Privacy Policy

Echo Productions Trust trading as Pro Light & Sound | ABN 76 419 775 597 | ACN 677 113 370

Effective date: 18 May 2026 | Version: 2.0

1. Introduction

Pro Light & Sound (referred to in this policy as “Pro Light & Sound”, “PLS”, “we”, “us” or “our”) is the trading name of Echo Productions Trust, located at 27 Kembla Street, Cheltenham VIC 3192. We are an Australian premium audio-visual production and event company.

This Privacy Policy explains how we collect, hold, use, disclose and protect personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). It also explains how individuals can access and correct the personal information we hold about them, and how to make a privacy-related complaint.

By engaging with us — including by visiting our website, submitting an enquiry, subscribing to our communications, applying for crew or contractor work, or attending an event we produce — you acknowledge that personal information will be handled in accordance with this policy.

This policy covers personal information collected outside of our internal Atlas application. If you are a PLS staff member, casual crew member, contractor, or authorised guest using Atlas, the Atlas Privacy Policy applies to information collected through that system and operates alongside this one.

2. Scope

This policy applies to personal information collected by Pro Light & Sound in connection with:

  • our website and any web forms, landing pages or microsites operated by us;
  • enquiries, quotations and bookings made by clients, prospects, suppliers and venue partners;
  • marketing communications, including email newsletters and promotional updates;
  • event production activities, including the capture and use of photography and video at events we deliver;
  • applications and expressions of interest from prospective crew, contractors and employees; and
  • our customer relationship management (CRM), project management and accounting systems used to deliver and administer our services.

This policy does not apply to the websites, products or services of third parties, even where we link to or integrate with them. We encourage you to review the privacy policies of any third parties whose services you use.

3. The personal information we collect

The kinds of personal information we collect depend on the nature of your interaction with us. We only collect personal information that is reasonably necessary for, or directly related to, our functions and activities.

3.1 Information collected from clients, prospects and contacts

  • identity and contact details such as your name, position, organisation, postal address, email address and phone number;
  • event and project details, including venue, dates, scope of works, technical requirements, attendee numbers and any specific access or accessibility needs you choose to disclose;
  • billing information such as ABN, billing contact, purchase order references and trading terms (we do not store full credit card numbers; payment card data is processed by our authorised payment providers);
  • correspondence and records of meetings, calls, site visits, quotations, contracts and other interactions; and
  • any other information you choose to provide to us in the course of an enquiry, project or ongoing relationship.

3.2 Information collected from website visitors

  • information you submit through web forms (for example, contact, enquiry or quote-request forms);
  • subscription details if you sign up to our email communications, including your email address, name and any preference data; and
  • technical information automatically collected when you visit our website, such as IP address, device type, browser, referring URL, pages viewed and date/time of access. This information is generally collected in aggregate and used to operate, secure and improve the website.

3.3 Information collected from prospective crew and contractors

  • identity and contact details, including your name, address, phone number and email;
  • employment and qualification information, such as your résumé, work history, references, licences (e.g. driver’s licence, white card, EWP, forklift), tickets, certifications, insurances (where you operate as a contractor) and right-to-work status;
  • availability, role preferences and rate expectations; and
  • any additional information you elect to provide as part of your application or expression of interest.

3.4 Photographic and video information captured at events

In the course of producing events, our crew, our clients, and photographers or videographers engaged by our clients may capture photographs and video that include identifiable individuals. Where we are able to use such material for our own marketing purposes (for example, in case studies, our website, social media or capability documents), we will do so in accordance with the rights granted to us by the relevant client and venue, and in accordance with this policy.

If you appear in photography or video that we have used in our own marketing materials and you would like that material removed, please contact us using the details in Section 15. We will take reasonable steps to remove identifiable images of you from marketing assets that we control (such as our website, social media accounts and capability documents). We cannot control how a client, venue or third-party photographer uses material they have captured themselves.

If you wish to avoid being photographed at an event in the first instance, the event organiser is the appropriate party to raise this with, as photography arrangements at events are generally controlled by the event organiser rather than by us.

3.5 Sensitive information

We do not generally seek to collect sensitive information (as defined in the Privacy Act 1988 (Cth)). Where the collection of sensitive information is reasonably necessary — for example, dietary requirements, accessibility needs or health information relevant to safe participation in an event or work activity — we will only collect it with your consent and will handle it with appropriate care.

