How can we help you?

ZircoBridge Portal

  • Is there any training documentation for ZircoBRIDGE available?

    A document version of the user guide is available via the “Help” screen on the upgraded ZircoBRIDGE portal once you login. 

  • How do I get access to ZircoBRIDGE?

    Please contact your account administrator or the ZircoDATA Client Care team using the “Raise a Case” form on our Home Page.

  • The delivery address I require my items to be delivered to, is not on the address list. What do I do?

    If you need to add any new delivery addresses, you can do so by requesting the ZircoBRIDGE administrator in your company to add it. Alternatively, you can send a request using the “Raise a Case” form from our Home Page.

  • I want to receive my requested file digitally, can this be done via ZircoBRIDGE?

    Yes! You can do this by using the Scan on Demand Delivery option if this is a service you are interested in. If this is not available on your account, contact your account manager or alternative fill in the “Raise a Case” form from our Home Page.

  • I made a mistake when entering information for my carton/file. Can I edit this?

    If you make a mistake when entering details against a carton or file, you can click the ‘pencil’ icon for that item and make the necessary amendments. You will not be able to update the item type or the barcode number.

  • The pop up box that appears when I click 'Send Order' asks for a Customer Order Reference. What is this used for?

    The Customer Order Reference field is used for Clients that need to add a Purchase Order number or Reference to their work orders for invoicing. You can leave this field blank if it is not relevant to your business requirements.

  • The department/person I'm adding or requesting an item for is no on the 'Requested For' list. Can I add them?

    Contact your ZircoBRIDGE Administrator for your business. They are able to add this user to the ‘Authorised Contacts’ list via our Client Care team by using the Raise a Case form from our Home Page. The new user will not have a ZircoBRIDGE login unless specified.

  • If I need to add a box for a colleague or for a different department, where do I put this information?

    In the Add Box popup, click the ‘Requested For’ hyperlink above the greyed out name. This will bring up a list of Authorised Contacts that you are able to choose from.

  • How do I retrieve an item from storage?

    Search for the item you wish to retrieve by using any of the available Search functions. Select the item you wish to retrieve and select ‘Request from ZircoDATA’. This will add the item to your cart. Proceed to complete your retrieval request by opening the cart ‘Items on Order’ and sending your request/order to ZircoDATA for processing.

  • How do I refile (re-lodge) an item that I have retrieved from storage?

    Search for the item you wish to re-file by using any of the available search functions. Select the item you wish to re-file and select “Send to ZircoDATA”. This will add the item to your cart. Proceed by opening the cart ‘items on order’ and send the order to ZircoDATA for processing.

  • I want to add more information to my items, how can I do this?

    Contact your account manager or email Client Care by using the “Raise a Case”form from our Home Page. We will then be able to go through the setup of your ZircoBRIDGE account and tailor your options to suit your business requirements.

  • There are fields on my "ADD" screen that I don't use. Can I remove them?

    Yes! Use our “Raise a Case” form to get in touch with our Client Care team who will be able to assist you. We are able to hide fields from the “Add” screen but still keep them available for searching.

  • I have a link that tells me how many files are in my box, but I can't easily click back to my box from the files. Can you help?

    Yes, contact your account manager or our Client Care team by using the “Raise a Case” form from our Home Page. We will be able to add a link to your account for quick search functionality.

  • I want my team to fill in all the available fields. Can you make all fields mandatory?

    We can apply mandatory fields to the ZircoBRIDGE portal. We can also have a minimum and maximum character count within a field which can assist with any mistyped information.

  • My Item Code is coming up as "Invalid".

    Double check that the barcode you have keyed into the system is correct and has not already been used on your account. If you continue to have issues, please contact our Client Care team using the ‘Raise a Case’ form from our Home Page or if it is urgent call 13 ZIRCO (13 94 27).

Billing and Invoicing

  • I haven't received my invoice, what do I do?

    Please contact or call 13 ZIRCO (13 94 726) to let us know. We will need to check that your billing email address is updated and correct in our system. We can then arrange for an invoice to be re-sent to you. Please have your account details or debtor number ready when you call or include it in the email to ensure a faster response time. We also recommend checking junk or spam folders beforehand to ensure the email has not been directed to those folders.

  • Where do I send my remittance advice?

    Please send your remittance advice to

  • There is a charge I don't recognise on my invoice. What do I do?

    Please ensure that you check with your colleagues first to ensure that the charge is not related to an activity or request that they may have put through. Otherwise, please contact us on to query any changes that are unfamiliar to you.

  • What is the service admin fee?

    The service admin fee is an administration fee for generating and processing invoices and payments.

Data Breach Reporting

  • What is data breach reporting?

    When a breach occurs, the clock starts ticking toward deadlines to comply with federal, state/territory and other laws to report the incident to regulators. Reporting involves the who, where and how of the incident.

