Privacy Policy

GML Heritage takes privacy seriously and we aim to earn and maintain your trust.

We handle personal information with care and in a transparent way, consistent with the Privacy Act 1988 (Cth) and the Australian Privacy Principles.

This Privacy Policy explains the information we collect, how we use it, when we share it, and the options available to you when you interact with GML Heritage Pty Ltd (ACN 001 179 362) and GML Heritage Victoria Pty Ltd (ACN 620 754 761) (GML/we/us/our).

Quick summary

We collect personal information when you contact us, request a proposal, engage our services or apply for a role.

We use it to communicate with you, deliver services, operate our business and meet legal or professional obligations.

We protect the information we hold and keep it only as long as needed.

You can request access or correction, and you can raise a complaint if you have concerns.

What we mean by ‘personal information’

Personal information is any information or opinion about you that identifies you, or could reasonably identify you.

When you can choose not to identify yourself

Where it’s lawful and practical, you can deal with us without identifying yourself. If we need certain details to help you – for example, to respond to an enquiry or provide services – we’ll explain what’s required.

What we may collect

The information we collect depends on how you engage with us. It can include:

  • your name, organisation, role and contact details
  • the details you provide in an enquiry or request (including attachments)
  • information needed to deliver our services (for example, project and stakeholder details)
  • recruitment information you provide (for example, your CV, work history and referees).

If you only browse our website, we do not set out to identify you. However, our website may still create basic technical records (see ‘Cookies and website analytics’ below).

How we collect information

In most cases, you provide personal information to us directly – for example, by email, phone, web forms, meetings, or a job application.

In some situations we may receive information from others (such as clients, project partners, referees or professional advisers) where it is lawful and reasonable.

How we use personal information

We may use personal information to:

  • respond to enquiries and keep in touch
  • prepare proposals, quotes and associated documents
  • provide and manage our professional services
  • manage recruitment and employment processes
  • meet legal, regulatory and professional obligations
  • operate our systems, quality processes and business administration.

We won’t use personal information for a different purpose unless you would reasonably expect it, you agree, or the law allows or requires it.

Direct marketing

From time to time we may send updates about GML (for example, news or insights) where this is permitted. You can opt out at any time by using the unsubscribe option provided (if available) or by contacting us.

Who we may share information with

We may share personal information with trusted third parties where it’s needed to run our business or deliver services. This can include IT and hosting providers, and our professional advisers (legal, accounting and insurance).

We may also share information with clients, project stakeholders or government bodies where that is necessary for the work you have asked us to do, or where disclosure is required or authorised by law.

Overseas recipients

We keep personal information within Australia.

If overseas disclosure becomes part of our routine operations, we will update this policy and, where practical, identify the countries involved.

Cookies and website analytics

Our website may use cookies or similar technologies so the site functions properly and to help us understand how it is used. Some information may be collected automatically, such as device type, browser, and pages visited.

You can usually manage cookies through your browser settings. If we use third‑party analytics tools, those providers may also set cookies.

Keeping information secure

We use practical safeguards to protect personal information against loss, misuse and unauthorised access. Safeguards may include access controls, secure systems and staff awareness.

How long we keep information

We keep personal information only for as long as it is needed for the purpose it was collected, or to meet record‑keeping and legal requirements.

If you apply for a role, we may keep your application for a reasonable period so we can consider you for future opportunities, unless you ask us not to.

Access and correction

You can ask us for a copy of the personal information we keep about you, and you can ask us to fix it if it is inaccurate, incomplete or out of date.

Contact us using the details below. We will respond within a reasonable time and in line with Australian privacy law.

Questions and complaints

If you have a privacy question or concern, please contact us. We will review the issue and aim to resolve it promptly.

If you are not satisfied with our response, you can contact the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au or on 1300 363 992.

Updates to this policy

We update this Privacy Policy when our practices change or when legal requirements change. The current version will be published on our website.

 

Last updated: February 2026