Serving South-East Melbourne
Open 9am–6pm · 7 days email us
Legal

Privacy Policy

Last updated: 2 June 2026

1. Who we are

Comstar IT Solutions (ABN 93 061 298 407) is a Melbourne-based IT support business run by Stas Kouprine. We provide managed IT services, network and Wi-Fi setup, cybersecurity, cloud and Microsoft 365, CCTV installation, and custom PC builds to households and small businesses across South-East Melbourne.

This Privacy Policy sets out how we handle your personal information — what we collect, why we collect it, how we store it, and what rights you have. It applies whenever you visit our website at comstarit.com.au, contact us by phone, email or through our enquiry form, or engage us to carry out work.

We comply with the Privacy Act 1988 (Cth) and the thirteen Australian Privacy Principles (APPs). We also follow relevant Victorian legislation where it applies. If anything here doesn't make sense, you're welcome to call or email us and ask — our contact details are at the bottom of this page.

2. What information we collect

Under the Privacy Act, "personal information" means any information or opinion about you that could reasonably identify you. In practice, the personal information we're likely to collect falls into a few categories:

Contact information

Your name, email address, phone number, and — if you're a business client — your business name and street or office address. This is the basic information we need to respond to an enquiry, provide a quote, or schedule a visit.

Enquiry and correspondence

Whatever you tell us in a contact form submission, an email, a phone call, or a text message. This includes the nature of your IT issue, any details about your setup, and any follow-up correspondence between us.

Service and technical information

When we're working on your systems — whether that's remotely or on-site — we may need to access or record technical details like device names, network configurations, IP addresses, software licence information, and account usernames. We never ask you to send passwords by email, and we recommend using a secure method if you need to share credentials with us.

Website usage data

When you visit comstarit.com.au, we collect standard technical data through Google Analytics (see section 7 below). This includes your IP address, browser type and version, the device you're using, which pages you visit, how long you spend on each page, and how you arrived at our site (for example, through a Google search or a direct link).

Payment and billing information

If you engage us for paid work, we'll need billing details to issue invoices. We don't store credit card numbers on our systems — payments are processed through secure third-party payment platforms or direct bank transfer.

Information we don't usually collect

We don't generally collect sensitive information as defined in the Privacy Act (such as health information, biometric data, religious beliefs, or criminal records). In the unlikely event we ever needed to, we would seek your explicit consent first, unless the law says otherwise.

3. How we collect it

Most of the time, we collect personal information directly from you. This happens when you:

  • fill in and submit our website contact form;
  • call us on 0411 074 873 or send us an email;
  • ask us for a quote or engage us for a job;
  • give us access to your systems so we can carry out work; or
  • browse our website (in which case your browser automatically sends technical data to our analytics tools).

Occasionally, we might receive information about you from someone else — for instance, if a family member contacts us on your behalf, or if another client refers you to us. Where that happens, we'll let you know as soon as practical.

If you choose not to give us certain information, that's your right — but it may mean we can't respond to your enquiry or provide the service you're after. For example, we can't send you a quote if we don't have an email address or phone number to reach you on.

4. What we do with it

We use your personal information for straightforward, practical purposes. Specifically:

  • Responding to you — replying to your enquiry, answering questions, and giving you a quote or recommendation.
  • Providing our services — carrying out the IT work you've engaged us for, which may involve accessing and configuring your devices, networks and accounts.
  • Scheduling and coordination — booking on-site visits, sending appointment reminders, and following up after a job.
  • Billing and record-keeping — issuing invoices, processing payments, and maintaining our business records and accounts.
  • Improving what we do — understanding how people find and use our website so we can make it more useful, and identifying ways to improve our services.
  • Staying in touch — with your consent, sending occasional updates about services or information we think might be relevant to you (you can opt out of this at any time).
  • Meeting legal obligations — complying with Australian laws, including tax and record-keeping requirements.

We won't use your information for anything unrelated to these purposes unless we ask for your permission first, or the law requires it.

5. When we share your information

We don't sell, rent out, or trade your personal information. Full stop.

There are a limited number of situations where we may share your information with a third party:

  • Service providers we use to run the business — for example, our website hosting provider, the form delivery service that processes our contact form submissions (currently Formgrid), our email platform, our accounting software, and cloud tools like Microsoft 365. These providers only receive the information they need to provide their service to us, and they have their own privacy obligations.
  • Professional advisers — our accountant or a lawyer, where reasonably necessary for business or legal matters.
  • Law enforcement or regulators — if we're legally required to hand over information, for example in response to a court order or a formal request from a government agency.
  • A buyer of the business — if the business were ever sold or transferred, your information might be part of that transfer. We'd let you know if that happened.

6. Overseas transfers

Some of the third-party tools and platforms we use store data on servers outside Australia. In particular:

  • Google Analytics data is processed on Google's infrastructure, which includes servers in the United States and other countries.
  • Our form delivery provider and email services may also process data outside Australia.

We can't always control where these providers host their infrastructure, but we choose reputable, well-known providers who maintain strong data protection standards. Where we share personal information with an overseas recipient, we take reasonable steps to make sure it's handled in a way that's consistent with the Australian Privacy Principles.

