What this document is about?

This statement explains how Essatto Software, hold, use and disclose your personal information and who we share it with.

Why do we collect your personal information?

Personal information is information or an opinion about an identified individual or an individual who is reasonably identifiable. We collect personal information so that we can:

  • identify you, your company and conduct appropriate checks;
  • understand your requirements and provide you with a product or service;
  • set up, administer and manage our products, services and systems;
  • manage, train and develop our employees and representatives;
  • manage complaints and disputes; and
  • better understand your needs, your behaviours and how you interact with us, so we can engage in product and service research, development and business strategy including managing the delivery of our services and products via the ways we communicate with you.
What happens if you don’t give us your personal information?

If we ask for your personal information and you don’t give it to us, we may not be able to provide you with any, some, or all of the features of our products or services.

How we handle your personal information?

We collect your personal information directly from you and, in some cases, from other people or organisations, including suppliers of products and services to Ioppolo. We also provide your personal information to other related companies in the Group, and they may disclose or use your personal information for the purposes described in ‘Why do we collect personal information?’ in relation to products and services they may provide to you. Under various laws (both in Australia and other countries we either operate in or obtain products or services from), we will be (or may be) authorised or required to collect your personal information. These laws include the: Work Health and Safety laws, Export laws, Bribery and Foreign Corrupt Practices laws, United States Sarbanes-Oxley laws, Anti-Money Laundering and Counter-Terrorism Financing Act 2006, Personal Property Securities Act 2009, Corporations Act 2001, Autonomous Sanctions Act 2011, Income Tax Assessment Act 1997, Income Tax Assessment Act 1936, Income Tax Regulations 1936, Tax Administration Act 1953, Tax Administration Regulations 1976, A New Tax System (Goods and Services Tax) Act 1999 and the Australian Securities and Investments Commission Act 2001 as those laws are amended, and includes any associated regulations. We will use and disclose your personal information for the purposes we collected it as well as purposes that are related, where you would reasonably expect us to. We may disclose your personal information to and/or collect your personal information from:

  • customer, product, business or strategic research and development organisations;
  • data warehouses, strategic learning organisations, data partners, analytic consultants;
  • social media and other virtual communities and networks where people create, share or exchange information;
  • publicly available sources of information;
  • industry relevant organisations;
  • a third party that we’ve contracted to provide services, products or administrative services – for example:
  • information technology providers,
  • administration or business management services, consultancy firms, auditors and business management consultants,
  • marketing agencies and other marketing service providers,
  • print/mail/digital service providers,
  • imaging and document management services;
  • accounting or finance professionals and advisers;
  • government, statutory or regulatory bodies and enforcement bodies;
  • legal and any other professional advisers or consultants;
  • debt collection agencies; and
  • any other organisation or person, where you’ve asked them to provide your personal information to us or asked us to obtain personal information from them.

We’ll use a variety of methods to collect your personal information from, and disclose your personal information to, these persons and organisations, including written forms, telephone calls and via electronic delivery. We may collect and disclose your personal information to these persons and organisations during the information life cycle, regularly, or on an ad hoc basis, depending on the purpose of collection.


Cookies are text files placed on your computer to collect standard internet log information and visitor behaviour information. When you visit our websites, we may collect information from you automatically through cookies or similar technology.

Overseas Disclosure and Data Storage

Sometimes, we need to provide your personal information to – or get personal information about you from – persons or organisations located overseas, for the same purposes as in ‘Why do we collect personal information?’ and ‘How we handle you personal information.’The list of countries includes:

  • New Zealand
  • United States,
  • Canada
  • Countries in the European Union
  • Singapore
  • India
  • other countries where we are engaged in business or related activities with you or your company or organisationFrom time to time, we may need to disclose your personal information to, and collect your personal information from, parties in other countries not on this list,. Nevertheless, we will always use all reasonable efforts to disclose and collect your personal information in accordance with privacy laws.
Your personal information and our marketing practices

We might, from time to time, let you know – including via mail, SMS, email, telephone or online – about news, special offers, products and services that you might be interested in. We will use your personal information to engage in marketing unless you tell us otherwise. You can contact us to update your marketing preferences at any time. In order to carry out our marketing, we collect your personal information from and disclose it to others that provide us with specialised data matching, trending or analytical services, as well as general marketing services, as set out in ‘How we handle your personal information’. We may also collect your personal information for marketing through business dealings, seminars, trade shows, competitions and by accessing contact lists. We, and other people who provide us with services, may combine the personal information collected from you or others, with the information we, or companies in the group, or our service providers already hold about you. We may also use online targeted marketing, data and audience matching and market segmentation to improve advertising relevance to you.

How to access and correct your personal information

You have the right to access, update and correct your personal information held by us. To do this, please send an email with your request and contact details to [email protected]. We may need to contact you to verify your identity before we provide any data.

How to make a Complaint

The following complaint process can be used if you have a complaint about how we collect, hold, use or disclose your personal information or a privacy related issue such as refusal to provide access or correction. By following the complaint handling process we can resolve your complaint effectively and efficiently.

Step 1. Contact Ioppolo & Associates Business know what the issue isIf you would like to make a complaint, please let us know by contacting Ioppolo we may be able to resolve the complaint for you. If not, the staff member will refer you to a Manager or their delegate and they will attempt to resolve the complaint. A response is usually provided to you within 5 business days. You can contact Ioppolo & Associates by phoning 08 8682 1700.

Step 2. Review by Ioppolo Associate DirectorIf you are not satisfied with the outcome of the Ioppolo review in Step 1, you can request the complaint be referred to the Associate Director. The Associate Director will contact you to discuss if additional information is required and will usually contact you with a decision within 15 business days of receiving your complaint. You can contact the Associate Director by phoning 08 6382 17000.

Step 3. Seek review by an external service. We expect our complaints process will deal fairly and promptly with your complaint. However, if you remain dissatisfied, you may be able to access the services of Office of the Australian Information Commissioner (OAIC). Complaints to the OAIC must be made in writing to: Ph: 1300 363 992 Director of Compliance Office of the Australian Information Commissioner GPO Box 5218 Sydney NSW 2001