4. How we collect personal information

We collect personal information in a variety of ways, including:

  • directly from you when you contact us, submit an online form, request a quotation, sign a contract, subscribe to communications, apply for crew work, or interact with us at an event;
  • from your colleagues, employer or representatives when they engage us on your behalf or refer you to us;
  • from venues, production partners, suppliers and event organisers we work with;
  • from publicly available sources, such as professional networking sites, business directories and your organisation’s own website, where this is reasonable and lawful;
  • automatically through our website, IT systems and event production systems (for example, project management, scheduling, rental and CRM platforms); and
  • from third-party service providers we use to deliver, administer or market our services, where they have collected information lawfully and shared it with us in accordance with their own privacy obligations.

Where it is lawful and practicable to do so, you may interact with us anonymously or by using a pseudonym. However, in most cases we will need to know who you are in order to provide a quotation, deliver an event, process a crew application or respond to an enquiry.

5. Why we collect, hold, use and disclose personal information

We collect, hold, use and disclose personal information for purposes connected with our business, including to:

  • respond to enquiries and provide quotations, proposals and information about our services;
  • plan, deliver and invoice for events and production services, including coordinating with venues, suppliers and contractors;
  • manage and develop our client relationships, including via our CRM platform;
  • send marketing communications such as newsletters, case studies, capability updates and event invitations to clients, prospects and subscribers (in accordance with the Spam Act 2003 (Cth));
  • produce marketing collateral, including case studies and showreels, using photography, video and project information from events we deliver;
  • assess and manage applications from prospective crew, contractors and employees, including verifying qualifications, licences and right-to-work status;
  • roster, brief and pay crew and contractors engaged on our events;
  • meet our legal, regulatory, tax, work health and safety, insurance and contractual obligations;
  • protect the safety of our staff, contractors, clients and visitors at our premises and on event sites;
  • investigate and respond to incidents, complaints, disputes and feedback; and
  • improve our services, website, systems and operations.

We do not sell personal information. We do not use your personal information for advertising profiling or to make automated decisions that have a legal or similarly significant effect on you.

6. Direct marketing

From time to time we may use your personal information to send you marketing communications about our services, capabilities, projects and events that we believe may be of interest to you. This may occur where:

  • you have provided your contact details directly to us (for example, via a web form, business card or enquiry) and would reasonably expect to receive such communications; or
  • you have expressly subscribed to receive our communications.

Every marketing email we send will include a clear and functional means of opting out (for example, an unsubscribe link). You may also contact us at any time using the details in Section 15 to opt out of direct marketing or to update your communication preferences. We will action opt-out requests within a reasonable time and at no cost to you.

7. To whom we disclose personal information

We may disclose personal information to third parties where it is necessary or appropriate to operate our business and deliver our services. These recipients include:

  • our employees, crew and contractors, on a need-to-know basis;
  • clients, venues, suppliers, sub-contractors and production partners involved in delivering an event or project;
  • our professional advisers, including legal, accounting, audit and insurance providers;
  • IT and business service providers (see Section 8 for named providers);
  • payment providers and financial institutions;
  • government agencies, regulators, courts and law enforcement, where required or authorised by law; and
  • any party to whom disclosure is required or permitted by law, or where you have consented.

We take reasonable steps to ensure that any third party we share personal information with handles it in accordance with the APPs and our own privacy obligations.

8. Service providers and cross-border disclosure

We use a number of third-party service providers to operate our business. The principal providers who may hold personal information collected by us include:

  • Microsoft (Microsoft 365, SharePoint, Outlook) — email, document storage, collaboration. Data stored across Australian and global Microsoft data centres.
  • Panthur (Australia) — website hosting for prolightandsound.com.au.
  • Flodesk (United States) — email marketing platform, including newsletter subscription management, campaign delivery and unsubscribe handling.
  • Rentman BV (Netherlands) — project, crew and rental management.
  • Xero (Australia / New Zealand) — accounting and invoicing.
  • Anthropic (United States) — AI features used internally to assist with drafting, summarisation and analysis (see Section 9).
  • Our professional advisers — legal, accounting, audit and insurance providers based in Australia.

Where personal information is disclosed to an overseas recipient, we take reasonable steps to ensure the recipient handles that information in a manner consistent with the APPs (APP 8.1), including by relying on contractual protections offered by reputable global service providers. The countries in which our service providers operate include Australia, the United States, the European Union, the United Kingdom and the Netherlands.

9. Use of AI

We use AI tools — primarily Anthropic’s Claude — to assist with tasks such as drafting correspondence, summarising documents, analysing project information and supporting our internal Atlas application. Where personal information is included in content sent to an AI provider, that provider acts as a service provider under contract and does not train its models on the data under its commercial terms.