  • How does this service work?

    It’s a simple process. If your company’s personal information is suspected or confirmed of being lost, stolen or compromised:

    · You call the toll-free number: 1800 069 293

    · A CSR privacy professional conducts an interview to collect your incident details.

    · Your CSR privacy professional, using our proprietary system, will:

    ·  Determine if reports must be filed with government authorities and regulators; and

    ·  Determine if notifications must be sent to affected individuals.

    · The CSR expert review panel confirms the decision.

    · CSR completes the reporting and provides you with documented confirmation of regulators reported to on your behalf.

    · If consumer notification is required to affected individuals, CSR will inform you, and upon your confirmation and input, can provide consumer notification services.

  • What is the CSR Breach Reporting Service?

    CSR’s team of in-house privacy professionals use a patented, award-winning system to fulfil your mandated requirements to comply with international, federal, state/territory and other laws to report an eligible data breach to regulators.

  • What are the hours of operation of this service?

    The operators are available 24 hours a day, 365 days a year for you to call. An answering service will direct your call to a Certified Information Privacy Professional (CIPP) who will review your case with you, in detail, prior to providing you with a breach determination on reportability.

  • What are some examples of a breach?

    A breach can occur in many ways, including through lost laptops or smart phones, improper disposal of paper records, unauthorised disclosure of personal data, or intrusion into your network or computer systems. A breach can damage an organisation’s and affected individuals’ reputation and finances.

  • What is the notification to affected individuals?

    The Australian Privacy Act requires that an eligible data breach is reported and accompanied by breach notifications to affected individuals. Other consumer notification requirements may apply depending on where the affected individuals reside or are located. For instance, if an Australian organisation handles personal data of European customers, then consumer notification requirements are governed by European privacy laws, such as, the General Data Protection Regulation (GDPR).

  • Do I have to file the reports?

    No. CSR’s breach reporting service will file reports to regulators, as necessary, on your behalf, at no additional cost, immediately upon determination.

  • To whom do I need to report a breach?

    Who you need to report to in the event of an eligible data breach depends on multiple factors including where your organisation is located, what kind of personal information was involved in the breach, and the residence or location of the affected individuals whose personal information has been compromised. It can also depend on what kind of organisation (public or private) you are, if you are contracted with a government agency, if you qualify as an Australia Privacy Principles (APP) entity, are a Tax File Number (TFN) recipient, and other factors.

  • What is an eligible data breach of personal information?

    The Australian Privacy Act considers an eligible data breach to be – unauthorised access to or unauthorised disclosure of personal information or a loss of personal information an entity holds that could reasonably result in serious harm to any of the individuals to whom the information relates, and the entity is unable to prevent the likely risk of serious harm with remedial action.

  • What is the difference between PCI and Personal Information?

    Payment Card Industry (PCI) data is just one type of personal information. The PCI Data Security Standard is a means of protecting credit cardholder data, such as debit or credit card numbers, expiration dates and card security codes.

    If you’re a business owner or operator and you accept, process, transmit or store cardholder data, then you’re required to comply with PCI Security Standards to ensure a secure payment card environment. PCI compliance is expected of all Australian organisations, irrespective of their size.

  • What is Personal Information?

    The simple answer is – it’s anything that can be used (alone or in combination) to identify an individual. Examples of personal information include name, address, phone, email, birth dates, tax file numbers, driver’s license, financial information, pictures, fingerprints, login credentials, and the list continues.

    Personal information also includes opinions or information that can allow a person to infer or form an opinion about an identifiable individual. This could include employee reviews, student records, purchasing histories, web browser histories, driving records, etc. Under the Australian Privacy Act of 1988, information held by an organisation does not have to be true to qualify as personal information. Also, personal information handled by healthcare service providers under Australia’s My Health Records Act 2012 can be considered personal health information and are accompanied by additional requirements.

    An important note, other industry sectors and jurisdictions can have varied definitions of personal information.

  • Will this service make my company's breach public?

    No, your information will not be made public by CSR. Your information is used solely for the purpose of completing the services offered under the CSR Breach Reporting Service™. Your information may be shared in instances of requirement by enforcement authorities or a court order.

  • Will you notify individuals or provide other post-breach services?

    Yes, privacy experts will work with you to notify individuals. You can contact the privacy team for additional services separately.

  • Is this breach insurance?

    This is not breach insurance. CSR Breach Reporting Service™ is not an insurance product. CSR is not an insurance company, carrier nor underwriter.

  • How do I sign up?

    You may already be automatically enrolled. To learn more about data protection and breach reporting, go to “Data Breach Reporting” or call 13 ZIRCO for more information.

  • Why do businesses need the CSR Breach Reporting Service?

    Data security and compliance issues are top of mind. The CSR Data Breach Reporting Service is a crucial part of responding to a suspected or confirmed data breach of personal information.

