OPIE Platform Trust Centre
Master Privacy Policy
Group-wide privacy framework — all OPIE brands, stores, configurators and portals
02 4728 6111
OPIE Platform — Master Privacy Policy
Group-wide privacy framework for all OPIE brands, websites, stores, configurators, customer portals and distributor services. All 8 parts published.
Version: 2026.1
Effective Date: 30 June 2026
Last Reviewed: 30 June 2026
Controller: OPIE Manufacturing Group Pty Ltd
| Part | Topic | Status |
|---|---|---|
| Part 1 | Introduction, Scope, Collection | Published |
| Part 2 | Use of Information, AI, Marketing, Third Parties | Published |
| Part 3 | International Transfers, Security, Retention, Your Rights | Published |
| Part 4 | Cookies & Tracking Technologies | Published |
| Part 5 | Employment, Facilities, CCTV & Business Records | Published |
| Part 6 | Privacy Governance & International Compliance | Published |
| Part 7 | Privacy Rights, Complaints, Breaches & Contact | Published |
| Part 8 | Schedules A–I (Operational Reference) | Published |
1. Our Commitment to Privacy
OPIE Manufacturing Group Pty Ltd (“OPIE”, “we”, “our”, or “us”) is committed to protecting the privacy, confidentiality and security of the personal information entrusted to us.
This Privacy Policy explains how we collect, use, disclose, store and protect personal information when you interact with:
- OPIE Manufacturing Group
- Boscotek
- Bosco Office & Storage
- Lectrum
- Argent
- Gilkon
- SMC Stainless
- Opie Infrastructure
- any future OPIE-owned brands
- the OPIE Platform
- customer portals
- distributor portals
- product configurators
- online stores
- mobile applications
- customer support services
- any websites or digital services operated by us
Our objective is to ensure that personal information is handled lawfully, fairly, transparently and securely.
2. Compliance
This Privacy Policy has been prepared having regard to applicable privacy and data protection legislation, including where relevant:
- Australian Privacy Act 1988 (Cth)
- Australian Privacy Principles (APPs)
- General Data Protection Regulation (EU) 2016/679 (GDPR)
- UK General Data Protection Regulation
- UK Data Protection Act 2018
- California Consumer Privacy Act (CCPA)
- California Privacy Rights Act (CPRA)
- CAN-SPAM Act
- applicable United States state privacy legislation where relevant
- other applicable privacy legislation in jurisdictions where we conduct business.
Where local legislation provides greater rights than this Privacy Policy, those rights will prevail to the extent required by law.
3. Scope
This Privacy Policy applies whenever you:
- visit our websites;
- browse our online stores;
- create an account;
- request a quotation;
- purchase products;
- use our product configurators;
- access distributor services;
- communicate with us;
- subscribe to newsletters;
- attend events;
- participate in promotions;
- submit employment applications;
- interact with our AI-powered services;
- use any digital service operated by OPIE.
This policy applies whether you are located in Australia or overseas.
4. Definitions
For the purposes of this Policy:
Personal Information means information relating to an identified or reasonably identifiable individual.
Sensitive Information means information afforded additional protection under applicable privacy laws.
Processing includes collecting, storing, organising, using, analysing, transmitting, deleting or otherwise handling personal information.
Website includes all websites, online stores and digital services operated by OPIE Manufacturing Group.
Customer Account means any authenticated user account created through our websites or platforms.
Distributor Portal means any authorised distributor or reseller portal operated by OPIE.
AI Services means artificial intelligence, machine learning or automated recommendation systems provided through our websites or software.
5. Information We Collect
The information we collect depends upon how you interact with us.
Identity Information
This may include:
- full name;
- company name;
- job title;
- business registration details;
- customer number;
- distributor number.
Contact Information
Including:
- email address;
- telephone numbers;
- delivery address;
- billing address;
- country;
- state;
- postcode.
Account Information
Including:
- login credentials;
- encrypted passwords;
- authentication history;
- account preferences;
- saved projects;
- quotation history;
- product selections.
Passwords are encrypted and are never stored in plain text.
Order Information
Including:
- quotations;
- purchase history;
- invoices;
- delivery records;
- warranty claims;
- freight information;
- payment status.
Payment card numbers are processed by secure payment providers and are not stored by OPIE except where required by law or payment processor tokenisation.
Technical Information
When visiting our websites we may collect:
- IP address;
- browser type;
- operating system;
- device identifiers;
- approximate geographic location;
- language preferences;
- referring websites;
- pages visited;
- session duration;
- error reports;
- diagnostic information.
Website Usage Information
We may record:
- products viewed;
- searches performed;
- configurator activity;
- downloads;
- documents viewed;
- interaction with support content;
- navigation paths;
- shopping cart activity;
- abandoned quotations.
Communications
We may retain copies of communications including:
- emails;
- enquiry forms;
- online chat;
- customer support tickets;
- phone call records where disclosed;
- warranty correspondence;
- distributor communications.
Marketing Information
Where you choose to receive marketing communications we may collect:
- subscription preferences;
- campaign interactions;
- email opens;
- click-through activity;
- event registrations;
- webinar participation;
- advertising engagement.
AI Interaction Data
Where you use AI-powered features we may collect:
- prompts submitted;
- search requests;
- configuration requests;
- AI conversation history where required for service improvement;
- product recommendation activity.
AI-generated responses are intended to assist users but should not be relied upon as engineering, legal or professional advice.
6. Information We Do Not Intentionally Collect
Unless required by law or voluntarily provided by you, we do not intentionally collect:
- government identification numbers;
- biometric information;
- health records;
- political opinions;
- religious beliefs;
- trade union membership;
- genetic information;
- criminal history.
If such information is inadvertently received, reasonable steps will be taken to securely delete or de-identify it unless required by law.
7. How We Collect Information
Information may be collected:
- directly from you;
- when you create an account;
- when requesting a quotation;
- when placing an order;
- through customer support;
- through distributor applications;
- through cookies;
- through analytics services;
- through marketing platforms;
- through payment providers;
- through logistics providers;
- through publicly available business records;
- through authorised third-party integrations.
