Accessibility

Pangolin Associates: climate change services

Climate Change Specialists

Privacy Policy

Last updated 2/7/2025

In this policy, Pangolin Associates, we, our or us is:

  • Pangolin Associates Pty Ltd ABN 28 145 644 819; and
  • any related entities of Pangolin Associates Pty Ltd, including its holding company and any subsidiaries.

To provide you with the best possible service, we collect and use certain personal information about you. Your privacy is important to us and we are dedicated to ensuring your personal information remains private. The following privacy policy sets out how we handle your personal information, consistent with the Australian Privacy Principles within the Privacy Act 1988 (Cth). For the purposes of this policy, “personal information” means information or an opinion about an identified individual, or an individual who is reasonably identifiable. We review this policy periodically to ensure it is kept relevant and up to date and we may make changes at any time by publishing the amended version on our website. Last updated: June 2025

Information we collect

In the process of conducting our business, we may collect a range of personal information from current and prospective businesses, service providers, job applicants, business partners, and other individuals where it is necessary in order to operate our business. The kind of information collected will depend on the nature of your dealings with us, but may include:

  • contact information and identification such as your name, title, contact number, e-mail address, business address;
  • information collected from your interactions with us, including via social media.
  • information for sales, business support, accounts or to provide assistance with ad hoc queries.
  • emails, mail, fax communications, mobile text messages and communications through social networking websites.

How we collect information

Most of the personal information we collect will be collected directly from you. This may occur when you:

  • You or your company provides the information via the ‘contact us’ form on our website. Collected info also includes emails, mail, fax, mobile text messages and communications through social networking websites.
  • contact or interact with us in person, by e-mail, phone, or other forms communication, or via forms on our website or social media accounts;
  • sign up to purchase any of our services;of
  • respond to any of our job advertisements.

Information collected from third parties

  • We may sometimes collect your information from third parties such as:
  • where you are employed or engaged by an entity that purchases services from us, from an authorised representative of that entity;
  • parties you refer us to, or who refer us to you, including personal referees when you apply for a job with us; or
  • third party recruitment agencies you have provided your details to.

Information collected automatically

When you access our network or visit or interact with our website, or any other online platform operated by us (Platforms) we, as well as any third party service provider and/or advertiser, may use a variety of technologies that automatically or passively record information about how the Platform is accessed and used (Usage Data). Usage data may include your IP address or other unique identifier for the device used to access a Platform, browser type, device type, date and time of visit, pages viewed and your use of features or applications on the Platform. Usage Data helps us to keep the Platforms relevant for our customers. Usage Data is usually non-identifying, but if it can be used to identify you, we will treat it as personal information.

Cookies

We may use cookies (data files placed on a device when it is used to visit a Platform) to keep track of personal preferences and compile aggregate data about Platform traffic, such as the number of visitors and pages visited.  . You should be able to configure your computer or other web browsing device so that it disables cookies or does not accept them.

Occasionally we may use cookies for advertising purposes. Certain advertising platforms, such as Google AdWords, use them. These cookies do not collect your identifiable information.

Purpose of use or disclosure

We collect, use and disclose your personal information for a variety of purposes, including:

  • to provide you with our services;
  • to provide various business support services;
  • to process or verify payments authorised by you;
  • to respond to your enquiries, concerns or complaints;
  • to distribute promotional material and inform you about products and services;
  • for any purpose which we notify you about when we collect your information, or to which you have provided your consent;
  • to customise, measure and improve our services;
  • to improve your experience with us and our marketing, including through data analytics, product planning and research;
  • to consider and assess your application for as a potential job applicant or contractor; and
  • other purposes related to the provision of our services.

We may from time to time publish (including by posting on social media) testimonials which contain personally identifiable information. We will obtain your consent prior to publishing the testimonial along with your name.

Disclosing your personal information

We may disclose your information to third parties, including:

  • our agents or contractors who perform a particular function or service on our behalf;
  • your employer or former employer (for example to conduct a reference check).

Examples of our third party agents or contractors include:

  • secure data storage providers;
  • Providers who maintain our website or systems;
  • accountants, lawyers and other professional advisors.

We may also disclose your information to third parties where required or authorised by or under law.

