Skip to main content

Trellis Accounting Pty Ltd

Privacy Policy

Last updated: 12th June 2026

1. Introduction

Trellis Accounting Pty Ltd (we, us, our) is committed to protecting your personal information and handling it in line with the Privacy Act 1988 (Cth) and the Australian Privacy Principles.

This Privacy Policy explains how we collect, use, store, disclose and protect personal information, including information used to verify your identity.

A current version of this Policy is always available on our website at trellisaccounting.com.au/privacy-policy.

2. Open and Transparent Management of Personal Information

We manage personal information in an open and transparent way. This Privacy Policy sets out:

  • The kinds of personal information we collect and hold
  • How we collect and hold personal information
  • The purposes for which we collect, hold, use and disclose personal information
  • How you may access and seek correction of personal information
  • How you may complain about a breach of the APPs and how we will deal with such a complaint
  • Whether we are likely to disclose personal information to overseas recipients

3. Anonymity and Pseudonymity

Where it is lawful and practicable, you have the option of not identifying yourself, or using a pseudonym when dealing with us. However, in most cases, we will need to collect your personal information to provide you with our services.

4. What Personal Information We Collect

We may collect the following personal information about you:

  • Full name
  • Date and place of birth
  • Residential or business address
  • Email address and phone number
  • Government-issued identification details, such as driver licence, passport, Medicare card or other ID document numbers
  • Biometric information, such as a facial image or short video used to verify your identity
  • Information about the services we provide to you and any related transactions
  • Any other information you choose to provide to us

We only collect personal information that is reasonably necessary to carry out our business activities.

5. Why We Collect Your Personal Information

We collect, use and disclose your personal information to:

  • Verify your identity
  • Provide and manage our services to you
  • Communicate with you about your engagement with us
  • Meet our legal and regulatory obligations, including anti-money laundering and counter-terrorism financing (AML/CTF) requirements
  • Detect and prevent fraud, and keep our systems secure
  • Improve our services

Secondary Purposes

We may use or disclose your personal information for secondary purposes where:

  • You have consented to the use or disclosure
  • You would reasonably expect us to use or disclose the information for that purpose
  • The use or disclosure is required or authorised by law
  • We reasonably believe the use or disclosure is necessary to prevent a serious threat to life, health, or safety

6. Dealing with Unsolicited Personal Information

If we receive personal information we did not solicit, we will determine whether we could have collected it under Section 4 (above). If not, we will destroy or de-identify the information as soon as practicable, provided it is lawful and reasonable to do so.

7. Notification of Collection

When we collect personal information, we will take reasonable steps to notify you of certain matters, including:

  • Our identity and contact details
  • The purposes for which we collect the information
  • The consequences if we do not collect the information
  • The organisations to which we usually disclose information
  • Information about our privacy policy
  • Whether we are likely to disclose information to overseas recipients
  • How you may access and seek correction of the information
  • How you may complain about a breach of privacy

8. Identity Verification and Government Data Matching (DVS)

To verify your identity, we may use electronic identity verification services, including the Australian Government’s Document Verification Service (DVS).

Where you have consented, your name, date of birth and identity document details will be securely sent to the relevant Commonwealth or State authority that issued your document. This may include passport offices, driver licence authorities, the Department of Home Affairs, Births Deaths and Marriages, or other authorised record holders.

These authorities check whether the details you have provided match the records they hold.

We do not receive a copy of your government records. The authority returns a match result only, confirming whether your details match (yes or no).

This process may be carried out through accredited identity verification providers, including APLYiD (APLYiD Pty Ltd, ABN 36 632 866 794) and its sub-providers.

More information about the DVS is available at idmatch.gov.au.

9. Biometric Information

As part of identity verification, we may collect biometric information, such as a facial image or a short video of you holding your ID.

Biometric information may be used to:

  • Confirm that you are a real person and physically present
  • Match your image to the photograph on your identification document
  • Reduce the risk of fraud and identity theft

Biometric information is treated as sensitive information under the Privacy Act. We only use it for identity verification and related compliance purposes, and only with your consent.

