Privacy Policy

Last updated: 24 October 2025 (v1.0)

Policy Owner: Chris Cathie (Director / Privacy Officer)

1. PURPOSE

This Privacy Policy outlines how Lyros Pty Ltd (ABN 46 689 015 165), trading as Lyros Accounting ("Lyros", "we", "us", "our"), manages personal information. It covers our collection, holding, use, and disclosure practices related to our professional services, website interactions, marketing, and potential employment activities. We are committed to protecting your privacy and handling your personal information responsibly. We endeavor to take all reasonable steps to comply with the Australian Privacy Act 1988 (Cth) (the "Act") and the Australian Privacy Principles (APPs).

2. PERSONAL INFORMATION COLLECTED BY THE COMPANY

2.1 What is Personal Information? In this Policy, personal information has the meaning given in the Act. Generally, it refers to information or an opinion about an identified individual, or an individual who is reasonably identifiable.

2.2 What Kinds of Personal Information Do We Collect and Hold? We collect personal information relevant to our dealings with clients, potential clients, suppliers, potential employees, and contractors. The specific types of information depend on the nature of your interaction with us. This may include:

  • Identity and Contact Data: Your name, email address, phone number(s), and address.
  • Client Engagement Data: Information about the services you inquire about or receive (e.g., Fractional CFO, automation projects), communications related to service delivery, support requests, and feedback.
  • Financial and Billing Data: Information necessary for us to provide services and receive payment, such as billing addresses or bank account details for payment processing. We may also collect details related to your business (like directorships or investments) if relevant to the services we provide.
  • Recruitment Data: If you apply for a role with us, information included in your application (e.g., resume, references), interview notes, and results from pre-employment checks (if applicable). Government identifiers like Tax File Numbers may be collected if required by law for employment.
  • Website Usage Data: Technical details automatically collected when you visit our website, such as IP address, device/browser type, pages visited, and potentially location data (if enabled). This is collected via cookies and similar technologies (see Section 4).
  • Sensitive Information: We generally do not need to collect sensitive information (like health data or criminal records) for our standard services. If collecting sensitive information becomes necessary for a specific service or legal requirement (e.g., certain employee checks), we will only do so with your consent or as permitted by law.

2.3 How Do We Collect Personal Information? We collect personal information directly from you when you:

  • Contact the Company (e.g., via email, phone, or our website contact form).
  • Engage with us to provide services (e.g., to provide Fractional CFO or automation services).
  • Participate in a consultation or strategy call.
  • Interact with our website.
  • Apply for employment or a contractor position.
  • Attend events, and information sessions conducted by the Company.

In some situations, we might collect information from other sources, such as:

  • Publicly available sources (e.g., company websites, ASIC register).
  • Third parties you authorise to provide information to us (e.g., your existing accountant, referees during recruitment).
  • Automatically via cookies and analytics tools when you use our website.

Notification of Collection: When we collect personal information directly from you, we will take reasonable steps to notify you (or ensure you are aware) of certain matters required by the Privacy Act. This typically includes our identity and contact details, the purposes for collection, the consequences if information isn't provided, the types of third parties we usually disclose to, information about how to access/correct your data or make a complaint, and whether we are likely to disclose the information overseas (and if so, where). This information may be provided through this Privacy Policy, specific collection statements (e.g., on our website forms), or other communications.

Anonymity and Pseudonymity: You have the option to interact with us anonymously or use a pseudonym for general inquiries. However, providing our services (especially financial services) typically requires us to know your identity. If you choose not to provide necessary personal information, we may be unable to provide the requested services or respond effectively.

3. USE AND DISCLOSURE OF PERSONAL INFORMATION

3.1 Why We Use and Disclose Personal Information: We use and disclose personal information for the primary purpose for which it was collected, for related secondary purposes you would reasonably expect, or as otherwise permitted or required by law.

Our main purposes include:

  • Providing Services: Delivering our CFO, finance automation, and related advisory services to you.
  • Client Communication: Communicating with you regarding service delivery, responding to inquiries, providing updates, and managing our client relationship.
  • Business Operations: Managing our internal business needs, such as invoicing, payments, administration, IT support, and service improvement.
  • Recruitment: Assessing applications for employment or contractor roles.
  • Marketing & Events: Informing clients and contacts about services, insights, or events that may be relevant to them (subject to opt-out rights).
  • Legal Compliance: Meeting our legal and regulatory obligations.

3.2 Disclosure to Third Parties: We may need to disclose your personal information to third parties to facilitate these purposes. This may include:

  • Service Providers: Third parties who assist us in operating our business, such as IT support, cloud storage providers (see Section 7), payment processors, and professional advisors (lawyers, accountants). We take reasonable steps to ensure these providers handle your information securely and only for the purposes we engage them for.
  • Recruitment Support: Third-party providers involved in our recruitment process (e.g., background check services), where applicable and with your consent.
  • Legal & Regulatory Bodies: Disclosure may be required to regulators (like ASIC or the ATO), law enforcement agencies, or courts, as required or authorised by law.
  • Business Transfers: If our business is sold or merged, personal information may be transferred to the new owner, subject to confidentiality obligations.

3.3 Recruitment Information: Information provided by unsuccessful job applicants may be retained for consideration for future roles, unless you request otherwise. We may require consent for background checks as part of the application process.

3.4 Marketing Communications: We may use your contact details to send you information about our services or industry insights we believe may interest you. You can opt-out of receiving these communications at any time by using the unsubscribe link in emails or by contacting us directly. We will not sell your personal information to third parties for their marketing purposes.

