Legal

Privacy
Policy.

How The Food Hub Pty Ltd handles personal information under the Privacy Act 1988 (Cth) and the 13 Australian Privacy Principles.

Last updated: 22 April 2026

1. About this Privacy Policy

The Food Hub Pty Ltd (ABN 30 609 356 005) ("we", "us", "our", "The Food Hub") operates thefoodhub.com.au and a fleet of food trucks and catering services including Birdman Food Truck, Fries in a Cone, and associated brands. We are committed to protecting the privacy of the personal information we collect and handle.

This Privacy Policy explains how we collect, hold, use, disclose and protect personal information, in accordance with the Privacy Act 1988 (Cth) ("Privacy Act") and the 13 Australian Privacy Principles (APPs) set out in Schedule 1 of that Act.

By using our website, submitting an enquiry, calling us, booking our catering services, or otherwise dealing with us, you acknowledge that you have read and understood this Privacy Policy.

2. What is personal information?

"Personal information" has the meaning given in section 6 of the Privacy Act. It means information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether the information is true or not, and whether it is recorded in a material form or not.

3. What personal information we collect

The kinds of personal information we collect and hold typically include:

  • Name, business or organisation name, and job title;
  • Contact details, including email address, postal address, phone number, and mobile number;
  • Event details that you provide when making a catering enquiry, including event date, location, guest numbers, dietary requirements, allergy information, and budget;
  • Payment-related information such as billing address, invoice details, and transaction records (we do not store credit card numbers, payment processing is handled by our third-party payment providers);
  • Correspondence with us, including emails, phone records, website enquiry form submissions, and messages sent via WhatsApp Business or other messaging platforms;
  • Technical information when you visit our website, including IP address, device type, browser type, referring website, pages viewed, and timestamps, collected via cookies and analytics tools; and
  • Any other information you choose to provide to us.

Sensitive information. We generally do not collect sensitive information (such as health information) except where you voluntarily provide it, for example, disclosing an allergy or dietary requirement so we can serve you safely. Where you provide such information, you consent to us using it for that purpose.

4. How we collect personal information

We collect personal information in a number of ways, including:

  • Directly from you when you complete a catering enquiry or contact form on our website;
  • When you phone, email, or message us;
  • When you book, order from or otherwise engage our catering or food truck services;
  • From event organisers, venues, corporate clients, or councils who provide your details to us in connection with an event;
  • From publicly available sources, such as your business website or professional networking profiles, where relevant; and
  • Automatically through cookies and analytics tools when you browse our website (see section 10).

Where it is reasonable and practicable to do so, we will collect personal information directly from you.

5. Why we collect, hold, use and disclose personal information

We collect, hold, use and disclose personal information for purposes including:

  • Responding to enquiries made through our website, by phone, or by email;
  • Providing catering quotes, proposals and bookings;
  • Organising, delivering and invoicing for catering and food truck services;
  • Managing allergens and dietary requirements to serve you safely;
  • Communicating with you about your booking, including confirmations, logistics, changes and follow-ups;
  • Sending you marketing communications about our services, promotions, new menu items, or events, where you have consented or where we are otherwise permitted by law (you can unsubscribe at any time);
  • Improving our website, services, menus and customer experience;
  • Complying with our legal, tax, food safety, and insurance obligations; and
  • Any other purpose reasonably related to the above that you would expect.

We will not use or disclose your personal information for a purpose other than the purpose for which it was collected (the "primary purpose"), unless you have consented, or another exception under APP 6 applies (for example, a related secondary purpose you would reasonably expect, or a disclosure required or authorised by law).

6. Direct marketing

We may use your contact details to send you marketing communications about our services where you have opted in, or where you are an existing customer and would reasonably expect to receive them. Every marketing email we send will contain an unsubscribe link. You can also opt out at any time by emailing us using the contact details in section 15.

We comply with the Spam Act 2003 (Cth) for all electronic marketing communications.

7. Who we disclose personal information to

We may disclose personal information to third parties where necessary to run our business and provide our services, including:

  • Other food truck operators, chefs, or sub-contractors in our vendor network who help deliver a catering event;
  • Event venues, councils, and event organisers where coordination of your booking requires it;
  • Our service providers and software vendors, including web hosting, email, CRM, automation (e.g. Make.com), messaging (e.g. WhatsApp Business), analytics, advertising platforms (e.g. Meta), and accounting providers;
  • Payment processors and financial institutions for the purpose of invoicing and processing payments;
  • Our professional advisers, including lawyers, accountants and insurers, on a confidential basis;
  • Regulators, law enforcement, or government agencies, where required or authorised by law (for example, to satisfy a NSW Food Authority or council food safety request, or to respond to a subpoena); and
  • Any purchaser or potential purchaser of our business or assets, subject to appropriate confidentiality obligations.

