Privacy Policy

About This Policy
Information We Collect
How We Use Your Information
Payment Processing
Third-Party Service Providers
Disclosure of Information
Data Retention
Information Security

Cookies
Australian Privacy Principles
Your Rights
Data Breaches
Privacy Complaints
Changes to This Policy
Contact Us

1. About This Policy

This Privacy Policy describes how J Draper Pty Ltd atf The JLD Family Trust ABN 51 867 561 592 trading as Interwise IT (“Interwise IT”, “we”, “us”, “our”) collects, holds, uses, and discloses personal information.

This Policy applies to all personal information collected through our website at interwiseit.com.au, our Customer Payment Gateway, our service delivery activities, and any other interaction you have with Interwise IT.

Interwise IT is an APP entity bound by the Privacy Act 1988 (Cth) and the 13 Australian Privacy Principles (APPs). This Policy is published in accordance with APP 1.3 and is freely available on our website.

2. Information We Collect

We collect personal information that is reasonably necessary to provide our services. This may include:

2.1 Contact and Identity Information

Name, job title, and business name;
Email address, phone number, and mailing address;
Australian Business Number (ABN).

2.2 Billing and Financial Information

Invoice history and payment records;
Payment method type (card or bank debit) — we do not store card numbers or account credentials (see Section 4);
Bank account details for EFT or direct debit purposes, where provided.

2.3 Technical and Service Information

IT asset information collected as part of managed services delivery;
Support ticket history and service records;
Network and system data required to deliver IT support.

2.4 Website Information

Browser type, IP address, and pages visited (via cookies and analytics);
Form submissions, enquiries, and quote requests submitted via our website.

We collect information directly from you wherever practicable. We may also collect information from third parties such as referral partners or from publicly available sources.

3. How We Use Your Information

We use personal information to:

Provide, manage, and improve our IT services to you;
Generate and issue invoices, and process payments;
Respond to support requests and enquiries;
Send service updates, maintenance notifications, and relevant communications;
Send periodic emails about Interwise IT services, promotions, or company news (you may unsubscribe at any time);
Comply with legal and regulatory obligations;
Protect the security and integrity of our systems and services.

We will not use your personal information for purposes unrelated to those listed above without your consent, unless required or authorised by law.

4. Payment Processing

Interwise IT processes customer payments via the Customer Payment Gateway, powered by Stripe Payments Australia Pty Ltd (“Stripe”).

🔒 Your card data is never seen or stored by Interwise IT.When you make a payment through the Gateway, your card or bank account details are submitted directly to Stripe and are not transmitted to or stored on Interwise IT systems.

Stripe is certified as a PCI DSS Level 1 Service Provider — the highest level of payment security certification. Your card data is tokenised by Stripe and Interwise IT staff do not have access to your full card number, CVV, or bank account credentials at any time.

By using the Gateway, you also agree to Stripe’s Privacy Policy.

4.1 Direct Debit

Where direct debit is enabled, your bank account details are stored securely by Stripe in encrypted form, consistent with PCI DSS and BECS (Bulk Electronic Clearing System) requirements. You may cancel or amend a direct debit authority at any time by contacting [email protected].

5. Third-Party Service Providers

To deliver our services, Interwise IT uses third-party platforms and sub-processors that may handle your personal information. These parties are engaged under agreements that require them to protect your data consistently with Australian privacy law.

We do not sell or rent your personal information to third parties for marketing purposes. We may share information with third parties only as described in this Policy or with your consent.

6. Disclosure of Information

Interwise IT may disclose your personal information in the following circumstances:

To our service providers and sub-processors as listed in Section 5, for the purposes of delivering our services;
Where required or authorised by law (e.g. in response to a court order or lawful government request);
To protect the rights, property, or safety of Interwise IT, its clients, or others;
In connection with a business transfer, merger, or acquisition, subject to appropriate confidentiality obligations;
With your consent.

We do not disclose personal information to overseas recipients except where our sub-processors operate internationally (e.g. cloud platforms). In such cases, we take reasonable steps to ensure the recipient handles the information in accordance with the APPs.

