Privacy Policy
Updated: 1 May, 2026
1. General PolicyThis privacy policy (the Policy) relates to all personal information collected, held, used and disclosed by or on behalf of Diligence Research Pty Ltd ACN 625 635 305 (the Company).
The Policy covers all of the Company's activities, including the operation of the website https://data.diligenceresearch.com.au, and any related websites (the Website), the Company's operations using social media, and the Company's email communications with other parties including but not limited to clients, prospective clients, service providers, contractors, regulatory authorities, and agencies.
At the Company, we take our privacy obligations seriously and are committed to ensuring that we handle personal information in accordance with the Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (Cth) (Act). The Company is also committed to complying with our international obligations, where they apply to our operations.
This Policy sets out:
1. The kinds of personal information that the Company collects and holds;
2. How the Company collects personal information;
3. How the Company holds and retains personal information;
4. The purposes for which the Company collects, holds, uses and discloses personal information;
5. How the Company uses artificial intelligence and automated systems in connection with the Website and Email Services;
6. How you may access personal information about you that is held by the Company and seek correction of it if there are any inaccuracies with respect to that information;
7. How you may complain about a breach of the APPs and how the Company will deal with such a complaint; and
8. The circumstances in which personal information is likely to be disclosed to overseas recipients and the countries in which such recipients are likely to be located.
2. Collection of your personal informationWhere the Company collects and holds personal information, it is collected and held for our business purposes, which are generally to fulfil our contractual and legal compliance obligations, operate and improve the Website and Email Services, provide services to users and clients, and keep stakeholders including prospective clients informed of our activities and services.
These purposes include the following:
1. Providing services to our clients and users;
2. Being responsive to website, written and email inquiries;
3. Educating the public about the Company's activities;
4. Undertaking human resources activities;
5. Making social media and website entries;
6. Operating, securing, monitoring and improving the Website and Email Services;
7. Managing accounts, subscriptions, billing, access controls and user support; and
8. Detecting, investigating and preventing misuse, fraud, security incidents and unlawful activity.
The Website and Email Services are provided by the Company as a general information service, for the purposes of collating and making available publicly sourced Government and associated data.
The kinds of personal information that the Company collects and holds may include:
1. Client names, contractor names, employee names, user names, pseudonyms, telephone numbers, email addresses, physical addresses, gender information, date of birth information, account details and payment-related details;
2. Bank account, credit card and tax file number details, where reasonably necessary for the Company's business, employment, contractor, billing or taxation purposes;
3. Contractual information between the Company and clients, the Company and employees, the Company and contractors;
4. Account, subscription, access, billing, support and communication records;
5. Search activity, saved search activity, search terms, filters, viewed records, summary requests, user activity logs, device information, browser information, IP addresses, security logs and other usage information; and
6. Other information for our business purposes, which is reasonably necessary for, or directly related to, our functions or activities.
You might also share personal information with the Company in connection with the types of services you wish to obtain and/or are obtaining from the Company, the types of services you obtain from third parties, and feedback, including complaints, in relation to our services.
The Company will collect personal information directly from you unless it is not reasonable or practicable for the Company to do so.
The Company may log search activity and monitor user activity for the purposes of operating, securing, improving and auditing the Company's activities. This may involve the collection of personal information.
The Company may solicit personal information through its Website, in documents, by means of our support platform, in our Messenger communications box, through payment and authentication providers, or during communications with our clients, contractors and others.
3. Publicly sourced informationThe Website and Email Services collate, index, process, summarise and make available publicly sourced Government and associated data. Publicly sourced information may include information about individuals, companies, organisations, directors, officers, litigants, parties, representatives, regulated persons, professionals, public officials and other persons or entities referred to in publicly available records.
Publicly sourced information may contain personal information or sensitive information. The Company does not create the original source material and does not warrant that the original source material is accurate, complete, up-to-date, lawful, fair, non-defamatory or suitable for any particular purpose.