8. Cookies and Similar Technologies
We use cookies and similar technologies to:
- remember preferences;
- maintain login sessions;
- improve website performance;
- analyse website traffic;
- personalise content;
- support ecommerce functionality;
- measure marketing effectiveness;
- improve user experience.
Where required by applicable law, consent will be obtained before placing non-essential cookies on your device.
Additional information is contained within our separate Cookie Policy and in Part 4 of this Privacy Policy.
9. Legal Basis for Processing
Where required by applicable law, we process personal information only where we have an appropriate legal basis.
Depending upon the circumstances, processing may be necessary:
- to perform a contract;
- to comply with legal obligations;
- to protect vital interests;
- for our legitimate business interests;
- with your consent; or
- for other lawful purposes permitted under applicable legislation.
Where consent is relied upon, you may withdraw that consent at any time. Withdrawal will not affect processing already undertaken before consent was withdrawn.
10. Privacy Principles
OPIE is committed to processing personal information in accordance with the following principles:
- Lawfulness
- Fairness
- Transparency
- Purpose limitation
- Data minimisation
- Accuracy
- Storage limitation
- Integrity
- Confidentiality
- Accountability
These principles guide the design, operation and ongoing improvement of our systems and services.
Part 2 of 8
How We Use Your Information • AI & Automated Decision Making • Marketing • Social Media • Third-Party Disclosure
11. How We Use Your Information
We use personal information only where reasonably necessary to operate our business, fulfil contractual obligations, improve our products and services, comply with legal obligations, protect our legitimate business interests, or where you have provided your consent.
Depending on how you interact with us, your personal information may be used to:
- create and manage customer accounts;
- authenticate users;
- process quotations;
- process sales orders;
- manufacture products;
- coordinate freight and delivery;
- provide customer support;
- administer warranties;
- communicate project updates;
- respond to enquiries;
- verify customer identity where appropriate;
- administer distributor relationships;
- improve our products and services;
- develop new products;
- personalise website experiences;
- improve website performance;
- monitor platform security;
- detect fraudulent activity;
- investigate suspected misuse;
- comply with legal obligations;
- comply with taxation requirements;
- comply with export control obligations;
- comply with health and safety obligations;
- provide software updates;
- improve AI services;
- conduct internal reporting and analytics.
We will only use personal information for purposes compatible with those for which it was originally collected unless otherwise permitted by law.
12. Customer Accounts
Customers may create secure online accounts which provide access to:
- quotations;
- previous orders;
- invoices;
- saved product configurations;
- wish lists;
- product documentation;
- warranty information;
- account preferences;
- delivery tracking where available.
Customer accounts are protected using industry-standard authentication controls.
Customers are responsible for maintaining the confidentiality of their passwords.
13. Distributor Portal
Authorised distributors may access additional services including:
- distributor pricing;
- distributor quotations;
- customer referrals;
- product documentation;
- marketing resources;
- technical resources;
- distributor dashboards;
- order management tools.
Information visible within the Distributor Portal is restricted according to account permissions and business relationships.
14. Product Configurators
Our websites may include interactive product configurators that allow users to:
- configure products;
- generate pricing;
- request quotations;
- save projects;
- create bills of materials;
- generate engineering outputs;
- submit manufacturing requests.
Configuration information may be stored to allow customers to resume projects, obtain support, process orders and improve future product offerings.
Generated configurations remain subject to engineering review and commercial acceptance.
15. AI Services
OPIE may provide Artificial Intelligence (“AI”) powered services to improve customer experience.
These services may include:
- intelligent product search;
- AI-powered knowledge bases;
- natural language search;
- quotation assistance;
- product recommendations;
- document search;
- technical assistance;
- customer support;
- engineering information retrieval;
- content recommendations.
AI systems are designed to assist users and improve efficiency.
AI-generated content should not be interpreted as engineering certification, legal advice, financial advice or professional consulting.
Human review may be required before recommendations are relied upon for purchasing or engineering decisions.
16. Automated Decision Making
Certain processes may involve automated decision making, including:
- spam detection;
- fraud prevention;
- account security;
- suspicious login detection;
- website security monitoring;
- recommendation engines;
- product matching;
- search ranking;
- freight estimation;
- website personalisation.
Where required by applicable law, individuals may request human review of decisions that produce legal or similarly significant effects.
17. Website Analytics
We use analytics technologies to understand how visitors use our websites and digital services.
Analytics information helps us:
- improve website performance;
- improve navigation;
- identify technical issues;
- understand product demand;
- improve customer experience;
- measure campaign effectiveness;
- optimise search functionality.
Analytics information is generally aggregated or pseudonymised wherever reasonably practicable.
18. Marketing Communications
Where permitted by law, we may use your information to provide:
- newsletters;
- product updates;
- technical bulletins;
- promotional offers;
- industry news;
- webinar invitations;
- event invitations;
- product launches;
- educational resources;
- customer surveys.
Marketing communications will only be sent where:
- you have subscribed;
- you have requested information;
- there is another lawful basis under applicable legislation.
Every marketing email includes a mechanism allowing you to unsubscribe.
Operational communications relating to quotations, orders, invoices, warranties, safety notices and customer support may still be sent where reasonably necessary.
19. Social Media
We maintain business pages and marketing activities across selected social media platforms.
These may include:
- LinkedIn;
- Facebook;
- Instagram;
- YouTube;
- X (formerly Twitter);
- Pinterest;
- TikTok;
- other business platforms operated by OPIE.
Interactions with our social media pages may be subject to both this Privacy Policy and the privacy policies of the relevant platform provider.
We encourage users to review the privacy policies of those providers before interacting with our pages.
20. Advertising Technologies
Our websites may use advertising technologies to:
- measure campaign effectiveness;
- understand website usage;
- deliver relevant advertising;
- improve customer experience;
- prevent advertising fraud.
These technologies may include:
- Meta Pixel;
- LinkedIn Insight Tag;
- Google Ads Conversion Tracking;
- Google Enhanced Conversions;
- remarketing technologies;
- server-side event tracking;
- consent management platforms.
Advertising cookies will only be used where required consent has been obtained.
21. Email Communications
When you communicate with us by email, we may retain:
- email content;
- attachments;
- delivery information;
- timestamps;
- correspondence history.
This information assists us in providing customer support, fulfilling contractual obligations and maintaining accurate business records.
