Privacy Policy

Last updated: February 2026

At CJM Advisory Pty Ltd, we are committed to protecting your privacy in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). This policy outlines how we collect, use, and safeguard your personal and sensitive information.

1. Information We Collect

To provide taxation and accounting services, we collect:

  • Personal Information: Name, contact details (email and phone), date of birth, and government identifiers (such as Driver’s Licence, Director IDs, or Passport details) required for identity verification and statutory compliance.

  • Tax File Numbers (TFNs): We are authorised by the Taxation Administration Act 1953 to request and collect TFNs. We collect this information only as authorised by law for the purpose of providing taxation services.

  • Financial Information: All data required for accounting and tax services, including (but not limited to) bank account details, bank statements, investment records and financial records.

  • Technical Data: We automatically collect standard usage information (such as IP addresses and browser types) to maintain the security and functionality of our website.

2. How We Use Your Information

We use your information only for purposes directly related to our professional engagement, including:

  • Service Delivery: Providing accounting, tax, and advisory services as defined in our Letter of Engagement.

  • Communication: Contacting you regarding your tax affairs, lodgement deadlines, and service updates.

  • Compliance: Meeting our professional, legal, and regulatory obligations under the Tax Agent Services Act 2009.

  • Improvements: Enhancing our website functionality and client experience.

  • Marketing: Providing relevant professional updates or newsletters, which you may opt out of at any time.

3. Disclosure of Your Information

We do not disclose your personal information to third parties without your consent, except in the following circumstances:

  • Regulatory Bodies: To the Australian Taxation Office (ATO) or other government agencies as required to fulfill your lodgement obligations.

  • Service Providers: To trusted third-party providers, such as cloud accounting platforms (e.g., Xero) and secure document portals used to deliver our services. You acknowledge that these providers may store data on secure servers located outside of Australia.

  • Professional Standards: To Chartered Accountants Australia and New Zealand (CA ANZ) if required for mandatory quality assurance reviews or professional conduct investigations.

  • Legal Duty: Where we are legally compelled to disclose information (e.g., by a court order or statutory notice).

4. Data Security

We take the security of your financial and personal data seriously.

  • Protection Measures: We implement industry-standard security, including encryption and MFA, to protect your information from unauthorised access, modification or loss.

  • Limitations: While we strive to protect your data, no method of transmission over the internet is entirely secure. We cannot guarantee absolute security, but we maintain standard internal professional protocols to manage and mitigate risks.

  • Mandatory Notification: In the event of a data breach likely to cause you serious harm, we will notify you and the Office of the Australian Information Commissioner (OAIC) as required by the Notifiable Data Breaches (NDB) scheme.

5. Your Rights

Under the Australian Privacy Principles, you have the right to:

  • Access & Correct: Request a copy of your personal information or ask us to update inaccurate records.

  • Deletion: Request that we delete your information, noting that we must retain certain records for statutory periods (generally 7 years) to meet our legal and professional obligations.

  • Opt-Out: Unsubscribe from marketing or professional updates at any time via the link in our emails or by contacting us.

6. Complaints and Policy Updates

  • Complaints: If you have concerns about your privacy, please contact us at contact@cjmadvisory.com.au. We will acknowledge your email in 5 business days and aim to resolve it within 21 business days. If you are not satisfied with our response, you may lodge a formal complaint with the Office of the Australian Information Commissioner (OAIC).

  • Cookies: Our website uses cookies for security and functionality. You can manage these via your browser settings.

  • Policy Updates: We may update this policy periodically. Any changes will be posted on this page with an updated revision date, and your continued use of our services constitutes acceptance of these updates.

Contact Us

If you have any questions about this Privacy Policy, please email us at contact@cjmadvisory.com.au.