Privacy Policy

1. Introduction

Lodestone (“we,” “us,” or “our”) is committed to protecting the privacy of individuals and handling personal information in accordance with the Australian Privacy Act 1988 (Cth) (“Privacy Act”) and the Australian Privacy Principles (APPs). This Privacy Policy outlines how we collect, use, disclose, and protect personal information.

2. Compliance Obligations

Under the Privacy Act, all Australian government agencies and private sector organizations with an annual turnover of AU$3 million or more are required to have a Privacy Policy. Additionally, some smaller businesses must comply if they handle sensitive information, provide health services, or engage in activities like credit reporting.

Given Lodestone’s role in providing software solutions, we recognize our responsibility to uphold high privacy standards in alignment with legal requirements and industry best practices.

3. Collection of Personal Information

We may collect personal information in the course of providing our services, including:

• Lodestone customer information: Contact details of Lodestone customer employees (e.g. Insurance companies) that use our systems, in order to facilitate service delivery.
• Lodestone employee and contractor information: Certain personal information we need to manage Lodestone employees and contractors in order to administer their pay and benefits, performance, etc.
• End User entered information: Data input by users into software solutions developed, and in some cases, supported by us. Such data may also be entered into systems supported by us, via file load, API integration or other similar mechanisms.

Important note: It is our view that End User data is “owned” by our customers. As a provider of software solutions, we generally do not determine the policies around the collection, retention, and disclosure of End User personal information. These policies and processes are determined by our customers (e.g. Insurance companies), and we act on their instructions unless compelled to do otherwise by a relevant authority.

4. Use of Personal Information

We use personal information to:

• Manage and pay our staff and contractors.
• Communicate with customers regarding service-related matters.
• Provide and support our software solutions and services, as directed by our customers.

5. Disclosure of Personal Information

We may disclose personal information:

• To our customers (e.g. insurance companies), as per their instructions and in accordance with our contractual obligations.
• To third-party service providers who assist us in delivering our services, subject to confidentiality agreements, and if agreed by our customers.
• When required by law or to comply with legal processes.

6. Data Security

We take reasonable steps to protect personal information from misuse, interference, loss, unauthorized access, modification, or disclosure. This includes implementing physical, technical, and administrative security measures.

7. Access and Correction

Individuals have the right to request access to and correction of their personal information held by us. Such requests should be directed to our Privacy Officer. End User requests will be referred to our customers (e.g. insurance companies).

8. Overseas Disclosure

Some of our third-party service providers may be located outside of Australia. When disclosing personal information overseas, we take reasonable steps to ensure that the recipient complies with the APPs or is otherwise bound by privacy obligations similar to those under the Privacy Act.

9. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. The latest version will always be available on our website.

10. Contact Us

For any questions or concerns about this Privacy Policy or our handling of personal information, please contact our Privacy Officer via LinkedIn message: David Phipson.