Privacy Policy

What personal information do we collect?

We may collect the following types of personal information:

• Name, job title, and professional role
• Email address, telephone number, and business contact details
• Organisation name, size, and industry
• Password (stored in hashed form)
• Your device ID, device type, IP address, browser information, and standard web log information
• Self-assessment responses and scores you submit through our free assessment tool
• Assessment evidence, documentation, and supporting materials you provide during attested assessments
• Reliability maturity data, infrastructure details, and operational information you share during consulting engagements
• Invoicing and billing information
• Communications between you and our team, including emails, meeting notes, and support requests
• Any additional information you provide through your use of our services

How do we collect personal information?

We collect personal information when you:

• Register for an account on our website
• Complete a free self-assessment through our platform
• Engage us for an attested assessment or consulting services
• Submit documentation or evidence as part of an assessment
• Enter into a consulting agreement or statement of work
• Communicate with us through email, telephone, or support channels
• Subscribe to our newsletters, updates, or educational content
• Visit and interact with our website

Why do we collect, use and disclose personal information?

We collect, hold, use and disclose your personal information for the following purposes:

• To provide you with access to our free self-assessment tool and deliver your results
• To conduct attested assessments, including reviewing evidence, scoring your organisation’s reliability maturity, and issuing assessment reports and attestation certificates
• To deliver reliability consulting advisory services
• To manage our consulting engagements, including scheduling, project management, and invoicing
• To operate, protect, improve, and optimise our website and services
• To send you service notifications, assessment reminders, and engagement updates
• To send you relevant educational content, industry insights, and service information (where you have opted in)
• To comply with our legal obligations and resolve any disputes
• To consider your employment application if you apply to work with us

To whom do we disclose your personal information?

We may disclose personal information to:

• Qualified assessors engaged by us to conduct attested assessments on our behalf
• Third party service providers who assist in operating our services, including:
  • Infrastructure and hosting providers
  • Security and DDoS protection services
  • Email and communication services
  • Payment processors
  • Analytics providers
  • Scheduling services
• Professional advisers and agents
• Anyone to whom our business (or any part of it) is transferred
• Government agencies, regulatory bodies, and law enforcement agencies as required by law

We will not share your assessment results, self-assessment data, or consulting engagement details with any third party without your explicit written consent, except where required by law.

Disclosure of personal information outside Australia

We may disclose personal information outside of Australia to our service providers, some of which are located in the United States and other jurisdictions. These include cloud infrastructure providers, payment processors, and communication services. We will take reasonable steps to ensure that any overseas recipient will deal with such personal information in a way that is consistent with the Australian Privacy Principles.

Using our website and cookies

We may collect information about your use of our website, such as which pages you visit, features you use, and the time and date of your activities. We may use cookies or similar tracking technologies to help us understand usage patterns and improve our services. You can disable cookies through your browser settings, but some features may not work as intended.

Security

We take reasonable steps to protect your personal information from misuse, interference and loss, as well as unauthorised access, modification or disclosure. We use industry-standard encryption for data in transit and at rest, and implement access controls to limit who can access your information.

Assessment data and consulting engagement materials are treated as confidential and are subject to the confidentiality obligations set out in our consulting agreements. However, we cannot guarantee the absolute security of your personal information.

Data retention

We retain your personal information for as long as reasonably necessary to fulfil the purposes for which it was collected, including to meet our legal, accounting, and reporting obligations. Self-assessment data is retained for as long as your account is active. Attested assessment records and consulting engagement materials are retained for a minimum period following the completion of the engagement, as specified in your consulting agreement or statement of work.

Accessing or correcting your personal information

You can access and update most of your personal information directly through your account settings. If you need to access other personal information we hold about you, please contact us. We may need to verify your identity before providing access.

If you believe any personal information we hold is inaccurate, please contact us and we will take reasonable steps to correct it.

Making a complaint

If you believe we have breached the Privacy Act or you wish to make a complaint about how we have handled your personal information, please contact us. We will acknowledge your complaint and respond within a reasonable period. If you are not satisfied with our response, we will provide information about further steps you can take.