Privacy Policy

This Privacy Policy is to inform you about when and how EP Risk Management Pty Ltd (EP Risk) may collect your personal information, and what we use it for. It will also provide you with the tools you need to let us know if you want us to correct or remove your information.

Scope of this Privacy Policy

This Privacy Policy applies to personal information collected by EP Risk. In broad terms, “personal information” means any information about an individual who is reasonably identifiable.

What personal information does EP Risk collect?

EP Risk collects a range of personal information in the course of its operations, for purposes that are directly related to its core functions or activities. EP Risk collects personal information about you for the following reasons:

  • Because we need it to provide a product or service you have requested;
  • Because you have provided it to us;
  • Because of your relationship with us;
  • For any other purpose related to the above.
  • How and why does EP Risk collect information?

    EP Risk collects personal information which is given to us by you. You may do this because you wish to receive a particular service, or because you wish to give us feedback or make a complaint.

    When EP Risk collects personal information from you, we will generally inform you of the reason the information is being collected and how we will use it (unless the reason for collection is self-evident).

    Use and disclosure of personal information

    EP Risk may use and disclose your personal information for the following purposes:

  • to provide a service that you’ve requested;
  • to provide technical support, or respond to any enquiries;
  • if permitted or required by law;
  • it is necessary to prevent or lessen a serious and imminent threat to a person’s life or health; or
  • if you consent to the disclosure (this may be express or implied).
  • In providing and managing the services offered by EP Risk , EP Risk may need to make your information available to third party services and content providers, including providers of cloud services, website hosts, and other companies. These third parties may be located overseas in countries including the USA, Europe and Singapore.

    EP Risk will ensure that any third parties who receive your personal information from EP Risk follow the same standards and obligations set out in this Privacy Policy, and only use your information for the specific purpose and service they are providing to you or EP Risk.

    Anonymity and pseudonymity

    Where possible, you may interact with EP Risk anonymously should you choose to do so. For example, if you wish to provide feedback without requiring a response from EP Risk, you will not be required to provide a full name or email address.

    However, in some cases it will not be practicable to interact with you anonymously, or it may be impossible to provide the service you are requesting without some form of personal information.

    Access and correction

    Individuals are entitled to obtain access to records that contain personal information about them, except to the extent that EP Risk is required or authorised to refuse access under any law of the Commonwealth that provides for access by persons to documents (e.g. the Freedom of Information Act 1982 (Cth)). Individuals can obtain information regarding access to records that contain personal information about them by contacting the EP Risk Privacy Contact Officer (see 9. Relevant contacts below). Individuals may also seek the correction of any information held by EP Risk. EP Risk will take reasonable steps to ensure that the personal information it holds is accurate, relevant to its purpose, up to date, complete and not misleading.

    Storage and security

    Depending on how we received your personal information, EP Risk may store it in electronic and hard copy format. EP Risk takes such steps as are reasonable and practicable to ensure that the personal information it holds is protected against interference, unauthorised access and other forms of misuse. Measures taken may be physical, electronic, or procedural. EP Risk staff are advised to treat personal information with care, and to use it in accordance with this Privacy Policy and current laws.


    If you think that an act or practice of EP Risk has interfered with your privacy you may make a complaint to EP Risk You will need to identify yourself and provide your complaint in written form addressed to the EP Risk Privacy Contact Officer (see Relevant contacts below).

    The EP Risk Privacy Contact Officer will investigate your complaint and will endeavour to provide a written response within 30 days of receipt of the complaint setting out EP Risk’s decision.

    If you are dissatisfied with EP Risk’s response to your complaint you can take your complaint to the Office of the Australian Information Commissioner (see below). The Australian Information Commissioner may then investigate and attempt to conciliate the matter.

    Relevant contacts

    You can obtain further information about EP Risk’s Privacy Policy by contacting the EP Risk Contact Officer:

  • Telephone: +61 2 9922 5021
  • Email:
  • You can also contact the Office of the Australian Information Commissioner (OAIC):

  • Telephone: 1300 363 992 (within Australia)
  • +61 2 9284 9749: (from outside Australia)
  • Email: