Privacy Policy
Effective date: 1 March 2026 Last updated: 10 March 2026
This Privacy Policy explains how ONE Business and Technology Pty Ltd (“ONE BT”, “we”, “our”, or “us”) collects, uses, discloses, and protects personal information when you visit our website https://www.one-bt.com.au.
We take the protection of your personal information seriously and handle all personal data in accordance with the Australian Privacy Act 1988 (Cth), the Australian Privacy Principles (APPs), and all applicable amendments. As our website may be accessed by visitors in the European Union, we also endeavour to comply with the EU General Data Protection Regulation (GDPR).
This policy applies to all use of our website.
1. Who we are
The entity responsible for the collection and processing of personal information on this website is:
ONE Business and Technology Pty Ltd Unit 12, 6 Boronia Street Wollstonecraft, NSW 2065 Australia
Website: https://www.one-bt.com.au Contact: https://www.one-bt.com.au/contact
- Legal Basis for Data Processing
We collect and process personal information on the following legal bases:
- Consent – Where you have provided explicit consent for a specific purpose (e.g., submitting a contact form or subscribing to communications).
- Contractual necessity – Where processing is necessary to perform a contract with you or to take pre-contractual steps at your request.
- Legitimate interests – Where processing is necessary for our legitimate business interests (such as website operation, security, and improvement) and those interests are not overridden by your rights.
- Legal obligation – Where we are required by law to process personal information (e.g., for tax, regulatory, or reporting purposes).
For visitors from the EU/EEA, these correspond to the lawful bases under Articles 6(1)(a), (b), (c), and (f) of the GDPR.
- Purpose of Data Processing
We collect and process personal information primarily for the following purposes:
- Operating, maintaining, and securing our website
- Responding to enquiries submitted through our contact form
- Communicating and collaborating with potential clients and business partners
- Improving the performance, usability, and security of our website
- Complying with legal and regulatory obligations
- Protecting our legal rights and preventing misuse
- Information We Collect
4.1 Website Hosting
Our website is hosted by Rocket.net, a managed WordPress hosting provider, with servers located in Sydney, Australia. Rocket.net uses Cloudflare Enterprise for content delivery, performance optimisation, and security.
The hosting provider processes data necessary for operating the website, including server infrastructure, technical maintenance, DDoS protection, web application firewall services, and Content Delivery Network (CDN) services.
4.2 Access Data (Server Log Files)
When you access our website, information is automatically transmitted by your browser to our web server. This information may include:
- IP address (anonymised where possible)
- Date and time of access
- Browser type and version
- Operating system
- Referring URL (the page you visited before arriving at our site)
- Pages visited on our website
- Amount of data transferred
- HTTP status codes
This data is used solely for maintaining website stability, detecting unauthorised access, analysing aggregated usage trends, and troubleshooting. Server log data is not used to personally identify individual visitors and is retained for a maximum of 90 days unless required for security investigations.
4.3 Cookies and Tracking Technologies
Our website uses cookies and similar technologies — small text files stored on your device that allow your browser to be recognised during future visits.
(a) Strictly Necessary Cookies
These cookies are essential for the website to function securely and properly.
| Cookie Name | Provider | Purpose | Duration |
|---|---|---|---|
| wordpress_logged_in_[hash] | WordPress | Maintains login session for authenticated users | Session |
| wordpress_sec_[hash] | WordPress | Security authentication cookie | Session |
| wp-settings-[UID] | WordPress | Stores user dashboard preferences | 1 year |
| wp-settings-time-[UID] | WordPress | Stores time of user settings | 1 year |
| _cf_bm | Cloudflare | Bot management — distinguishes humans from bots | 30 minutes |
| cf_clearance | Cloudflare | Security — proves visitor has passed a challenge | Varies |
| __cflb | Cloudflare | Load balancing — routes requests to the same server | Session |
(b) Functional Cookies
These cookies enable enhanced functionality and personalisation (e.g., if you leave a comment on a post).
| Cookie Name | Provider | Purpose | Duration |
|---|---|---|---|
| comment_author_[hash] | WordPress | Remembers commenter name | 347 days |
| comment_author_email_[hash] | WordPress | Remembers commenter email | 347 days |
| comment_author_url_[hash] | WordPress | Remembers commenter URL | 347 days |
(c) Analytics Cookies
If we implement analytics tools (such as Google Analytics), these cookies collect anonymised data about website usage. IP anonymisation is enabled, and no personally identifiable information is transmitted. You can manage your consent for these cookies via our cookie banner.
| Cookie Name | Provider | Purpose | Duration |
|---|---|---|---|
| _ga | Google Analytics | Distinguishes unique users | 2 years |
| _gid | Google Analytics | Distinguishes unique users | 24 hours |
| _gat | Google Analytics | Throttles request rate | 1 minute |
Managing Your Cookie Preferences
You can manage or delete cookies at any time through your browser settings. You may also use our website’s cookie consent banner to manage your preferences. For more information, visit https://www.allaboutcookies.org.