Where the Website or Email Services display, extract, classify, summarise or link to publicly sourced information, users should verify important information against the original source material before relying on it.
4. Use of artificial intelligence in our servicesThe Company may use artificial intelligence, machine learning, large language models, natural language processing, semantic search, automated ranking, classification, summarisation, extraction and similar technologies (AI Systems) to assist with the operation of the Website and Email Services.
AI Systems may be used to assist with search relevance, search result ranking, filtering, document classification, entity matching, extraction of structured information from publicly available records, generation of summaries, generation of explanations, duplicate detection, quality control, internal testing and service improvement.
AI-assisted search and summary features may process the search terms entered by a user and the search results, records, document text, metadata or publicly sourced information returned by the Website in response to that search.
The Company does not use AI-assisted search or summary features to process users' account passwords, payment card details, bank account details, authentication credentials, billing details or account profile information.
However, users must not enter unnecessary personal information, sensitive information, confidential information, passwords, authentication credentials, payment card details, bank account details, tax file numbers, health information, legally privileged information or other information they are not authorised to provide into search boxes, prompts, filters, notes or other free-text fields.
If a user chooses to enter such information into a search box, prompt, filter, note or other free-text field, that information may be processed as part of providing the requested search, summary or related service feature. The Company is not responsible for a user's decision to submit unnecessary, confidential, sensitive or unauthorised information into these fields.
Where the Company uses third-party AI service providers, the Company will take reasonable steps to assess the privacy, confidentiality, security and data handling practices of those providers. The Company will also take reasonable steps to limit the information provided to AI Systems to what is reasonably necessary for the relevant service feature.
Unless expressly stated otherwise, AI-assisted search results, summaries, classifications, rankings, extracted information and explanations are generated automatically or semi-automatically and are not individually reviewed by the Company before being displayed.
AI-generated outputs are provided as an aid to users and may be incomplete, inaccurate, outdated, misleading, or affected by limitations in the source material, extraction process, search process, ranking process or AI System. AI-generated outputs should not be treated as legal, financial, business, investigative, compliance or other professional advice. Users should verify important information against the original source material.
Where AI Systems generate, infer, classify or summarise information about an identified or reasonably identifiable individual, the output may itself be personal information. The Company will take reasonable steps, having regard to the nature of the service, to ensure that personal information it collects, uses or discloses is accurate, up-to-date and complete. However, users acknowledge that AI-generated outputs may contain errors and must be checked against the original source material before being relied upon.
5. Automated decision-makingThe Company may use automated systems to assist with search, ranking, filtering, classification, summarisation, extraction and presentation of publicly sourced information. These systems help determine what information is displayed to users and how it is organised.
The Company does not currently use AI Systems to make decisions that are intended to have a legal, contractual or similarly significant effect on individuals, such as decisions about a person's rights, entitlements, eligibility for services, credit, employment, insurance, healthcare, access to significant support, or legal status.
If this changes, the Company will update this Policy to explain the kinds of personal information used by those systems, the kinds of decisions made or substantially assisted by those systems, and any other information required by applicable privacy laws.
6. Use and disclosure of your personal informationThe Company may use and disclose your personal information for the purposes for which it has been collected, or for any other purposes to which you have consented.
You may give the Company your consent expressly, or it may be implied by your conduct. Subject to the requirements of the APPs, if you would reasonably expect the information to be used or disclosed for another purpose, the Company may also use or disclose it for that purpose.
The Company may, from time to time, send to you marketing material that the Company considers will be useful to you, or other material about our activities. The Company will only do this if we collected the information from you and you would reasonably expect us to use or disclose the information for that purpose, or if you have consented to receiving such communications. We will use our best endeavours to first obtain your consent in advance where required.
If you do not wish to receive this information, please let us know and we will stop sending it to you within a reasonable period of time.