22. Customer Support
Support interactions may occur through:
- email;
- online enquiry forms;
- AI assistants;
- live chat;
- telephone;
- distributor support;
- service requests.
Support requests may be recorded to improve service quality, investigate issues and maintain internal records.
23. Surveys and Feedback
We may invite customers to participate in surveys relating to:
- product quality;
- website usability;
- customer satisfaction;
- service improvements;
- new product development.
Participation is voluntary unless otherwise required under a contractual relationship.
Survey responses may be aggregated and anonymised for reporting purposes.
24. Recruitment
Where you apply for employment or contract opportunities with OPIE, we may collect:
- resumes;
- qualifications;
- employment history;
- referee information;
- interview notes;
- right-to-work documentation;
- certifications.
Applicant information is used solely for recruitment, employment administration and legal compliance.
Unsuccessful applications may be retained for future opportunities unless otherwise requested or prohibited by law.
25. Third-Party Service Providers
To deliver our products and services, we engage carefully selected service providers that support the operation of the OPIE Platform, including providers of cloud infrastructure, authentication, payment processing, enterprise resource planning, communications, artificial intelligence, analytics, logistics and customer support.
Depending upon the services you use, these providers may process personal information on our behalf.
These providers are contractually required to process personal information only for authorised purposes and to maintain appropriate security measures.
26. Disclosure of Personal Information
We may disclose personal information where reasonably necessary to:
- fulfil customer orders;
- deliver products;
- process payments;
- provide customer support;
- manage warranties;
- comply with legal obligations;
- respond to lawful requests from regulators or courts;
- investigate fraud;
- protect our legal rights;
- protect public safety;
- facilitate corporate transactions;
- support authorised distributors where appropriate.
We do not sell personal information to third parties for monetary consideration.
Where applicable privacy laws define “sharing” for cross-context behavioural advertising differently, we will provide any rights required under those laws.
27. Business Transfers
If OPIE undergoes:
- a merger;
- acquisition;
- corporate restructure;
- sale of assets;
- insolvency process;
- business transfer,
personal information may be transferred as part of that transaction, subject to applicable privacy laws and appropriate confidentiality obligations.
28. Our Commitment
Whenever we share personal information with trusted service providers or business partners, we take reasonable steps to ensure that appropriate contractual, technical and organisational safeguards are in place to protect that information.
We do not permit third-party service providers to use personal information for their own marketing purposes unless you have separately agreed to that provider’s terms and privacy practices.
Part 3 of 8
International Data Transfers • Information Security • Data Retention • Your Privacy Rights
29. International Processing of Personal Information
As part of operating the OPIE Platform and our international business, personal information may be processed in countries outside the jurisdiction in which it was originally collected.
This may occur where we engage trusted service providers, fulfil international orders, provide cloud-based services or support customers located in different countries.
Where personal information is transferred internationally, OPIE takes reasonable steps to ensure that appropriate safeguards are in place consistent with applicable privacy laws. These safeguards may include contractual obligations, recognised transfer mechanisms, technical and organisational security measures, and due diligence of service providers.
International transfers will only occur where we are satisfied that an appropriate level of protection is maintained or where otherwise permitted by applicable law.
30. Information Security
Protecting personal information is fundamental to our business.
We maintain administrative, technical and physical safeguards designed to protect information against accidental loss, unauthorised access, alteration, disclosure or destruction.
Our security program may include measures such as:
- encryption of information during transmission where appropriate;
- encryption of sensitive information at rest where appropriate;
- role-based access controls;
- authentication and identity management;
- security monitoring and logging;
- vulnerability management;
- secure software development practices;
- malware protection;
- backup and disaster recovery processes;
- periodic security reviews.
The specific controls implemented may evolve over time in response to emerging threats, technological developments and business requirements.
No method of electronic transmission or storage can be guaranteed to be completely secure. While we take reasonable steps to protect personal information, we cannot guarantee absolute security.
31. Data Retention
We retain personal information only for as long as reasonably necessary to:
- provide our products and services;
- fulfil contractual obligations;
- comply with legal and regulatory requirements;
- resolve disputes;
- establish or defend legal claims;
- maintain appropriate business records;
- improve our services where permitted by law.
Retention periods vary depending on the nature of the information, applicable legal requirements and operational needs.
Where personal information is no longer required, we take reasonable steps to securely delete, anonymise or de-identify it, unless retention is required or authorised by law.
A summary of data retention principles is provided in Schedule F to this Privacy Policy.
32. Your Privacy Rights
Depending on your location and applicable law, you may have the right to:
- request access to your personal information;
- request correction of inaccurate or incomplete information;
- request deletion of personal information;
- request restriction of certain processing activities;
- object to processing based on legitimate interests;
- withdraw consent where processing relies upon consent;
- request portability of certain information;
- object to direct marketing;
- lodge a complaint with a supervisory authority or regulator;
- request review of certain automated decisions where required by law.
These rights are subject to applicable legal exceptions.
We may require reasonable verification of identity before processing requests.
33. Exercising Your Rights
Privacy requests may be submitted using the contact details provided in this Privacy Policy.
To help protect your privacy and prevent unauthorised disclosure, we may request information sufficient to verify your identity before responding.
We aim to respond to verified requests within the timeframes required by applicable law.
Where a request cannot be fulfilled, we will explain the reasons unless prohibited by law.
34. Australian Privacy Rights
If you are located in Australia, you have rights under the Privacy Act 1988 (Cth), including the Australian Privacy Principles.
You may request access to or correction of your personal information by contacting us using the details provided in this Policy.
If you believe we have breached the Australian Privacy Principles, you may submit a complaint to us. If you remain dissatisfied after we have responded, you may contact the Office of the Australian Information Commissioner (OAIC).
35. European Economic Area (EEA) and United Kingdom
If the GDPR or UK GDPR applies to our processing of your personal information, you may have additional rights including:
- the right of access;
- the right to rectification;
- the right to erasure (“right to be forgotten”);
- the right to restrict processing;
- the right to data portability;
- the right to object to processing;
- rights relating to automated decision-making where applicable.
You also have the right to lodge a complaint with your local supervisory authority.
