Solutions

Privacy Policy

Effective date: 24 October 2025

Website: https://www.hawkinsit.au

Business name / ABN: Hawkins IT Solutions — ABN 49 497 135 100 (registered business name of Bradley John Hawkins, QLD 4209). 

How to contact us: [email protected] | (07) 5619 5185 | 0491 075 011. 

Hawkins IT Solutions (“Hawkins”, “we”, “us”, “our”) provides IT services to home and small business customers across the Gold Coast and beyond, including onsite/remote support, managed services, remote monitoring, networking, security and related solutions. 

We respect your privacy. This policy explains what personal information we collect, how we use and disclose it, and the choices you have. It applies to our website (including our Client Portal and Remote Support pages), our online shop, and all services we provide. 

About Australian privacy law. Where applicable, we manage personal information consistently with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs), including transparency, access/correction, and security obligations. We also follow Australia’s Notifiable Data Breaches (NDB) scheme where an eligible data breach occurs. 

1) What we collect

The personal and business information we collect depends on how you interact with us.

1.1 Information you provide directly

  • Contact details (name, email, phone, address, company, role).

  • Support information (tickets, descriptions of issues, screenshots, crash dumps, configuration details you provide).

  • Account details for our shop/client portal (username, password — stored hashed), preferences and communication settings.

  • Billing/shipping details and purchase history (if you buy from us).

  • Any additional information you choose to provide (e.g., via forms, email, phone).

1.2 Information collected automatically (website/portals)

  • Device identifiers, IP address, browser/OS type, pages viewed, and timestamps.

  • Cookies or similar technologies that help the site and client portal work, keep you signed in, measure basic usage, and prevent fraud. (See Cookies & analytics below.)

1.3 Information collected while providing IT services

  • Remote & onsite support: During troubleshooting, we may temporarily see what is on your screen or system. With your permission, we may capture diagnostic logs/metadata necessary to fix the problem.

  • Managed services / monitoring agents: If you enrol devices, our tools may collect system metadata (e.g., device name, hardware specs, OS/version, installed patches, endpoint security status, IP/MAC addresses), performance metrics and security/availability alerts. We do not use RMM tools to capture keystrokes or content unless you explicitly authorise targeted diagnostics for a specific issue.

  • Backups & disaster recovery (if you engage us): We may configure and monitor backup jobs and related status/alerts on your behalf. Content within your backups remains your data.

1.4 Sensitive information

We do not seek to collect “sensitive information” (e.g., health or biometric data). If it is incidentally visible in the course of support, we handle it confidentially and only for the purpose of the service you asked us to perform.

2) How we use your information

We use personal information to:

  • Provide, operate and improve our services, website, portals and online shop.

  • Diagnose and resolve issues; provision devices; manage tickets, contracts and assets.

  • Communicate with you about requests, quotes, changes, outages, and updates.

  • Arrange deliveries and fulfil purchases; process payments through third‑party payment processors (we do not store full card numbers).

  • Secure our systems, prevent fraud/abuse, and enforce our terms.

  • Send optional product/service updates or special offers (you can opt out at any time). See Direct marketing below.

  • Comply with laws and respond to lawful requests.

Direct marketing & spam rules (Australia). Electronic marketing (email/SMS) in Australia is regulated. We obtain appropriate consent and include simple unsubscribe options consistent with the Spam Act 2003 (Cth) and ACMA guidance. 

3) Legal bases for processing (EEA/UK visitors)

If EU/UK data protection laws apply, we process personal data under one or more of these legal bases: performance of a contract, legitimate interests (e.g., running our services, improving security), consent (where required), and legal obligations.

4) When we disclose information

We may disclose personal information to:

  • Service providers / sub‑processors who help us operate (e.g., website & hosting, client portal/helpdesk, remote support, email and collaboration, backup/storage, analytics, payment processing, shipping/couriers, cybersecurity tooling). We require them to use the information only to perform services for us and to protect it appropriately.

