EY Sweeney
Privacy Policy

This Privacy Policy for EY Sweeney informs you what personal information of yours we may hold, what we do with it, who we will disclose it to and how you can access the personal information we hold about you. You can also find out here how to change inaccurate personal information and how to opt out of receiving communications from us.

EY Sweeney respects and upholds your rights under the Australian Privacy Principles contained in the Privacy Act 1988 (Cth) ("Privacy Act"). EY Sweeney also adheres to the Privacy (Market and Social Research) Code 2021 (“Code”). For more information about the Privacy Act, the Australian Privacy Principles and the Code click here Privacy Act & Principles.

What Information We Collect

Information that EY Sweeney collects will include identifiable research information (e.g. name, e-mail, DOB, occupation, etc.). When providing personal information, you have the option of remaining anonymous or using a pseudonym to be identified by. However, in certain circumstances, such as where we receive your contact details from a third party or where the research data itself may potentially allow for identification, this may not always be practicable. 

Depending on the nature of the research we conduct, we may also collect personal information from you that falls within the definition of ‘sensitive information’ under the Privacy Act such as, information or an opinion about your

  • health information, including information about your disabilities;
  • racial or ethnic origin;
  • religious beliefs; or
  • political opinion.

We will only collect sensitive information from you only if it is directly related to, or reasonably necessary for, the research we conduct.

Please note that you should not enter any sensitive personal data information in any free text boxes provided in our research and/or surveys.

Where We Obtain The Information

Participation in all of our research is voluntary. EY Sweeney will generally collect your personal information directly from you in the course of your participating in our research and/or surveys. However, we may also from time to time be provided with personal information about you from third parties (e.g. our clients who may provide us your personal information in a list of potential participants for the research). If so, we will inform you as soon as practicable of the source of this information.

Sometimes we make arrangements with third parties who provide us with potential survey participants (Third-Party Panel Providers). If you have signed up to be a survey participant with a Third-Party Panel Provider, and you have received an invitation to participate in surveys or market research programs conducted and managed by EY Sweeney, then the Third-Party Panel Provider allocates a survey ID number to you and provides us with that survey ID number.  EY Sweeney only receives this survey ID number from the Third-Party Panel Provider and does not receive any of your personal information from the Third-Party Panel Provider.

When We Share Your Information

We will only use and disclose your personal information for the purpose of conducting our research and in accordance with this Privacy Policy. We will not use or disclose your personal information for the purpose of advertising, promotions or direct marketing activities.  If you declined to participate in our research, we may use your personal information to re-contact you for a research purpose if we have valid reasons to believe a genuine research concern warrants re-contacting you.  If you have participated in our research, we will only re-contact you if you were informed of this or we have valid reasons to believe a genuine research concern warrants such re-contact.

From time to time, EY Sweeney may be required to share or provide your survey ID number, your survey responses, or personal information you provided in the research, back to the Third-Party Panel Providers who may have originally invited you to participate in the survey or other market research program conducted and managed by EY Sweeney.  This is to allow EY Sweeney and the Third-Party Panel Provider to validate your profile information or answers you may have provided in response to a survey or other market research program

This information will only be provided to the Third-Party Panel Provider when you have agreed to this through accepting the terms and conditions of the panel.  If you have any questions about how these Third-Party Panel Providers handle your personal information, please contact the Third-Party Panel Provider directly.

EY Sweeney will not otherwise disclose any personal information we collect from you unless we have your express prior consent. We will not disclose any personal information to a third party for a purpose other than conducting our research unless we have your express prior consent or are required to do so by an Australian law or court/tribunal order.

We may disclose your personal information (including to relevant authorities) if the use of the information is necessary to prevent or lessen a serious threat to the life, health or safety of yourself or to another person.

Third Party Sites

In the course of conducting our research we may rely on third party service providers to host or store the data we collect who are located overseas. In most cases, this survey data and research information will not be personal information. We will also take reasonable steps to ensure any service providers (and their employees and contractors) comply with the Privacy Act and this Privacy Policy and/or are subject to similar privacy laws.


You have the right to request access to any personal information we hold about you. Where we hold information that you are entitled to access, we will respond to your request in a reasonable time and endeavour to provide you with a suitable range of choices as to how access is provided (e.g. emailing or mailing it to you). A fee may be charged to cover the cost of retrieval. However, this fee will not be excessive.

If at any time you believe that personal information we hold about you is incorrect, incomplete or inaccurate, then you may request amendment of it and we will either amend the information or make a record of your comment, as we think appropriate.