36. California Privacy Rights
Where the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), applies, eligible California residents may have rights to:
- know what categories of personal information we collect;
- know the purposes for which personal information is used;
- request deletion of certain personal information;
- request correction of inaccurate information;
- access specific categories of personal information;
- limit the use of sensitive personal information where applicable;
- exercise rights without unlawful discrimination.
We do not sell personal information for monetary consideration.
Where applicable law defines “sharing” differently, we will honour any rights available under that legislation.
37. Identity Verification
Before fulfilling privacy requests, we may request reasonable evidence of identity to ensure personal information is disclosed only to the correct individual.
Where an authorised representative submits a request on behalf of another individual, additional verification may be required.
38. Data Accuracy
We encourage individuals to keep their personal information accurate and up to date.
Where appropriate, you may update your information through your customer account, distributor portal or by contacting us directly.
We rely upon the accuracy of information provided by customers and may be unable to provide certain services where inaccurate information is supplied.
Part 4 of 8
Cookies • Tracking Technologies • Analytics • Marketing Technologies • Consent
39. Cookies and Similar Technologies
The OPIE Platform uses cookies and similar technologies to operate our websites, improve user experience, protect customer accounts, analyse website performance and, where permitted, support marketing activities.
Cookies are small text files placed on your device by your web browser. Similar technologies include pixels, local storage, web beacons, tags and software development kits (SDKs) used by websites and applications.
Some cookies are essential for the operation of our websites, while others help us understand how visitors use our services or personalise content and advertising.
40. Why We Use Cookies
We use cookies and similar technologies to:
- operate and secure our websites;
- maintain user login sessions;
- remember user preferences;
- provide shopping cart functionality;
- save product configurations;
- improve website performance;
- diagnose technical issues;
- understand website usage;
- improve navigation and accessibility;
- measure marketing effectiveness;
- prevent fraud and abuse;
- support customer support functions;
- personalise content where appropriate;
- improve our AI-powered services and search functionality.
Cookies are not used to access information stored on your device beyond what is necessary for the purposes described in this Policy.
41. Categories of Cookies
The OPIE Platform may use the following categories of cookies.
Strictly Necessary Cookies
These cookies are essential for the operation of our websites and cannot generally be disabled.
They support functions such as:
- account authentication;
- website security;
- shopping carts;
- quotation requests;
- customer logins;
- payment processing;
- session management;
- fraud prevention;
- load balancing.
Without these cookies, certain services may not function correctly.
Functional Cookies
Functional cookies remember preferences to improve your experience.
Examples include:
- preferred language;
- preferred region;
- accessibility settings;
- recently viewed products;
- saved configurator projects;
- display preferences.
Disabling these cookies may reduce website functionality but will not normally prevent the website from operating.
Analytics Cookies
Analytics technologies help us understand how visitors use our websites.
Information may include:
- pages visited;
- products viewed;
- search terms;
- referral sources;
- device type;
- browser type;
- approximate geographic region;
- website performance metrics;
- user journey information.
Analytics information is generally aggregated or pseudonymised wherever reasonably practicable.
Where required by law, analytics cookies are only activated after your consent has been obtained.
Marketing Cookies
Marketing technologies may be used to:
- measure advertising effectiveness;
- understand campaign performance;
- prevent duplicate advertising;
- personalise advertising;
- understand customer interests;
- improve communications.
Marketing cookies are only used where permitted by applicable law and, where required, after obtaining your consent.
42. AI and Personalisation Technologies
The OPIE Platform may use information generated through website interactions to improve:
- product recommendations;
- search relevance;
- AI-powered assistance;
- knowledge base responses;
- configurator suggestions;
- website usability.
These technologies are intended to improve customer experience and operational efficiency.
Where applicable law requires consent before certain personalisation technologies are used, consent will be requested through our Cookie Preference Centre.
43. Third-Party Technologies
Our websites may integrate trusted third-party technologies that support services including:
- payment processing;
- website analytics;
- website security;
- fraud detection;
- customer authentication;
- mapping services;
- content delivery;
- communications;
- customer support;
- artificial intelligence;
- logistics;
- ecommerce functionality.
These providers may place cookies or similar technologies on your device in accordance with their own privacy policies and applicable laws.
The technologies used by the OPIE Platform may change from time to time as our services evolve.
An up-to-date summary of technologies currently used is maintained in our separate Cookie Policy.
44. Cookie Consent
Where required by applicable law, we will request your consent before placing non-essential cookies or similar technologies on your device.
Our Cookie Preference Centre allows you to:
- accept all cookies;
- reject non-essential cookies;
- customise your cookie preferences;
- withdraw consent at any time.
Your preferences will be respected in accordance with applicable legal requirements.
Changing your preferences may affect certain website functionality.
45. Managing Cookies
Most web browsers allow you to:
- view stored cookies;
- delete cookies;
- block cookies;
- receive notifications before cookies are stored;
- control third-party cookies.
Please note that disabling certain cookies may impact the availability or functionality of some features of the OPIE Platform.
46. Browser Controls
You may manage cookies through your browser settings.
Information on managing cookies is available from the support resources provided by your browser vendor.
Disabling all cookies may limit your ability to use certain features including customer logins, shopping carts, saved quotations and product configurators.
47. Do Not Track Signals
Some web browsers provide a “Do Not Track” (“DNT”) setting.
Because there is currently no universally accepted standard governing DNT signals, the OPIE Platform does not automatically respond to all DNT requests.
Where required by applicable law, cookie preferences and consent choices provided through our Cookie Preference Centre will take precedence.
48. Global Privacy Control
Where required by applicable law, the OPIE Platform will recognise and respond to valid Global Privacy Control (“GPC”) signals or equivalent browser-based privacy preferences where technically supported.
49. Children’s Privacy
The OPIE Platform is intended primarily for business users and is not directed to children.
We do not knowingly use cookies or tracking technologies to profile or market to children.
If we become aware that information has been collected from a child in breach of applicable law, we will take reasonable steps to delete that information.
50. Updates to Cookie Technologies
As our websites, digital services and technology partners evolve, the cookies and similar technologies used by the OPIE Platform may change.
The current list of cookies, retention periods and providers is maintained in our separate Cookie Policy and Cookie Register, which are updated periodically to reflect operational changes.