4. PRIVACY ON OUR WEBSITE

You can generally browse our website (the "Site") without providing personal information. However, certain functions (like submitting a contact form) require you to provide details. If you choose to remain anonymous or use a pseudonym, our ability to respond or provide services may be limited.

Cookies: We use cookies (small text files stored on your device) and similar technologies on our Site to enhance user experience, analyse site traffic, and understand user behaviour. Cookies help us remember preferences and improve navigation. Most web browsers allow you to control cookies through settings, including disabling them. However, disabling cookies may affect the functionality of our Site. By continuing to use our Site, you consent to our use of cookies as described.

Third-Party Links: Our Site may contain links to websites operated by third parties. Clicking these links will take you to external sites subject to their own privacy policies. We are not responsible for the privacy practices or content of these third-party websites.

International Users: Our Site is operated in Australia and intended for users within Australia. While accessible globally, its terms and practices are based on Australian law. If you access the Site from outside Australia, you do so at your own risk and are responsible for compliance with local laws.

5. DATA SECURITY AND INTEGRITY

5.1 Security Measures: We take reasonable steps to protect the personal information we hold from misuse, interference, loss, and unauthorised access, modification, or disclosure. These steps include implementing appropriate technical measures (such as access controls, encryption where suitable), physical security for any paper records, and administrative processes (like staff training and confidentiality agreements).

5.2 Data Integrity: We also take reasonable steps to ensure the personal information we collect, use, or disclose is accurate, complete, and up-to-date. We may periodically ask you to confirm or update your details. Please inform us promptly if any of your personal information changes.

6. ACCESS & CORRECTION DETAILS

You may request access to or correction of any personal information we hold about you at any time by contacting us using the details below. We treat all requests for access seriously.

All requests will be dealt with in a timely manner, and we will endeavour to respond within 30 days. We will provide access in accordance with the Privacy Act, subject to any applicable exemptions. If you find that the personal information we hold about you is inaccurate, incomplete, or out-of-date, please contact us immediately via the contact details below and we will correct it.

An individual's right to access their personal information is not absolute. We may deny access to personal information if:

  • the request does not relate to the personal information of the person making the request;
  • the request is frivolous or vexatious;
  • providing access would pose a serious and imminent threat to the life or health of a person;
  • providing access would create an unreasonable impact on the privacy of others;
  • the request relates to existing or anticipated legal proceedings;
  • providing access would prejudice negotiations with the individual making the request;
  • access would be unlawful;
  • denial of access is authorised or required by law;
  • access would prejudice law enforcement activities;
  • access discloses a 'commercially sensitive' decision-making process or information; and/or
  • any other reason that is provided for in the APPs set out under the Act.

If we deny access to personal information, we will provide the person seeking access with written reasons.

There is generally no charge for making a request for access to personal information. However, individuals may be required to pay reasonable costs imposed by us for providing the requested personal information, such as for photocopying or accessing information stored off-site.

7. INTERNATIONAL TRANSFERS AND DATA RETENTION

International Transfers: We primarily store personal information in servers located in Australia. However, we may disclose personal information to third-party service providers located overseas (e.g., cloud service providers like Microsoft and Google Cloud) to provide our services and obtain necessary support. We take reasonable steps to ensure that any overseas recipient does not breach the APP’s in relation to the personal information disclosed to it. Any such transfer does not change our commitment to safeguard the privacy of your personal information.

Data Retention: We retain your personal data for as long as we have a relationship with you and for a necessary period afterward (e.g., to comply with legal, tax, or accounting requirements). Once no longer required for any purpose for which the information may be used or disclosed under the APPs, and we are not required by law or a court/tribunal order to retain it, we will take reasonable steps to delete or de-identify the personal information.

8. NOTIFIABLE DATA BREACHES SCHEME

In the event of a data breach involving personal information that is likely to result in serious harm, we will assess the breach and notify affected individuals and the Office of the Australian Information Commissioner (OAIC) in accordance with the requirements of the Privacy Act.

9. COMPLAINTS

If you have any questions, concerns, or complaints about this policy or our handling of your personal information, please contact us in writing using the details below. We will investigate your complaint and aim to respond within a reasonable period to resolve the issue in a timely and efficient manner.

If you are dissatisfied with our response to your complaint, you can contact the Office of the Australian Information Commissioner (OAIC). See www.oaic.gov.au for how to make a complaint.

10. CHANGES AND HOW TO CONTACT US

We may change this Privacy Notice from time to time at our discretion. Amendments will be posted on our website. Your continued use of our services signifies your agreement to the Privacy Notice as amended.

For privacy inquiries, to request access to or correction of your data, or to submit a complaint, please contact:

Chris Cathie

Lyros Pty Ltd

chris@lyros.com.au

HomeContactPrivacy Policy
Contact: chris@lyros.com.auPhone: +61 4 6656 2403

Disclaimer: The material on this website provides general information only. It does not constitute financial product advice under the Corporations Act 2001 (Cth) and does not take into account your objectives, financial situation or needs. Lyros Pty Ltd provides accounting/CFO services and is not licensed to provide financial product advice. Before acting on any information, consider its appropriateness and obtain independent professional advice.

Privacy: When you contact us, we collect your details to respond to your enquiry. We don’t sell your data. Please see our full Privacy Policy for details on how we handle your personal information, including how to request access or correction.

© 2025 Lyros Pty Ltd (ABN 46 689 015 165 | ACN 689 015 165). Lyros Accounting is a business name of Lyros Pty Ltd. All rights reserved.