Gavin Ma & Co

Privacy Policy

Effective Date: 14 July 2026

Gavin Ma & Co Pty Ltd ATF Gavin Ma & Co Trust, together with its affiliated and associated entities (“we”, “our”, “us”), is committed to protecting your privacy and handling your personal information in accordance with the Privacy Act 1988 (Cth), the Australian Privacy Principles (APPs), the Tax Agent Services Act 2009 (Cth), the Anti-Money Laundering and Counter-Terrorism Financing legislation and associated AUSTRAC requirements, the Code of Professional Conduct under the Tax Agent Services Act, the professional and ethical requirements of CPA Australia, APES 110 Code of Ethics for Professional Accountants, and other applicable Australian laws and professional standards.

This Privacy Policy explains how we collect, use, disclose, store, protect and otherwise handle your personal information when you visit our website, engage our services or otherwise interact with us.

1. Who We Are

Gavin Ma & Co Pty Ltd ATF Gavin Ma & Co Trust is an Australian accounting, taxation and advisory practice providing services including taxation, accounting, bookkeeping, business advisory, SMSF compliance and administration, company and trust compliance, ASIC corporate secretarial services, payroll, BAS services and related professional services.

2. What Personal Information We Collect

Depending on the services we provide, we may collect personal information including your name, date of birth, residential and postal address, telephone number, email address, Tax File Number, Australian Business Number, Australian Company Number, passport or driver’s licence details, visa or residency information, bank account details, financial information, superannuation information, employment details, payroll information, investment information, business records, trust and company information, SMSF records and any other information reasonably necessary to provide our professional services.

We collect Tax File Numbers only where authorised or required by law and handle them in accordance with Australian taxation and privacy legislation.

In limited circumstances, we may collect sensitive information where reasonably necessary to provide our services or where required by law.

3. How We Collect Personal Information

We collect personal information directly from you, through our website, secure client portal, email, telephone conversations, meetings, completed forms, authorised representatives, financial advisers, solicitors, auditors, financial institutions, government agencies, publicly available registers and other third parties where authorised or permitted by law.

4. Why We Collect Your Personal Information

We collect personal information so that we can provide accounting, taxation and advisory services, prepare and lodge tax returns, establish companies, trusts and self-managed superannuation funds, verify your identity, communicate with you, comply with our legal and regulatory obligations, administer our client relationships, improve our services, prevent fraud and protect our clients and our business.

Where required by law, we may also collect and verify information to satisfy our obligations under Australia’s Anti-Money Laundering and Counter-Terrorism Financing legislation.

5. Identity Verification

To comply with applicable laws, including AML/CTF legislation, we may request identification documents such as a passport, driver’s licence, Medicare card, proof of address, company ownership documents, trust deeds or information regarding the source of funds or wealth.

If you do not provide information required by law, we may be unable to provide some or all of our services.

6. Website Information and Cookies

When you visit our website, we may automatically collect technical information including your IP address, browser type, operating system, referring website, pages visited and time spent on our website.

Our website may use cookies and similar technologies to improve functionality, enhance user experience, analyse website traffic and improve our online services. You may disable cookies through your browser settings, although some website features may not operate correctly.

We may also use services such as Google Analytics and Google Search Console to better understand website usage and improve our website content.

7. How We Use Your Personal Information

We use your personal information to provide professional services, verify your identity, comply with legal obligations, communicate with you, process payments, maintain our records, improve our services, manage our business operations, detect and prevent fraud, manage risk and protect our clients.

We do not sell your personal information.

8. Disclosure of Personal Information

We may disclose your personal information to the Australian Taxation Office, ASIC, AUSTRAC where required by law, self-managed superannuation fund auditors, financial institutions, software and cloud service providers, government agencies, courts and tribunals, professional advisers, insurers, your authorised representatives and other parties where required or authorised by law or with your consent.

9. Overseas Disclosure

Some of our technology providers and cloud-based software platforms may store or process information outside Australia. Where this occurs, we take reasonable steps to ensure your information receives a level of protection consistent with the Australian Privacy Principles.

10. Data Security

We take reasonable steps to protect your personal information from misuse, interference, loss, unauthorised access, modification or disclosure.

Our security measures include secure local servers located at our office premises, encrypted data transmission, multi-factor authentication, secure cloud storage, restricted staff access based on business need, secure client portals, firewalls, anti-malware protection, cybersecurity monitoring, regular software updates, secure data backups and staff confidentiality obligations.

Access to personal information is limited to authorised personnel who require access to perform their duties, and we regularly review our security practices to help protect the information we hold.

While we implement industry-standard security measures, no method of electronic transmission or storage is completely secure. Accordingly, we cannot guarantee the absolute security of information transmitted to or stored by us.

11. Data Retention

We retain personal information for as long as necessary to provide our services, comply with taxation, corporate and regulatory requirements, satisfy professional obligations and resolve disputes. When personal information is no longer required, it is securely destroyed or permanently de-identified where appropriate.

12. Direct Marketing

From time to time we may send you newsletters, taxation updates, legislative changes or information about our services. You may opt out of receiving marketing communications at any time by following the unsubscribe instructions or by contacting us.

13. Your Privacy Rights

Subject to Australian law, you may request access to the personal information we hold about you, request correction of inaccurate or incomplete information, update your details, withdraw consent where applicable or make a complaint regarding our handling of your personal information.

Requests should be made in writing using the contact details below.

14. Third Party Websites

Our website may contain links to external websites. We are not responsible for the privacy practices or content of those websites and encourage you to review their privacy policies.

15. Privacy Complaints

If you believe we have breached your privacy or the Australian Privacy Principles, please contact us. We will acknowledge your complaint, investigate the matter and aim to respond within 30 days.

If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner.

16. Contact Us

Gavin Ma & Co Pty Ltd ATF Gavin Ma & Co Trust

Email: info@gavinmaandco.com.au

Phone: (03) 9557 3138

Website: https://www.gavinmaandco.com.au

17. Changes to This Privacy Policy

We may amend this Privacy Policy from time to time to reflect changes in legislation, regulatory requirements, technology or our business operations. The current version will always be available on our website and will take effect from the date it is published.