51. Cookie Policy
This Privacy Policy provides a summary of how cookies and similar technologies are used.
Additional operational information, including:
- individual cookies;
- providers;
- purposes;
- retention periods;
- cookie classifications;
- browser instructions; and
- consent information,
is available in our separate Cookie Policy, which forms part of the OPIE Platform Trust Centre.
52. Privacy by Design
When introducing new technologies that use cookies, tracking technologies or similar mechanisms, OPIE aims to apply the principles of Privacy by Design and Privacy by Default.
Where appropriate, new technologies are assessed to ensure they are necessary, proportionate and aligned with our privacy obligations before being deployed.
Part 5 of 8
Employment • Recruitment • Visitors • CCTV • Suppliers • Distributors • Business Records
53. Employment and Recruitment
OPIE Manufacturing Group Pty Ltd collects personal information from employment applicants and prospective contractors for recruitment and employment-related purposes.
Depending on the role, this may include:
- name;
- contact information;
- résumé or curriculum vitae (CV);
- employment history;
- qualifications;
- licences and certifications;
- professional memberships;
- referee details;
- work eligibility information;
- interview notes;
- salary expectations;
- employment preferences.
Where permitted by law and relevant to the position, pre-employment screening may also include verification of qualifications, employment history, licences or work rights.
We only collect information reasonably necessary for assessing employment suitability and administering the recruitment process.
54. Employee Information
Where an applicant becomes an employee or contractor, additional personal information may be collected and processed for legitimate employment-related purposes, including:
- payroll administration;
- taxation obligations;
- superannuation;
- leave administration;
- training records;
- workplace health and safety;
- emergency contact information;
- performance management;
- access control;
- information technology administration;
- legal compliance.
Employee records are managed in accordance with applicable employment and privacy legislation.
Nothing in this Privacy Policy limits any rights or obligations relating to employee records under applicable Australian legislation.
55. Visitors to OPIE Facilities
Visitors to our offices, manufacturing facilities, warehouses, showrooms or other premises may be asked to provide information including:
- name;
- company;
- contact details;
- vehicle registration (where required);
- host details;
- arrival and departure times;
- induction acknowledgements;
- visitor declarations.
This information assists us to:
- maintain workplace safety;
- manage security;
- comply with emergency procedures;
- meet workplace health and safety obligations;
- protect our employees, visitors and property.
Visitor information is retained only for as long as reasonably necessary or as otherwise required by law.
56. Contractors and Service Providers
Contractors, consultants and service providers may provide personal information required for:
- site access;
- contractor management;
- procurement;
- project delivery;
- compliance verification;
- invoicing;
- insurance verification;
- workplace safety;
- legal obligations.
We collect only the information reasonably necessary to administer our business relationship.
57. Supplier Information
We collect personal information relating to suppliers and business partners for legitimate commercial purposes.
This may include:
- contact details;
- business information;
- banking details;
- purchasing history;
- contractual information;
- insurance details;
- compliance documentation;
- certifications;
- communications.
Supplier information is used solely for procurement, contract management, quality assurance, payment processing and business administration.
58. Distributor Information
Authorised distributors participating in the OPIE Platform may provide personal information including:
- business contact details;
- authorised users;
- sales contacts;
- regional information;
- account preferences;
- quotation activity;
- customer referral information;
- support requests;
- marketing preferences.
Distributor information is used to administer authorised reseller relationships, facilitate customer referrals, manage distributor accounts and provide platform services.
Distributor information is not disclosed to competing distributors except where required by law or expressly authorised.
59. Customer Projects
Where customers request quotations, engineering services, product configuration or project support, we may collect and retain information relating to:
- project specifications;
- engineering requirements;
- CAD files;
- drawings;
- photographs;
- measurements;
- design preferences;
- project communications;
- installation requirements.
Project information is used solely for providing requested products or services, improving customer support and meeting contractual obligations.
Customers should ensure they have appropriate authority before submitting information relating to third parties.
60. CCTV and Site Security
To protect our employees, visitors, customers, facilities and assets, OPIE may operate Closed Circuit Television (CCTV) systems at selected locations.
CCTV may be used for legitimate purposes including:
- workplace safety;
- site security;
- theft prevention;
- asset protection;
- incident investigation;
- emergency response;
- compliance with workplace health and safety obligations;
- insurance investigations;
- legal proceedings where required.
CCTV footage is generally retained only for as long as reasonably necessary, unless required for an investigation, legal proceedings or regulatory compliance.
Access to CCTV footage is restricted to authorised personnel and may be disclosed to law enforcement agencies, insurers, legal advisers or regulators where authorised or required by law.
61. Manufacturing Records
As a manufacturer, OPIE maintains operational records necessary for product quality, traceability and regulatory compliance.
These records may include:
- production records;
- quality assurance documentation;
- inspection reports;
- certification records;
- warranty records;
- freight documentation;
- customer order history;
- service history.
These records are maintained in accordance with applicable legal, contractual and operational requirements.
62. Health, Safety and Incident Reporting
Where workplace incidents, injuries or safety events occur, we may collect information necessary to:
- investigate incidents;
- comply with workplace health and safety legislation;
- administer insurance claims;
- manage return-to-work processes;
- improve workplace safety;
- comply with legal reporting obligations.
Information collected will be limited to what is reasonably necessary for these purposes.
63. Business Communications
We retain business communications necessary to administer our operations, including communications relating to:
- quotations;
- orders;
- customer support;
- supplier management;
- distributor relationships;
- warranties;
- engineering enquiries;
- complaints;
- compliance matters.
Business communications may be retained as part of our official business records where reasonably necessary or required by law.
64. Legal and Regulatory Obligations
We may collect, retain and disclose personal information where reasonably necessary to:
- comply with legal obligations;
- comply with taxation laws;
- comply with workplace legislation;
- comply with export control requirements;
- comply with product safety obligations;
- comply with court orders;
- respond to lawful requests from government authorities;
- establish, exercise or defend legal claims.
65. Record Management
OPIE maintains policies and procedures governing the secure management of business records.
Reasonable administrative, technical and organisational measures are implemented to help ensure records remain:
- accurate;
- complete;
- appropriately protected;
- available when required;
- securely disposed of when no longer required.
