Irradiate Security PTY LTD (ABN 46 645 902 030) is committed to being transparent about data security and this policy outlines our ongoing commitments to how we manage Personal Information. To support this, we have integrated the Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (Cth) (the Privacy Act) to our business processes. The APPs govern the way in which we collect, use, disclose, store, secure and dispose of Personal Information. A copy of the Australian Privacy Principles may be obtained from the website of The Office of the Australian Information Commissioner at oaic.gov.au.
Collection of Personal Information
Personal Information is information or an opinion that identifies an individual, including names, addresses, email addresses, and phone numbers. This Personal Information is obtained in many ways including interviews, correspondence by telephone and email, from public information repositories like a business' website, and from third parties. We collect Personal Information for the primary purpose of providing our services. We may also use Personal Information for secondary purposes where circumstances exist that would justify reasonable use. For example, notifying clients of new vulnerabilities that may impact previous engagements. Any Personal Information that we store may be deleted from our records through a request from the information owner. When we collect Personal Information, we will, where appropriate and where possible, explain why we are collecting the information and how we plan to use it. We also provide the option to engage with us anonymously or by using a pseudonym. This option is available to individuals when identification is not required by law or a court or tribunal order. It is also not available when it otherwise impractical for the nature of the service we are attempting to provide.
Sensitive information is defined in the Privacy Act to include information or opinions about such things as an individual's racial or ethnic origin, political opinions, membership of a political association, religious or philosophical beliefs, membership of a trade union or other professional body, criminal record, or health information. Sensitive information will only be used:
- For the primary purpose for which it was obtained
- For a secondary purpose that is directly related to the primary purpose
- With the consent of the individual; or where required or authorised by law.
Where reasonable and practicable to do so, we will collect your Personal Information only from you. However, in some circumstances we may be provided with information by third parties. In such a case we will take reasonable steps to ensure that you are made aware of the information provided to us by the third party.
All Personal Information is stored in a secure environment, in a manner that reasonably protects it from misuse and loss and from unauthorised access, modification, or disclosure. When Personal Information is no longer needed for the purpose for which it was obtained, we will take reasonable steps to destroy or permanently de-identify the information after the applicable retention period, which is a minimum of 7 years. We will ensure that you are made aware of any collected Personal Information that is required to be disclosed to an overseas recipient. Additionally, we will take reasonable steps to ensure that the overseas recipient complies with the Australian Privacy Principles for that information.
Access to Personal Information
If any requests are received to access the Personal Information we hold about you, we will take all reasonable steps to provide a copy of collected information once appropriate identity checks are performed. Also, we will ensure that all collected Personal Information is accurate, complete, and up-to-date. If any of the information we have is not up to date or is inaccurate, please advise us as soon as practicable so we can make amendments where applicable.
Complaints and Enquiries