Epora
Epora
  • Home
  • Services
    • Thermal Tests
    • Design & Optimisation
  • Research
  • Sectors
  • Careers
  • About Us
  • Contact

Epora Privacy Policy - Effective 11 June 2025

Epora Pty Ltd (ABN 22 676 434 585) (“Epora”, “we”, “our”, “us”) provides thermal-insulation engineering and related consulting services throughout Australia and internationally. We are bound by the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs), as amended up to 2025. This Policy explains how we handle your personal information and how you can exercise your rights.


1. What personal information we collect

  • Identification – name, title, employer, professional role.
  • Contact details – postal or site address, email, telephone, social-media handles.
  • Project data – briefs, drawings, specifications, photographs, sensor logs that might incidentally identify individuals.
  • Marketing preferences – newsletter opt-ins/outs, event RSVPs, survey responses.
  • Website and IT data – IP address, device identifiers, browser type, cookie identifiers, analytics logs.
  • Finance and procurement – purchase-order references, limited payment information needed to process invoices or card transactions.
  • Human resources and recruitment – résumé, qualifications, police-check or work-rights evidence, referee details, diversity information (treated as sensitive information if applicable).
  • We collect only what is reasonably necessary for our functions and activities.


2. How we collect personal information

  • Direct interactions – forms on our website, email, telephone, site visits, webinars, trade shows, contractual documentation.
  • Automated technologies – cookies, server logs and similar tools that help secure our systems and measure traffic.
  • Third-party sources – professional networking sites, public registers, referral partners, recruitment agencies, industry databases.
  • If we receive personal information we did not solicit, we promptly destroy or de-identify it where lawful and reasonable. We notify you of collection at or soon after the time we obtain the information.


3. Why we collect and use personal information

  • Delivering and managing engineering projects and related deliverables.
  • Responding to enquiries, quotations and technical support requests.
  • Administering supplier relationships and processing payments.
  • Conducting research, analytics and service improvement.
  • Sending service updates, industry insights, event invitations and marketing material (with an opt-out in every message).
  • Recruiting, vetting and onboarding employees and contractors.
  • Meeting our legal, regulatory and insurance obligations, including the Notifiable Data Breaches (NDB) scheme.

Epora does not use personal information for automated decision-making that has legal or similarly significant effects.


4. Disclosure to third parties

We may disclose personal information to:

  • Cloud-hosting, CRM, data-analytics and email-marketing providers.
  • Subcontractors, specialist consultants and laboratories engaged on your project.
  • Professional advisers such as lawyers, accountants and insurers.
  • Government regulators, courts, tribunals or law-enforcement agencies when required or authorised by law.

All third parties are bound to use the information only for the purpose supplied and to handle it in accordance with the APPs.


5. Cross-border data transfers

Some service providers store or process data in New Zealand, Singapore, the European Union and the United States.

Before any overseas disclosure we:

  • Assess the provider’s privacy and security posture.
  • Use contractual clauses that require APP-compliant handling.
  • Confirm, where possible, that the destination jurisdiction offers comparable                                     privacy protections.

Where these conditions cannot be met, Epora remains accountable for the overseas recipient’s acts or omissions as required by APP 8.


6. Data security

We apply “reasonable steps” under APP 11 to safeguard personal information from misuse, interference, loss, unauthorised access, modification or disclosure. Controls include: multi-factor authentication, network segmentation, encryption at rest and in transit, least-privilege role-based access, secure-coding practices, periodic penetration testing and staff privacy training oaic.gov.au.  In the event of an eligible data breach we will notify affected individuals and the OAIC in accordance with the NDB scheme. 


7. Data retention and de-identification

We keep personal information for as long as necessary to fulfil the purposes outlined in this Policy or to comply with legal, tax and insurance requirements. When information is no longer required, we take reasonable steps to destroy it or to permanently de-identify it.


8. Access and correction

You have the right to:

  •  Confirm whether we hold personal information about you.
  •  Access a copy of that information.
  •  Request corrections if the information is inaccurate, out-of-date, incomplete, irrelevant or misleading.

Please submit requests in writing (see Section 11). We normally respond within 30 days. Access may be refused or restricted only in the limited circumstances permitted by the Privacy Act; if so, we will provide written reasons.


9. Anonymity and pseudonymity (APP 2) 

Where lawful and practical—such as general browsing of our website or completing anonymous surveys—you may interact with us without identifying yourself or by using a pseudonym. In many cases, however, we will need to confirm your identity to provide engineering services or meet regulatory obligations.


10. Direct marketing and cookies

We may send you industry updates, white papers or event invitations that we believe are relevant. You can opt out at any time via the unsubscribe link or by contacting us.


Our website uses cookies and analytics services to measure traffic and improve user experience. You can control cookies through your browser settings, but blocking them may affect site functionality.


11. Complaints and contact details

If you have a privacy enquiry, wish to exercise your rights, or believe we have breached the APPs, please contact:


Privacy Officer – Epora Pty Ltd

For contact please use Epora's website contact page.


Please include as much detail as possible. We will acknowledge your request within five business days, investigate promptly, and respond in writing within 30 days. If you are dissatisfied with our response, you may complain to the Office of the Australian Information Commissioner (OAIC) at oaic.gov.au or 1300 363 992.


12. Changes to this Policy

We may update this Privacy Policy to reflect legal, technological or business changes. The most current version will always be available on our website. Where changes are material, we will highlight them for at least 30 days.


13. Need more information?

Further information on privacy rights and obligations can be found on the OAIC website. For enquiries about our engineering services, visit epora.com.au.

Copyright © 2025 Epora - All Rights Reserved.

Powered by

  • Contact Us
  • Privacy Policy
  • Terms of Use

This website uses cookies.

We use cookies to analyze website traffic and optimize your website experience. By accepting our use of cookies, your data will be aggregated with all other user data.

DeclineAccept