DTP Insider
TermsSign in
DTP Insider

Privacy Policy.

Last updated: 20 June 2026 · Effective from: launch

1. About this policy

This Privacy Policy explains how Deemed to Perform Consulting (ABN 53 659 644 229), as the operator of the DTP Insider membership service at hub.deemedtoperform.com.au, handles personal information.

We are committed to handling your personal information in accordance with the Australian Privacy Principles (APPs) in the Privacy Act 1988 (Cth). As a small business operator we may not be bound by the Privacy Act in all circumstances; nevertheless, we choose to apply the APPs as our standard because the trust of the practitioner community matters to us.

This policy covers DTP Insider only. Our main consultancy practice (deemedtoperform.com.au) and our DesignSure service have their own privacy policies. A copy of this policy is available free of charge on this page, and we can provide it in an alternative format on request.

2. What information we collect

When you apply for membership

  • Your email address
  • For Full members: your practitioner type, registration class, registration number (or Certificate of Consent reference for owner-builders), and the firm you work for
  • For student associates: your institution name and student ID
  • For graduate associates: your employer, and the name and email of your sponsoring registered practitioner
  • Your region of practice and professional role
  • Your consent preferences (terms acceptance, analytics, marketing)
  • Confirmation that you are 18 years of age or older
  • The IP address and browser details of your device at the moment consent is recorded (for audit purposes)

When you use the service

  • Sign-in events (date, time, IP address)
  • Anonymous page views and feature usage (via Plausible Analytics — see Section 7)
  • Content downloads, partner-directory contacts, and any quote or enquiry submissions

From third parties

  • Confirmation responses from the sponsoring practitioner you nominate (graduate associates)
  • The public verification status of your registration as recorded on the Building and Plumbing Commission, Architects Registration Board of Victoria, or Consumer Affairs Victoria Professional Engineers registers

Sensitive information

Some information we collect — such as your professional registration details, or any professional or trade association membership you tell us about — may be sensitive informationunder the Privacy Act. We collect it only with your consent (given when you apply) and only where it is reasonably necessary to assess and manage your membership. We don’t collect health information, and we don’t collect bank or payment details (DTP Insider is free).

3. Why we collect it

We use your information to:

  • Assess your eligibility for membership
  • Verify your identity against the relevant public register
  • Provide membership benefits (newsletter, content library, partner directory, fee schedule, tools)
  • Contact you about your membership
  • Send you the monthly newsletter and occasional marketing or promotional updates from Deemed to Perform Consulting, where you have opted in (see Section 4)
  • Maintain audit records (vetting decisions, consent changes)
  • Improve the service

We don’t use your information for any other purpose without your consent, unless required or authorised by law.

4. Direct marketing and the monthly newsletter

If you opt in, we send you the monthly DTP Insider newsletter and occasional updates about Deemed to Perform Consulting’s services. These messages comply with the Spam Act 2003 (Cth):

  • We only send them with your consent
  • Every message identifies us as the sender
  • Every message contains a working unsubscribe link, which we honour within 5 business days

You can withdraw your consent at any time — use the unsubscribe link, change your preferences in your account, or email hello@deemedtoperform.com.au. We don’t use or disclose your information for the direct marketing of third parties, and we don’t sell or rent your information.

5. Who we share information with

We share personal information only with the following service providers, and only as needed to operate DTP Insider:

  • Supabase— our database, authentication, and file storage provider. Your membership records are stored in their Sydney, Australia data centre. Supabase is a United States company and its personnel may access data for support and maintenance.
  • Vercel— our website hosting and delivery provider. Vercel processes technical request data (including your IP address) to serve the site and is based in the United States, with a global delivery network.
  • Resend— our email sending provider. Emails sent to you (transactional and newsletter) are processed by Resend, which operates in the United States.
  • Plausible Analytics— our web analytics provider, hosted in the European Union. See Section 7.
  • Sponsoring practitioner — for graduate associate applications, we contact the registered practitioner you nominate with your name and email address to confirm your relationship. They are not bound by this policy.

We may also disclose personal information where required or authorised by law (for example, in response to a court order or a regulator’s lawful request).

We don’t sell, rent, trade, or share your personal information with anyone for their own marketing purposes.