Depending on the service, your personal information may be disclosed to:
1. External service providers, including providers involved in hosting, storage, database management, website management, authentication, email delivery, payment processing, subscription management, customer support, security, search technology, artificial intelligence processing, machine learning, natural language processing, document processing and summarisation;
2. Specialist advisers who have been engaged to provide the Company with legal, administrative, financial, insurance, research, marketing, investigative or other services;
3. Regulatory bodies which oversee or impact on our operations, including:
(a) the Australian Competition and Consumer Commission;
(b) the Australian Taxation Office; and
(c) the Australian Securities and Investments Commission; and
4. Any other person authorised by you, as specified by you, such as your agent, manager, accountant and lawyer.
The Company may at other times notify you about our disclosure practices in relation to specific services that we provide in relation to our activities.
In addition, the Company may use or disclose personal information:
1. If authorised or required by or under an Australian law or court/tribunal order or by request of an Australian government authority;
2. If the Company reasonably believes that the use or disclosure is necessary to take appropriate action in relation to suspected unlawful activity or misconduct;
3. If the Company reasonably believes that the use or disclosure is reasonably necessary for one or more enforcement related activities conducted by, or on behalf of, an enforcement body;
4. If reasonably necessary for the establishment, exercise or defence of a legal or equitable claim or for the purposes of confidential dispute resolution;
5. If the Company reasonably believes that the use or disclosure is necessary to lessen or prevent a serious threat to life, health or safety and it is unreasonable or impracticable to obtain your consent; and
6. If the Company actually or reasonably believes that the use or disclosure is reasonably necessary in order to locate a person reported as missing.
Where the Company discloses personal information to third parties, whether or not permission is obtained in advance from the providers of that information, we will take reasonable steps to impose obligations of security and confidentiality regarding the way they handle that information. The Company does not grant third party service providers permission to retain, sell or transfer personal information except as required to provide services to the Company, comply with legal obligations, maintain security, or as otherwise authorised by law.
7. Overseas disclosuresSome of the Company's service providers, including cloud hosting, authentication, payment, email, search, security and AI service providers, may store, access or process information outside Australia. The countries in which those providers are located may change from time to time, but may include Australia, the United States, the United Kingdom, countries in the European Economic Area, and other jurisdictions where those providers or their subprocessors operate.
Before using service providers that may handle personal information, the Company will take reasonable steps to assess whether appropriate confidentiality, security and privacy protections are in place.
8. Payment processing and payment service providersThe Company uses Stripe and related payment service providers to process payments, manage subscriptions, support secure checkout, detect and prevent fraud, and manage billing records. Payment information submitted through Stripe is processed by Stripe in accordance with Stripe's own terms, privacy policy and applicable legal obligations.
The Company does not use AI-assisted search or summary features to process users' payment card details, bank account details, authentication credentials or account passwords.
Payment service providers may use automated systems, risk models, fraud detection tools, machine learning or similar technologies as part of payment processing, authentication, fraud prevention, dispute management, regulatory compliance and service security. These payment-related systems are separate from the Company's AI-assisted search and summary features.
Users should review the terms and privacy information provided by Stripe or any other payment service provider when making a payment or managing a subscription.
9. Security of your personal informationOnce collected, the Company holds personal information in a number of different formats, including but not limited to software programs located both onsite and offsite, including in the cloud, databases, filing systems, backup systems, logs and offsite backup storage.
The Company will take reasonable steps to protect your personal information from loss, unauthorised access, modification, disclosure, interference or other misuse.
No method of electronic transmission, storage, indexing, search, automated processing or online communication is completely secure. The Company cannot guarantee the absolute security of information transmitted to or from the Website or Email Services.
10. Sensitive personal informationThe Act imposes special obligations where sensitive information is collected, used and disclosed. Sensitive information may include information relating to a person's racial or ethnic origin, political opinions, membership of political associations, religious beliefs, philosophical beliefs, membership of professional or trade associations, membership of trade unions, sexual orientation or practices, criminal record, health information, genetic information, biometric information or biometric templates.