To make a request, please contact the EY Sweeney Quality Officer by using the following contact details:

Quality Officer, EY Sweeney, Level 29, 8 Exhibition Street, Melbourne, Victoria, 3000
Telephone: 03 9288 8000, Email: michael.stephens@au.ey.com

 We will respond and advise whether we agree with your concern or not.  If we do agree, we will advise what (if any) action we consider it appropriate to take in response.  If we do not agree, we will provide reasons.  If you are still not satisfied after having contacted us and given us a reasonable time to respond, then we suggest that you contact the Office of the Australian Information Commissioner by using the following contact details:

GPO Box 2999 Canberra ACT 2601
Fax: +61 2 9284 9666, Phone: 1300 363 992, Email: enquiries@oaic.gov.au

EY Sweeney Website

When you visit EY Sweeney’s website, the site server makes a record of the visit and logs the following information for statistical and administrative purposes:

  • the user’s server address – to consider the users who use the site regularly and tailor the site to their interests and requirements;
  • the date and time of the visit to the site – this is important for identifying the website’s busy times and ensuring maintenance on the site is conducted outside these periods;
  • pages accessed and documents downloaded – this indicates to EY Sweeney which pages or documents are most important to users and also helps identify important information that may be difficult to find;
  • duration of the visit – this indicates to us how interesting and informative the EY Sweeney site is to candidates; the type of browser used – this is important for browser specific coding
  • In order to optimize the EY Sweeney web site and better understand its usage, we collect the visiting domain name or IP address, Computer Operating System, Browser Type and Screen Resolution

A cookie is a piece of information that an Internet web site sends to your browser when you access information at that site. Cookies are either stored in memory (session cookies) or placed on your hard disk (persistent cookies). The EY Sweeney website does not use persistent cookies. Upon closing your browser, the session cookie set by this website is destroyed and we do not retain your personal information, even if you visit our web site at a later date.


EY Sweeney will destroy or de-identify your personal information as soon as practicable once it is no longer needed for the purposes set out in this Privacy Policy. However, we may in certain circumstances be required by law to retain your personal information after our research has been completed. In this case your personal information will continue to be protected in accordance with this Privacy Policy. If we destroy personal information, we will do so by taking reasonable steps and using up-to-date techniques and processes.


EY Sweeney will take reasonable steps to protect your personal information as you transmit your information from your computer to our website and to protect such information from loss, misuse, and unauthorised access, use, modification, disclosure, alteration, or destruction.

However, you should keep in mind that the transmission of information over the Internet is not completely secure or error-free. In particular, e-mail sent to or from this website may not be secure, and you should take special care in deciding what information you send to us via e-mail.

Disclosure of Personal Information outside jurisdiction of collection

We are a member of the global network of Ernst & Young firms (“EY Firms”) and in this capacity we may disclose your personal information to other EY Firms and their personnel for purposes related to the provision of services to you, to comply with regulatory requirements, to check conflicts, for quality, risk management or financial accounting purposes, or the provision of other administrative support services. Your personal information may be processed for these purposes in the various countries in which we and the other EY Firms operate. EY Firm office locations are listed on our website, ey.com.

 All EY Firms that process personal information are bound by the Ernst & Young global personal data privacy policy. We have also entered into an international intra-group data protection agreement (IGA) in respect of personal information. The purpose of the IGA is to set out the relationship between EY Firms with respect to overseas disclosures of personal information. The IGA is consistent with the standards established by the European Union Directive 95/46/EC on the protection of personal information. In addition to the IGA, all EY Firms have adopted Binding Corporate Rules (BCRs) to our existing global personal data privacy programme to legitimise transfers of personal information between EY Firms around the world. BCRs comprise a legally binding global policy based on European data protection standards tailored to reflect the nature of the personal information collected and used by an organisation. Our BCRs are approved by the UK Information Commissioner’s Office as part of the European Data Protection Authorities Mutual Recognition process. The BCR policy is available for you to read on our website, ey.com.


In this Privacy Policy, "personal information" has the same meaning as under the Privacy Act.

This Privacy Policy is effective from 20 December 2021. We may change this Privacy Policy from time to time. Although we intend to observe this Privacy Policy at all times, it is not legally binding on EY Sweeney in any way. From time to time we may regard it as necessary or desirable to act outside the Privacy Policy.  EY Sweeney may do so, subject only to any other applicable contractual rights you have and any statutory rights you have under the Privacy Act or other applicable legislation.