GBNCo (referred to as “we,” “us,” or “our”) is dedicated to protecting your privacy and ensuring the security of your personal information. This privacy policy outlines how we collect, use, and safeguard your personal information.

We understand the importance of privacy and strive to be transparent about our data practices. We value your trust and are committed to safeguarding your personal information.

This privacy policy (“Policy”) explains how we handle your personal information, which includes any information that can identify you or can reasonably be linked to you. We comply with the Privacy Act 1988 (Cth) when collecting, storing, using, or disclosing personal information.

We collect information about you when you interact with us and may also obtain information from other individuals and organisations.

We only collect your personal information when necessary for providing and improving our services, managing our business, and complying with legal obligations. The types of personal information we collect depend on your interactions with us. Here are some examples:

Personal information we collect directly from you:

• When you visit our website: We may use cookies and tracking pixels to collect data points and user interactions to improve website performance and user experience.
• When you engage with us directly (e.g., at events, via telephone, email, our website, or social media): Information you provide, such as your name, contact details (phone number and/or email address), and any other personal information you voluntarily share. Security camera footage may be collected if you visit our locations.
• When you sign up for updates on the delivery of the GBNCo network: Your name, street address, and email address.
• When you participate in trial products or services: Your name, contact details, and other personal information required for the trial.
• When you sign up for the Building Register: Your name, building street address, email address, and telephone number.
• If you apply for a job with us: Information about your employment history, qualifications, and abilities.
• If you fill out surveys or enter competitions: The personal information you provide.

Personal information we collect from others:

• When you request a connection to the GBNCo network or report connection problems to your internet or telephone service provider: We collect your address, contact details, and relevant information from your service provider(s).
• To inform you about the GBNCo network: We may collect your name and address from our service providers, business partners, or Australian Government agencies. In some cases, we may collect addresses (without names) from local councils.
• To assist in migrating Medical, Fire, and Lift alarms to the GBNCo network: We may collect addresses and alarm information from alarm service providers or residential home/aged care facility providers.
• When you participate in market research about us or the GBNCo network: We may collect information about you and your responses from research service providers.
• If you apply for a job with us: Background checks, references, criminal history (if relevant), and medical information (if relevant to the role).
• If you work for or contract with our service providers or partners: Employment information, including name, job title, contact details, background checks, and criminal history.

We collect, use, and hold your personal information to deliver our products and services, manage our business, and comply with legal requirements. We also use your personal information to better understand your needs and inform you about the GBNCo network.

Examples of how we use personal information include:

• Confirming your identity
• Responding to applications, questions, requests, or complaints
• Managing requests for connection to the GBNCo network, installations, network management, and improving your network experience
• Complying with legal obligations to inform people about the availability and connection to the GBNCo network
• Conducting customer experience and market research, marketing activities (including direct marketing), and providing information about the GBNCo network
• Assessing job applications and managing relationships with service delivery partners
• Investigating fraud and illegal activities
• Complying with laws and assisting government agencies and law enforcement
• Managing our business, improving products and services, and enhancing the user experience through anonymised insights and analytics

Informing You About the GBNCo Network

We are legally obligated to inform the public about the GBNCo network rollout, including availability in different areas and the discontinuation of connections to the old network. To fulfill this obligation, we send letters to homes and businesses eligible for the GBNCo network. If you have signed up for email updates, we will also send you relevant emails. You can opt out of receiving updates by using the ‘unsubscribe’ link in the emails.

Using Data for Network Improvement and Service Enhancement

We continually strive to develop and enhance the GBNCo network, products, and services. We leverage new technologies that combine information from various sources, such as third-party websites or the Australian Bureau of Statistics (abs.gov.au), to gain insights and improve our operations. We also collect anonymous information, such as website and advertising analytics, and data from service providers, to better understand network usage patterns and optimise our offerings. When collaborating with partners or service providers, we ensure they comply with data protection standards.