4.4 Embedded Content (e.g., YouTube)
Our website may include embedded videos from YouTube (operated by Google LLC). We use YouTube’s “privacy-enhanced mode” where possible, which limits tracking until a video is played. However, viewing embedded content may transmit data (such as your IP address and browser type) to YouTube’s servers.
4.5 Contacting Us
If you contact us via our website, we collect the personal information you provide, such as your name, email address, company name, phone number, and message content. This information is used strictly to respond to your enquiry and manage our business relationship.
- Overseas Disclosure of Personal Information
As a business utilising modern web infrastructure, your data may be transferred to, stored in, or processed by trusted service providers outside of Australia:
| Service Provider | Country | Purpose |
|---|---|---|
| Rocket.net | United States (management) / Australia (servers) | Website hosting infrastructure |
| Cloudflare, Inc. | Global edge network | CDN, security, performance |
| Google LLC | United States | Analytics, embedded media |
Where personal information is transferred overseas, we take reasonable steps to ensure the recipient handles it in accordance with the APPs. For EU/EEA data, transfers are protected by appropriate safeguards, such as Standard Contractual Clauses (SCCs).
- Data Retention
We retain personal information only for as long as necessary:
- Contact form enquiries – Retained for the duration of the business relationship, then deleted within 12 months unless a legal obligation applies.
- Server log files – Retained for up to 90 days.
- Contractual and financial records – Retained as required by Australian taxation law (generally up to 7 years).
- Disclosure of Personal Information
We may disclose personal information to:
- Website hosting and security providers (Rocket.net, Cloudflare)
- IT service providers and technical support
- Professional advisers (legal, accounting, auditing)
- Government or regulatory bodies (where required by law)
We do not sell, rent, or trade your personal information to any third party for marketing purposes.
- Data Security
We implement robust technical and organisational measures to protect personal information, including SSL/TLS encryption, Cloudflare Enterprise web application firewalls, regular security patching, and secure database backups.
Notifiable Data Breaches: In the unlikely event of a data breach that is likely to result in serious harm, we will notify the Office of the Australian Information Commissioner (OAIC) and affected individuals in accordance with the Notifiable Data Breaches (NDB) scheme under the Privacy Act.
- Automated Decision-Making
We do not use automated decision-making or profiling that produces legal or similarly significant effects on individuals.
- Children’s Privacy
Our website is intended for a B2B audience and is not directed at children under 16. We do not knowingly collect personal information from children.
- Links to Third-Party Websites
Our website may contain links to external sites. We are not responsible for the privacy practices of external websites and encourage you to review their specific policies.
- Your Rights
Under the Australian Privacy Act and the GDPR, you have the right to:
- Access – Request access to personal information we hold about you.
- Correction – Request that we correct inaccurate or out-of-date information.
- Erasure – Request the deletion of your personal data (subject to legal retention obligations).
- Restriction and Objection – Restrict or object to our processing of your data based on legitimate interests.
- Portability – Receive your data in a commonly used, machine-readable format.
- Withdraw Consent – Withdraw consent at any time for future processing.
To exercise any of these rights, please contact us at https://www.one-bt.com.au/contact. We aim to respond within 30 days.
- Complaints
If you believe we have breached the Australian Privacy Principles or the GDPR, please contact us via our website. We will acknowledge your complaint within 5 business days and endeavour to resolve it within 30 days.
If you remain unsatisfied, you may escalate your complaint to the relevant authority:
Office of the Australian Information Commissioner (OAIC) Website: https://www.oaic.gov.au Phone: 1300 363 992 GPO Box 5218, Sydney NSW 2001
EU/EEA residents may also lodge a complaint with their local data protection supervisory authority.
- Contact Us
If you have questions about this Privacy Policy or how we handle your data, please contact our Privacy Officer:
ONE Business and Technology Pty Ltd Unit 12, 6 Boronia Street Wollstonecraft, NSW 2065 Australia
Contact form: https://www.one-bt.com.au/contact
- Changes to This Privacy Policy
We may update this policy to reflect technological, legal, or operational changes. Material changes will be highlighted on this page, and the “Last updated” date will be revised accordingly.
