Skip to content

Privacy Policy

Hark Accountants (referred to as “we”, “our” or “us”) is committed to protecting the privacy of personal information obtained through its operations as a professional services firm. We are bound by the Privacy Act 1988 (Cth) (Privacy Act), including the Australian Privacy Principles (APPs) and any relevant privacy code registered under the Privacy Act.

This policy relates to our collection and handling of personal information covered under the Privacy Act. It does not apply to information outside the scope of the Privacy Act.

Collection of personal information

We collect and hold personal information from clients, employees, contractors and other individuals. ‘Personal information’ refers to any information or opinion that can identify an individual. We collect and hold this information when it is necessary for business purposes.

The main types of personal information we collect and hold relate to the contact details and organisational roles of our clients, suppliers and other business contacts. Typically, this information includes names, birth dates, addresses, telephone numbers, email addresses and job titles. In the course of providing professional services to our clients, we may collect and hold more detailed personal information, for example:

  • financial information about your assets, liabilities, income and bank details;
  • government identifiers such as Tax File Number, driver’s license, passport and visa/work permit status;
  • shareholdings and investment information;
  • details of superannuation and insurance arrangements;
  • educational qualifications, employment history and salary;
  • Membership of a political association or membership of a trade union; and/or
  • personal information about your spouse and dependents.

Whenever we collect information from you, we will do everything we can to let you know:

  • how to contact us;
  • why we are collecting the information;
  • the organisation or types of organisations to which we usually disclose that kind of information;
  • if we are required by law to collect the information;
  • the consequences for you if the information is not provided;
  • how you may access and correct the information;
  • how to complain about a breach of the Australian Privacy Principles; and
  • whether we will disclose your information to overseas recipients, and the countries in which such recipients are likely to be located.

We collect most information directly from individuals when we deal with them. The personal information we collect may be provided in forms filled out by individuals, face to face meetings, emails, telephone calls, online forms, or website and digital tools. There may also be occasions when we collect your personal information from third parties such as:

  • your employer (if they are our client)
  • your family members
  • your representatives
  • agents or referral partners
  • a publicly available record
  • third-party systems with your consent

Holding personal information

We take reasonable steps to protect the information we hold from misuse, loss, unauthorised access or disclosure. Your personal information may be held in:

  • Secure physical files (e.g., lockable cabinets)
  • Digital records on our secure servers
  • Cloud-based systems hosted by reputable third-party providers (some of which may be located overseas)

We use security measures such as password protection, firewalls, encryption, and access controls. We also have internal data retention policies to ensure that information is not held longer than necessary.

Accessing and correcting personal information

You may request access to personal information we hold about you by contacting us. We will respond within a reasonable timeframe and may ask for identification to verify your identity.

If any of the information we hold is inaccurate, incomplete or out of date, please let us know and we will update it.

If you ask us to delete your information, we will do so where possible, unless we are required to retain it by law or for compliance or risk management purposes.

Disclosure of personal information

We only disclose your personal information when necessary to:

  • Deliver the services you have engaged us for
  • Meet our legal or regulatory obligations
  • Engage trusted service providers or contractors (e.g., IT support, external accountants, cloud providers)
  • Protect the rights or safety of Hark Accountants or others
  • Respond to law enforcement or government requests where required by law

We do not sell or trade personal information. In limited circumstances, we may disclose de-identified or aggregated data for research or reporting purposes.

Transfer of information outside Australia

We may engage staff, contractors or service providers located overseas. We take reasonable steps to ensure that any overseas recipients protect your personal information in accordance with Australian privacy laws or similar protections.

By engaging our services, you consent to this overseas disclosure where required.

Privacy on our website sites and applications

This policy also applies to personal information collected via our website or digital platforms. We may use cookies and other tracking tools to improve your experience and understand user behaviour. You can manage or disable cookies in your browser settings.

We may link to third-party websites, which have their own privacy practices. We are not responsible for the privacy practices of other sites.

Data breach response

A data breach occurs when personal information that an entity holds is subject to unauthorised access or disclosure, or is lost. Examples include:

  • loss or theft of physical devices (such as laptops and storage devices) or paper records that contain personal information
  • unauthorised access to personal information by an employee
  • inadvertent disclosure of personal information due to ‘human error’, for example an email sent to the wrong person
  • disclosure of an individual’s personal information to a scammer, as a result of inadequate identity verification procedures.

In the unlikely event of a data breach involving your personal information that may cause serious harm, we will follow the requirements under the Notifiable Data Breaches (NDB) scheme:

  1. Contain the data breach 
  2. Assess the risk and impact
  3. Notify the individuals, the Commissioner (if required) and other entities depending on the categories of information involved in the data breach
  4. Review the incident and prevent future breaches.

Protecting children’s privacy

We understand the importance of protecting children’s privacy, especially in an online environment.

Our services are not directed at children under 13. We do not knowingly collect information from children unless necessary for a specific service and with appropriate consent.

Questions and complaints

If you have any questions or concerns regarding your privacy, or if you would like to make a complaint about a possible breach of this Privacy Policy or the Australian Privacy Principles, you may direct your correspondence to the Privacy Officer.

We take all complaints seriously and will respond to your complaint within a reasonable period.

If you believe that we have not adequately handled your complaint, you may complain to the Office of the Australian Information Commissioner.

Additional information

For further information about privacy and the protection of privacy, visit the Office of the Australian Information Commissioner’s website at www.oaic.gov.au.