1. Introduction & Scope
This Privacy Statement applies to Norton Gates Pty Ltd. Norton Gates Pty Ltd is bound by the Australian Privacy Act 1988 (Cth) and manages personal information in accordance with the Australian Privacy Principles (APPs).
2. How to Reach Us
Norton Gates is a wholly owned subsidiary of Gallagher Group Limited. Gallagher Group is based in Hamilton, New Zealand, where we have appointed internal Privacy Officers. If you have an enquiry about this Privacy Statement or a complaint about the way we handle your personal information, or you seek to exercise your privacy rights over the personal information we hold about you, please contact us via email (privacy@gallagher.com) or by calling +64 7 838 9800. You can also write to Privacy Officer, Gallagher Group Limited, 181 Kahikatea Drive, Hamilton 3206, New Zealand.
3. Personal Information, Collection and Uses
3.1 What is personal information?
Personal Information is information about an identified or reasonably identifiable individual. An identifiable individual is a natural person who can be identified, directly or indirectly, by reference to an identifier such as a name, an identification number, location data, or an online identifier or in combination with other data. When we later refer to “contact details”, we mean information such as your name, email address, phone number, and physical address. When we later refer to “product details”, we mean information such as serial number, model type, purchase date, price and service history.
3.2 How we collect personal information.
Norton may ask you to provide us with certain types of personal information if you wish to obtain a particular service or product from us. This might happen via various “channels”, such as over the telephone or by text message (SMS), through our website, by email or by filling out a paper form, by post, or even meeting with us face-to-face and exchanging business cards. We will give you a Collection Notice at the time, or as soon afterwards as is practicable, to explain how we use the personal information we are asking for. This Notice may be written or verbal, and it may point you towards this Privacy Statement. You might also provide personal information to us, without us directly asking for it, for example, if you engage with us on social media.
3.3 Children
We do not knowingly attempt to collect personal information from children (under the age of 16) without written consent from a parent or caregiver.
3.4 Marketing agencies
We do not share your personal information with marketing agencies. Your information will not be sold, exchanged, transferred or given to any other company (other than Gallagher Group Limited) without your consent.
3.5 Third-party service providers
When we temporarily provide your personal information to companies that perform services for us, such as send you email, we require those companies to protect the information in the same manner as Norton. Our third-party service providers are bound by contract only to use your personal information on our behalf and under our instructions. So, these service companies cannot use your personal information for any other purpose than the reason you provided it to Norton.
3.6 Situations where we process your personal information
3.6.1 Safety announcements & Privacy Statement changes
Personal Information: Contact details. Channels: Email.
Purpose for processing: Sending you safety announcements and important information about your Norton products, apps or account, or material changes to this Privacy Statement. The legal basis is our legitimate interest in providing you important information.
3.6.2 Visiting our websites
Personal Information: IP address, type of browser and device, cookies and other identifiers associated with your devices, and geolocation information. Channels: Web or smartphone app.
Purpose for processing: When you choose to access our websites and smartphone apps, we collect limited information about the devices you use. If you have cookies turned on in your browser, then we may place cookies on your computer (see Section 5, Cookies, Web Beacons and Other Technologies). We use these cookies to provide an improved user experience on our websites and to track interest in our products and services. We also collect information for diagnostic and analytic purposes. The legal basis is our legitimate interest in providing visitors to our websites and apps with enhanced user experience, and for statistical market research purposes.
3.6.3 Your opt-in consents for electronic direct marketing
Personal Information: Contact details and preferences. Channels: Any, such as a web form.
Purpose for processing: With your consent, we will process your contact details to send you marketing information about our products and apps, according to the preferences you indicate. The legal basis is your consent.
3.6.4 Email click-tracking & web cookies (our email responses)
Personal Information: Beacons, cookies, tracking links. Channels: Web, email.
Purpose for processing: When we send you an email, we may use technologies (see Section 5, Cookies, Web Beacons and Other Technologies) to see whether you have opened it or clicked on a link in it, as we tailor our interactions with you to personalise your experience. The legal basis is our legitimate interest in collecting statistics about the usage and effectiveness of our emails and websites.
3.6.5 Your compliments, complaints and general enquiries
Personal Information: Contact details, enquiry information. Channels: All.
Purpose for processing: We use your contact details and enquiry information to respond to your message and to monitor and improve the quality of our customer service. We process this information based on Norton’s legitimate interests in providing effective customer support and improving our services.
The legal basis is Norton’s legitimate interests in providing quality product support and information.
3.6.6 Licence and warranty registration; support and repairs
Personal Information: Contact details, product information. Channels: All.