10. Consent to Collection and Identity Verification

By providing your personal information and completing the identity verification process, you consent to:

  • The collection, use and disclosure of your personal information for identity verification, AML/CTF and related compliance purposes
  • The collection and use of biometric information, such as a facial image or video, for identity verification
  • Your information being checked against records held by Commonwealth and State authorities through the DVS
  • Your information being shared with our authorised identity verification providers, including APLYiD

Your consent is voluntary. You can withdraw your consent at any time by contacting us using the details in section 22.

If you do not consent, or do not provide the information we need, we may not be able to verify your identity electronically. In that case, we may need to verify your identity in another way, or we may not be able to provide our services to you.

11. Disclosure of Personal Information

We may disclose your personal information to:

  • Identity verification providers, including APLYiD and its authorised sub-providers
  • Commonwealth and State authorities and official record holders, through the DVS
  • Our employees and authorised representatives, on a need-to-know basis
  • Our professional advisers, such as lawyers, accountants and auditors
  • Trusted technology and service providers that help us operate our business
  • Regulators, law enforcement or other third parties where required or authorised by law

We do not sell your personal information.

12. Overseas Disclosure

Some of our service providers may store or process personal information outside Australia.

Where this happens, we take reasonable steps to ensure that your personal information is handled in line with the Australian Privacy Principles, including through contractual protections with our providers.

By providing your personal information to us, you consent to the disclosure of your information to overseas recipients for the purposes described in this policy.

13. Adoption, Use or Disclosure of Government Related Identifiers

We will not adopt a government-related identifier (such as a driver’s licence number or Medicare number) as our own identifier of individuals. We will only use or disclose government-related identifiers where required or authorised by law.

14. Quality of Personal Information

We take reasonable steps to ensure that the personal information we collect, use, or disclose is accurate, up-to-date, complete, and relevant. We encourage you to contact us if any of your personal information is incorrect or has changed.

15. Data Security and Storage

We take reasonable steps to protect your personal information from misuse, interference, loss, and unauthorised access, modification or disclosure.

These steps include secure systems, access controls, and encryption in transit and at rest where appropriate.

We retain personal information only for as long as we need it for the purposes set out in this Policy, or as required by law. When we no longer need your information, we securely delete or de-identify it.

16. Data Breach Response

In the event of a suspected or confirmed data breach, we will:

  • Immediately investigate and contain the breach
  • Assess whether the breach is likely to result in serious harm
  • Notify affected individuals and the Office of the Australian Information Commissioner (OAIC) if required under the Notifiable Data Breaches (NDB) scheme
  • Take remedial action to prevent similar breaches in the future
  • Provide affected individuals with recommendations on steps they can take to protect themselves

17. Data Destruction and De-identification

When we no longer need personal information for any purpose, and we are not required by law to retain it, we will take reasonable steps to securely destroy or permanently de-identify the information.

18. Access and Correction

You have the right to ask for access to the personal information we hold about you, and to ask us to correct it if it is inaccurate, incomplete or out of date.

To make a request, please contact us using the details in section 22. We will respond within a reasonable time.

19. Disclosure of Personal Information to Third Parties

We may share your personal information with third parties for the purposes described in this policy. These third parties include:

  • Service providers (such as hosting providers, payment processors, and IT support)
  • Payment processors and financial institutions
  • Legal and regulatory authorities (when required by law)
  • Business partners and affiliates

We require third parties to protect your personal information and only use it for the purposes we specify.

20. Direct Marketing

From time to time, we may use your contact details to send you information about our services that we think may be of interest to you.

You can opt out of marketing communications at any time by using the unsubscribe link in our messages, or by contacting us using the details in section 22.

21. Privacy Complaints

If you have a complaint about how we have handled your personal information, please contact us first using the details in section 22.

We will acknowledge your complaint, investigate it, and respond to you within a reasonable time.

If you are not satisfied with our response, you can contact the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au.

22. Contact Details

If you have any questions about this Policy, or want to exercise any of your privacy rights, please contact us:

  • Business name: Trellis
  • Privacy contact: John Manning
  • Email: [email protected]
  • Phone: (08) 8291 7900
  • Address: Level 1, 83 Greenhill Road, Wayville SA 5034

23. Updates to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or in the law.

The latest version will always be available on our website. Where changes are significant, we will let you know.