fbpx

Salt Space Privacy Policy

Privacy Policy Salt Space Coworking | Level 1, 888 Brunswick Street, New Farm, Brisbane QLD 4005

Thanks for contacting us at Salt Space. This policy explains the what, how, and why of the information we collect when you visit us at Level 1, 888 Brunswick Street, New Farm, or on our website (www.saltspace.com.au) or contact us via email or telephone. It explains the specific ways we use and disclose that information.

At Salt Space (us, our and we), your privacy is important to us and we are dedicated to ensuring your personal information remains private. We only use your personal information for the purposes of running the business and we never sell lists or email addresses. The following privacy policy applies to all our information collection and conforms to all Australian Privacy Principles under the Privacy Act 1988 (Cth).

Definitions

In this privacy policy, these terms have the following meanings:

“Client” means any person or entity that uses our services on a casual or ad hoc basis, including meeting room hire, studio hire, or hot desk day passes, without being a registered Member.

“Member” means any person or entity that is registered with us to use our coworking space, virtual office, or mailing address services.

“Personal Information” means any information or an opinion that identifies or can be used to identify a Member, Client, or Visitor, directly or indirectly. Examples include first and last name, email address, telephone number, occupation, photographic identification, or other demographic information.

“Prospective Member” means anyone who contacts our business to enquire about our services.

“Us”, “our” and “we” means Salt Space coworking business and its employees.

“Visitor” means any person who enters our premises who is not a registered Member or Client, including guests of Members and members of the public.

“Website(s)” means any website(s) we own and operate (such as www.saltspace.com.au) or any web pages, social networks or other online, mobile, or wireless offerings that post a link to this privacy policy.

“You” and “your” means, depending on the context, a Member, Client, Prospective Member, or Visitor.

What Information We Collect

We may collect a range of personal information from Members, Clients, and Prospective Members where it is necessary in order to operate our business.

Personal information can include such things as a person’s name, contact details, job title, organisation/business name, ABN, ACN, credit card details, bank account details, and real-time information about when they visit the Salt Space workspace.

For Members and Clients using our mailing address, virtual office, or mail receiving services, we are required by law to collect and verify photographic identification. Please see the section “Mailing Address and Virtual Office Services” below for further detail.

How We Collect and Hold Personal Information

Personal information is provided to us voluntarily by you. By giving us this information, you agree to this information being collected, used and disclosed as described in this privacy policy.

Personal information may also be collected by us from public social media platforms or websites in order to assist us to operate our business.

We hold personal information on a secure cloud-based data store. Services we make use of include Google, GSuite, Stripe, Xero, and MailChimp.

Sensitive Information

We do not require you to provide us with any sensitive information. If you provide us with sensitive information, such as health information, on your own accord, we will treat it with the highest confidence and only disclose it as instructed by you. We will not use your sensitive information for the purposes of direct marketing unless you have given us specific prior consent.

Mailing Address and Virtual Office Services

Where you have engaged us to provide a personal or business mailing address or virtual office service, the following applies:

Identity Verification: We are required to verify the identity of all mail receiving clients in accordance with Australia Post’s Mail Receiving Agent Code of Practice and applicable Australian Communications and Media Authority (ACMA) guidelines. To fulfil this legal obligation, we will ask you to provide a copy of photographic identification (such as a driver’s licence or passport) prior to activating your service.

Deletion of ID Copies: Once your identity has been successfully verified, we will permanently delete the copy of your photographic identification. Verification is typically completed within 2 business days of receipt, and your ID copy will be deleted promptly upon confirmation. We do not retain copies of identification documents beyond this point.

Mail Handling: We handle incoming mail and parcels on your behalf. We use your contact details to notify you of mail or parcel arrivals and to facilitate collection or forwarding. Mail recipient information is used solely for these purposes.

Mail Forwarding: If you have requested a mail forwarding service, we may share your nominated forwarding address with Australia Post or courier services as necessary to fulfil the service.

Business Address Registration: If you choose to use our address as your registered business address with ASIC or other bodies, this is done at your discretion and you remain responsible for maintaining accurate details with those organisations. We do not accept liability for third-party correspondence directed to our address on your behalf.

Use or Disclosure

We collect and use personal information in order to:

