Privacy Statement

Last updated: 2 June 2026

Who we are

GeoSyntiq Pty Ltd is an Australian consulting business registered and managed in Australia.

Company: GeoSyntiq Pty Ltd
ACN: 698 016 894
Contact: contact@geosyntiq.com

In this Privacy Statement, “GeoSyntiq”, “we”, “us” and “our” means GeoSyntiq Pty Ltd. “You” and “your” means an individual whose personal information we handle. “Personal information” includes “personal data” where the UK GDPR or EU GDPR applies.

At a glance

We collect and use personal information to operate our business, run this website, respond to enquiries, provide consulting services, manage client and supplier relationships, maintain records, and comply with legal, tax, regulatory, contractual, insurance and record-keeping obligations.

We aim to collect no more personal information than is reasonably necessary for those purposes.

We do not sell personal information.

We do not currently use personal information for automated decision-making that produces legal or similarly significant effects.

When this policy applies

This Privacy Statement applies to personal information we handle in connection with:

  • this website;

  • enquiries and communications with us;

  • our consulting services;

  • our business operations and administration;

  • client, supplier and professional adviser relationships; and

  • records we are required or permitted to keep.

GeoSyntiq is an Australian company. Depending on the circumstances, our handling of personal information may be subject to Australian privacy law, UK data protection law, EU data protection law, client contractual requirements, or other applicable laws. This statement is intended to explain our general approach and does not mean that every privacy law referred to applies in every situation.

Where we handle personal information in connection with a client engagement, our role may vary depending on the circumstances. We may act as an independent controller, processor, service provider, or equivalent role under applicable law. Where our client engagement terms include specific privacy, confidentiality or data processing terms, those terms may also apply.

What personal information we collect

The personal information we collect depends on how you interact with us. It may include:

  • contact details, such as your name, email address, phone number, role, organisation and business address;

  • enquiry information, such as the content of messages you send to us;

  • client and matter information, including information provided to us by clients or their representatives for consulting engagements;

  • billing, payment, accounting and administrative information;

  • supplier and professional adviser information;

  • website and analytics information, such as IP address, browser and device information, pages visited, referring pages, timestamps, clicks, scrolling, searches and similar website activity; and

  • limited sensitive information, only where necessary for a specific engagement, required or permitted by law, or provided by you or a client for a relevant purpose.

We do not usually seek sensitive information from website visitors. Where UK GDPR or EU GDPR applies and special category personal data is involved, we will only handle that information where a relevant additional condition is available under applicable data protection law.

How we collect personal information

We may collect personal information:

  • directly from you, including when you contact us, send us information, engage us, or communicate with us;

  • from clients, where information is provided to us for the purpose of consulting work;

  • from your organisation, representatives, advisers or other people involved in a matter;

  • from publicly available sources;

  • from regulators, public authorities or professional bodies where relevant to a client engagement or legal requirement; and

  • from service providers and business systems that support our website, email, document management, accounting and administration.

If you provide us with personal information about another person, you should ensure that you are permitted to do so and, where required, that the person understands their information may be provided to us.

How we use personal information

We may use personal information to:

  • respond to enquiries and communicate with you;

  • assess whether we can provide services;

  • provide consulting services to clients;

  • manage client, supplier and professional relationships;

  • prepare proposals, contracts, invoices and business records;

  • operate, protect and improve this website;

  • understand website traffic and activity;

  • manage legal, tax, regulatory, contractual, insurance and record-keeping obligations;

  • protect our rights, interests and security;

  • resolve disputes or respond to complaints; and

  • send limited business updates where permitted by law, if we choose to do so.

We will only use personal information for the purpose for which it was collected, or for a related purpose you would reasonably expect, unless you have consented or another basis is permitted by law.

Lawful bases where UK GDPR or EU GDPR applies

Where the UK GDPR or EU GDPR applies, we rely on one or more lawful bases depending on the activity. The lawful basis that applies in a particular case will depend on the context, including whether we are handling information as a controller, processor, service provider, or under client engagement terms. Where we rely on legitimate interests, our interests may include operating our business, managing enquiries and client relationships, providing consulting services, maintaining records, protecting our rights and systems, and improving our website and services.

For responding to enquiries, we may use your name, email address, organisation and message content. We may rely on legitimate interests or steps before entering into a contract.

For providing consulting services, we may use client and matter information, business contact details and documents provided by clients. We may rely on contract, legitimate interests, or legal obligation where applicable.

For website analytics, we may use IP address, browser and device information, and website activity. We may rely on legitimate interests, or consent where required for non-essential cookies or similar technologies.

For business administration and records, we may use contact details, invoices, correspondence and supplier records. We may rely on contract, legitimate interests, or legal obligation.

For legal, regulatory, tax, insurance and dispute purposes, we may use relevant records, correspondence and matter information. We may rely on legal obligation or legitimate interests.

