Privacy Policy

CREST (ANZ) Ltd respects your privacy. This policy governs the policy practices that CREST (ANZ) Ltd applies when handling information it collects through the Website.

CREST (ANZ) Ltd will never sell or give away identifying information that you provide CREST (ANZ) Ltd without your consent. CREST (ANZ) Ltd will not release your information to overseas recipients.


CREST (ANZ) Ltd collects the following information:

  • Company name;
  • ABN;
  • Registered company address postcode;
  • Information about your business’ IT infrastructure;
  • Information about your business’ IT vulnerabilities;
  • Name of individual representative;
  • Email address of individual representative;
  • Phone number of individual representative;
  • Inadvertently collected personal information.

We will ask you when we need information that personally identifies you (personal information) or allows us to contact you. Generally, this information is requested when you register for the Website or when you download Software. We use your personal information for the following purposes:

  • To facilitate the use of the Website.
  • To help us create content most relevant to you.
  • To provide you with a customized certificate.
  • To process bookings.
  • To contact you if necessary.


If you choose not to register or provide personal information, you can still use part of the Website. But you will not be able to access areas that require registration.

If you perform any bookings through our Website you consent to your personal information being sent to the relevant CREST (ANZ) Ltd member to allow that member to process your booking.


You have a right to request personal information about you that we hold and to request its correction if it is inaccurate. If you are registered to the Website, we will provide you with the means to ensure that your personal information is correct and current through the Website This process allows you to review and update your personal information at any time. If you are not registered, you may make such requests via our contact details listed below.


Crest (ANZ) Ltd has taken strong measures to protect the security of your personal information and to ensure that your choices for its intended use are honored. We take strong precautions to protect your data from loss, misuse, unauthorized access or disclosure, alteration, or destruction.

You also have a significant role in protecting your information. No one can see or edit your personal information without knowing your user name and password, so do not share these with others.


If you have any concerns, including potential breaches of the Australian Privacy Principles you can contact Crest (ANZ) Ltd at:

Chief Executive Officer
Greg Rudd
CREST Australia New Zealand Ltd
15 London Circuit
Canberra, ACT 2601
[email protected].

We will endeavor to reply to any substantiated concerns within 7 business days.

If you believe that Crest (ANZ) Ltd has not adequately handled your privacy complaint, you may complain to the Office of the Australian Information Commissioner (OAIC).


If we received unsolicited personal information we will, as soon as is practicable, and only if it is lawful and reasonable to do so, delete or de-identify that information.

We will take such steps as are reasonable to notify you of the receipt of the information at the time of destroying the information and provide you with the following:

  • The name of CREST (ANZ) Ltd and our contact details;
  • That we have collected your personal information;
  • We will refer you to this privacy policy;
  • Bring to your attention that our APP policy provides information on how you may complain about a breach of the APP principles.