Privacy Policy

Platform: CoRGuard (https://chainresponsibility.au)
Operated by: Wragg Family Investments Pty Ltd ATF Wragg Family Trust trading as MAEZ Consulting (ABN 51 590 201 900)
Effective Date: 9th February 2026

1. Introduction

This Privacy Policy outlines how CoRGuard, operated by Wragg Family Investments Pty Ltd ATF Wragg Family Trust trading as MAEZ Consulting (“we”, “us”, “our”), collects, uses, stores, and shares personal and sensitive information through our website (https://chainresponsibility.au), SaaS platform, and mobile application (collectively, the “Services”).

We are committed to protecting your privacy in accordance with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth) and the Notifiable Data Breaches scheme. By using our Services, you acknowledge that you have read and understood this Privacy Policy.

2. Entity Information

Wragg Family Investments Pty Ltd ATF Wragg Family Trust
Trading as MAEZ Consulting
Adelaide, South Australia
ABN: 51 590 201 900
Website: https://chainresponsibility.au

3. Contact Information

If you have any questions or concerns regarding this Privacy Policy or our data handling practices, please contact our Privacy Officer:

Privacy Officer: Matthew Wragg
Email: support@corguard.com.au
Phone: 1300 553 811
Online: https://chainresponsibility.au/contact-us/

4. What Information We Collect

We collect different types of information depending on how you interact with our Services:

4.1 Website Visitors

• IP address and browser type
• Pages visited, time spent, and navigation paths
• Referring website or search terms
• Device type, operating system, and screen resolution
• Cookie and analytics data (see Section 9)
• Information submitted through contact forms, enquiry forms, or newsletter sign-ups (e.g., name, email address, phone number, company name)

4.2 Platform Users (SaaS Subscribers)

• Account registration details (name, email, phone number, company name, ABN)
• Login credentials (encrypted)
• Billing and payment information
• User roles and permissions within your organisation
• All data uploaded to or generated within the Platform (“Client Data”), including but not limited to:
  • Driver and contractor details (names, licence numbers, endorsements, induction records)
  • Vehicle and asset information (registration, maintenance records, compliance status)
  • Compliance documents (policies, risk assessments, audit reports, incident reports)
  • Fatigue management records and electronic work diary entries
  • Non-conformance reports, hazard identifications, and corrective actions
  • Communication logs and alert history

4.3 Mobile Application Users

• All information listed in Section 4.2
• Device information (device ID, operating system, app version)
• Location data (if GPS permissions are granted, used for driver check-ins and pre-start checklists)
• Camera access (if granted, used for document uploads and photo evidence)
• Push notification preferences

5. How We Use Your Information

We use the information we collect for the following purposes:

• To provide, operate, and maintain our Services
• To create and manage your account and subscription
• To process billing and payments
• To deliver compliance alerts, reminders, and notifications via email and SMS
• To generate compliance reports, audit summaries, and analytics dashboards
• To provide technical support and respond to enquiries
• To improve the functionality, performance, and user experience of our Services
• To communicate service updates, new features, and relevant industry information
• To monitor and ensure the security and integrity of the Platform
• To comply with legal obligations and respond to lawful requests from authorities
• To analyse website traffic and usage patterns (in aggregated, de-identified form)

6. How We Share Your Information

We do not sell, trade, or rent your personal information to third parties. We may share your information in the following limited circumstances:

• Service Providers: We use trusted third-party service providers to assist with hosting, payment processing, email delivery, SMS notifications, and analytics. These providers are contractually obligated to protect your data and only use it for the purposes we specify.
• Legal Requirements: We may disclose your information if required by law, court order, or government regulation, or if we believe disclosure is necessary to protect our rights, safety, or property.
• Business Transfers: In the event of a merger, acquisition, or sale of assets, your information may be transferred to the successor entity. We will notify you of any such transfer.
• With Your Consent: We may share your information with third parties when you have given us explicit consent to do so.

