Privacy Policy


At Kinatico Ltd (‘Kinatico’) we are highly committed to respecting the privacy of our customers, suppliers, visitors, applicants or anyone who engages with Kinatico and protecting their personal information.

It’s important that you feel secure whenever you deal with us, so you’ll be happy to know that Kinatico puts information security and privacy at the forefront of everything it does. All Kinatico products are built using privacy by design and privacy by default. For information about your privacy when using any of our products, please see the specific privacy policies for each product.

Kinatico complies with the relevant privacy legislation and principles in Australia and New Zealand which set out requirements for the gathering, handling, use, disclosure, storage, destruction or de-identification of personal information.

This Privacy Policy relates to personal information that we collect and handle about you as a customer, supplier, visitor to our site, a job applicant or as someone who engages with us through social media, other digital services, correspondence or in person as a member of the public.

Our present and former staff should contact our legal team for details about how we maintain the privacy of their personal information.

Personal information means any information or opinion about an identified individual, or an individual who is reasonably identifiable.

In all cases, the personal information that we collect will depend on the nature of your interaction with us and we will only collect information necessary so that we can provide our services to you or for completing our interaction with you. Information will only be collected lawfully, fairly and not in an intrusive way.

If you are a customer, the personal information we may collect about you might include, for example, your name, contact details and date of birth, as well as copies of your identity documents. Personal information may also include information such as current or previous addresses, your career information, professional or trade qualifications, work history, references, financial information and previous legal claims, or information within checks ordered through Kinatico both before and after any information has been verified by Kinatico.

Where it is reasonable and practicable to do so, we collect your personal information directly from you when you enter into arrangements with us, correspond with us or provide feedback to us. We will record, collect and hold information in relation to your transactions with us.

We may also collect other information, some of which may be personal information, including information about your order history with Kinatico, which areas of our website you visited (see the section “cookies”, below) and records of your communications and interactions with us. We may monitor and record your communications with us (including email and telephone) for security, dispute resolution and training purposes.

Depending on the products or services being provided or the reason for your interaction with Kinatico, we may also collect information about you from others. Such as:


  • Third party suppliers including but not limited to providers of criminal checks, law enforcement agencies, regulatory and licensing bodies, credit agencies, education providers, professional organisations or psychometric assessment providers.
  • Information regarding shareholders may be collected from our share registry.
  • Information from recruitment agencies, as well as prospective or previous employers.

Due to the nature of the products and services Kinatico provides, some of your personal information that we collect will be ‘sensitive’ information. This information will only be obtained with your permission – except where otherwise allowed by law.
We collect, use and exchange your information if we have a valid lawful reason to do so, and so that we can:



  • Confirm your identity
  • Assess your application for our products or services
  • Manage our relationship with you, including being able to provide our products and services
  • Contact and communicate with you
  • Improve our service to you and your experience with us Minimise risks and protect against fraud, misuse or loss of data
  • Comply with laws, obligations or provide assistance to regulatory, government and law enforcement authorities
  • Manage our business.

Additionally, we may use your personal information for the following reasons:



  • Contract: We need to process your information in order to fulfil a contract you have with us, or because you have asked us to take specific steps before entering into a contract.
  • Legal obligations: We need to process your information for us to comply with the law (including contractual obligations).
  • Consent: You have given clear consent for us to process your personal information for a specific purpose.
  • Legitimate interests: We need to process your information for our legitimate interests or the legitimate interests of a third party. An example of this last reason might be to demonstrate our usual processes to an assessor who is assessing our suitability for accreditation to a voluntary industry standard such as ISO27001. This legitimate interest can be overridden where there is a good reason to protect your personal information.

Bringing you new products and services

We may also use your information to tell you about products and services we think you might be interested in. To do this, we may contact you by email, phone, SMS, social media, mail or advertising.


Using data to give you better customer service and marketing

We’re always working to improve our products and services and give you the best customer experience. New technologies let us collate information we have about you and our other customers, for example transaction information. We analyse this data to learn more about you and other customers, and how to improve our products and services. We may also use data analysis to determine what products or services may be of interest to you and for general or direct marketing purposes.

If at any time you don’t want to receive direct marketing messages you can unsubscribe. Alternatively, if you want to change your contact preference you can do this by emailing:

  • If you are a corporate client:
  • If you are an individual:


We aim to keep your information for only as long as we need it. Factors that may influence for how long we may keep your data include:

  • Fulfilling our legal or regulatory obligations
  • Internal research and analytics
  • Responding to a question or complaint or
  • Being unable to delete the data for technical reasons.


Kinatico will disclose your information only in accordance with the professional services we provide and/or your interaction with Kinatico.

Kinatico will only partner with organisations or engage third-party suppliers /businesses, that have robust processes and procedures in place for the handling of personal information which is at least equivalent to Kinatico’s practices.

As you will appreciate, in certain circumstances we may be compelled by law to disclose your personal information to various authorities.


We store your hard-copy or electronic records in secure building and systems or using trusted third parties. We also have a layered approach to our security.

Security by Design:

Our systems and processes are engineered to deliver security at all levels.

Policies and managerial oversight from the executive level down. Our Information Security Committee includes our most senior and experienced staff with a spread of expertise from Information Technology to Legal. The Security Committee sets the security policy framework that defines security measures and responsibilities for Kinatico’s staff and all operational departments.