Where practicable, records are securely archived or de-identified following the expiry of applicable retention periods.
66. Our Commitment
We recognise that trust is fundamental to our relationships with customers, employees, distributors, suppliers and business partners.
Personal information collected in connection with our manufacturing operations and commercial activities will be handled responsibly, used only for legitimate business purposes and protected using reasonable administrative, technical and organisational safeguards consistent with applicable privacy laws.
Part 6 of 8
International Privacy Compliance • Privacy by Design • Cross-Border Data Transfers • Accountability
67. Our Privacy Framework
OPIE Manufacturing Group Pty Ltd has adopted a privacy governance framework designed to promote the responsible collection, use, disclosure and protection of personal information across the OPIE Platform.
Our privacy practices are guided by recognised international privacy principles and are intended to support compliance with applicable privacy and data protection laws in the jurisdictions in which we operate.
As our business, technologies and regulatory obligations evolve, our privacy management program is reviewed and updated to maintain appropriate standards of privacy protection.
68. Privacy by Design
Where reasonably practicable, privacy considerations are incorporated into the design, development and implementation of new products, services, software and business processes.
This includes considering:
- the necessity of collecting personal information;
- minimising the amount of personal information collected;
- limiting access to authorised personnel;
- protecting information through appropriate safeguards;
- managing privacy risks throughout the lifecycle of systems and services.
69. Privacy by Default
Where reasonably practicable, systems operated by the OPIE Platform are configured so that only the personal information reasonably necessary for the relevant purpose is processed.
Where optional information is requested, individuals may generally choose whether to provide that information unless it is required to deliver a requested product, service or comply with a legal obligation.
70. Data Minimisation
We aim to collect only the personal information reasonably necessary to:
- provide requested products or services;
- administer customer and distributor accounts;
- manufacture and deliver products;
- comply with legal obligations;
- protect our legitimate business interests;
- improve our products and services.
We do not intentionally collect personal information that is unnecessary for these purposes.
71. Purpose Limitation
Personal information is collected for specific, legitimate and identified purposes.
Unless otherwise permitted or required by law, personal information will not be used for materially different purposes without providing appropriate notice or obtaining consent where required.
72. Accuracy of Information
We take reasonable steps to ensure that personal information is accurate, complete and, where appropriate, kept up to date.
Individuals are encouraged to notify us if their information changes or if they believe information we hold is inaccurate.
Where inaccuracies are identified, we will take reasonable steps to correct them.
73. Storage Limitation
Personal information is retained only for as long as reasonably necessary to:
- fulfil the purposes for which it was collected;
- comply with applicable legal obligations;
- resolve disputes;
- enforce contractual rights;
- maintain business records.
When personal information is no longer required, it is securely deleted, anonymised or de-identified where reasonably practicable, unless continued retention is required or authorised by law.
74. Accountability
OPIE is responsible for the personal information under its control.
We maintain policies, procedures and governance measures designed to support compliance with applicable privacy legislation, including:
- documented privacy policies;
- internal governance processes;
- staff awareness and training;
- contractual controls with service providers;
- periodic policy reviews;
- incident response procedures;
- continuous improvement activities.
75. Cross-Border Data Transfers
As an Australian business serving customers in multiple jurisdictions, personal information may be transferred to or processed in countries other than the country in which it was collected.
Cross-border transfers may occur where reasonably necessary to:
- provide cloud-based services;
- process online payments;
- authenticate users;
- provide customer communications;
- support technical services;
- facilitate logistics;
- provide artificial intelligence services;
- maintain business systems.
Where personal information is transferred internationally, we take reasonable steps to ensure that appropriate safeguards are implemented consistent with applicable legal requirements.
These safeguards may include:
- contractual obligations;
- recognised international transfer mechanisms;
- confidentiality obligations;
- technical and organisational security measures;
- due diligence of service providers.
See also section 29 (International Processing of Personal Information).
76. International Customers
Customers located outside Australia may have their personal information processed by OPIE or its authorised service providers in Australia or other jurisdictions where we or our service providers operate.
Such international processing occurs in accordance with applicable privacy law and the appropriate safeguards described in this Privacy Policy, including contractual obligations and recognised transfer mechanisms where required.
Nothing in this section limits any mandatory rights available to individuals under applicable privacy legislation.
77. Automated Processing
The OPIE Platform may use automated technologies to assist with:
- fraud prevention;
- account security;
- spam detection;
- website optimisation;
- quotation workflows;
- AI-assisted search;
- product recommendations;
- configurator functionality;
- customer support;
- analytics.
Where required by applicable law, individuals may request human review of automated decisions that produce legal or similarly significant effects.
78. Artificial Intelligence Governance
Artificial intelligence technologies are used to improve customer experience and operational efficiency.
AI services may assist with:
- product discovery;
- knowledge base searches;
- quotation assistance;
- technical documentation retrieval;
- customer support;
- website search;
- content recommendations.
AI-generated outputs are intended to assist users and should not be relied upon as engineering certification, legal advice or professional advice without appropriate human review.
We regularly review AI-enabled services to improve accuracy, reliability and responsible use.
79. Special Categories of Personal Information
Unless required by law or voluntarily provided by an individual for a legitimate purpose, OPIE does not intentionally collect or process special categories of personal information, including information relating to:
- racial or ethnic origin;
- political opinions;
- religious or philosophical beliefs;
- trade union membership;
- genetic information;
- biometric information used for identification;
- health information;
- sexual orientation.
Where such information is received, it will only be processed where authorised or required by applicable law.
80. Data Protection Impact Assessments
Where appropriate, OPIE may undertake privacy or data protection impact assessments before implementing new technologies, systems or processing activities that are reasonably likely to present elevated privacy risks.
These assessments help identify and mitigate potential privacy impacts before deployment.
81. Vendor Due Diligence
We take reasonable steps to assess third-party service providers that process personal information on our behalf.
Depending on the nature of the services provided, this may include consideration of:
- information security practices;
- contractual privacy obligations;
- regulatory compliance;
- confidentiality commitments;
- operational reliability;
- incident response capabilities.
Service providers are expected to process personal information only for authorised purposes and in accordance with applicable contractual obligations.
82. Continuous Improvement
Privacy compliance is an ongoing process.
