Privacy policy

Protecting your privacy

This Privacy Policy applies to the Green Building Council of Australia (ABN 43 100 789 937) ("GBCA"). In this Privacy Policy the terms "we", "us" and "our" are a reference to the GBCA.

The GBCA is committed to protecting your privacy and is bound by the Australian Privacy Principles in the Privacy Act 1988 (Cth) ("Privacy Act") as well as other applicable laws protecting privacy.

1. About the GBCA and this Privacy Policy

The GBCA recognises the importance of safeguarding your personal information. We collect personal information about you in the course of providing our services to you.
We want you to understand the terms and conditions surrounding the capture and use of any personal information we gather. This Privacy Policy discloses what information we gather, how we use this information and how you can correct or change it. Changes to this document are done periodically and will be posted on the GBCA website.

2. Collection

We may gather two types of information about you:

  1. Personal information (such as your name, phone number, email address, business address, employer organisation, job title and profession), provided by you for the services we offer; and
  2. Information generated by our system which tracks traffic to our website.

We collect personal information directly from you when you:

  • register for the Green Star Certification process;
  • register for one of our courses or events;
  • make an enquiry about our services;
  • subscribe to communications from us such as updates, publications or newsletters;
  • contact us to provide feedback, comments or suggestions on our functions and activities; or
  • otherwise interact with us or disclose your personal information to us.

We may also collect personal information about you indirectly from other people or organisations, including from:

  • data partners such as relevant government entities or other certification bodies
  • service providers, agents and contractors that provide services on our behalf such as subscription management providers or event management software ; and
  • publicly available sources of information.

Where we receive information about you indirectly from third parties, we require that the third party has collected and shared that information in accordance with this Privacy Policy, where applicable.

3. Use of Personal Information

We use the personal information we collect:

  • to administer and manage the services provided to you such as certification, education, event and membership services;
  • to provide client and member support, including conducting and responding to enquiries, feedback, comments and complaints about our services;
  • to distribute our newsletters and other communications about us, either alone or with the assistance of third party service providers (however we do respect the right of individuals to ask us not to do this);
  • for internal data analysis and research purposes and to improve our services;
  • to provide analytics to clients and members on their project performance and overall use of our systems and services;
  • to maintain our records and to comply with legal obligations; and
  • for any other purpose to which you consent or that is disclosed at the time information is collected.

We may use your personal information for any other purpose related to the above if the related purpose would be within your reasonable expectations or for any other purpose to which you give your consent and as otherwise provided in the Privacy Act. This may involve sending your personal information overseas.
At any time you have the option to opt out from receiving any future marketing material by contacting the GBCA using the contact details below.

4. Voluntary Submission of Information

You may use the Website without disclosing personally identifiable information, and we will not obtain such information about you unless you choose to submit it to us. Your submission of information authorises our use of that information. Please note that submission of an email authorises us to contact you via e-mail.

5. Holding, correction and updating personal information

Any personal information that you provide to us in paper form will be collected and held by us at our offices at Level 31, International Towers, Tower Two, 200 Barangaroo Ave, Barangaroo NSW. Personal information in electronic form is stored on servers located in Sydney. Under the Privacy Act you have the right of access to, and correction of, personal information we hold. If you find that information we hold about you is incorrect, please contact us immediately and we will correct it.

6. Disclosure of information

We may disclose your personal information to our employees, contractors, agents, and other third parties in connection with our functions and activities, including regulatory bodies or government agencies as required by law.

We may also disclose personal information to our suppliers and service providers that provide products and services to us in connection with our functions and activities, including third parties who:

  • deliver marketing and digital services;
  • mailing, courier and print service providers;
  • conduct data analysis and data matching services;
  • conduct market research, surveys and analysis;
  • host our servers and websites;
  • provide IT services including data processing, storage and back-up;
  • process payments;
  • are our lawyers, financial advisors and accountants;
  • provide recruitment consultant services or manage HR information such as payroll and superannuation.

Some of the third-party service providers to whom we disclose your information may have servers located overseas in various countries, including countries within Europe, the Asia Pacific and the Americas.
Before we disclose your information to overseas recipients, we will take reasonable steps to ensure that your information is only used for authorised purposes and adequately protected using appropriate technical, organisational and contractual means. You consent to us disclosing your personal information to overseas recipients on this basis.

7. Protection and security of personal information

We take responsible steps to protect all personal information we collect or hold from misuse and loss, and from unauthorised access, modification and disclosure.

8. Credit card information

If you wish to purchase products from the website, you will be required to submit your credit card information to the Website. This information will be sent directly to our third party payment service run by eWay. eWay provides a level 1 PCI DSS (Payment Card Industry Data Security Standards) compliant payment gateway service to us that is used to securely process customer payments. At no time will your credit card information be seen, collected or otherwise obtained by GBCA.

In some instances we take credit card payments over the phone. In these instances, credit card details are not stored in GBCA's computer systems.

9. Other sites

Our Website contains links to third party websites, for your convenience and information. When you access a third party website, please understand that we are not responsible for the privacy practices of that website. We suggest that you review the privacy policies of each site you visit.

10. Social networking services

We use social networking services such as Twitter, Facebook and YouTube to communicate with the public about our work. When you communicate with us using these platforms or services we may collect your personal information, but we only use it to help us to communicate with you. The social networking service will also handle your personal information for its own purposes. These services have their own privacy policies. You can access the privacy policies for TwitterFacebook and YouTube (a Google company) on their websites. You should read the privacy policy and terms and conditions of each service very carefully before deciding whether to accept them. You should also be careful to ensure that you only post information online if you are happy for it to be and to remain publicly available.

11. Cookies and IP address tracking

We may use a cookie file containing information that can identify the computer you are working from. You can choose to refuse cookies by turning them off in your browser and/or deleting them from your hard drive.
You will not be able to maintain a logged in session if cookies are not used.
The Website may also detect and use your IP address or domain name for internal traffic monitoring and capacity purposes or to otherwise administer the Website. No personal information is obtained, rather the patterns of usage of visitors to the Website may be tracked for the purposes of providing improved service and content based on aggregate or statistical review of user site traffic patterns.

12. Changes to this Privacy Policy

We reserve the right to change this Privacy Policy at any time. If we do so, we will post any updated Privacy Policy on the Website. We will notify our users of any change to our information handling policy that requires consent before implementing.

13. Failure to provide information

Failure to provide the necessary personal information when requested may result in certain services not being available to you.

14. Coverage and Complaints

Our privacy policy statement covers the Green Building Council of Australia Ltd ABN 43 100 789 937. If you have any complaint on the basis that you feel your privacy has been breached because we have failed to comply with this Privacy Policy, you should contact us using any of the following methods:

GBCA details

Address: Level 31, International Towers, Tower Two, 200 Barangaroo Ave, Barangaroo NSW 2000 

Telephone: 02 8239 6200


Alternatively, you can lodge a complaint with The Office of the Australian Information Commissioner at 

This Privacy Policy was last updated on 28 October 2021.

Email us