7. Cookies, analytics and tracking

Our website uses cookies — small text files that your browser stores on your device. Most modern websites use them, and ours is no different. Here's specifically what we use and why:

Google Analytics 4 (GA4)

We use Google Analytics (measurement ID: G-B9PH99TEC3) to understand how visitors use our website — things like which pages are most popular, how people find us, and what devices they browse on. Google Analytics uses cookies to distinguish between visitors and track page views. The data we see is aggregated and doesn't personally identify you by name or email. Google's own privacy policy explains how they handle analytics data: policies.google.com/privacy.

Google Ads

If we're running advertising campaigns through Google, additional tracking cookies may be set to measure whether our ads lead to enquiries. This helps us understand whether our advertising spend is effective. These cookies don't give us access to your personal browsing history on other websites.

Essential cookies

Our website may set functional cookies to remember your preferences (such as whether you've dismissed a notice) and to make the site work properly. These aren't used for tracking.

Managing cookies

You can control or delete cookies through your browser settings. Most browsers let you block cookies altogether, clear existing cookies, or get notified before a cookie is set. Bear in mind that turning off all cookies might affect how some parts of the website work. For step-by-step instructions, check your browser's help documentation or visit allaboutcookies.org.

8. Marketing communications

We might occasionally send you information about our services — for example, a tip about keeping your systems secure, or a note about a new service we're offering. We'll only do this if you've given us your contact details and would reasonably expect to hear from us, or if you've specifically opted in.

Any marketing we send will comply with the Spam Act 2003 (Cth) and will always include a clear, working way to unsubscribe. If you'd rather not receive anything from us beyond what's needed for the job at hand, just let us know — we'll respect that straight away, no questions asked.

9. How we keep your information safe

We take reasonable steps to protect your personal information from misuse, interference, loss, and from unauthorised access, modification or disclosure. In practical terms, this means:

  • Our website runs over HTTPS, which encrypts data in transit between your browser and our server.
  • Access to client records and correspondence is restricted to authorised personnel (which, as a sole operator, means Stas).
  • We use reputable, well-established platforms for email, cloud storage and file management, each with their own enterprise-grade security measures.
  • When we access your systems remotely, we use established remote support tools with encrypted connections.
  • Any physical documents containing personal information are stored securely and disposed of properly when no longer needed.

No system is completely immune to security threats — that's true across the entire internet. But we do our best to keep your information safe, and if we ever became aware of a data breach that was likely to cause you serious harm, we would notify you and the Office of the Australian Information Commissioner as required under the Notifiable Data Breaches scheme.

10. How long we keep it

We don't keep your information for longer than we need to. The specific retention period depends on the type of information and why we collected it:

  • Enquiry form submissions — if your enquiry doesn't lead to a paid engagement, we generally keep the correspondence for up to 12 months so we can refer back to it if you get in touch again, then delete it.
  • Client records — for ongoing or past clients, we keep records related to the work we've done (invoices, service notes, configuration records) for at least five years to comply with Australian tax and business law. Some records may be kept longer if there's a genuine business reason.
  • Analytics data — Google Analytics retains data according to Google's own retention settings. We have this set to 14 months, after which it's automatically deleted by Google.

When information is no longer needed, we take reasonable steps to delete or de-identify it.

11. Accessing and correcting your information

You have the right to ask us what personal information we hold about you, and to ask us to correct it if it's wrong, out of date, or incomplete. To make a request, email us at info@comstarit.com.au or call 0411 074 873. We'll respond within a reasonable timeframe — usually within 14 days, often sooner.

In rare cases, we may be permitted or required by law to refuse a request (for example, if the information relates to existing or anticipated legal proceedings). If that happens, we'll explain why and what options you have.

There's no charge for making an access or correction request. If a request would require an unusual amount of work to fulfil (for example, compiling records across multiple systems), we'll discuss that with you before proceeding.

12. Children

Our services and website aren't aimed at children under 16. We don't knowingly collect personal information from children. If you believe a child has submitted personal information through our website, please let us know and we'll delete it promptly.

13. Making a complaint

If you think we've mishandled your personal information or breached the Australian Privacy Principles, we'd genuinely like to know about it so we can put things right. The first step is to contact us directly — email info@comstarit.com.au or call 0411 074 873 — and explain what happened. We'll acknowledge your complaint within a few days and aim to resolve it within 30 days.

If you're not satisfied with how we've handled your complaint, you can lodge a formal complaint with the Office of the Australian Information Commissioner (OAIC):

14. Updates to this policy

We may update this policy from time to time — for instance, if we start using a new tool or service, or if there's a change in the law that affects how we handle data. When we make changes, we'll update the "last updated" date at the top of this page. We won't retrospectively reduce your rights without telling you.

It's worth checking back here occasionally, but we don't expect it to change frequently. If we make any changes that materially affect how we handle your information, we'll make reasonable efforts to let you know.

15. Getting in touch

If you have any questions about this Privacy Policy, want to make a request about your personal information, or just want to understand something better, here's how to reach us:

  • Comstar IT Solutions (ABN 93 061 298 407)
  • Email: info@comstarit.com.au
  • Phone: 0411 074 873
  • Hours: 9 am – 6 pm, seven days a week
  • Service area: South-East Melbourne, Victoria, Australia
In plain English: We collect only what we need, we don't sell your data, we keep it secure, and you can ask us to show you or delete what we have at any time. If you have concerns, talk to us first — we'll do our best to sort it out.