We periodically review and improve our privacy management practices in response to:
- legislative developments;
- regulatory guidance;
- technological advancements;
- business growth;
- security risks;
- customer feedback;
- operational experience.
This Privacy Policy may be updated from time to time to reflect these improvements.
83. Responsible Governance
Protecting personal information is an important part of OPIE’s commitment to responsible corporate governance.
We seek to balance innovation, customer experience, operational efficiency and legal compliance while maintaining appropriate safeguards for personal information entrusted to us.
Our objective is to foster trust with customers, employees, distributors, suppliers, business partners and the communities in which we operate through responsible and transparent privacy practices.
Part 7 of 8
Privacy Rights • Complaints • Data Breaches • Contact Information • Policy Updates
84. Exercising Your Privacy Rights
Subject to applicable law, you may exercise your privacy rights by contacting us using the details provided in this Privacy Policy.
Depending upon your location and applicable legislation, you may have the right to:
- request access to personal information;
- request correction of inaccurate or incomplete information;
- request deletion of personal information;
- request restriction of processing;
- object to certain processing activities;
- withdraw consent where processing is based on consent;
- request portability of eligible personal information;
- object to direct marketing communications;
- request review of certain automated decisions where applicable.
Some rights may be limited by applicable legal obligations or recognised exemptions.
See also section 32 (Your Privacy Rights) and section 33 (Exercising Your Rights).
85. Identity Verification
Before responding to privacy requests, we may take reasonable steps to verify the identity of the individual making the request.
Verification requirements help protect personal information from unauthorised disclosure.
Where a request is submitted by an authorised representative, additional evidence of authority may be required.
86. Responding to Privacy Requests
We aim to acknowledge and respond to verified privacy requests within the timeframes required by applicable law.
Where additional time is reasonably required due to the complexity or volume of a request, we will notify the individual where required.
If we are unable to comply with a request, we will explain the reasons unless prohibited by law.
87. Correction of Personal Information
We encourage individuals to notify us if their personal information changes or is inaccurate.
Where appropriate, information may be updated through customer accounts or by contacting us directly.
We will take reasonable steps to correct inaccurate or incomplete personal information.
88. Withdrawal of Consent
Where personal information is processed on the basis of consent, consent may be withdrawn at any time.
Withdrawal of consent does not affect the lawfulness of processing undertaken before consent was withdrawn.
Certain services may become unavailable where processing is necessary to provide those services.
89. Marketing Preferences
Individuals may opt out of marketing communications at any time by:
- using the unsubscribe link included in marketing emails;
- updating communication preferences within their account (where available); or
- contacting us directly.
Operational communications relating to quotations, orders, invoices, warranties, recalls, product safety notices or account administration may continue where reasonably necessary.
90. Privacy Complaints
If you believe that we have not handled your personal information appropriately, we encourage you to contact us first so we can investigate the matter.
Privacy complaints should include sufficient information to allow us to understand the concern and identify the relevant records.
We will investigate complaints fairly, objectively and in accordance with our internal procedures.
Where appropriate, we may request additional information to assist our investigation.
91. Australian Privacy Complaints
If you are located in Australia and are not satisfied with our response, you may contact the:
Office of the Australian Information Commissioner (OAIC)
The OAIC provides information regarding privacy rights and complaint procedures under the Privacy Act 1988 (Cth).
Current contact information is available from the OAIC website.
92. European Union and United Kingdom
Where the GDPR or UK GDPR applies, individuals may have the right to lodge a complaint with the relevant supervisory authority in the jurisdiction where they reside, work or where the alleged infringement occurred.
Current contact details for supervisory authorities are available through the relevant regulator’s official website.
93. California Residents
Where applicable, California residents may exercise rights available under the California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA).
We will not discriminate against individuals for exercising privacy rights available under applicable law.
94. Data Breach Response
OPIE maintains procedures for identifying, investigating, containing and responding to suspected privacy and security incidents.
Where an incident involves personal information, we will assess the circumstances to determine whether notification is required under applicable law.
Our response may include:
- investigating the incident;
- containing the incident;
- mitigating harm;
- restoring affected services;
- notifying affected individuals where required;
- notifying regulators where required;
- implementing corrective actions to reduce the likelihood of recurrence.
95. Law Enforcement and Regulatory Requests
We may disclose personal information where required or authorised by law, including in response to:
- court orders;
- subpoenas;
- lawful requests from regulatory authorities;
- law enforcement investigations;
- legal proceedings;
- national security obligations.
Where legally permitted, we may notify affected individuals before disclosure.
96. Changes to this Privacy Policy
We may update this Privacy Policy from time to time to reflect:
- legislative changes;
- regulatory guidance;
- new technologies;
- changes to our products or services;
- business operations;
- security improvements;
- privacy best practice.
Updated versions will be published on the relevant OPIE Platform website and will become effective on the date specified.
Where required by law, we will provide additional notice of material changes.
97. Contacting Us
Questions regarding this Privacy Policy or the handling of personal information may be directed to OPIE Manufacturing Group Pty Ltd using the contact details below or those published on the relevant OPIE Platform website.
Privacy enquiries may include:
- access requests;
- correction requests;
- deletion requests;
- consent withdrawal;
- privacy complaints;
- marketing preferences;
- general privacy enquiries.
Security incidents or suspected vulnerabilities should be reported using the contact details provided in our Information Security Policy or Vulnerability Disclosure Policy.
Privacy contact — Lectrum
OPIE Platform privacy enquiries: privacy@opiegroup.com.au
Brand enquiries (Lectrum): sales@lectrum.com.au
Phone: +61 2 4728 6111
Postal address: 109 Russell Street, Emu Heights NSW 2750
98. Privacy Governance
OPIE is committed to maintaining effective privacy governance across the OPIE Platform.
We periodically review our privacy practices, policies and procedures to support ongoing compliance with applicable privacy legislation and recognised industry standards.
Privacy responsibilities are assigned to appropriately authorised personnel within the organisation, with oversight of privacy compliance forming part of our broader governance and risk management framework.
OPIE Platform Privacy Office
Privacy-related matters are routed through the following channels. These roles may be fulfilled by designated personnel within existing teams; a separate department is not required.