Staff training:

Kinatico embeds privacy and security in our culture and company values. We train our staff driving awareness and procedural compliance to keep your information safe and secure.

Physical Security:

We control access to sensitive areas, management of physical and electronic documents, and secure document disposal. We use a mix of alarms, cameras, guards and other controls in our buildings to prevent unauthorised access.

Platform security:

Security architecture, designs and implementation of our software and systems.

Audits and Testing:

Security assurance through external and independent audits, review, and regular penetration testing. Kinatico employs independent, industry certified, security experts with the experience and track record to support our security aims. We continue to run an annual program of penetration and security testing of the Kinatico products. This testing regime is supported by ongoing audit and architecture reviews to maximise the security of our products and the servers they run on.

Secure Data Management:

All customer and operational data is held securely in Australian data centres.

Destroying or de-identifying data when no longer required

We aim to keep personal information only for as long as we need it – for example for business or legal reasons. When we no longer need information, we take reasonable steps to destroy or de-identify it.


You have a right to access your personal information held by Kinatico. There is no charge to put in a request to see your information and we can easily provide you with general information such as your name, address and contact details. If you believe that this information is incorrect or out of date you may of course ask us to correct it.

We can also provide you with access to most check results on you (except for references given in confidence to a potential employer, or psychometric assessments). Please note that in giving a check result we are verifying an accurate record of what information the source has that corresponds to the information given about you. If you believe that the source has inaccurate, incomplete or misleading information, you may need to take that up with the source.

If we believe the information is correct and does not need correcting, we will let you know why. Please send your requests to:

Privacy Officer Kinatico Ltd
PO Box 7394 Cloisters Square
WA 6850 Australia
or send an email to:


Generally, we will not charge a fee for such requests. However, we may need to charge you a small administration fee to cover our costs if you want to access more detailed information and we spend time finding or putting together the information you want or if you want copies of information on your file. If there’s a fee, we’ll let you know how much it is likely to be, so you can choose if you want to go ahead. Generally, the fee is an hourly rate plus any photocopying costs and other expenses. You’ll need to pay us before we start or give us permission to take it out of your account.


In some cases, we can refuse access or only give you access to certain information. For example, we might not let you see information that is commercially sensitive or if it also contains someone else’s personal information. If we do this, we’ll write to you explaining our decision.


A cookie is a small text file that is placed on your computer or mobile device when you visit a website. Cookies collect information about users and their visit to the website, such as their Internet protocol (IP) address, how they arrived at the website (for example, through a search engine or a link from another website) and how they navigate within the website. A cookie cannot read data from your hard disk or read cookie files created by other websites.

A cookie is a string of letters and numbers that uniquely identify the computer you are using and the Username and password you may have used to register at the site.

Two types of cookies are used on the Kinatico site.

The first type of cookie tracks the way that visitors use our site. These cookies help us to understand which pages are of the most interest to our users and the way that users move through our site. This type of cookie is anonymised and does not report any information that could personally identify any single user, including you. The result data gives us an aggregated view of the overall behaviour of all visitors but can’t tell us what any single user does.

The second type of cookie exists only for the time you are logged on to our site. These cookies are used by our application to create a secure user session when you login to our site using your username and password so that you can navigate around the secure areas of the site – without the need for you to re–enter information.

Some of the cookies are owned by Kinatico; some are owned by the third-party providers of tools (software) that we use in building, running or monitoring our site. Most browsers can be configured to refuse to accept cookies. You can also delete cookies from your hard drive. However, doing so may hinder your access to valuable areas of information within our site.


Third party websites that may be accessible via hyperlinks from the Kinatico website or through an Automated Platform Interface (API) and are owned and operated by third parties are not subject to Kinatico’s Privacy Policy. Kinatico has no control over the content of those websites. Please review the privacy policy of each individual website you access and assess whether the policy is satisfactory to you before you use the other websites.


At Kinatico we value our customers. We will always aim to be fair and responsive. If you have a complaint you have the right to expect that we will handle it in a friendly and professional way. When we receive a complaint, we look on it as valuable feedback that may help us to improve the services we offer and to ensure your needs are met in a satisfactory and appropriate manner.

If you wish to complain at any time about the handling, use or disclosure of your personal information just write to us at the following address:

Privacy Officer – Kinatico Ltd
PO Box 7394 Cloisters Square PO,
WA 6850 Australia
or send an email to:

We will make all efforts possible to investigate your complaint and advise you of the outcome as soon as possible.

If the matter is not resolved to your satisfaction you can then refer your complaint to the Office of the Australian Information Commissioner who can be contacted through the following website: complaint


  • Keep a record of your complaint
  • Respond to the complaint within a few days if we can, or tell you if we need more time to look into it
  • Keep you updated on what we’re doing to fix the problem
  • We will make all efforts possible to advise you of the outcome as soon as possible and in any event within 30 days of the complaint. Or if we cannot respond within that timeframe we will let you know why.

If the matter is not resolved to your satisfaction after you have been through our internal complaints process, there are free and independent dispute resolution services available to you.

In Australia:

Office of the Australian Information Commissioner. GPO Box 5218 Sydney NSW 2001. Fax: +61 2 9284 9666
Email: Note that email that is not encrypted and can be copied or tracked.

In New Zealand:

Office of the Australian Information Commissioner. PO Box 10 094 Wellington 6143. Fax: (04) 474 7595
Email: – Note that email that is not encrypted and can be copied or tracked.