Privacy Compliance Plan
C F Strata Management
This Privacy Compliance Plan outlines how C F Strata Management (referred to as we, us, or our) manages personal information in accordance with the Privacy Act 1988 (Cth), including Australian Privacy Principle 1.2.
We are committed to protecting your privacy and handling personal information in an open, transparent, and responsible manner.
This plan may be reviewed and updated from time to time to reflect changes in our business practices or applicable laws.
Open and Transparent Management of Personal Information
We manage personal information and sensitive information (where applicable) in a transparent and lawful way. When collecting personal information, we will notify individuals, at the time of collection or as soon as reasonably practicable, of:
The type of personal information being collected
How the personal information will be used
To whom the personal information may be disclosed
Use and Disclosure of Contact Information
As part of our role as strata managing agents, we may collect and use contact details such as phone numbers and email addresses to effectively carry out our duties.
This may include disclosing such information to relevant third parties, such as contractors, service providers, or other parties involved in the management and maintenance of the property, where necessary to coordinate works, respond to issues, or provide services.
We take reasonable steps to ensure that any disclosure is limited to what is necessary and that your information is handled appropriately.
Privacy Officer
We have appointed a Privacy Officer to manage privacy-related matters. The Privacy Officer is responsible for handling:
Requests to access or correct personal information
Privacy-related enquiries and complaints
Staff Training
All employees receive regular privacy training to ensure they understand and comply with our obligations under the Privacy Act.
Our Privacy Policies
We have implemented privacy policies covering key areas of our business, including:
1. Real Estate and Strata Services
We maintain a Privacy Policy and Privacy Collection Notice (or a combined document) which is provided to current, prospective, or former clients, as well as any individuals who supply us with personal information.
These documents are available:
On our website
At our office
At property inspections (where applicable)
By email during initial communication with clients or other individuals
2. Website Privacy
Our website, www.cfstrata.com.au, operates under a dedicated privacy policy that governs the collection and use of personal information through the website.
Ongoing Review
If our business practices change, we will review our privacy policies to determine whether updates or additional policies are required to ensure continued compliance.
Cybersecurity & Data Protection
At C.F. Strata Management and Wedd Realty, we are committed to protecting the security and privacy of our customers’ data. Our Cybersecurity and Data Protection Policy outlines the robust measures we use to safeguard sensitive information and maintain a secure, resilient digital environment.
We implement a comprehensive, multi-layered security approach that includes data encryption, secure network architecture, endpoint protection, and strict access controls. All systems are protected by mandatory two-factor authentication (2FA) to prevent unauthorised access.
Our systems are continuously monitored and updated to respond to the evolving cyber threat landscape. This includes real-time threat intelligence, regular vulnerability assessments, and ongoing system enhancements. In addition, our employees receive regular cybersecurity training to promote a strong, organisation-wide culture of data protection.
In line with industry standards and regulatory requirements, we enforce rigorous data handling, security, and audit procedures to ensure the confidentiality, integrity, and availability of all customer information. Whether data is stored, processed, or transmitted, it is protected through robust technical safeguards and procedural controls.
These proactive measures allow us to uphold the trust our customers place in us and ensure they can engage with our services securely and confidently. Protecting customer data is not just a priority — it is a core part of who we are.
Cookies
This site uses cookies – small text files that are placed on your machine to help the site provide a better user experience. In general, cookies are used to retain user preferences, store information for things like shopping carts, and provide anonymised tracking data to third party applications like Google Analytics. Cookies generally exist to make your browsing experience better. However, you may prefer to disable cookies on this site and on others. The most effective way to do this is to disable cookies in your browser. We suggest consulting the help section of your browser.
Necessary Cookies (all site visitors)
- cfduid: Is used for our CDN CloudFlare to identify individual clients behind a shared IP address and apply security settings on a per-client basis. See more information on privacy here: CloudFlare Privacy Policy.
- PHPSESSID: To identify your unique session on the website.
Necessary Cookies (Additional for Logged in Customers)
- wp-auth: Used by WordPress to authenticate logged-in visitors, password authentication and user verification.
- wordpress_logged_in_{hash}: Used by WordPress to authenticate logged-in visitors, password authentication and user verification.
- wordpress_test_cookie Used by WordPress to ensure cookies are working correctly.
- wp-settings-[UID]: WordPress sets a few wp-settings-[UID] cookies. The number on the end is your individual user ID from the users database table. This is used to customize your view of admin interface, and possibly also the main site interface.
- wp-settings-[UID]:WordPress also sets a few wp-settings-{time}-[UID] cookies. The number on the end is your individual user ID from the users database table. This is used to customize your view of admin interface, and possibly also the main site interface.
Who Has Access To Your Data
If you are not a registered client for our site, there is no personal information we can retain or view regarding yourself.
If you are a client with a registered account, your personal information can be accessed by:
- Our system administrators.
- Our supporters when they (in order to provide support) need to get the information about the client accounts and access.
Security Measures
We use the SSL/HTTPS protocol throughout our site. This encrypts our user communications with the servers so that personally identifiable information is not captured/hijacked by third parties without authorization.
In case of a data breach, system administrators will immediately take all needed steps to ensure system integrity, will contact affected users and will attempt to reset passwords if needed.