AI is not used to make automated decisions about clients, applicants, or staff that have a legal or similarly significant effect. A human at PLS remains responsible for decisions made about engagements, hiring, pricing and project delivery.

10. How we hold and protect personal information

We hold personal information in a combination of secure cloud-based systems and, where necessary, physical records. We take reasonable steps to protect personal information from misuse, interference and loss, and from unauthorised access, modification or disclosure, including by:

  • restricting access to personal information to authorised personnel on a need-to-know basis;
  • using access controls, multi-factor authentication and unique user credentials for our key business systems;
  • using reputable cloud providers with industry-standard security measures;
  • encrypted connections (HTTPS) for our website and core business systems;
  • maintaining internal policies covering acceptable use, confidentiality, IT security and the use of artificial intelligence; and
  • training our staff on their privacy and confidentiality obligations.

If we have reasonable grounds to believe an eligible data breach has occurred under the Notifiable Data Breaches scheme (Part IIIC of the Privacy Act 1988 (Cth)), we will notify affected individuals and the Office of the Australian Information Commissioner (OAIC) within the time frames the scheme requires.

No method of transmission or storage is completely secure. While we take privacy and security seriously, we cannot guarantee absolute security of personal information transmitted to or stored by us.

11. How long we keep personal information

We retain personal information for as long as it is reasonably required for the purposes described in this policy, or as required by law. In general:

  • Employment, contractor and tax records are retained for seven years after the end of the engagement, as required under the Fair Work Act 2009 (Cth) and related tax legislation.
  • Client and project records are retained for the duration of the engagement and for a reasonable period afterwards to meet audit, warranty and dispute-resolution requirements (generally seven years).
  • Marketing subscriber data is retained while you remain subscribed and for a reasonable period after you unsubscribe, to honour the unsubscribe and avoid re-adding you in error.
  • Website analytics and technical logs are retained for short periods consistent with the relevant provider’s defaults.

When personal information is no longer needed and we are not required by law to keep it, we will take reasonable steps to destroy or de-identify it.

12. Cookies, plugins and website technology

Our website is built on WordPress and uses cookies, similar technologies and a number of plugins to operate the site, deliver functionality (such as contact forms and enquiry forms), remember your preferences and gather aggregate analytics about how the site is used.

The types of cookies and tracking technologies we may use include:

  • Essential cookies — required for the site to function (for example, security, form handling and load balancing).
  • Preference cookies — to remember settings such as your selections during a session.
  • Analytics cookies — to understand aggregate usage patterns (such as which pages are popular and how visitors arrive at the site) so we can improve the website.
  • Form and plugin cookies — set by WordPress plugins that handle form submissions, spam protection and similar functionality.

Most web browsers allow you to control cookies through your browser settings, including blocking or deleting them. Disabling cookies may affect the functionality of parts of our website. Where required, our site will present a cookie notice and, where applicable, a means to manage your cookie preferences.

13. Access to and correction of your personal information

You have the right to request access to the personal information we hold about you, and to ask us to correct it if you believe it is inaccurate, out of date, incomplete, irrelevant or misleading. To make a request, please contact us using the details in Section 15.

We will respond to your request within a reasonable time, generally within 30 days, and at no cost to you. In some circumstances, the Privacy Act 1988 (Cth) permits or requires us to refuse access or correction. Where we refuse, we will provide you with written reasons and information about how you may complain about our decision.

14. Complaints

If you believe we have breached the APPs or otherwise mishandled your personal information, please contact us using the details in Section 15. We ask that complaints be submitted in writing where practicable, with sufficient detail to allow us to investigate.

We will acknowledge your complaint promptly and aim to provide a substantive response within 30 days. If you are not satisfied with our response, you may refer your complaint to the Office of the Australian Information Commissioner (OAIC):

Office of the Australian Information Commissioner

  • Website: www.oaic.gov.au
  • Phone: 1300 363 992
  • Post: GPO Box 5288, Sydney NSW 2001

15. How to contact us

For any privacy-related enquiry, request or complaint, please contact:

Privacy Officer Pro Light & Sound 27 Kembla Street, Cheltenham VIC 3192 Email: hello@prolightandsound.com.au Phone: 1300 930 131

16. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes in our practices, the law, or the systems we use. The most current version will be published on our website and will take effect from the date noted at the top of the policy. Where the changes are significant, we will take reasonable steps to bring them to your attention.

Document control

Owner: Blaise Cosme, Managing Director | Version: 2.0 | Last reviewed: 18 May 2026