  • Provide our members and clients with an operational workspace. We collect your personal information so that we can communicate with you about our policies, procedures, day-to-day housekeeping, upcoming events, and relevant operational issues (e.g. maintenance, internet usage, etc.).
  • Confirm a Member’s, Client’s, or Prospective Member’s identity. We require personal information to identify individuals using our services. Where 24/7 or extended hours access is requested, we will ask to see some form of photographic ID (driver’s licence, passport, etc.). For mailing address and virtual office services, photographic ID is collected and then deleted upon verification — see “Mailing Address and Virtual Office Services” above.
  • Communicate with our Members and Clients about their account and provide customer support. To promote the use of our services to you and others. If we collect your personal information when you visit or call us and you do not sign up for any of our services, we may send you an email inviting you to do so. You can stop receiving our promotional emails by following the unsubscribe instructions included in every email we send.
  • Bill and collect money owed to us by our Members and Clients. This includes sending emails, invoices, receipts, overdue notices, and alerting you if we need updated payment details. We use secure payment processing via Stripe — we do not store your full credit card details directly. Billing information is sent to Stripe, our PCI-compliant payment processor.
  • Manage meeting room and studio hire bookings. When you book a meeting room or studio, we collect your name, contact details, and payment information to confirm and manage your booking, and to follow up after your session where relevant.
  • Foster business relations between Salt Space members. We maintain a Salt Space business directory which we will invite you to join and provide your business details for sharing with other coworkers at Salt Space. Participation in the directory is optional.
  • Notify Members, Clients, and Prospective Members of news and event information. We use a variety of methods — email, posters, face-to-face communication — to keep you informed about news and events that may be relevant to you.
  • Customise, measure and improve our services. We provide opportunities for Members and Clients to give us feedback and suggestions regarding our services.
  • Provide safety and security to all persons entering the building. We use video surveillance (CCTV) to monitor building security and to investigate policy breaches. Video recordings are retained for seven (7) days and then deleted. We also use electronic door access systems which record who enters the building, the time of entry, and which areas of the building are accessed. Door access logs are retained for ninety (90) days and then deleted.
  • Monitor and manage data bandwidth. We collect information about your computer and other digital devices, IP address, and bandwidth usage when you connect to our internet service, to assist us in providing a reliable, fast internet service. We may use this information to restrict your access if your usage falls outside our fair use policy.
  • Comply with legal and regulatory obligations, including those applicable to mail receiving agents under Australian law.
  • Other purposes related to the provision of our services.

Sharing of Information with Other Organisations and Cross-Border Disclosure

We use third-party international service providers in the provision of our services where we believe the overseas entity is subject to the same or similar privacy laws to those found in Australia, or you have otherwise consented to the disclosure.

Organisations that we regularly share personal information with include Google, GSuite, Stripe, Xero, and MailChimp. We may also share limited personal information with Australia Post or courier services where required to fulfil mail forwarding services.

We will not sell or provide your information to a third party for the purposes of direct marketing.

If you do not provide us with the personal information we request, we may be unable to provide you with the full range of our services and, depending on the information withheld, you may be ineligible to become a Member or access certain services.

Individuals who are residents of the EEA can object to the processing of their Personal Information, ask to restrict processing, or request portability of their personal information. You can exercise these rights by contacting us using the contact details below.

Direct Marketing

Direct marketing is the promotion of goods and services directly to you including through emails, SMS, phone calls and the post. We will only send you direct marketing materials if you would reasonably expect to receive them, or you have consented. If it is impractical to gain your consent, we will always provide a simple means for you to request not to receive the material. We will not use your sensitive information for the purposes of direct marketing unless you have given us specific prior consent.

Security

The security of your personal information is important to us and we use recommended industry standards when storing and dealing with your personal information. To prevent unauthorised access or disclosure, and to ensure the accuracy and proper use of your personal information, we use a range of physical, technical, and administrative measures including:

  • Hosting our site on servers located in secure third-party centres which employ best-practice procedures in relation to data security.
  • Ensuring that all personnel or staff engaged by us are made aware of the contents of this Privacy Policy and any additional policies and procedures relating to the use, protection, and disclosure of personal information.
  • Using secure payment processing — we do not store full credit card numbers directly; payment data is handled by Stripe, our PCI-compliant payment provider.
  • Promptly and securely deleting identity documents once verification has been completed.

While we take all reasonable steps to ensure that your personal information is protected from misuse, interference, or loss, no method of transmission over the internet or electronic storage is 100% secure. In the event of a data breach that creates a real risk of harm to you, we will notify you and the Office of the Australian Information Commissioner (OAIC) as required under the Notifiable Data Breaches (NDB) scheme under the Privacy Act 1988 (Cth).

You should also ensure that you keep your account passwords confidential, change them regularly, and always log out of any secure pages.

Accuracy and Retention of Data

We do our best to keep your data accurate and up to date. If your information changes (for example, a new email address or business address), you are responsible for notifying us of those changes.

Upon request, we will provide you with information about whether we hold, or process on behalf of a third party, any of your Personal Information. We will retain your information for as long as necessary to comply with our legal obligations, resolve disputes, prevent abuse, and enforce our agreements.

The following specific retention periods apply:

  • CCTV video recordings: retained for 7 days, then automatically deleted.
  • Door access logs: retained for 90 days, then deleted.
  • Identity documents collected for mailing address/virtual office verification: deleted within 2 business days of successful verification.
  • Billing and transaction records: retained as required by Australian tax law (generally 5 years).

Making a Complaint

If you have a concern or complaint relating to our handling of your personal information or any breach of the Australian Privacy Principles (APPs), please send a written note to work@saltspace.com.au outlining the nature of your complaint. We will endeavour to respond within 30 days of receipt.

If your complaint is not resolved to your satisfaction, it may be referred to an external dispute resolution body or, if necessary, taken to the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.

Contact Us

If you have questions, suggestions or concerns about this policy, please contact us:

Email: work@saltspace.com.au Mailing address: Salt Space, Level 1, 888 Brunswick Street, New Farm, Brisbane QLD 4005 Website: www.saltspace.com.au

This policy was last reviewed April 2026. Salt Space reserves the right to update this policy from time to time. We will notify Members and Clients of material changes by email or by posting a notice on our website.