Privacy Policy

Privacy Policy

This privacy statement applies to Gray Robinson & Cottrell Pty Ltd and the GRC Unit Trust. Personal information collected by GRC is used in accordance with its obligations under the Privacy Act. Personal information is information relating to an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion provided.

GRC is committed to protecting the privacy of all individuals and we will comply with the privacy legislation and regulations outlined in the Privacy Act.

Email security policy

The information in GRC emails including any attachments is intended solely for the named recipient. It may contain privileged and/or confidential information. If you are not the intended recipient, you must not disclose, copy, distribute, take any action or rely upon it. If you receive an email in error, please notify the sender. If you receive an email by mistake, please notify us as soon as possible and permanently delete the email. Any e-mails you send or receive will be automatically checked for viruses and copied for our email archives. Our IT administrators may have access to emails to manage email security.

What personal information do we collect and how?

GRC will only collect personal information to the extent that it is reasonably necessary for the purposes of our business. GRC may collect and store the following types of personal information:

  • Information about potential employees including application forms, CVs, interview notes, references and names and contact details of referees
  • Current employee information including name, addresses, email, telephone numbers, TFN, bank account details, next of kin details, date of birth, gender, salary, superannuation funds, licences, memberships, qualifications, passport details and medical information
  • Contact information about current and potential clients, consultants, subcontractors, suppliers and industry participants
  • Third party information obtained through contact made via our website
  • Correspondence in relation to sales, support and accounts including email
  • Correspondence from you or your company, which may be via telephone, email, fax or directly through our website.

GRC collects personal information orally, in writing, by telephone, via email and via its website. GRC collects information in a number of ways including:

  • On its website
  • As it establishes payroll records for employees
  • Through the ongoing management of employees during their time with GRC
  • By collecting client, supplier and business partner contact information as part of the ongoing management of its business relationships.

What do we use personal information for?

Any personal details you provide will be used for the purpose for which it was provided. If you upload your CV to our website or send by email, you give us express consent to use, disclose and store your personal information for the purposes of potential recruitment by GRC. Any filed CVs will be secured and protected from unauthorised access.  

If your request is for company newsletters or other material your details and information you wish to receive will be held on the GRC client database and used for the purpose of administering your subscription or request. GRC may use your email details to contact you from time to time to provide you with information about GRC.

If you purchase a tax depreciation report through the GRC website, sensitive personal information such as credit card numbers will be encrypted using secure socket layer technology (SSL). When credit card details are collected, we simply pass them on in order to be processed as required. We never permanently store complete credit card details.

With regard to other interactions through which we obtain personal information, your details will only be accessible to and used by, appropriate personnel. We do not use or disclose any personal details you provide to us for the purposes of direct marketing.

We follow generally accepted industry standards to protect the personal information submitted to us, both during transmission and once we receive it.

Security of information

The Internet is an insecure medium and users should be aware that there are inherent risks transmitting information across the Internet. Information submitted unencrypted via email or web forms may be at risk of being intercepted, read or modified.  GRC uses all reasonable efforts to ensure that any personal information collected, in whatever format, is held securely. In addition, only authorised personnel have access to personal information and are required to comply with this policy. When you enter sensitive information on our website (such as credit card numbers) we encrypt that information using SSL technology. For those who do not wish to use the internet, we provide alternative ways of obtaining and providing the information. If you prefer you can contact us on telephone +61 7 3878 6222 or by email

Online credit card transactions

GRC uses the eWAY Payment Gateway for its online credit card transactions. eWAY processes online credit card transactions for thousands of Australian merchants, providing a safe and secure means of collecting payments via the Internet. All online credit card transactions performed on this site using the eWAY gateway are secured payments.

  • Payments are fully automated with an immediate response
  • Your complete credit card number cannot be viewed by or any outside party
  • All transactions are performed under 128 Bit SSL Certificate
  • All transaction data is encrypted for storage within eWAY’s bank-grade data centre, further protecting your credit card data
  • eWAY is an authorised third party processor for all the major Australian banks
  • eWAY at no time touches your funds; all monies are directly transferred from your credit card to the merchant account held by GRC.


Google analytics & cookies

The GRC web site uses Google Analytics, a web analytics service provided by Google Inc. (“Google”). Reports obtained from Google Analytics are used to help improve the efficiency and usability of this web site. Google Analytics uses ‘cookies’ to help analyse how users use this site. The information generated by the cookie, about how your use of the web site (including your IP address) will be transmitted to and stored by Google on servers in the United States.

Google will use this information for the purpose of evaluating your use of our web site, compiling reports on web site activity for web site operators and providing other services relating to web site activity and internet usage. Google may transfer this information to third parties where required to do so by law, or where such third parties process the information on Google’s behalf. Google will not associate your IP address with any other data held by Google. By using this web site, you consent to the processing of data about you by Google in the manner and for the purposes set out above. Please refer to Google’s Privacy policy

Links to other sites

This site may contain links to other sites. GRC is not responsible for the privacy practices of these web sites and has no knowledge of whether cookies or other tracking devices are used on linked sites. If you have any concerns regarding your privacy, when visiting a linked site, you should ensure you are aware of the privacy policies of those sites.

Disclosing personal information

In some circumstances, GRC may disclose personal information to achieve the purpose for which the information was provided. Otherwise, GRC’s policy is not to disclose any personal information to any unrelated third party, except with your consent, or where we are permitted by law to do so.

Retention and disposal of information

GRC will only keep personal information it needs for the purpose for which it was collected. GRC will take reasonable steps to dispose of such information when it has no further need to use it or it is required by law to do so.


We reserve the right to disclose your personally identifiable information as required by law and when we believe that disclosure is necessary to protect our rights and/or comply with a judicial proceeding, court order, or legal process services on our website.

Accessing and updating personal information

Upon request, GRC will provide you with access to the information we hold about you. GRC takes reasonable steps to ensure your personal information is accurate, complete and up to date whenever we collect or use it. If the personal information we hold about you is inaccurate, incomplete or out of date, please let us know and we will make every effort to correct this information.

Changes to this Privacy Statement

On occasion, it may be necessary for us to review and revise this Privacy Statement. GRC reserves the right to change this Privacy Statement at any time. GRC will notify changes to this privacy policy by posting an updated version on its website

Contact details

You can access your personal information and notify us of any change, modification or correction, by contacting GRC at:


T: +61 7 3878 6222

A: Level 3, 143 Coronation Drive, MILTON, 4064, Australia.