PROFACT Want facts. Get facts. ProFact.
Request consultation
Privacy

Privacy Policy

ProFact is committed to confidentiality in every matter we are instructed on. This policy explains how we collect, use, store and protect personal information in line with Australian privacy law.

1. Who we are

This Privacy Policy applies to Prime Time Risk Management & Recruitment Pty Ltd (ABN 96 159 461 284), trading as Profact Services (ProFact, we, us).

We provide private investigation and related services to corporate clients, law firms, insurers, government agencies and private individuals across Australia. Contact: briefs@profact.com.au or 1300 464 810.

2. Our commitment to confidentiality

Confidentiality is central to our work. Information you provide in an enquiry or brief is treated as confidential from intake. We do not discuss, use or disclose client information except as described in this policy, as required or authorised by law, or with your consent.

Investigation files are accessed on a need-to-know basis by assigned personnel under documented operating protocols.

3. Australian privacy law

We handle personal information in accordance with the Privacy Act 1988 (Cth), the Australian Privacy Principles (APPs) and, where applicable, the Notifiable Data Breaches scheme.

Personal information is information or an opinion about an identified individual, or an individual who is reasonably identifiable. Sensitive information includes health information and other categories listed in the Privacy Act.

4. What we collect

Depending on how you interact with us, we may collect:

  • contact details (name, organisation, role, phone, email, address);
  • brief and matter information you choose to provide (including details about subjects of investigation where relevant to the instruction);
  • billing and engagement records;
  • communications with our team (calls, email, forms, correspondence);
  • website usage data (such as IP address, browser type and pages visited) via standard server logs or analytics tools; and
  • information obtained lawfully in the course of an investigation, where we have been instructed to do so.

Where practicable, we collect personal information directly from you. In investigation matters, some information may be collected from third parties or public sources as authorised by your instruction and applicable law.

5. Why we collect personal information

We collect, hold, use and disclose personal information to:

  • respond to enquiries and assess whether we can accept a brief;
  • scope, perform and report on investigation and related services;
  • meet legal, licensing and professional obligations;
  • manage billing, accounts and our relationship with you;
  • maintain the security and integrity of our systems; and
  • improve our website and services.

We do not use personal information for direct marketing unless you have consented or an exception under the Privacy Act applies.

6. Disclosure of personal information

We disclose personal information only where reasonably necessary for the purposes above, including to:

  • instructors, clients or their legal representatives, as directed by the engagement;
  • professional advisers (such as lawyers or accountants) bound by confidentiality;
  • IT and infrastructure providers who handle data on our behalf under appropriate terms;
  • courts, tribunals, regulators or law enforcement when required or authorised by law; and
  • other parties with your consent.

We do not sell personal information. We require service providers that handle personal information on our behalf to protect it and use it only for the purpose for which it was provided.

7. Storage, security and retention

Personal information is held securely with access controls, password protection and staff confidentiality obligations appropriate to the nature of our work.

We retain information for as long as needed to fulfil the purpose for which it was collected, meet legal and licensing requirements, and resolve disputes. Matter files are retained in line with our document retention schedule and client instructions where applicable.

If we no longer need personal information, we take reasonable steps to destroy or de-identify it, subject to legal retention requirements.

8. Overseas disclosure

We primarily store and process personal information in Australia. If we ever need to disclose personal information to an overseas recipient, we will take reasonable steps to ensure the recipient complies with the APPs or we will otherwise comply with the Privacy Act.

9. Access, correction and anonymity

You may request access to personal information we hold about you, or request correction if it is inaccurate, out of date, incomplete or misleading. We will respond within a reasonable period and in accordance with the Privacy Act.

We may need to verify your identity before providing access. In some circumstances we may decline access where permitted by law (for example, where access would unreasonably affect another person’s privacy or where information relates to an investigation file subject to legal privilege).

Where lawful and practicable, you may interact with us anonymously or using a pseudonym. For investigation services, anonymity may limit our ability to scope or accept a brief.

10. Notifiable data breaches

If we become aware of a data breach that is likely to result in serious harm, we will assess the breach and, where required, notify affected individuals and the Office of the Australian Information Commissioner (OAIC) in accordance with the Notifiable Data Breaches scheme.

11. Cookies and website analytics

Our website may use cookies and similar technologies to support basic functionality and to understand how visitors use the site. You can manage cookies through your browser settings. Disabling cookies may affect some site features.

12. Complaints

If you have a concern about how we have handled personal information, contact us first so we can try to resolve it:

Email: briefs@profact.com.au
Phone: 1300 464 810

We will acknowledge your complaint and respond within a reasonable time. If you are not satisfied with our response, you may contact the OAIC at oaic.gov.au.

13. Changes to this policy

We may update this Privacy Policy from time to time. The current version will be published on this page with an updated effective date. Material changes will be brought to your attention where appropriate.

Effective date: 1 June 2026

Want facts. Get facts. ProFact.