Privacy Policy for the TUTIS System

Version 3.2 – Last Updated: 11 Feb 2025

Your privacy is important

this privacy policy outlines how Tutis Operations Pty Ltd ACN 613 180 411 and its associates (we, our or us) collects, uses and discloses personal information in relation to the use of the TUTIS Workforce Management System (System).

This Privacy Policy does not apply to employee records held by us that relate directly to a current or former employment relationship.

This Privacy Policy is designed to comply with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

1. Introduction

Tutis Operations Pty Ltd (ACN 613 180 411) (“we”, “our”, or “us”) is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and store your personal information when you use the TUTIS Workforce Management System (“System”).

This policy applies to personal information we collect from:

  • Users of the System.
  • Individuals whose information is uploaded to the System by other users.
  • Customers, business partners, and third-party service providers.

By using the System, you consent to the collection, use, and disclosure of your personal information as described in this Privacy Policy.

2. Types of Personal Information We Collect

We collect the following types of personal information:

  • Identity information: Name, email address, residential address, and other contact details.
  • Account information: Username, password, and security credentials.
  • System activity data: Information about your use of the System, including uploaded data, communications, and logs.
  • Device information: Internet protocol (IP) address, mobile device identifiers, browser type, and other metadata.
  • Sensitive information (with consent): Health data, professional or trade association membership, criminal history, and other regulated data where applicable.

3. How We Collect Personal Information

We collect personal information:

  • Directly from you when you create an account, use the System, or communicate with us.
  • From third parties such as employers, training providers, or compliance authorities that upload data about you.
  • Automatically through cookies and analytics tools when you access the System.

If you provide information about another person, you must obtain their consent before doing so. If that person is under the age of 15 years, you must obtain the consent of that person’s parent or guardian. Unless we are notified otherwise, we will assume that all information about another person that you upload to the System, or otherwise provide to us, has been uploaded or provided to us with that person’s consent or, where that person is under the age of 15 years, the consent of that person’s parent or guardian.

If we become aware that we have obtained information about a person under the age of 15 without the consent of a parent or guardian of that person, we will remove that information from the System and destroy all records of the information that we hold. If you believe that information about a person under the age of 15 years is available on the System, or that we otherwise hold such information, without the consent of a parent or guardian of that person, you can notify us using the contact details section of this document set out below.

4. Purpose of Collection and Use

We collect and use your personal information for the following purposes:

  • Providing and improving the System, including customer support and troubleshooting.
  • Ensuring compliance with industry regulations and system integrity.
  • Marketing communications (with your consent) about our products and services.
  • Processing payments and managing service agreements.
  • Meeting legal obligations, including responding to lawful requests from government authorities.

5. Disclosure of Personal Information

We may disclose your personal information to:

  • Other users of the System, but only as necessary for system functionality (e.g., employers verifying compliance data).
  • Third-party service providers who support the System (e.g., cloud hosting, security services, and payment processors).
  • Regulatory bodies or enforcement agencies as required by law.

Information you upload to the System may be shared with other authorised users within your organisation as necessary for operational and compliance purposes. Additionally, your data may be shared with third parties only to the extent required to provide the System’s services. Some of these authorised users or third parties may be located outside Australia.

We take reasonable steps to ensure that any overseas recipients of your personal information comply with privacy protections equivalent to Australian law. If we are unable to ensure this, we will obtain your explicit consent before sharing your personal information overseas.

You may also manage how your information is shared within your organisation and with third parties by adjusting your privacy settings within the System.

6. Data Security & Retention 

We implement industry-standard encryption, access controls, and monitoring to protect personal information from unauthorized access, modification, or loss.
We retain personal information for as long as necessary to fulfill our legal and operational requirements. After this period, we securely delete or anonymize your data.

We take reasonable steps to protect personal information from misuse, loss, and unauthorized access. In the event of a data breach that is likely to result in serious harm, we will assess the incident in accordance with the requirements of the Notifiable Data Breaches (NDB) scheme under the Privacy Act 1988 (Cth). If we determine that the breach meets the criteria for notification, we will:

  • Notify affected individuals as soon as practicable, including details of the breach and recommended actions to protect against further risk.
  • Notify the Office of the Australian Information Commissioner (OAIC) as required.
  • Take all reasonable steps to contain and remediate the breach to prevent future occurrences.

If you believe your personal information has been compromised, please contact our Privacy Officer, details can be found below.

7. Accessing and Correcting Your Information 

You can request access to your personal information or ask us to correct any errors by contacting us at hello@tutis.com.au.

We will acknowledge receipt of your complaint within 10 business days and aim to provide a response within 30 days. If additional time is required to resolve your complaint, we will notify you in writing with an expected resolution timeframe. We may charge a reasonable fee for complex requests.

We may refuse access in limited circumstances, such as where providing access would compromise another individual’s privacy or breach legal obligations. If your request is denied, we will explain why and provide information on how you can challenge our decision.

8. Complaints and Contact Information 

If you believe we have breached your privacy rights, please contact our Privacy Officer at:

Privacy Officer – Tutis Operations Pty Ltd
Level 6, 316 Adelaide Street, Brisbane, QLD 4000
Email: hello@tutis.com.au.

If you are unsatisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.

9. Cookies & Tracking Technologies

The System uses cookies to enhance user experience and improve services.  You can disable cookies through your browser settings, but this may affect functionality. 

10. Links to external websites 

The System may contain hyperlinks to third party websites. This privacy policy does not apply to those websites. We suggest that you consider the privacy policies set out on any website that you access after following a link from the System.

11. Direct marketing communications

From time to time we may use your personal information (except sensitive information) to provide you with marketing materials in relation to the System, our business or our service offerings from time to time. You may withdraw consent anytime by clicking the ‘unsubscribe’ link in emails or contacting us at hello@tutis.com.au

12. Changes to This Privacy Policy 

We may update this Privacy Policy periodically. The updated policy will be available on our website. The latest version will always be available on our website at www.tutis.com.au.

Approved by: Chris Wright, CEO
Effective Date: 11 February 2025