    • Examples of service domains we operate include our support ticket portal and remote support site. 

  • Business partners where you ask us to integrate or support third‑party products (e.g., M365, security vendors, telecom/VoIP).

  • Professional advisers and insurers (accountants, auditors, lawyers) under confidentiality.

  • Authorities or other parties where required by law or to protect rights, safety, and security.

  • A new owner in the event of a business restructure, merger or sale (subject to this policy’s protections).

Cross‑border disclosures (APP 8). Some providers may store or process information outside Australia. We take reasonable steps to ensure overseas recipients protect your information consistently with the APPs (e.g., via contractual safeguards and vendor due diligence). 

5) Cookies & analytics

Our website and portals may use essential cookies (for features like login, cart/session security), and optional analytics cookies to understand site usage and improve performance. You can control cookies via your browser settings. If we use third‑party analytics or pixels, we do so in line with Australian privacy guidance for online tracking. 

6) Data security

We use a combination of administrative, technical and physical safeguards appropriate to the risk, including: access controls (least‑privilege), multi‑factor authentication on admin systems, encryption in transit, network segmentation, logging/alerting, and staff confidentiality obligations. For managed clients, we recommend and can help implement strong security configurations on your systems (patching, endpoint protection, backups, MFA).

7) Data retention

We retain personal information only as long as needed for the purposes in this policy, to provide services to you, to comply with legal and tax obligations, resolve disputes, and enforce agreements. When information is no longer required, we will take reasonable steps to de‑identify or securely destroy it.

8) Your choices and rights

Access & correction (Australia). You may request access to the personal information we hold about you and ask us to correct it if it is inaccurate, out‑of‑date, incomplete or misleading. We will respond within a reasonable time and may ask you to verify your identity before releasing information. (These rights are reflected in the Australian Privacy Principles.) 

Opting out of marketing. You can unsubscribe via the link in our emails or by contacting us (see Contact us).

EEA/UK residents. Where GDPR/UK GDPR applies, you may also have rights to deletion, restriction, portability and objection. You can exercise these by contacting us.

9) Children

Our services and website are intended for adults and business users. We do not knowingly collect personal information from children.

10) Third‑party sites and services

Our site and client portal may link to third‑party websites or services (including vendors we support). Their privacy practices are governed by their own policies. Please review those policies before using their services.

11) Providing IT support & managed services — additional details

  • Remote access tools. When you request remote support, we use secure remote access software to view or control your device to the extent needed to resolve your issue. You can end a session at any time. (Our remote support site is accessible at hawkinsit.screenconnect.com.) 

  • RMM agents (if enrolled). For managed services we may deploy agents that collect device health and security telemetry. We use this data to proactively monitor, secure and support your environment.

  • Customer data we handle on your behalf. Content on your systems (files, emails, databases) remains your data. We access it only as reasonably necessary to deliver the service you request (e.g., to restore a backup or remove malware) or where required by law, and we do not use it for any other purpose.

12) Data breach notification

If we become aware of an eligible data breach that is likely to result in serious harm, we will notify you and the Office of the Australian Information Commissioner (OAIC) in accordance with Australia’s Notifiable Data Breaches (NDB) scheme, including steps you should take to protect yourself. 

13) How to make a privacy complaint

Please contact us first with any questions or concerns. We will investigate and respond in a timely manner.

If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner (OAIC) to make a privacy complaint or to seek guidance. See OAIC’s website for contact options and complaint procedures. 

14) Changes to this policy

We may update this policy from time to time. When we do, we will post the latest version on this page with the effective date above. If the changes are material, we will take reasonable steps to let you know.

15) Contact us

Hawkins IT Solutions

Email: [email protected]

Phone: (07) 5619 5185 | 0491 075 011

Website: https://www.hawkinsit.au

Business details: ABN 49 497 135 100; main business location QLD 4209.