Direct marketing

Direct marketing is the promotion of goods and services directly to you including through emails, SMS, phone calls and the post. We will only send you direct marketing materials for sales, support, account or other related queries that you would reasonably expect to receive, or you have consented. If it is impractical to gain your consent, we will always provide a simple and easy means for you to request to opt-out.

We will not sell or provide your information to a third party for the purposes of direct marketing without your informed consent.

Cross-border disclosure

Our preference is to use third party service providers who are based in Australia, however we may use overseas service providers to process your personal information if we reasonably believe that the overseas entity is subject to the same or similar privacy laws to those found in Australia, or you have otherwise consented to us disclosing your personal information to the overseas entity.

Holding your personal information

We store personal information on secure servers located in Australia. In some cases, data may be stored on servers located overseas, but only in jurisdictions with similar privacy protections or with your consent. We ensure that any third-party service providers comply with our privacy standards and the Australian Privacy Principles.

Use of SharePoint, Scoro, and HubSpot

Our organisation utilises SharePoint, Scoro, HubSpot, Email and OneDrive to store and manage personal information in compliance with the Australian Privacy Principles (APPs). These platforms are integral to our data management strategy, ensuring that personal information is handled securely and efficiently.

SharePoint

SharePoint is employed as a collaborative platform for storing and managing documents and records. It allows for secure access control, ensuring that only authorised personnel can access personal information. SharePoint’s robust version control and audit trail features help maintain data integrity and transparency.

Scoro

Scoro is used for project management and customer relationship management (CRM). It stores personal information related to project stakeholders and clients, facilitating efficient communication and project tracking. Scoro’s data encryption and user authentication measures ensure that personal information is protected against unauthorised access.

HubSpot

HubSpot serves as our primary marketing and sales platform, managing personal information collected through marketing campaigns and customer interactions. It provides tools for segmenting and analysing data, enabling us to tailor our services to meet customer needs. HubSpot’s compliance with international data protection standards, including the General Data Protection Regulation (GDPR), supports our commitment to data privacy.

Email and OneDrive

We use Microsoft 365 services including OneDrive and Outlook, to securely store and share personal information for operational and collaborative purposes. All data is handled in accordance with the Australian Privacy Principles and is protected by Microsoft’s enterprise-grade security and compliance features. OneDrive is used by us for data storage and file management and may contain personal information. OneDrive’s files are generally private and only accessible to the owner unless shared explicitly. Microsoft uses encryption and other security measures to protect data both in transit and at rest.

Security Measures

We implement a range of security measures across SharePoint, Scoro, and HubSpot to protect personal information. These measures include:

  • Data Encryption: All personal information stored on these platforms is encrypted both in transit and at rest, safeguarding it from unauthorised access.
  • Access Controls: We employ strict access controls, ensuring that only authorised personnel have access to personal information. This includes role-based access permissions and multi-factor authentication.
  • Regular Audits: We conduct regular audits of our data management practices to ensure compliance with the APPs and to identify any potential vulnerabilities.

Destruction

When we no longer need your personal information for a permitted purpose and we are not required to keep it to comply with any laws, we will take such steps as are reasonable in the circumstances to destroy your personal information.

Access and Correction

You can update your personal information at any time by emailing us at privacy@pangolin.com.au.   If requested by you, we will take such steps as are reasonable in the circumstances to ensure that your personal information is accurate, up-to-date, complete and relevant. We will take reasonable steps to correct your personal information if we are satisfied that it is inaccurate, out-of-date, incomplete, irrelevant or misleading. This extends to third parties that we have provided your personal information to unless it is impracticable or unlawful to do so.

Resolving concerns

If you have a concern or complaint relating to our handling of your personal information or if you feel that we have breached the privacy laws, please send a written note to us using the email address provided above, outlining the nature of the complaint. We will endeavour to respond to your complaint within a reasonable period of time. If your complaint is not satisfactorily resolved, you can contact us to discuss your concerns or the complaint may be taken to the Office of the Australian Information Commissioner.

Contact Us

If you have questions or suggestions please contact us at:

Email: privacy@pangolin.com.au

Tel: +61 2 8310 6378

Pangolin Associates Pty Ltd

Level 11, 10 Carrington Street

Sydney NSW 2000 Australia.