We share your personal information with individuals and organisations for the purposes described in Section 4. We may also share personal information with our service providers and in compliance with applicable laws. When sharing personal information, we take measures to protect its security.

Examples of sharing personal information include:

• Sharing information with telephone and internet providers utilising the GBNCo network to deliver requested services, resolve issues, address complaints, and improve the network experience
• Sharing information with our technicians and service delivery partners for installations and issue resolution
• Collaborating with survey and marketing partners to conduct activities on our behalf
• Sharing information with parties authorised by you, such as your representatives or legal advisors
• Providing personal information to previous employers to verify work history for job applications
• Complying with legal obligations and assisting government agencies and law enforcement

We may also disclose personal information to individuals and organisations that support our business operations, such as professional advisors, IT support, and administrative services. These disclosures are limited to what is necessary for the provision of their services, and we ensure that our service providers protect your information.

International Transfer of Personal Information

Some of our service providers may be located or operate outside of Australia. When required, we transfer personal information to these providers to enable the provision of services. We take steps to ensure that your personal information remains as secure as it would be within Australia. A list of countries where our overseas suppliers are located can be found on our website.

We implement measures to keep your personal information secure and confidential. We employ secure systems and facilities for storing your information, and we retain it only as long as necessary or as required by law.

We protect your personal information through the following measures:

Staff Training: Our staff undergo training to ensure they understand how to handle personal information securely.

System Security: We use firewalls, intrusion detection systems, and virus scanning tools to prevent unauthorised access to our systems. When transmitting data electronically to other organisations, we employ secure networks or encryption to protect your personal information.

Service Providers and Overseas Transfers: When engaging service providers or transferring personal information overseas, we require them to maintain appropriate safeguards and use the information appropriately.

Building Security: Our offices are secured through a combination of ID cards, alarms, cameras, guards, and other security controls.

Data Retention and Destruction: We retain personal information only for as long as necessary for our business or legal obligations. When no longer required, we take reasonable steps to securely destroy or de-identify the information. As a Business Enterprise registered under the Australian Corporation Law, we comply with the Archives Act 1983 (Cth), which sets retention periods for specific records.

You have the right to request access to, update, or correct the personal information we hold about you. Before granting access or making changes, we may need to verify your identity.

You can also request a copy of your personal information held by us.

How to Contact Us:

For privacy-related questions, access requests, correction requests, privacy complaints, or to obtain a printed copy of this Policy, please contact our Privacy Officer:

Privacy Officer GBNCo U1/22 Palmer Place Murarrie Q 4127 Email: info@gbnco.com.au

Please note that the GBNCo Privacy Officer handles privacy matters exclusively. For other inquiries, including those related to your GBNCo network connection, please use alternative contact methods provided:

Phone: 1800 40 20 10

If you have concerns about how we have handled your personal information, please let us know, and we will strive to resolve the issue. If you are not satisfied with our response, you can contact the Office of the Australian Information Commissioner (OAIC) for further assistance.

How to Make a Privacy Complaint:

If you are concerned about your privacy or our handling of your personal information, you can lodge a complaint with us (see ‘Contact Us’ above).

How We Handle Privacy Complaints:

We will:

• Keep a record of your complaint
• Respond to your complaint within 30 days. If we are unable to provide a final response within this timeframe, we will contact you to explain the delay and agree upon a new timeframe.

Further Options: If you are dissatisfied with our handling of your complaint, you can request a review or lodge a complaint with the Office of the Australian Information Commissioner.

Office of the Australian Information Commissioner GPO Box 5218 Sydney NSW 2001 Phone: 1300 363 992 Email: enquiries@oaic.gov.au Website: www.oaic.gov.au

If you have any questions regarding your privacy, wish to access or correct your personal information, make a privacy complaint, or obtain a printed copy of this Policy, please contact our Privacy Officer using the details provided in Section 7.

For inquiries unrelated to privacy matters or specific to your GBNCo network connection, please utilise alternative contact options:

Phone: 1800 40 20 10