Skip to content

Privacy Policy

Last Updated: April 25, 2025

MRU Consulting PTY LTD ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard your personal data when you visit our website www.mruconsulting.com ("Website") or engage with our services, in compliance with the General Data Protection Regulation (GDPR) for individuals in the European Economic Area (EEA) and the Australian Privacy Act 1988 for individuals in Australia. By using our Website or services, you agree to the practices described in this Privacy Policy.

1. Data Controller

MRU Consulting PTY LTD is the data controller responsible for your personal data. Our contact details are:

.

MRU Consulting PTY LTD
PO BOX 1493, Sunnybank Hills QLD 4109, Australia
Email: info@mruconsulting.com.au

2. Information We Collect

We may collect the following types of personal data:

a. Personal Data

  • Contact Information: Name, email address, postal address, or other details you provide when you contact us, submit forms, or engage our services.
  • Professional Information: Job title, company name, or other business-related details if you interact with us in a professional capacity.
  • Payment Information: Billing details (e.g., credit card or bank account information) if you make payments for our services, processed securely via third-party payment providers.
  • Other Data: Any additional information you voluntarily provide, such as feedback or survey responses.

b. Non-Personal Data

  • Usage Data: Information about how you interact with our Website, such as IP address, browser type, device information, pages visited, and time spent on the Website.
  • Cookies and Tracking Technologies: We use cookies, web beacons, and similar technologies to enhance your experience, analyze Website performance, and deliver personalized content. See Section 7 for details.

c. Data from Third Parties

We may receive data about you from third parties, such as business partners, marketing platforms, or publicly available sources, in compliance with applicable laws.

3. Lawful Bases for Processing (GDPR)

We process your personal data based on the following GDPR lawful bases:

  • Consent: Where you have given explicit consent, such as for marketing communications or certain cookies (Article 6(1)(a)).
  • Contract: To perform a contract with you, such as delivering consulting services or processing payments (Article 6(1)(b)).
  • Legitimate Interests: For purposes like improving our Website, preventing fraud, or managing client relationships, where our interests are not overridden by your rights (Article 6(1)(f)).
  • Legal Obligation: To comply with legal requirements, such as tax or regulatory obligations (Article 6(1)(c)).

You can withdraw consent at any time (see Section 6) or object to processing based on legitimate interests (see Section 9).

4. How We Use Your Data

We use your personal data for the following purposes:

  • To provide and manage consulting services, respond to inquiries, and maintain client relationships.
  • To process payments for our services.
  • To improve our Website and services by analyzing usage trends and user behavior.
  • To send you updates, newsletters, or marketing materials, where you have consented or we have a legitimate interest. You can opt out at any time.
  • To comply with legal and regulatory obligations, including responding to lawful requests.
  • To protect our rights, property, or safety, and that of our users or others.

5. How We Share Your Data

We do not sell or rent your personal data. We may share your data in the following circumstances:

  • Service Providers: With trusted third-party processors (e.g., payment gateways, hosting providers, or analytics tools) who assist us, subject to GDPR-compliant data processing agreements.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, your data may be transferred to a new entity, with appropriate safeguards.
  • Legal Requirements: When required by law, such as in response to a court order or government request, in compliance with GDPR and local laws.
  • With Your Consent: When you explicitly agree to the sharing of your data.

6. Your GDPR Rights

If you are in the EEA, you have the following rights under GDPR:

  • Access: Request a copy of the personal data we hold about you.
  • Rectification: Request correction of inaccurate or incomplete data.
  • Erasure: Request deletion of your data ("right to be forgotten"), subject to legal exceptions.
  • Restriction: Request restriction of processing in certain circumstances.
  • Data Portability: Receive your data in a structured, commonly used, and machine-readable format.
  • Object: Object to processing based on legitimate interests or for direct marketing.
  • Withdraw Consent: Withdraw consent at any time, without affecting the lawfulness of prior processing.
  • Automated Decision-Making: Not to be subject to decisions based solely on automated processing, including profiling, that produce legal effects. We do not currently engage in such processing.

To exercise these rights, contact us at info@mruconsulting.com.au. We will respond within one month, extendable by two months for complex requests. We may require identity verification before processing requests.

7. Cookies and Tracking Technologies

Our Website uses cookies and similar technologies to enhance functionality, analyze performance, and deliver personalized content. Cookies may include:

  • Essential Cookies: Necessary for Website operation (e.g., navigation, security).
  • Analytics Cookies: To understand Website usage (e.g., Google Analytics).
  • Marketing Cookies: For personalized ads or content, where consented.

You can manage cookie preferences through our cookie consent tool or browser settings. For EEA users, non-essential cookies require explicit consent per GDPR. For details, see our [Cookie Policy](insert link if applicable).

8. International Data Transfers

As an Australian company, we process data primarily in Australia. If you are in the EEA, your data may be transferred outside the EEA to Australia or other jurisdictions. We ensure GDPR compliance through:

  • Standard Contractual Clauses (SCCs): Contracts approved by the European Commission to safeguard data transfers.
  • Adequacy Decisions: Where applicable, relying on jurisdictions deemed adequate by the EU.
  • Other Safeguards: Technical and organizational measures to protect your data.

Contact us for details about our transfer mechanisms.

9. Data Security

We implement appropriate technical and organizational measures (e.g., encryption, access controls) to protect your personal data from unauthorized access, loss, or misuse. However, no system is completely secure, and we cannot guarantee absolute security.

10. Data Retention

We retain personal data only for as long as necessary for the purposes outlined in this Privacy Policy or to comply with legal obligations (e.g., tax or accounting requirements). For example:

  • Client data: Retained for the duration of the contract and as required by law (e.g., 7 years for tax purposes in Australia).
  • Marketing data: Retained until you unsubscribe or consent is withdrawn.
  • Website usage data: Typically retained for [insert period, e.g., 12 months] for analytics.

When no longer needed, we securely delete or anonymize your data.

11. Third-Party Links

Our Website may contain links to third-party websites. We are not responsible for their privacy practices. Please review the privacy policies of those websites.

12. Complaints

If you have concerns about our data practices, please contact us at:

MRU Consulting PTY LTD
PO BOX 1493, Sunnybank Hills QLD 4109, Australia
Email: info@mruconsulting.com.au

For EEA residents, you may also lodge a complaint with your local data protection authority (e.g., the Information Commissioner’s Office in the UK or other EU supervisory authorities). In Australia, you may contact the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.