Privacy Policy

Drug Test Australia

Last updated: September 8, 2025  |  ABN: 28 631 469 497

This Privacy Policy covers both our online store and website (Shopify-powered) and our wider drug testing services as required under the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

Scope

Drug Test Australia Pty Ltd (“DTA”, “we”, “us”, “our”) operates this website and online store, and provides drug and alcohol testing services to clients across Australia. This Policy explains how we collect, use, disclose and protect personal information for:

  • Website visitors, account holders and shoppers (e-commerce/Shopify); and
  • Clients, referees and drug test donors (operational services subject to the APPs).

Quick Index

Part A — Website & E-Commerce (Shopify) Part B — Operational Privacy (APPs) Your Rights & Choices Security & Retention International Transfers Changes to this Policy Contact & Complaints

Part A — Website & E-Commerce (Shopify)

We use Shopify to power our online store and some related services. By using our website or store, you acknowledge this Policy and consent to our collection, use and disclosure of personal information as described here.

Information We Collect

  • Contact details (name, email, phone, billing/shipping addresses).
  • Account details (username, password, preferences).
  • Transaction details (items viewed/purchased/returned, order history, payment confirmations).
  • Payment details (processed securely via our payment providers).
  • Device & usage data (IP address, browser/device type, cookies and similar technologies, interaction logs).
  • Communications (emails, support requests, reviews).

How We Use This Information

  • Provide & improve services — process orders, fulfil deliveries/returns, manage accounts, personalise your experience.
  • Marketing — send promotional emails/SMS (you can unsubscribe), show relevant ads on our site and others.
  • Security & fraud prevention — authenticate accounts, detect/prevent fraudulent or malicious activity.
  • Legal — comply with law, respond to lawful requests, enforce our terms.

Cookies & Similar Technologies

We and our providers use cookies and similar technologies to operate the site, keep you signed in, remember preferences, analyse performance, and support advertising. You can manage cookies in your browser; disabling some cookies may affect site functionality.

How We Disclose Information

  • Shopify (hosting, analytics, personalised experiences across Shopify’s network of merchants).
  • Vendors & service providers (IT, payment processing, email & SMS platforms, analytics, fulfilment and shipping).
  • Business and marketing partners (subject to their privacy notices and your choices).
  • Affiliates / corporate group, or in connection with a business transaction (e.g., merger/asset transfer).
  • Where you direct or consent (e.g., social logins, shipping integrations), or where required by law.

Third-Party Links

Our Services may link to third-party sites. Their privacy and security practices apply to your use of those sites. We’re not responsible for their content or policies.

Children’s Data

Our Services are not intended for children. We do not knowingly collect personal information from individuals under the age of majority in your jurisdiction.

Part B — Operational Privacy (APPs)

For our drug testing operations, DTA manages personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). As a contracted service provider to certain government agencies, we may handle personal information as an Agency in limited contexts (e.g., government-related identifiers under APP 9).

Information Flow (APP 1)

  • We collect information that is reasonably necessary for our functions and activities as a drug testing provider (APP 6).
  • We take reasonable steps to ensure information is current, complete and accurate, including cross-checks when appropriate.
  • We store information in our records systems and may disclose to overseas recipients where relevant (APP 8).
  • Before use or disclosure, we take reasonable steps to confirm information remains current and relevant (APP 6).
  • Subject to exceptions, you may request access (APP 12) and correction (APP 13).
  • We destroy or de-identify information when no longer required and lawful (APP 11). Commonwealth Records are retained as required by law.

Kinds of Information We Collect and Hold

Clients/Customers — business/facility details, contact details, addresses, trade references.

Referees — information relevant to client suitability assessments (e.g., credit/suitability checks).

Drug Test Donors — proof of identity (name, unique identifier, employer), consent/signature, and test results necessary for service delivery and site access policies.

Purposes of Collection, Use & Disclosure

  • Clients/Customers — relationship management, service delivery, compliance, analytics/statistics, policies and procedures.
  • Referees — identity/authority confirmation and business suitability assessment.
  • Drug Test Donors — testing and reporting consistent with employer programs and site safety management.

Direct Marketing (APP 7)

We may use client/customer details to market our services to you. We do not sell personal information to third parties for their direct marketing. You can opt out of DTA marketing at any time.

How We Collect Information

  • Directly from you (forms, emails, service interactions, test submissions).
  • Third parties & publicly available sources where reasonable (e.g., to verify information you provide).
  • Electronic transactions (online forms, email, tele/video conferences, logs) — we take reasonable steps to implement practices to comply with the APPs.

Photos & Images

We do not request photographs or video capture where sighting of identity documents is sufficient. Any workplace surveillance would comply with disclosure requirements and be implemented to protect staff and visitors without compromising security.

Overseas Disclosures (APP 8)

Some service providers or systems may be located overseas. Where applicable, we take reasonable steps to ensure APP-compliant handling or rely on lawful exceptions.

How We Hold & Protect Information (APP 11)

  • Records stored in locked physical storage and secure electronic systems (including reputable cloud services).
  • Access controls, granular permissions, firewalling and monitored IT administration.
  • Staff training, clean-desk practices, need-to-know access, password policies, portable media controls.
  • Retention policies and secure destruction/shredding when lawful and appropriate.

Disclosure

We may disclose personal information for the primary purpose for which it was collected or a related lawful purpose, or where otherwise required by law. Typical recipients include:

  • Internal teams and related entities;
  • Clients (e.g., employer program reporting), referees;
  • Contracted service providers (CSPs) such as software/IT, database, legal and professional advisers, insurers, screening agents.

We take reasonable steps to ensure CSPs protect personal information and do not cause us to breach the APPs.

Access & Correction (APP 12 & 13)

You may request access to or correction of your personal information (subject to lawful exceptions such as evaluative material shared in confidence). We will take reasonable steps to ensure information is accurate, up to date, complete, relevant and not misleading.

Your Rights & Choices

  • Access/Know — request access to personal information we hold about you.
  • Delete — request deletion, subject to legal/contractual retention requirements.
  • Correct — request correction of inaccurate information.
  • Portability — request a copy in a transferable format where feasible.
  • Marketing preferences — opt out of DTA marketing at any time (unsubscribe link or contact us).

We may need to verify your identity and, where lawful, may decline certain requests (we’ll explain why). You may authorise an agent to act on your behalf with appropriate proof.

Security & Retention

No system is “perfectly secure,” but we take reasonable steps to protect personal information against misuse, interference, loss, and unauthorised access, modification or disclosure. Retention periods vary depending on account management, service delivery needs, legal obligations, dispute resolution and policy enforcement requirements.

International Transfers

We may transfer, store and process personal information outside Australia. For some jurisdictions (e.g., EEA/UK), we may rely on appropriate transfer mechanisms (e.g., Standard Contractual Clauses) or lawful exceptions.

Changes to This Policy

We may update this Policy from time to time to reflect changes in law, operations, or technology. Updates are effective when posted with the “Last updated” date above.

Contact & Complaints

Privacy Coordinator
Drug Test Australia Pty Ltd
92 Masonite Road, Tomago, NSW 2322, Australia
Phone: (02) 4964 5519
Email: sales@drugtestaustralia.com.au

How to Complain

If you have concerns about our handling of your personal information, please contact us in writing. Include your contact details, a brief description of what happened (including dates and consequences), and what outcome you seek. We will acknowledge your complaint, may request clarification, and aim to respond within 30 days. If you are not satisfied, you may contact the Office of the Australian Information Commissioner (OAIC): oaic.gov.au/privacy/privacy-complaints.

If any part of this Policy is found invalid or unenforceable, the remainder continues in effect.