7. Data Security

We take the security of your information seriously and implement industry-standard measures to protect it, including:

• Encryption of data in transit using TLS/SSL protocols
• Encryption of sensitive data at rest
• Role-based access controls limiting data access to authorised personnel
• Regular security audits and vulnerability assessments
• Secure cloud hosting infrastructure with redundancy and backup systems
• Multi-factor authentication options for platform access
• Regular staff training on data protection and privacy best practices

While we strive to protect your information, no method of electronic transmission or storage is 100% secure. We cannot guarantee absolute security but are committed to promptly addressing any security incidents.

8. Data Retention and Deletion

• We retain personal information only for as long as necessary to fulfil the purposes outlined in this policy, or as required by law.
• Client Data within the Platform is retained for the duration of your subscription.
• Upon cancellation or termination of your subscription, Client Data is retained for 90 days to allow for data export, after which it is permanently deleted unless retention is required by law.
• Website analytics data is retained in aggregated, de-identified form and is not linked to individual users.
• You may request the deletion of your personal data at any time by contacting our Privacy Officer at support@corguard.com.au. We will action deletion requests within 30 days unless we are legally required to retain the information.

9. Cookies and Analytics

Our website uses cookies and similar tracking technologies to enhance your experience and analyse website performance.

9.1 Types of Cookies We Use

• Essential Cookies: Required for the website and Platform to function correctly (e.g., session management, authentication).
• Analytics Cookies: Used to collect information about how visitors use our website, including pages visited, time spent, and traffic sources. We use Google Analytics for this purpose.
• Functional Cookies: Used to remember your preferences and settings.

9.2 Managing Cookies

You can control and manage cookies through your browser settings. Disabling certain cookies may affect the functionality of our website and Platform. For more information about managing cookies, visit www.allaboutcookies.org.

10. Your Rights

Under the Australian Privacy Principles, you have the following rights:

• Access: You may request access to the personal information we hold about you.
• Correction: You may request that we correct any inaccurate, incomplete, or out-of-date personal information.
• Deletion: You may request the deletion of your personal data, subject to any legal obligations requiring retention.
• Complaint: If you believe we have breached the Australian Privacy Principles, you may lodge a complaint with our Privacy Officer. If you are not satisfied with our response, you may escalate your complaint to the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.

To exercise any of these rights, please contact our Privacy Officer at support@corguard.com.au. We will respond to all requests within 30 days.

11. Data Breach Notification

In the event of a data breach that is likely to result in serious harm, we will:

• Notify affected individuals as soon as practicable, and no later than 72 hours after becoming aware of the breach.
• Notify the Office of the Australian Information Commissioner (OAIC) in accordance with the Notifiable Data Breaches scheme under Part IIIC of the Privacy Act 1988.
• Take immediate steps to contain the breach, assess the risk, and implement measures to prevent recurrence.

12. Cross-Border Data Transfers

Our primary data storage and processing occurs within Australia. Where data is processed or stored using third-party services that operate servers outside Australia (e.g., cloud hosting providers), we ensure that those providers comply with standards equivalent to the Australian Privacy Principles. We take reasonable steps to ensure your data is treated securely and in accordance with this Privacy Policy regardless of where it is processed.

13. Children’s Privacy

Our Services are not directed at individuals under the age of 18. We do not knowingly collect personal information from children. If we become aware that we have inadvertently collected information from a child, we will take immediate steps to delete that information.

14. Third-Party Links

Our website and Platform may contain links to third-party websites or services. We are not responsible for the privacy practices of those third parties. We encourage you to review the privacy policies of any third-party websites you visit.

15. Changes to This Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons. Material changes will be communicated via email or in-app notification. The updated policy will be posted on our website with the revised “Last Updated” date.

Continued use of our Services after changes are posted constitutes acceptance of the updated Privacy Policy.

16. Accessibility

This Privacy Policy is accessible via standard web browsers without the need for plug-ins or special handlers. It is available on a publicly accessible URL at https://chainresponsibility.au and is linked within the CoRGuard mobile application. This document is non-editable to ensure its integrity.

17. Acceptance

By using our website, Platform, or mobile application, you acknowledge that you have read and understood this Privacy Policy and agree to our data collection, use, and sharing practices described herein.

For more information, please visit https://chainresponsibility.au or contact us at support@corguard.com.au or 1300 553 811.