- Privacy Officer — privacy enquiries, access requests, correction and deletion requests, complaints and marketing preferences (privacy@opiegroup.com.au);
- Security Team — security incidents, suspected data breaches and vulnerability reports (see Information Security Policy and Vulnerability Disclosure Policy);
- Legal & Compliance — regulatory notices, law enforcement requests and legal correspondence.
99. Commitment to Transparency
We believe that responsible handling of personal information is fundamental to building trust with our customers, employees, distributors, suppliers and business partners.
Our commitment is to collect only the information reasonably necessary to deliver our products and services, use it responsibly, protect it with appropriate safeguards and remain transparent about our privacy practices.
We encourage individuals to contact us whenever they have questions or concerns regarding how their personal information is handled.
Part 8 of 8
Schedules
Schedule A
Categories of Personal Information
Depending on your interaction with the OPIE Platform, we may collect one or more of the following categories of personal information.
| Category | Examples |
|---|---|
| Identity Information | Name, title, employer, customer number |
| Contact Information | Email, telephone number, billing and delivery addresses |
| Account Information | Login credentials, preferences, authentication records |
| Commercial Information | Quotations, orders, invoices, warranties, purchase history |
| Payment Information | Payment status, transaction references (payment card data is processed by authorised payment providers) |
| Technical Information | IP address, browser type, device information, operating system |
| Usage Information | Website activity, searches, configurator usage, downloads, page interactions |
| Communications | Emails, enquiries, support requests, correspondence |
| Marketing Information | Subscription preferences, campaign interactions |
| Project Information | Drawings, CAD files, specifications, project documentation submitted by customers |
| Employment Information | Recruitment records, qualifications, employment applications |
| CCTV Information | Security recordings where applicable |
| AI Interaction Information | Prompts, search requests and interactions with AI-powered services where required for operation or improvement of those services |
Schedule B
Purposes of Processing
Personal information may be processed for purposes including:
- customer account administration;
- quotation preparation;
- manufacturing;
- order fulfilment;
- freight and logistics;
- customer support;
- warranty administration;
- supplier management;
- distributor administration;
- product improvement;
- website operation;
- fraud prevention;
- cybersecurity;
- analytics;
- marketing (where permitted);
- legal compliance;
- dispute resolution;
- business continuity;
- AI-assisted services.
Schedule C
Categories of Recipients
Personal information may be disclosed where reasonably necessary to:
- authorised employees;
- authorised contractors;
- group companies within the OPIE Platform;
- authorised distributors;
- logistics and freight providers;
- payment service providers;
- financial institutions;
- professional advisers;
- insurers;
- auditors;
- cloud and infrastructure service providers;
- customer support providers;
- communications providers;
- analytics providers;
- government authorities;
- regulators;
- law enforcement agencies where authorised or required by law.
Schedule D
Cross-Border Processing
Where reasonably necessary to operate the OPIE Platform, personal information may be processed in jurisdictions outside the country in which it was originally collected.
Cross-border processing may occur in connection with:
- cloud infrastructure;
- customer support;
- communications;
- authentication;
- payment processing;
- artificial intelligence services;
- website analytics;
- logistics;
- enterprise software;
- disaster recovery.
Appropriate safeguards are implemented where required by applicable law.
Schedule E
Information Security Measures
OPIE maintains a risk-based information security program.
Depending on the nature of the processing, security measures may include:
- encryption in transit;
- encryption at rest where appropriate;
- role-based access controls;
- authentication controls;
- multi-factor authentication where implemented;
- secure software development practices;
- security monitoring;
- vulnerability management;
- malware protection;
- backup and disaster recovery;
- logging and auditing;
- incident response procedures;
- physical security controls;
- supplier security assessments;
- staff awareness and training.
Security controls are periodically reviewed and may change over time in response to evolving threats and business requirements.
Schedule F
Data Retention Principles
Retention periods vary depending upon:
- legal obligations;
- taxation requirements;
- contractual obligations;
- warranty periods;
- operational requirements;
- dispute resolution;
- regulatory requirements.
As a general principle:
- information is retained only for as long as reasonably necessary;
- obsolete information is securely deleted, anonymised or de-identified where appropriate;
- records required by law are retained for the applicable statutory period;
- backup data is managed in accordance with business continuity and disaster recovery requirements.
Schedule G
Individual Privacy Rights
Subject to applicable law, individuals may have rights to:
- access personal information;
- correct inaccurate information;
- request deletion;
- request portability;
- object to processing;
- restrict processing;
- withdraw consent;
- object to direct marketing;
- request review of certain automated decisions;
- lodge complaints with relevant privacy regulators.
These rights may be subject to legal limitations and verification of identity.
Schedule H
Privacy Governance
OPIE supports ongoing privacy compliance through:
- documented privacy policies;
- governance and oversight;
- privacy risk assessments;
- staff training and awareness;
- vendor due diligence;
- contractual privacy obligations;
- incident response planning;
- periodic policy reviews;
- continuous improvement.
Schedule I
Definitions
For the purposes of this Privacy Policy:
Personal Information means information relating to an identified or reasonably identifiable individual.
Processing includes collecting, recording, storing, using, disclosing, transmitting, deleting or otherwise handling personal information.
Customer includes any individual or organisation interacting with the OPIE Platform.
Distributor means an authorised reseller, dealer or partner approved by OPIE.
AI Services means artificial intelligence or machine-learning enabled functionality provided through the OPIE Platform.
Website includes all websites, ecommerce stores, customer portals, distributor portals and digital services operated by OPIE Manufacturing Group Pty Ltd or its participating brands.
Document Control
OPIE Platform Privacy Policy
- Document Title
- OPIE Platform Privacy Policy
- Version
- 2026.1
- Document Owner
- OPIE Manufacturing Group Pty Ltd
- Review Frequency
- At least annually, or sooner where required by changes in legislation, technology or business operations.
- Effective Date
- 30 June 2026
- Last Reviewed
- 30 June 2026
End of Privacy Policy
OPIE Manufacturing Group Pty Ltd
OPIE Platform Master Privacy Policy — complete (8 of 8)
Platform privacy: privacy@opiegroup.com.au. Brand enquiries (Lectrum): sales@lectrum.com.au