The Company may collect some forms of sensitive information where reasonably necessary for one or more of its functions or activities, where consent has been provided, where the information is contained in publicly sourced Government or associated data, where the information is provided by the user, or where otherwise authorised by law.
Users must not enter unnecessary sensitive information into search boxes, prompts, filters, notes or other free-text fields.
If the Company holds any sensitive personal information about you, that information will only be used and disclosed by the Company for the purpose for which it was collected, for directly related purposes where permitted by law, with your consent, or where otherwise authorised or required by law.
11. Access to your personal informationAt any time, you may request access to personal information about you that the Company holds by contacting the Company's Privacy Officer at contact@diligenceresearch.com.au.
The Company will process your request within a reasonable time. If the Company is not legally required to provide access to the personal information requested and does not exercise its discretion to do so, we will let you know our reasons.
Where a request relates to publicly sourced Government or associated data, the Company may direct you to the original source agency, publisher, court, tribunal, regulator or other source of the relevant information where appropriate.
12. Correction of your personal informationYou should promptly notify the Company if there are any changes to your personal information. You may ask the Company at any time to correct personal information we hold about you by contacting the Company's Privacy Officer at contact@diligenceresearch.com.au.
The Company will respond to you within a reasonable time. The Company will generally comply with requests to correct personal information, however if we refuse, we will give you a written notice explaining our reasons for refusal and the means by which you can make a complaint.
Where a correction request relates to publicly sourced Government or associated data, the Company may need to consider the nature of the original source material, whether the Company is able to correct the information within its own systems, and whether the original source agency, publisher, court, tribunal, regulator or other source should be contacted.
13. Dealing with complaintsIf you have a complaint about the Company's breach of the APPs, you should contact the Company's Privacy Officer at contact@diligenceresearch.com.au.
The Company will investigate your complaint and respond to you within a reasonable time and in accordance with our legal obligations. We will take any necessary corrective actions promptly.
14. Cookies and Related TechnologiesWe use cookies and similar technologies (Cookies) that are necessary to operate our website and services. These Cookies help us maintain your session, keep you securely logged in, prevent fraudulent or malicious activities, and enable secure payment transactions. Because these Cookies are strictly necessary to provide you with the services you request, such as logging in, accessing your account, or processing payments, they do not require your explicit consent under the Australian Privacy Principles.
Types of Cookies We Use
• Authentication and Session Cookies: We use session cookies to allow you to log in and maintain your session across different pages. These Cookies enable basic website functionality and security. We may also integrate with third-party authentication providers. In these cases, that provider may set its own session cookies strictly for security and sign-in functionality.
• Payment-Related Cookies: We use Stripe for payment processing. Stripe may set cookies or similar technologies on its own domain for fraud detection, transaction tracking, secure checkout, authentication and payment security. These Cookies are considered essential for completing purchases and preventing fraudulent behaviour.
• Service Operation and Security Cookies: We may use cookies or similar technologies that are necessary to operate, secure, monitor and maintain the Website and Email Services.
• No Marketing or Analytics Cookies: We do not use Cookies for marketing or analytics purposes. If our practices change in the future, we will update this Policy accordingly and, where required, seek your consent before placing any non-essential Cookies.
Managing Cookies: Because the Cookies we use are strictly necessary for security and functionality, blocking or deleting them may affect your ability to use certain features of our website or complete purchases. If you still wish to manage Cookies at the browser level, you can typically do so by adjusting your browser settings. For more information on blocking or deleting Cookies, consult your browser's Help function.
15. Changes to this PolicyThe Company may amend this Policy from time to time, and the amended Policy will be published on the Website. Any changes will be effective as of the date they are posted on this page unless they are backdated to apply before that date.
For further information about privacy issues, see the Office of the Australian Information Commissioner's website at www.oaic.gov.au.