7. Data Retention

Interwise IT retains personal information only for as long as necessary to fulfil the purposes for which it was collected, or as required by law.

Data Category	Retention Period	Reason
Financial and billing records (invoices, payment records)	7 years	Australian Tax Office requirements
Client contact and account information	Duration of relationship + 2 years	Service continuity and dispute resolution
Service records and support tickets	3 years	Warranty, audit, and dispute purposes
Website analytics data	26 months	Standard analytics platform retention
Payment card data	Not retained by Interwise IT	Managed by Stripe under PCI DSS

When personal information is no longer required, we take reasonable steps to destroy or de-identify it securely.

8. Information Security

Interwise IT takes reasonable steps to protect personal information from misuse, interference, loss, and unauthorised access, modification, or disclosure. Our security measures include:

SSL/TLS encryption for all data transmitted via our website and Gateway;
Role-based access controls limiting staff access to personal information;
PCI DSS Level 1 certified payment processing via Stripe;
Regular security reviews and staff training;
Incident response procedures for suspected data breaches.

Despite these measures, no internet transmission is completely secure. We encourage you to take steps to protect your own information, including keeping passwords and credentials confidential.

9. Cookies

Our website uses cookies — small files placed on your device that help us understand how visitors use our site. We use cookies to:

Analyse site traffic and improve user experience;
Remember preferences for return visits;
Support third-party analytics (e.g. Google Analytics).

You can configure your browser to refuse cookies or to alert you when cookies are being sent. Some features of our website may not function correctly if cookies are disabled. We do not use cookies to collect sensitive personal information or payment data.

10. Australian Privacy Principles

Interwise IT is bound by the 13 Australian Privacy Principles under the Privacy Act 1988 (Cth). Our practices are designed to comply with key APPs including:

APP 1 — Open and transparent management of personal information (this Policy);
APP 3 — Collection of solicited personal information only for lawful purposes;
APP 5 — Notification of collection at or before the time of collection;
APP 6 — Use or disclosure only for the primary purpose of collection (or with consent);
APP 11 — Security of personal information;
APP 12 — Access to personal information on request;
APP 13 — Correction of personal information on request.

11. Your Rights — Access and Correction

Under the Australian Privacy Principles, you have the right to:

Request access to the personal information Interwise IT holds about you (APP 12);
Request correction of personal information that is inaccurate, out of date, incomplete, irrelevant, or misleading (APP 13);
Request deletion of personal information where it is no longer needed (subject to legal retention obligations).

To exercise these rights, contact us at [email protected]. We will respond within 30 days. We may need to verify your identity before processing a request.

We will not charge a fee for making an access request, though a reasonable charge may apply for the cost of providing access in some circumstances.

12. Data Breaches

Interwise IT is subject to the Notifiable Data Breaches (NDB) scheme under Part IIIC of the Privacy Act 1988 (Cth).

In the event of an eligible data breach — one that is likely to result in serious harm to affected individuals — Interwise IT will:

Assess the breach as soon as practicable (within 30 days of becoming aware);
Notify affected individuals and the Office of the Australian Information Commissioner (OAIC) if an eligible breach is confirmed;
Take reasonable steps to contain and remediate the breach.

To report a suspected data security incident involving Interwise IT systems or your data, contact us immediately:

📞 1800 468 379

13. Privacy Complaints

If you believe Interwise IT has not complied with the Australian Privacy Principles in relation to your personal information, you may lodge a complaint with us.

Submit privacy complaints in writing to [email protected]. We will acknowledge receipt within5 business daysand aim to resolve all complaints within 30 days.

If you are not satisfied with our response, you may escalate your complaint to the Office of the Australian Information Commissioner (OAIC):

🌐 oaic.gov.au
📞 1300 363 992
GPO Box 5218, Sydney NSW 2001

14. Changes to This Policy

Interwise IT may update this Privacy Policy from time to time to reflect changes in our practices, services, or legal obligations. The updated Policy will be posted on this page with a revised effective date. Where changes are material, we will notify active clients by email.

By continuing to use our website or services after a policy update, you accept the revised terms.