Last updated: 22 March 2026

Privacy Policy

Metapass Group Pty Ltd (ABN 94 671 039 455) ("Metapass", "we", "us", or "our") is committed to protecting the privacy of your personal information. This Privacy Policy explains how we collect, hold, use, and disclose your personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

1. About This Policy

This policy applies to all personal information collected by Metapass through our website at metapassgroup.com, as well as through email correspondence, contact forms, and other direct interactions with us.

2. What Personal Information We Collect

The types of personal information we may collect include:

• Contact details — your name, email address, phone number, and organisation name, provided when you contact us or submit a form
• Correspondence — the content of emails, messages, or enquiries you send to us
• Technical data — your IP address, browser type, operating system, device information, and referring URLs
• Usage data — pages visited, time spent on pages, clicks, and other interactions with our website, collected via cookies and analytics tools

We do not collect sensitive information (such as health, racial, or political information) unless you voluntarily provide it to us.

3. How We Collect Your Information

We collect personal information in the following ways:

• Directly from you — when you send us an email, fill out a contact form, or otherwise communicate with us
• From our website — automatically through cookies and analytics tools when you visit our site
• From third parties — in limited circumstances, we may receive your information from business partners, publicly available sources, or referral contacts

4. Why We Collect Your Information

We collect and use your personal information for the following purposes:

• To respond to your enquiries and communicate with you
• To provide information about our products and services
• To improve and optimise our website and user experience
• To analyse website traffic and usage patterns
• To comply with our legal obligations
• To protect our rights, property, and the safety of our users

We will not use your personal information for purposes other than those described above without your consent, unless required or authorised by law.

5. Cookies and Analytics

Our website uses cookies — small text files stored on your device — to improve your browsing experience and help us understand how our site is used.

Google Analytics

We use Google Analytics to collect de-identified data about website traffic and user behaviour. Google Analytics uses cookies to gather information such as the pages you visit, how long you spend on our site, and how you arrived at our site. This data is aggregated and does not personally identify you.

You can opt out of Google Analytics by installing the Google Analytics Opt-out Browser Add-on.

Managing Cookies

Most web browsers allow you to manage cookie preferences through their settings. You can choose to block or delete cookies, though this may affect the functionality of our website. For more information, refer to your browser's help documentation.

6. Disclosure of Your Information

We may disclose your personal information to:

• Service providers — third-party providers who assist us with website hosting, analytics, email delivery, and other business operations, bound by confidentiality obligations
• Professional advisers — our lawyers, accountants, and auditors where necessary
• Regulatory authorities — government bodies, law enforcement, or regulators where required or authorised by law

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

7. Storage and Security

We take reasonable steps to protect your personal information from misuse, interference, loss, and unauthorised access, modification, or disclosure. These measures include:

• Secure hosting with encrypted data transmission (HTTPS/TLS)
• Access controls limiting who can view personal information
• Regular review of our data handling practices

We retain personal information only for as long as necessary to fulfil the purposes described in this policy, or as required by law. Where we no longer need your personal information, we will take reasonable steps to securely destroy or de-identify it.

Data Breaches

In the event of a data breach that is likely to result in serious harm, we will notify affected individuals and the Office of the Australian Information Commissioner as required under the Notifiable Data Breaches scheme in the Privacy Act 1988 (Cth).

8. Overseas Disclosure

Some of our service providers (such as website hosting and analytics providers) may store or process data outside of Australia, including in the United States and the European Union. Before disclosing personal information overseas, we take reasonable steps to ensure that the recipient handles your information in accordance with the APPs.

9. Your Rights

Under the Australian Privacy Principles, you have the right to:

• Access your personal information that we hold
• Request correction of any inaccurate, incomplete, or out-of-date information
• Opt out of direct marketing communications at any time
• Complain if you believe we have breached the APPs

To exercise any of these rights, please contact us using the details below.

10. Third-Party Links

Our website may contain links to external websites that are not operated by us. We are not responsible for the privacy practices of those websites. We encourage you to review the privacy policy of any third-party site you visit.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. When we make changes, we will update the "Last updated" date at the top of this page. We encourage you to review this policy periodically to stay informed about how we protect your information.

12. How to Contact Us

If you have questions about this Privacy Policy, wish to access or correct your personal information, or would like to make a complaint, please contact us:

Metapass Group Pty Ltd
Email: info@metapassgroup.com

We will respond to your request within 30 days. If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC).