Contact Us

Privacy Policy

Introduction

Welcome to Information Security Consultants (“we,” “our,” or “us”), an information security consultancy based in Australia, dedicated to providing expert cybersecurity services and solutions. We understand that privacy and the security of your information are of paramount importance, especially when engaging with security professionals. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website or engage our services.

Given our role as information security professionals, we hold ourselves to the highest standards of data protection. This policy demonstrates our commitment to those standards and compliance with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth) and other applicable Australian privacy laws and regulations.

Information We Collect

Personal Information

We may collect the following types of personal information:

  • Contact Information: Name, email address, phone number, company name, job title, and mailing address when you contact us, request information, or engage our services.
  • Account Information: Login credentials if you create an account on our website.
  • Professional Information: Details about your organisation’s IT infrastructure, security posture, and business needs as necessary to provide our consulting services.
  • Financial Information: Payment details when you purchase our services.
  • Communication Records: Records of your interactions with us, including consultation notes, emails, calls, and other correspondence.

 

Information Collected Automatically

When you visit our website, we may automatically collect:

  • Device Information: IP address, browser type and version, operating system, device type, and other technical identifiers.
  • Usage Data: Pages visited, time spent on pages, links clicked, referring website, and other browsing behaviour.
  • Cookies and Tracking Technologies: Data collected through cookies, web beacons, and similar technologies. For more details, please see our Cookie Policy section below.

 

Sensitive Security Information

As information security consultants, we may have access to sensitive security information about your systems, including:

  • Vulnerability assessment results
  • Penetration testing data
  • Security audit findings
  • Network configurations
  • Security control implementations

 

We treat this information with the highest level of confidentiality, as detailed in our “Special Considerations for Security Assessments” section below.

How We Use Your Information

We use the collected information for the following purposes:

  • Providing Services: To deliver the information security consulting services you’ve requested, including security assessments, penetration testing, compliance audits, and security strategy development.
  • Client Communication: To respond to your inquiries, provide updates on your projects, and maintain our business relationship.
    Service Improvement: To enhance our website, services, and client experience.
  • Marketing: With your consent, to send you relevant information about our services, security updates, and industry developments. You may opt out of these communications at any time.
  • Legal and Security: To protect our rights, your safety, and the safety of others; to investigate fraud; and to comply with our legal obligations under Australian law.
  • Analytics: To understand how visitors interact with our website and identify areas for improvement.

 

Australian Privacy Principles Compliance

We are committed to compliance with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth). In accordance with these principles:

  • We collect personal information only by lawful and fair means, and only when reasonably necessary for our functions or activities.
  • We provide notice about our collection of personal information through this Privacy Policy and at the time of collection where practicable.
  • We use and disclose personal information only for the primary purpose for which it was collected, or for related secondary purposes that would be reasonably expected, unless you consent otherwise or an exception applies under the Privacy Act.
  • We take reasonable steps to ensure the personal information we collect, use, and disclose is accurate, complete, and up-to-date.
  • We maintain appropriate security safeguards to protect personal information from misuse, interference, loss, and unauthorised access, modification, or disclosure.
  • We provide individuals with access to their personal information upon request, subject to exceptions under the Privacy Act.

 

Special Considerations for Security Assessments

As information security consultants, we may collect and process highly sensitive information about your IT infrastructure and security posture. We implement exceptional safeguards for this information:

  • Segmented Storage: Security assessment data is stored separately from other business data with enhanced access controls.
  • Limited Access: Only team members directly involved in your security assessments have access to your security data.
  • Secure Transmission: All security findings and reports are transmitted via encrypted channels.
  • Data Minimisation: We collect only the security information necessary to perform the agreed-upon services.
  • Retention Limitations: Security assessment data is retained only for the period necessary to complete the engagement and any agreed-upon follow-up activities, after which it is securely deleted.

 

Information Sharing and Disclosure

We do not sell your personal information. We may share your information in the following limited circumstances:

  • Service Providers: With contractors and service providers who assist in our business operations and are bound by confidentiality obligations. Where these providers are located outside Australia, we take reasonable steps to ensure they handle your personal information in accordance with Australian privacy laws.
  • Legal Requirements: When required by Australian law, court order, or governmental authority.
  • Business Transfers: In connection with a merger, acquisition, or sale of assets, with appropriate confidentiality agreements.
  • With Your Consent: In other cases with your explicit consent.

 

Special Note: Given the sensitive nature of security assessments, we never share your security vulnerability information with third parties except:

  • With team members necessary to complete the assessment
  • When explicitly authorised by you
  • When legally required (in which case we will notify you if permitted by law)

 

Overseas Disclosure

If we need to disclose your personal information to recipients located outside Australia, we will take reasonable steps to ensure that the overseas recipient does not breach the Australian Privacy Principles in relation to your personal information. Common overseas locations where your data may be processed include [list typical countries, e.g., United States, Singapore, etc.].

Data Security

As information security professionals, we implement and maintain robust technical, administrative, and physical safeguards, including:

  • End-to-end encryption for data transmission
  • Multi-factor authentication for system access
  • Regular security assessments of our own systems
  • Strict access controls and least privilege principles
  • Comprehensive employee security training
  • Advanced threat detection and prevention systems
  • Regular backup and disaster recovery testing

Despite our best efforts, no security measure is 100% effective. We commit to notifying you promptly in the event of any data breach affecting your personal information, in accordance with the Notifiable Data Breaches scheme under the Privacy Act.

Data Retention

We retain your information only as long as necessary to fulfill the purposes outlined in this Privacy Policy, unless a longer retention period is required or permitted by Australian law. Security assessment data is subject to stricter retention policies as outlined in our service agreements.

Your Privacy Rights

Under the Privacy Act 1988 (Cth) and the Australian Privacy Principles, you have the right to:

  • Access: Request access to your personal information that we hold.
  • Correction: Request correction of inaccurate, out-of-date, incomplete, irrelevant, or misleading personal information.
  • Complaints: Lodge a complaint if you believe we have handled your personal information in a way that breaches the Australian Privacy Principles.

To exercise these rights, please contact us using the information in the “Contact Us” section below. We will respond to your request within 30 days. If we refuse to provide access or make corrections, we will provide you with reasons for our decision.

Cookies and Similar Technologies

Our website uses cookies and similar technologies to enhance your browsing experience, analyse website traffic, and personalise content. Types of cookies we use may include:

  • Essential Cookies: Required for the website to function properly.
  • Analytical Cookies: Help us understand how visitors interact with our website.
  • Functional Cookies: Remember your preferences and settings.
  • Marketing Cookies: Track your browsing habits to deliver tailored advertising.

 

You can manage your cookie preferences through your browser settings. However, disabling certain cookies may limit your ability to use some features of our website.

Direct Marketing

We may use your personal information for direct marketing purposes. This includes sending you information about our services, security updates, and industry developments. You can opt out of receiving direct marketing from us at any time by:

  • Using the unsubscribe function in our marketing emails
  • Contacting us using the details provided in the “Contact Us” section below

 

Children’s Privacy

Our website and services are not directed to individuals under 18. We do not knowingly collect personal information from children. If you believe we have inadvertently collected information from a child, please contact us immediately.

Third-Party Links

Our website may contain links to third-party websites. We are not responsible for the privacy practices or content of these sites. We encourage you to review the privacy policies of any third-party sites you visit.

Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We will post the revised policy on our website with the “Last Updated” date. Significant changes will be notified through our website or via email.

Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact our Privacy Officer at:

Company Name: Information Security Consultants
Physical Address: Two Melbourne Quarter, Level03, Suite 330, 692 Collins Street Docklands, Victoria, Australia 3008
Email Address: info@informationsecurityconsultants.com.au
Phone Number: 1300887463

Response Time: As security professionals, we take your privacy concerns seriously and will respond to all inquiries within 30 days as required by the Australian Privacy Act.

Complaint Resolution

If you have an unresolved privacy concern that we have not addressed satisfactorily, you may contact the Office of the Australian Information Commissioner (OAIC):

Website: www.oaic.gov.au
Phone: 1300 363 992
Email: enquiries@oaic.gov.au

We provide plain English information security advice and consultancy

Schedule A Call Now

Quick Links

ISO27001 Services

SOC 2 Services

GRC Services

Other Services

Copyright © 2025 Information Security Consultants, All rights reserved.
Review Your Cart
0
Add Coupon Code
Subtotal
Checkout