Privacy Policy | Ensemble Solutions

1. Overview & Scope

This Privacy Policy applies to Ensemble Solutions Pty Ltd (ABN 41 650 430 765) (“we”, “us” or “our”), a Melbourne-based supply chain technology company. It governs how we handle personal information in connection with:

Our website at ensemblesolutions.com.au and related digital properties
Our software products including Meson WMS, Maestro (Prime AI and Middleware), WAM (Workforce Automation & Management) and iVerifai
Our consulting, implementation and support services
Our offshore resource and staff augmentation services

We are bound by the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). Where we operate internationally, we take reasonable steps to ensure compliance with applicable privacy laws in those jurisdictions, including the GDPR where relevant.

Our commitment: We collect only what we need, protect it carefully, and never sell it to third parties.

2. Information We Collect

2.1 Information You Provide Directly

Name, email address, phone number and other contact details
Company name, job title and role
Payment and billing information for service agreements
Information submitted through contact forms, enquiry requests or event registrations
Communications with us by email, phone or through support portals

2.2 Information Collected Automatically

IP address and approximate location data
Browser type, version and operating system
Pages visited, time on site, referral source and click behaviour
Usage data from our software products (e.g. session logs, feature usage, system events)

2.3 Information from Third Parties

We may receive information from analytics providers, business partners or publicly available sources to help us understand our audience and improve our services. We handle any such information in accordance with this policy.

2.4 Employee and Contractor Information (Offshore Resources)

For clients using our offshore resource services, we collect and process employment-related personal information about offshore staff including identification documents, employment records, payroll data, performance records and contact details. This is processed in compliance with Philippine Labor Law, the Philippine Data Privacy Act, and the Australian Privacy Act.

3. How We Use Your Information

We use the personal information we collect for the following purposes:

Service delivery: To provide, maintain and improve our software products, consulting services and offshore resource offerings
Client management: To process agreements, invoices and transactions and send related communications
Support: To respond to enquiries, provide technical support and manage service desk requests
Communications: To send service updates, product information and (with your consent) marketing communications
Analytics & improvement: To analyse usage patterns and improve our website, software and services
Legal & compliance: To comply with our legal obligations, resolve disputes and enforce our agreements
Security: To detect, prevent and address fraud, security breaches and technical issues

We will not use your personal information for any purpose that is incompatible with the purpose for which it was collected without your consent.

4. Sharing Your Information

We do not sell your personal information to third parties. We may share your information with:

Service providers: Third-party vendors who assist us in delivering our products and services (e.g. cloud hosting providers, payment processors, analytics tools), under contractual obligations to protect your data
Technology partners: Integrated platform partners such as Manhattan Associates, Microlistics, Shopify and similar, where required to deliver contracted services
Offshore operations team: Our Philippines-based team who manage offshore resource services on behalf of our clients, operating under strict confidentiality and data privacy obligations
Legal authorities: Where required by law, court order or to protect our rights, property or safety
Business transfers: In connection with a merger, acquisition or sale of assets, where personal information may transfer to the successor entity

Cross-border disclosure: Our offshore resource operations involve transfer of employment data to the Philippines. We take reasonable steps to ensure recipients handle such data consistently with Australian privacy standards. Clients using our offshore services consent to this transfer as part of the service agreement.

5. Data Security

We implement reasonable administrative, technical and physical safeguards to protect personal information from unauthorised access, use, disclosure, alteration or destruction. Our security measures include:

Multi-factor authentication (MFA) on all systems holding business or customer data
Role-based access controls limiting data access to those who need it
Encrypted data transmission and storage using industry-standard protocols
Webroot Endpoint Protection and Windows Defender on all managed workstations
An internal Security Operations Centre (SOC) monitoring our cyber security landscape
A dedicated Data Protection Officer (DPO) overseeing compliance with GDPR, the Philippine Privacy Act and the Australian Privacy Act
Network segmentation using VLANs for client data isolation
Regular IT security training for all staff

No method of transmission over the internet or electronic storage is completely secure. While we strive to use commercially acceptable means to protect personal information, we cannot guarantee absolute security. In the event of a data breach that is likely to result in serious harm, we will notify affected individuals and the Office of the Australian Information Commissioner (OAIC) as required by the Notifiable Data Breaches (NDB) scheme.

To report a security concern, contact us at security@ensemblesolutions.com.au.

6. Offshore Resources & Cross-Border Data Transfers

Ensemble Solutions operates an offshore staffing service with personnel based in the Philippines. Clients engaging this service should be aware that:

Personal and employment data for offshore staff is processed in the Philippines under Philippine Labor Law and the Philippine Data Privacy Act
We maintain comprehensive confidentiality agreements (NDAs and non-compete clauses) with all offshore personnel
Client data accessed by offshore resources is subject to the same confidentiality and security obligations as data accessed by our Australian-based team
Data Processing Agreements (DPAs) are in place with relevant vendors and partners accessing personal information
Clients retain full intellectual property rights over any work created by offshore resources during the engagement

7. Your Rights & Choices

Under the Australian Privacy Act and applicable laws, you have the following rights regarding your personal information:

Access: Request a copy of the personal information we hold about you
Correction: Request that inaccurate or incomplete information be corrected
Deletion: Request deletion of your personal information, subject to legal obligations that require us to retain certain records
Opt-out of marketing: Unsubscribe from marketing communications at any time by following the unsubscribe link in any email or contacting us directly
Complaints: Lodge a complaint with us or with the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au if you believe we have mishandled your information

To exercise any of these rights, contact us at info@ensemblesolutions.com.au. We will respond within 30 days.

8. Cookies & Tracking Technologies

Our website uses cookies and similar technologies to improve functionality and understand how visitors interact with our content. These include:

Essential cookies: Required for the website to function properly
Analytics cookies: Used to understand visitor behaviour and improve our website (e.g. Google Analytics)
Preference cookies: Used to remember your settings and choices

You can control or disable cookies through your browser settings. Please note that disabling certain cookies may affect the functionality of our website. We do not use cookies to serve targeted advertising.

9. Children’s Privacy

Our services are directed to businesses and professionals. We do not knowingly collect personal information from individuals under the age of 18. If we become aware that we have inadvertently collected personal information from a minor, we will take steps to delete it promptly.

10. Data Retention

We retain personal information for as long as necessary to fulfil the purposes for which it was collected, or as required by law. Specifically:

Client and contract records are retained for 7 years following the end of the contractual relationship, in accordance with Australian tax and corporate law requirements
Support and service desk records are retained for 3 years
Marketing contact information is retained until you opt out or request deletion
Employee and offshore resource records are retained in accordance with Philippine Labor Law and Australian Fair Work requirements

When personal information is no longer required, we take reasonable steps to destroy or de-identify it securely.

11. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology or legal obligations. When we make material changes, we will update the effective date at the top of this page. We encourage you to review this policy periodically. Your continued use of our services after any changes constitutes acceptance of the updated policy.

12. Contact Us

If you have any questions, concerns or requests regarding this Privacy Policy or our privacy practices, please contact us:

Email: info@ensemblesolutions.com.au
Privacy / compliance matters: compliance@ensemblesolutions.com.au
Security concerns: security@ensemblesolutions.com.au
Phone: +61 419 367 653
Address: Melbourne, Victoria, Australia

If you are not satisfied with our response to your privacy complaint, you may contact the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au or by calling 1300 363 992.