We do not sell your personal information.

8. Overseas disclosure

Some of our service providers store or process data outside Australia. In particular, personal information may be disclosed to or stored with providers located in the United States, the European Union, the United Kingdom, and elsewhere (for example, cloud hosting, email, analytics, advertising, and messaging platforms such as Meta, Google, and WhatsApp).

Before disclosing personal information to an overseas recipient, we take reasonable steps to ensure the recipient handles your information consistently with the APPs, or rely on an exception under APP 8.2 (for example, where you consent after being expressly informed of the consequences).

9. How we hold and secure personal information

We hold personal information in electronic form on systems operated by us or on our behalf by reputable third-party providers. We take reasonable steps to protect personal information from misuse, interference, loss, and unauthorised access, modification or disclosure, including:

  • Password protection and access controls limiting access to authorised staff;
  • Encrypted connections (HTTPS) for our website and forms;
  • Secure, reputable cloud-based storage providers;
  • Regular review of our security practices; and
  • Confidentiality obligations on our staff and contractors.

When personal information is no longer needed for the purpose for which it was collected, and we are not legally required to retain it, we will take reasonable steps to destroy or de-identify it.

10. Cookies and website analytics

Our website uses cookies and similar technologies to operate the site, remember your preferences, analyse traffic, and (where applicable) support advertising. Cookies are small text files stored on your device.

We may use third-party analytics and advertising tools such as Google Analytics and Meta Pixel. These tools may collect information such as your IP address, pages visited, time on site, and referring URLs. This information is used in aggregated form to understand website usage and to improve our services.

You can disable cookies through your browser settings. Disabling cookies may affect the functionality of our website.

11. Notifiable data breaches

We comply with the Notifiable Data Breaches (NDB) scheme under Part IIIC of the Privacy Act. If we become aware of an "eligible data breach", that is, an unauthorised access to, unauthorised disclosure of, or loss of personal information that is likely to result in serious harm to an affected individual, and we are unable to prevent that serious harm through remedial action, we will:

  • Notify the affected individuals as soon as practicable; and
  • Notify the Office of the Australian Information Commissioner (OAIC) as soon as practicable.

The notification will describe the breach, the kinds of information involved, and the steps individuals should take in response.

12. Accessing and correcting your personal information

You have the right to request access to the personal information we hold about you, and to request that we correct any inaccurate, out-of-date, incomplete, irrelevant or misleading information.

To make a request, contact us using the details in section 15. We will respond within a reasonable period (generally within 30 days). In most cases, access and correction are provided free of charge. If a request is complex or resource-intensive, we may charge a reasonable cost-recovery fee, which we will tell you about in advance.

We may refuse access or correction in limited circumstances permitted by the Privacy Act (for example, where providing access would have an unreasonable impact on another person's privacy). If we refuse, we will give you written reasons and information about how to complain.

13. Anonymity and pseudonymity

Where it is lawful and practicable, you have the option of dealing with us anonymously or using a pseudonym, for example, when making a general enquiry. However, we may be unable to process a catering booking, issue an invoice, or provide a quote if you do not identify yourself.

14. Complaints

If you believe we have breached the APPs or mishandled your personal information, please contact us first using the details in section 15. We take privacy complaints seriously and will aim to:

  • Acknowledge your complaint within 7 days;
  • Investigate and respond substantively within 30 days; and
  • Work with you to resolve the complaint, including by correcting information or updating our practices where appropriate.

If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner:

  • Website: www.oaic.gov.au
  • Phone: 1300 363 992
  • Post: GPO Box 5218, Sydney NSW 2001

15. Contact us

For any privacy-related enquiry, access or correction request, or complaint, please contact our Privacy Officer:

  • The Food Hub Pty Ltd
  • Attention: Privacy Officer
  • Email: [email protected]
  • Phone: 0489 922 282
  • Post: 14/682 New Canterbury Rd, Hurlstone Park NSW 2193

16. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or the law. The current version will always be available on our website, and the "Last updated" date below will reflect the most recent change.

Last updated: 22 April 2026