Privacy Policy

Effective 1 April 2026.

Pickle Pty Ltd ABN 36 165 711 731

Effective Date: 1 April 2026

Table of contents

1. About This Policy

Back to top

1.1 This Privacy Policy describes how Pickle Pty Ltd ABN 36 165 711 731 (trading as Pickle, "we", "us", "our") collects, holds, uses, and discloses personal information.

1.2 Pickle is a registered Carriage Service Provider (CSP) under the Telecommunications Act 1997 (Cth), regulated by ACMA. We provide business-grade internet, voice and SIP/VoIP, managed IT, emergency lift phone, and strata communications services to Australian businesses.

1.3 We are bound by the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). We are also subject to the Telecommunications (Interception and Access) Act 1979 (Cth) (TIA Act), Spam Act 2003 (Cth), and Do Not Call Register Act 2006 (Cth).

1.4 This policy should be read alongside our https://thinkpickle.com.au/legal/customer-terms and https://thinkpickle.com.au/legal/acceptable-use-policy.

1.5 We do not provide services to consumers. All customers are businesses holding an ABN or ACN.

2. What Personal Information We Collect

Back to top

2.1 Identity and contact information

  • Full name, job title, business name, ABN/ACN
  • Business and personal contact details (email, phone, address)
  • Identity verification documents where required

2.2 Financial and credit information

  • Bank account and direct debit details
  • Credit card details (processed via PCI-DSS compliant gateways — we do not store full card numbers)
  • Credit history obtained from credit reporting bodies
  • Billing records and payment history

2.3 Telecommunications usage data (Call Data Records)

As a registered CSP, we collect and retain CDRs in accordance with the TIA Act and for billing, network management, and dispute resolution, including:

  • Originating and terminating numbers, call duration, date, time, and call type
  • SIP/VoIP session metadata and signalling data
  • Data usage records (upload/download volume, session duration)
  • Number portability and IPND entries as required by law

2.4 Emergency lift phone call logs

For emergency lift phone services, we log all call events including call time, duration, originating lift identifier, responding party, and call outcome — in accordance with applicable ACMA standards and lift safety regulations.

2.5 Network, device, and infrastructure data

For managed IT and network services:

  • IP addresses, MAC addresses, hostname records
  • CPE serial numbers and configuration data
  • Network topology and asset registers
  • System event logs and security alert data

2.6 Website and analytics data

When you visit thinkpickle.com.au:

  • IP address and approximate location
  • Browser type, OS, pages visited, referral source
  • Cookie identifiers and session data
  • Form submission data

2.7 Sensitive information

We only collect sensitive information (e.g., health information for disability service accommodations) with consent and where reasonably necessary.

3. How We Collect Personal Information

Back to top

3.1 Directly from you — via service applications, orders, phone, email, or website contact.

3.2 Automatically — CDRs and usage data generated during service delivery; analytics and cookies from website visits.

3.3 From third parties — nbn Co and wholesale carriers (provisioning and fault management), credit reporting bodies, ACMA, your employer (where they nominate you as an authorised contact), and referral partners.

3.4 Anonymity — Due to our obligations as a CSP and the contracted nature of our services, we cannot deal with customers on an anonymous or pseudonymous basis. Providing the requested information is a condition of receiving our services.

4. Why We Use Personal Information

Back to top

Primary purposes:

  • Service delivery, provisioning, and support
  • Identity verification and credit assessment
  • Billing and accounts receivable
  • Network operation, monitoring, fault detection, and security incident response
  • Regulatory compliance (ACMA, TIA Act, TIO, courts)
  • Emergency services call handling
  • Dispute resolution and complaint management

Secondary purposes (related to primary):

  • Direct marketing (see Section 10 — you may opt out at any time)
  • Product and service improvement
  • Legal proceedings

5. Disclosure of Personal Information

Back to top

5.1 Service delivery partners — nbn Co and carrier partners, SIP/VoIP interconnect providers, cloud platform providers (Microsoft, AWS, Google), datacentre operators, field service contractors, IT hardware vendors. All are required to maintain confidentiality and security obligations.

5.2 Financial and credit institutions — payment processors, credit reporting bodies, debt collection agencies.

5.3 Regulatory and law enforcement bodies

As a registered CSP we have mandatory disclosure obligations to:

  • ACMA (regulatory compliance)
  • AFP, state police, and other law enforcement agencies (under TIA Act warrants or lawful notices)
  • ASIO and national security agencies (under TIA Act, ASIO Act, and Assistance and Access Act 2018)
  • Courts and tribunals (subpoena or court order)
  • TIO (complaint investigations)
  • ACCC and OAIC (where required)

Note: The TIA Act requires registered CSPs to assist law enforcement and security agencies with lawful interception when directed by a valid warrant. We comply with all such obligations and are generally prohibited from notifying the subject of an interception.

5.4 Related entities — for service delivery, administration, and marketing, subject to this policy.

5.5 Business transfers — personal information may transfer to an acquiring entity in a merger or asset sale. We will ensure the acquirer is bound by equivalent privacy obligations.

6. Cross-Border Disclosure

Back to top

6.1 Some third-party providers store or process data outside Australia. Countries include, but may not be limited to, the United States, Ireland, Singapore, and Japan.

6.2 Before disclosing to overseas recipients, we take reasonable steps to ensure they provide substantially similar protection to the APPs, including through data processing agreements and standard contractual clauses.

