1. Overview

Strategic Step Advisory ("SSA", "we", "our") is committed to protecting your privacy and handling your personal information with transparency and care. This Privacy Policy explains how we collect, use, store, and disclose personal information in accordance with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth).

This policy applies to all individuals whose information we handle in the course of our advisory and consulting activities, including:

•       Clients and their representatives

•       Prospective clients and referral contacts

•       Suppliers and contractors

•       Website visitors

Sensitive information is collected only with your consent and only where it is necessary for the performance of our functions and activities.

2. Clients and Their Representatives

2.1 Information We Collect

In the course of providing strategic advisory and consulting services, we may collect:

•       Contact details (name, phone number, email address, job title)

•       Organisational information and business context

•       Details about advisory needs, strategic objectives, and project requirements

•       Communication records and meeting notes

•       Billing, invoicing, and payment information

2.2 Purpose of Collection

We collect this information to:

•       Deliver strategic advisory and consulting services

•       Understand your organisation's needs and objectives

•       Manage client relationships and project delivery

•       Provide billing and administrative services

•       Send relevant insights, event invitations, and thought leadership content (with consent)

•       Fulfil contractual and legal obligations

2.3 Disclosure of Client Information

We may disclose your information to:

•       Third-party IT and software service providers supporting our operations

•       Legal or regulatory authorities where required by law

•       Professional advisers (e.g. legal counsel, accountants) on a need-to-know basis

All third parties are required to comply with applicable privacy and confidentiality obligations.

3. Suppliers and Contractors

We collect contact and organisational details from suppliers and contractors for the purposes of managing our business relationships, processing payments, and fulfilling contractual requirements. This information is not used for any other purpose without your consent.

4. Cross-Border Disclosures

Your information may be disclosed to overseas recipients where required for our operations. We take reasonable steps to ensure overseas recipients comply with privacy obligations equivalent to those under the APPs.

5. Website Visitors

When you visit our website, we may collect limited personal information via:

•       Cookies and similar tracking technologies

•       Contact and enquiry forms

•       Website analytics tools

This information is used to improve website functionality, prevent fraud, and identify services that may be of interest to you. We do not identify individual users or their browsing activity except where a law enforcement agency exercises a lawful warrant to inspect server records.

Our website may contain links to third-party websites. We are not responsible for the privacy practices of those websites and encourage you to review their privacy policies before providing any personal information.

6. Email and Digital Marketing

We may use your contact information to send relevant insights, event invitations, and promotional content. Your consent will be obtained before we send marketing communications.

You may unsubscribe from marketing communications at any time by:

•       Clicking the unsubscribe link at the bottom of any email

•       Emailing us at: hello@thestrategicstep.com

7. Data Storage and Security

SSA uses secure, cloud-based systems to store and manage information. We take reasonable steps to:

•       Securely store all personal information

•       Protect information from misuse, interference, or unauthorised access or disclosure

•       Apply appropriate access controls and multi-factor authentication

•       Use encryption where appropriate

We do not store sensitive identity documents such as passports or driver's licences beyond the immediate purpose for which they were provided. Financial information is retained for a minimum of seven years, in accordance with applicable legislation, and is then securely destroyed or de-identified.

8. Retention and Deletion of Information

Personal information is destroyed or de-identified when:

•       It is no longer required for our functions or activities

•       Applicable legislative record-keeping requirements have been met

Hard copy records are disposed of via secure shredding services.

9. Changes to This Policy

SSA may update this Privacy Policy periodically to reflect changes to legal requirements, updates to our systems or operations, or evolving best practice. The most current version will always be available on our website at www.thestrategicstep.com.

11. Enquiries, Access Requests, and Complaints

You have the right to:

•       Request access to your personal information

•       Request correction or deletion of your personal information

•       Make a privacy-related enquiry

•       Lodge a complaint about an alleged breach of the APPs

To exercise any of these rights, please contact our Privacy Officer:

Privacy Officer
The Strategic Step Advisory
Email: hello@thestrategicstep.com

If you are dissatisfied with our response to a complaint, you may refer the matter to the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.