For limited business updates, if used, we may use business contact details and preferences. We may rely on consent, legitimate interests, or another permitted basis depending on the circumstances.

Where we rely on legitimate interests, we consider whether those interests are overridden by your rights, interests or freedoms. Where we rely on consent, you may withdraw that consent at any time.

Cookies and Squarespace analytics

This website is hosted by Squarespace. Squarespace may collect personal information when you visit this website, including information about your browser, network and device, pages you view on this website, pages you visited before coming to this website, and your IP address. Squarespace uses this information to run this website and to protect and improve its platform and services.

We may also use Squarespace analytics to understand site traffic and activity. Analytics information may include your IP address, browser and device information, referring pages, pages visited, clicks, internal links, scrolling, searches, timestamps and similar website activity.

This website uses cookies and similar technologies. Necessary cookies are used to securely serve this website. Analytics, performance or other non-essential cookies are used only where permitted by your cookie preferences and applicable law. Where required, we will seek consent or provide controls through the website or your browser settings.

This website may also use font, display or other website services made available through Squarespace, which may receive limited technical information needed to display or operate the website correctly.

If you submit information through a website form or contact us by email, we collect the information provided so we can respond to you. Website form information may be processed through Squarespace as our website hosting provider and may also be stored in our email, cloud storage or business administration systems.

Who we may disclose personal information to

We may disclose personal information where reasonably necessary for the purposes described in this Privacy Statement, including to:

  • clients, where information is relevant to a consulting engagement;

  • service providers that support our website, email, cloud storage, document management, accounting, administration and business operations;

  • professional advisers, including accountants, lawyers, insurers and auditors;

  • regulators, public authorities, courts, tribunals or law enforcement bodies where required or permitted by law;

  • other parties involved in a matter, where relevant to the services we provide; and

  • other parties with your consent or where otherwise permitted by law.

We do not sell personal information.

Overseas disclosure and international transfers

GeoSyntiq is based in Australia and may work with clients, suppliers and service providers located overseas, including in the United Kingdom. Some of our service providers may also store or process information outside Australia.

Personal information may therefore be handled in Australia, the United Kingdom, the United States, the European Economic Area, or other locations where our clients, suppliers or service providers operate.

Where required by applicable law, we take reasonable steps designed to protect personal information disclosed or transferred overseas. These steps may include using reputable service providers, contractual controls, access controls, security measures and other safeguards appropriate to the information involved.

Where personal information is provided to us by a client, overseas handling may also be governed by the relevant client contract or data processing terms.

Where UK GDPR or EU GDPR transfer rules apply, relevant safeguards may be addressed through our client contracts, service provider terms, or other measures required by applicable law.

Security

We use reasonable technical and organisational measures designed to protect personal information from misuse, interference, loss, unauthorised access, modification or disclosure.

These measures may include account security controls, access restrictions, reputable cloud service providers, secure document storage practices, and internal handling controls.

No method of electronic transmission or storage is completely secure. If we become aware of a data incident requiring notification, we will take steps required by applicable law.

Retention

We keep personal information only for as long as reasonably necessary for the purposes described in this Privacy Statement, including to provide services, manage records, comply with legal obligations, resolve disputes, and protect our rights and interests.

Retention periods vary depending on the type of information, the purpose for which it is held, client requirements, legal requirements, and operational needs.

For example, enquiry records may be kept for as long as needed to manage the enquiry and related business records; client engagement records may be kept for the duration of the engagement and any relevant legal, tax, insurance, contractual or dispute period; and accounting records may be kept for the period required by applicable law.

When personal information is no longer required, we will take reasonable steps to delete, de-identify or securely archive it, unless we are required or permitted to retain it.

Your rights

Depending on the law that applies and the circumstances, you may have rights to:

  • request access to personal information we hold about you;

  • ask us to correct inaccurate, incomplete or outdated information;

  • ask us to delete personal information in certain circumstances;

  • object to or restrict certain processing;

  • withdraw consent where we rely on consent;

  • request portability of certain personal data where UK GDPR or EU GDPR applies; and

  • make a complaint to us or to a relevant privacy or data protection authority.

These rights are subject to applicable law, identity verification, and relevant exceptions.

Your right to object

Where we rely on legitimate interests, you may have the right to object to that processing. If we use your personal information for direct marketing, you may object at any time and we will stop using it for that purpose.

To exercise any applicable rights, contact us using the details below.

Complaints

If you have a question, concern or complaint about how we handle personal information, please contact us first so we can try to resolve it.

Where applicable, you may also have the right to complain to a privacy or data protection authority, including the Office of the Australian Information Commissioner, the UK Information Commissioner’s Office, an EU supervisory authority, or another relevant authority.

Contacting us first does not prevent you from contacting a relevant authority directly.

Contact us

If you have any questions about this Privacy Statement, wish to make a privacy complaint, or want to exercise any applicable privacy rights, please contact:

GeoSyntiq Pty Ltd
Email: contact@geosyntiq.com