7. Telecommunications Privacy and Lawful Intercept

Back to top

7.1 Call Data Records (CDRs)

CDRs record telecommunications activity (numbers, duration, time) but not call content. We retain CDRs for a minimum of 2 years as required by our CSP obligations.

7.2 Lawful interception

The TIA Act requires us to intercept communications when presented with a valid warrant by authorised agencies. We comply with all such obligations and are generally prohibited from disclosing that an interception has occurred.

7.3 Emergency lift phone call logging

All calls through our emergency lift systems are logged. Records are retained as required by ACMA standards and lift safety codes (typically 7 years) and may be accessed by building owners, emergency services, and regulators upon lawful request.

7.4 Network monitoring

We continuously monitor our network and managed systems for faults, security incidents, and capacity management. This involves automated processing of traffic metadata. We do not access the content of customer communications except where required by law or with consent.

7.5 Number portability and IPND

We submit records to the Integrated Public Number Database (IPND) for allocated numbers and cooperate with number portability processes managed by Communications Alliance.

8. Data Quality and Retention

Back to top

8.1 We take reasonable steps to ensure information we hold is accurate, complete, and up to date. If you believe we hold incorrect information, contact us using the details in Section 14.

Retention periods:

Data typeRetention period
CDRs and telecommunications usage dataMinimum 2 years (TIA Act)
Billing and financial records7 years (Corporations Act / tax law)
Customer account recordsDuration of agreement + 7 years
Emergency lift call logsAs required by ACMA standards (typically 7 years)
Managed IT device and log dataDuration of agreement + 12 months
Website analytics~26 months (Google Analytics default)

8.2 When personal information is no longer required, we securely destroy or de-identify it.

9. Cookies and Website Analytics

Back to top

9.1 We use cookies and analytics on thinkpickle.com.au:

Cookie typePurposeControllable
Strictly necessarySession management, securityNo
AnalyticsUsage patterns via Google Analytics (aggregated, not individually identified)Yes
PreferenceSettings across visitsYes
MarketingSet by third-party ad platforms where relevantYes

9.2 Manage cookies through your browser settings. Disabling non-essential cookies won't prevent site access. For Google Analytics data practices, see policies.google.com/technologies/partner-sites.

10. Direct Marketing and Spam Act Compliance

Back to top

10.1 We may contact you about Pickle services, promotions, and industry updates using details collected in the course of our business relationship.

10.2 We comply with the Spam Act 2003 (Cth) — we only send commercial electronic messages with express or inferred consent, and every message includes a functional unsubscribe link.

10.3 We comply with the Do Not Call Register Act 2006 (Cth) for outbound calling.

10.4 To opt out of marketing at any time:

  • Click Unsubscribe in any marketing email
  • Email [email protected] with subject "Unsubscribe"
  • Call 1300 688 588

Opt-outs are processed within 5 business days. This does not affect service, billing, or safety communications.

10.5 We do not sell or rent personal information to third parties for their marketing purposes.

11. Security

Back to top

We protect personal information through:

  • TLS/SSL encryption in transit; encryption of sensitive data at rest
  • Role-based access controls and multi-factor authentication
  • Regular security assessments and vulnerability testing
  • Security event monitoring and incident response
  • Physical access controls at offices and co-location facilities
  • Staff privacy and security training
  • Contractual security obligations on third-party providers

12. Notifiable Data Breaches

Back to top

12.1 We are subject to the Notifiable Data Breaches (NDB) scheme under Part IIIC of the Privacy Act.

12.2 If we have reasonable grounds to believe an eligible data breach has occurred, we will:

  • Assess within 30 days of becoming aware
  • Notify the OAIC and all affected individuals as soon as practicable
  • Provide a statement describing the breach, information involved, and recommended steps

12.3 If you believe your information has been compromised, contact us immediately at [email protected] or 1300 688 588.

13. Your Rights — Access and Correction

Back to top

13.1 Access (APP 12)

You may request access to personal information we hold about you. Contact our Privacy Officer (Section 14). We will respond within 30 days. We may decline access in limited circumstances (e.g., where required by law or prejudicial to law enforcement) and will provide written reasons if we do.

No fee for making a request; a reasonable cost-recovery fee may apply for complex requests.

13.2 Correction (APP 13)

If information we hold is inaccurate, incomplete, or misleading, you may request a correction. We will respond within 30 days. Where we agree, we will correct the information and notify relevant third parties where appropriate. Where we disagree, we will explain why and note your request in our records.

14. Privacy Complaints and Contact

Back to top

Privacy Officer
Pickle Pty Ltd ABN 36 165 711 731
Office 12, 7-9 Churchill Ave, Strathfield NSW 2135
Email: [email protected]
Phone: 1300 688 588
Website: thinkpickle.com.au

We acknowledge complaints within 5 business days and aim to resolve within 30 days.

OAIC escalation — If unsatisfied with our response:
Office of the Australian Information Commissioner
Website: http://www.oaic.gov.au | Phone: 1300 363 992

TIO escalation — For unresolved telecommunications complaints:
Telecommunications Industry Ombudsman
Website: http://www.tio.com.au | Phone: 1800 062 058

15. Updates to This Policy

Back to top

Material changes will be published at thinkpickle.com.au/legal/privacy-policy with a revised effective date and, where significant, notified directly to customers. Continued use of our services constitutes acceptance.

Pickle Pty Ltd ABN 36 165 711 731 | Office 12, 7-9 Churchill Ave, Strathfield NSW 2135 | 1300 688 588 | [email protected]
Privacy Policy — Effective 1 April 2026