuals and the Office of the Australian Information Commissioner about the breach in accordance with the Privacy Act.

40. Where you upload information via our Website, including via the “Contact” enquiry form, by the very act of your upload you consent to us keeping your Personal Information for the purposes of dealing with your inquiries and our supply of Services to you.

41. We will deal with any Personal Information collected via our Website in accordance with this Policy and the law.

42. We also collect data through our use of ‘cookies’, ‘beacons’ and other internet technologies.

43. Cookies are small data files which are stored on your device’s browser. Cookies are stored in order for your internet browser to navigate a website. Cookies will not identify you, but they do identify your internet service provider, browser type and browsing habits.

44. A web beacon is a technique used on web pages and emails to unobtrusively check that a user has accessed some content.

45. We will not use cookies or beacons to collect your identifying Personal Information. They may collect statistical information about your visit to our Website (such as the pages you visit on the Website) in order to remember your preferences and allow you to navigate the Website more easily.

46. The default setting of most internet browsers is to accept cookies automatically, but you can choose whether to allow cookies through your browser settings. Please note that if you deactivate your cookies, you may have difficulty accessing or using our Website.

47. We also collect your IP address to create an audit trail of events that take place on our Website, and to track and aggregate non-identifiable information, your referring website addresses, browser type and access times.

48. If we provide links through our Website to third-party websites, add-ins, plug-ins and applications, those links are provided for convenience and may not remain current or be maintained.

49. Unless expressly stated otherwise, we are not responsible for the privacy practices of, or any content on, those linked websites, add-ins, plug-ins or applications, and have no control over or rights in those linked websites, add-ins, plug-ins or applications. The privacy policies that apply to those other websites, add-ins, plug-ins or applications may differ substantially from our Privacy Policy, so we encourage individuals to read them before using those websites, add-ins, plug-ins or applications.

50. We respect your privacy and we take all feedback, input, complaints and concerns regarding privacy very seriously.

51. If you have any questions about privacy-related issues, you would like to request access to or correction of your Personal Information, you would like further information about this Privacy Policy, or you have a concern or complaint your privacy or the handling of your Personal Information by us, you may lodge your question, concern or complaint in writing to us:

a) by sending an email to enquiries@micadvisors.com.au;

b) by calling our customer service at (03) 9653 9169 (local network charge/mobile call charge or international call charge), between 9:00 am – 5:00 pm AEST Monday – Friday (excluding public holidays)

52. Where you contact us, we will respond to you as soon as possible, but no later than 30 days from receipt of your question or complaint. If you are not satisfied with our response, or if you do not wish to raise a question or complaint with us directly, you may wish to contact the Office of the Australian Information Commissioner at oaic.gov.au

53. We may amend this Privacy Policy from time to time. When we publish changes, the effective date at the beginning of this policy will change to the effective date on which the changes take effect.

Last updated: April 2026