Partner consultants listed in the directory have agreed to display their business contact details to members. We handle their information consistently with this policy.

6. Sending information overseas

Some of our service providers are located outside Australia: email delivery (Resend) and website hosting (Vercel) in the United States, and analytics (Plausible) in the European Union. Our primary membership database is held in Australia (Supabase, Sydney).

Before disclosing personal information overseas, we take steps that are reasonable in the circumstances to ensure each recipient handles it consistently with the Australian Privacy Principles — including by relying on their published data-protection commitments and contractual terms. By using the service, you acknowledge that your information may be handled overseas as described. The countries listed may not have privacy laws substantially similar to Australia’s.

7. Analytics

We use Plausible Analytics to measure how the service is used. Plausible is a privacy-respecting analytics provider that:

  • Does not use cookies
  • Does not collect personally identifiable information
  • Records anonymous page-view events and basic technical metadata (browser type, country at country level, screen size)

Plausible doesn’t see your email address, member ID, or any field from your member profile. We use the aggregate data to understand which content is read and where the service can be improved. You can decline analytics in your account preferences at any time.

8. Security

  • All data in transit is encrypted (TLS 1.2 or higher)
  • All data at rest is encrypted (AES-256 by our providers)
  • Administrative access is restricted by role and protected by two-factor authentication
  • Row-level database security ensures members can only access their own data
  • Service credentials are stored securely and rotated
  • Regular review of access logs

No system is completely secure. If we become aware of a data breach that is likely to result in serious harm, we will assess it and, where the Notifiable Data Breaches scheme applies, notify you and the Office of the Australian Information Commissioner (OAIC) in accordance with that scheme.

9. How long we keep your information

  • Active member data: retained while your membership is active
  • Closed, rejected, or revoked accounts: retained for 12 months after closure, then permanently deleted or de-identified
  • Audit and consent records: retained for 10 years in immutable audit logs. This aligns with the limitation period for building actions under the Building Act 1993 (Vic) and with professional indemnity record-keeping practice. So these records remain meaningful for their legal and compliance purpose, they keep a limited identifying snapshot (your email address and firm) even after your account is deleted. This snapshot is held only in the restricted, append-only audit log and is not used for any other purpose
  • Email delivery logs: retained by Resend per their own retention policy (typically 30 days)
  • Analytics events: anonymous at collection; no identifier ties to your account

In line with APP 11, we take reasonable steps to destroy or de-identify personal information once it is no longer needed for any purpose for which it may be used or disclosed, and is not required to be retained by law. You can request deletion at any time (see Section 10).

10. Your rights

Consistent with the Australian Privacy Principles, you may:

  • Access the personal information we hold about you
  • Correct information that is inaccurate, incomplete, or out of date
  • Delete your account and the personal information we hold (subject to the audit-retention requirements in Section 9)
  • Withdraw consent for marketing or analytics at any time
  • Complain about how we have handled your personal information

To exercise any of these rights, email hello@deemedtoperform.com.au or use the controls in your account. We will respond within a reasonable time, usually within 30 days. We don’t charge for making a request, and access is generally free (we may recover reasonable costs in unusual cases, and will tell you first).

If you are not satisfied with our response, you can refer your complaint to the Office of the Australian Information Commissioner (oaic.gov.au, 1300 363 992).

11. Children

DTP Insider is for building-industry professionals and students and is not directed at children. Membership requires you to be 18 or older. We don’t knowingly collect personal information from anyone under 18. If we become aware that we have, we will delete it.

12. Cookies

DTP Insider uses essential cookies to keep you signed in (managed by Supabase Authentication). We don’t use third-party tracking cookies. Plausible Analytics is cookieless.

13. Automated decisions

Membership applications are reviewed and decided by a person. We don’t make membership decisions by fully automated means. If this changes, we will update this policy and tell you how automated decision-making affects you.

14. Changes to this policy

We may update this policy from time to time. Where a change materially affects your rights, we will email you in advance.

15. Contact

Deemed to Perform Consulting
ABN 53 659 644 229
Email: hello@deemedtoperform.com.au

Office of the Australian Information Commissioner
1300 363 992 · oaic.gov.au