    Laws mandate breach reporting to the Commissioner and other regulators, in addition to providing consumer notification. You need this service because CSR will evaluate the incident to determine if reporting to regulators is required, complete the reporting on your behalf at no extra charge, and can also provide consumer notifications.

    More and more concerned organisations are supplying these services to their clients. With one phone call, CSR’s experts can alleviate this complex and time-consuming task from your responsibilities, allowing you to focus on your other priorities.

  • Does CSR Investigate the breach?

    No. CSR does not perform investigations, such as forensics. CSR’s service does not help you recover your information. CSR relies on the incident details provided during the initial interview to determine whether the incident is required to be reported to regulators and notify affected individuals. CSR will submit the breach report to regulators on your behalf. If notification is required to affected individuals, CSR will inform you, and upon your confirmation and input, can provide consumer notification services.

  • What number do I call if I think I have a breach of Personal Information?

    In the event you believe you may have a breach of personal information call 1800 069 293

  • Why shouldn't companies try to do this themselves?

    Privacy and breach laws are stricter and impose greater accountability and transparency expectations on organisations. Determining if an incident is likely to result in serious harm and if reporting is warranted versus overreporting is risky and the liability rests entirely with you. This risk means incurring fines and penalties, as well as civil and criminal sanctions, at the international, federal and state/territory levels. Failing to comply with Australia’s data breach laws could result in fines up to AUD$2.1 million.

    Data privacy and protection laws are always expanding and redefining the types of personal information that must be protected thereby increasing the number of regulators and industry agencies that require or recommend breach reporting. In short, the learning curve is very steep.

    CSR’s trained Certified Information Privacy Professionals (CIPPs) use a proprietary system to evaluate your circumstances against hundreds of rules and regulations to determine whether reports need to be filed and whether individuals and other organisations must be notified.

  • How can I limit the threat of a data breach?

    Almost everyone can do more to protect personal information. You can learn more by clicking here.

  • What could happen if I don't have this service?

    Lost trust means lost sales. The fallout from mishandled and/or unreported data breaches has caused many organisations to close their doors. Failure to report an eligible data breach could result in fines up to AUD$2.1 million, as well as civil and criminal actions, including jail time.

  • I'll never get breached or hacked, so I don't need this service.

    77% of breaches resulted from human error and system faults (a fault resulting in a document being sent to the wrong person; a bug in the web code). It’s very likely that, at some point, information in your care, belonging to employees, customers or vendors, will be lost, stolen or compromised. You may be legally responsible and liable to promptly report breach incidents to regulators and to affected individuals.

  • What if I don't have any personal information?

    You most likely do, see section “What is personal information” for more details.

    · If your organisation has personal information on customers, employees, or vendors;

    · If you are a healthcare service provider that handles personal health information;

    · If you are a credit provider or credit reporting body;

    · If you hold tax file numbers;

    · If you are a small business operator that has registered as an APP entity;

    · If your organisation collects information from international individuals; and more.

    If any of the above examples apply, then you do have personal information and you may be required to notify regulators and affected individuals in the event a suspected or confirmed breach has occurred.

  • We don't deal with customers directly. I don't think my organisation needs this service.

    If your organisation has personal information on customers, employees, or vendors, then you have mandated requirements to notify regulators and affected individuals a breach, or suspected breach, has occurred.

  • I've never heard of this service before, who uses it?

    Thousands of organisations around the globe have enrolled in CRS Breach Reporting ServiceTM

General FAQs

  • My address has changed, how do I update this?

    Either email ( or call 13 ZIRCO to notify us of your change of address as soon as possible. This includes changes to either billing or physical address. In order to make this change, you must be an authorised contact on the account.

  • Where are my boxes located?

    Your boxes will be located in one of our state-of-the-art purpose built record centres. To get specifics on the state location, login to your ZircoBRIDGE portal and enter the box barcode. Here you will see the location.

  • Which industries does ZircoDATA provide services to?

    ZircoDATA services all industries and can create customised records management solutions, that are not only applicable to your industry but specific to your business model. By listening to your needs and requirements, we will provide a solution that works for you and your business, in the most economic way possible.

  • I'm not currently a customer of ZircoDATA, but would like to undertake a "once-off" project or cash sale. Can I do this?

    Absolutely! To complete a cash sale and engage ZircoDATA to complete a once-off project, simply call 13 ZIRCO or email

  • My company name and/or ABN has changed, what do I need to do?

    Please email or call 13 ZIRCO to advise of your change of company name and/or ABN as soon as possible. You will receive a confirmation of the changes to your account details via email. You must be an authorised contact on the account to be able to make this change.

  • What are your business hours?

    ZircoDATA operates from Monday to Friday 8.30am-7pm. We are closed on National public holidays. For current clients who have urgent requests, please use the after hours number for assistance.