Purpose for processing: When you register your Norton products for licence, warranty and maintenance purposes, we will collect your contact details and information about the products you own, such as their licence keys, serial numbers and date of purchase. To improve customer service, when you interact with our customer support representatives for support and repair, we may record and review conversations. We will capture information relating to the support or service issue, and we may create event logs that are useful in diagnosing product or performance-related issues. We monitor the quality and types of customer and product support we provide, and we analyse any feedback provided to us through voluntary customer surveys. The legal basis for processing is contract.
3.6.7 Staff recruitment
Personal Information: Personal information relating to your job application, including sensitive personal information. Channels: All.
Purpose for processing: If you apply for a job or contract with Norton, we will collect your application information to let us evaluate your suitability for that position. With your consent, we may collect additional personal information about you from your referees and government agencies. We do not share your personal information with marketing agencies. Your information will not be sold, exchanged or given to any other company (other than Gallagher Group Limited who handle some of our data processing and staff recruitment). If your application is unsuccessful, we will retain the information for up to 1 month from your submission of the information. The legal basis for processing is consent.
We use Xref as the data processor to provide the reference service. Personal Data is stored on AWS servers in Australia. We rely on a data processing agreement with Xref to confirm the appropriate safeguards.
Note: If successful then you become an employee under an employment contract, and different privacy policies apply.
3.6.8 Our Business Partners, Channel Partners and Distributors
Personal Information: Contact details. Channels: All.
Purpose for processing: We capture information you provide to administer and develop our business relationship with you. For instance, this may involve using your information to send you details of Norton/Gallagher business partner programs. The legal basis is contract.
3.6.9 Our network of Business Partners, Channel Partners and Distributors
Personal Information: Contact details, information about customers or prospects you
Purpose for processing: To develop and maintain our network of quality partners and distributors, we may share certain information with other business partners (subject to any confidentiality obligations), or Norton / Gallagher customers or prospects. We may also contact you as part of customer satisfaction surveys or for market research purposes, in connection with a particular transaction or program. The legal basis is our legitimate interests in building our network of quality partners and distributors.
3.6.10 Use of our support websites
Personal Information: Email address, website credentials. Channels: Web.
Purpose for processing: If you have a particular kind of business relationship with Norton (for example, supplier, business partner, channel partner, distributor, or certified installer) then we may grant you access to our support websites. If we do this, we will use your contact details to generate separate credentials for these websites. The legal basis is contract.
3.6.11 Other disclosures
Personal Information: All. Channels: All.
Purpose for processing: We may disclose personal data about you to others: if we have your valid consent to do so; to comply with a valid subpoena, legal order, court order, legal process, or other legal obligation; to enforce any of our terms and conditions or policies; or as necessary to pursue available legal remedies or defend legal claims.
If we are involved in a re-organisation, merger, acquisition or sale of our assets, your information may be transferred as part of that deal. In that event, we will notify you by email and outline your privacy choices.
The legal bases here are consent, contract, legal obligations, and Norton’s/Gallagher’s legitimate interests.
4. Your Privacy Choices
You can tailor your marketing preferences, or you may tell us that you do not want any further marketing contact (unsubscribe). You may opt out of any further contact from us. If you ask us not to contact you by email at a certain email address, we will retain a copy of that address on our master “do not send” list in order to comply with your no-contact request.
If you wish to confirm whether Norton is processing your personal information, or to have access to the personal information we may have about you, please contact our Privacy Officers. Reasonable access to your personal information will be provided, usually at no cost, within a reasonable timeframe. If for some reason access is denied, we will explain why.
You may also request information about:
- the purpose of the processing
- the categories of personal information concerned
- who else outside Norton might have received your personal information from us
- what the source of the information was, if you didn’t provide it directly to us, and how long it will be stored.
- You have a right to correct the record of your personal information maintained by Norton if it is inaccurate, and we do not charge for correction of personal information.
You may request that we erase your personal information or cease processing it, subject to certain exceptions. When technically feasible, we will, at your request, provide your personal information to you or transmit it directly to another controller. To protect your privacy and the privacy of others, we may have to verify you are who you say you are, before we give you access to, or change, information about you.
5. Cookies, Web Beacons and Other Technologies
We collect information from your visits to our websites to help us gather statistics about usage and effectiveness, personalise your experience, and tailor our interactions with you. We do so through the use of various technologies, including scripts, tags, Local Shared Objects (Flash cookies), Local Storage (HTML5) beacons, and cookies. A cookie is a piece of data that a website can send to your browser, which may then be stored on your computer as a tag that identifies your computer. You can choose to accept or decline cookies. Cookies are typically categorised as “session” cookies or “persistent” cookies.
“Session” cookies help you navigate through our websites efficiently, keeping track of your progress from page to page, so that you are not asked for information you have already provided during the current visit. Session cookies are stored in temporary memory and erased when the web browser is closed.
“Persistent” cookies, on the other hand, store user preferences for current and successive visits. They are written on your device’s hard disk and are still valid when you restart your browser. We use persistent cookies, for example, to record your choice of language and country location.
Most web browsers automatically accept cookies, but you can usually modify your browser settings to decline cookies if you prefer. This may prevent you from taking full advantage of the website.
Although Gallagher does not deliver third-party online advertisements on our websites, we may advertise our products and services on others’ websites. Please familiarise yourself with the Privacy Statements of those website operators or network advertisers to understand their practices relating to advertising, including what type of information they may collect about your Internet usage.
6. Cross-Border Transfers
Norton headquarters is in Australia, and your personal information is stored on computer systems hosted in Australia. We also use cloud services from SAP, Microsoft, MYOB and Amazon AWS, and we have instructed them to store our data in Australia, where possible.
Your information will be stored on computer systems hosted in Australia. Some processing may be performed in New Zealand. For our cloud service providers in Australia, we rely on Standard Data Protection Clauses to confirm the appropriate safeguards. Where we use services hosted in the USA, we rely on a variety of legal mechanisms, including contracts, and consent.
The personal information of our customers, staff, suppliers and other contacts is stored by third-party service providers who have data centres in Australia and the USA:
- Our key data processors are SAP Hybris (Australia), Microsoft Office365 and Azure (Australia), and Amazon AWS (Australia)
- Some electronic direct marketing (EDM) may use MailChimp (USA), SmartMail Pro (USA), Nimble (USA) and MailMunch (USA)
- Corporate emails are scrubbed for viruses and spam by SMX (New Zealand)
- Our websites use Incapsula (USA) for their global content distribution network and web application firewall protection.
- Our third-party cookies are managed with Google (USA), HotJar (Malta), Facebook (USA) and AdRoll (USA)
7. Links to Other Websites
On our websites, we may provide links to third-party websites of interest. To allow you to interact with other sites on which you may have accounts (such as Facebook or Twitter) or join communities on such sites, we may also provide links or embed third-party applications that allow you to log in, post content or join communities from our sites. However, once you have used these links and left our sites, we do not have control over such linked sites. You should exercise caution and look for the Privacy Statements applicable to the sites in question. This Privacy Statement does not govern links to other sites, and we do not accept responsibility for the conduct of other organisations.
8. Data Retention
We keep personal information about you, to use for the purposes listed in this Privacy Statement. If you wish to request that we no longer use your personal information to provide you with services, please contact us. However, please note that we may retain your personal information for a limited period to comply with our legal obligations maintain sales history for service purposes, resolve disputes, and to enforce our agreements.
9. Information Security
Norton takes cybersecurity seriously. We intend to protect your personal information and to maintain its accuracy. We implement reasonable physical administrative and technical safeguards (such as system monitoring and encryption) to help us protect your personal information from unauthorised access, use and disclosure. We restrict access to your personal information to those employees who “need to know” it to provide services to you. In addition, we train our employees about the importance of confidentiality and maintaining the privacy and security of your information. We commit to taking appropriate disciplinary measures to enforce our employees’ privacy responsibilities. We also require that our suppliers protect personal information from unauthorised access, use and disclosure.
10. Complaints
You have the right to lodge a complaint with the appropriate privacy or data protection authority (OAIC) if you have concerns about how we process your personal information.
We aim to resolve complaints quickly and informally. If you wish to proceed to a formal privacy complaint, we will need you to make your complaint in writing to our Privacy Officers, as above. We will then acknowledge your formal complaint within 10 working days. If we are unable to resolve your complaint, you may approach your national privacy authority.
11. Changes and Updates to this Privacy Statement.
This Statement is effective from 16 June 2025 and supersedes all previous notices or statements regarding our privacy and data protection practices and the terms and conditions that govern the use of our websites.
We recognise that privacy and data protection is an ongoing responsibility, and so we review this Statement regularly and will update it from time to time as we undertake new practices or adopt new policies. We may supplement this statement with additional information relating to a particular interaction we have with you.
Although we may include links to our Privacy Statement in our emails to you, you should check our websites frequently to see the current Statement that is in effect and any updates we have made. We reserve the right to amend our Privacy Statement at any time, for any reason, without notice to you, other than posting the updated version on our websites.