Privacy Policy - AusClear

Introduction

Nephthys Pty Ltd (ACN: 628 031 587) trading as 'AusClear' ("AusClear", "we", "our", or "us") is committed to protecting your privacy and managing your personal information in accordance with the Australian Privacy Principles under the Privacy Act 1988 (Cth) and other applicable privacy laws.

This Privacy Policy outlines how we collect, use, disclose, and safeguard your personal information. It also provides information on how you can access and correct your personal information or make a privacy complaint.

1. What Information Do We Collect?

1.1 Personal Information

Personal Information refers to information that identifies you or could reasonably be used to identify you. This includes:

  • Contact Information: Name, email address, phone number, and postal address.
  • Professional Information: Employer details, job title, and work-related information.
  • Account Information: Username, password, and other credentials for accessing services.
  • Transactional Information: Details of transactions, including payment information.

1.2 Sensitive Information

Sensitive Information includes data about:

  • Racial or Ethnic Origin
  • Political Opinions
  • Religious or Philosophical Beliefs
  • Membership of a Trade Union or Other Professional Body
  • Criminal Record
  • Health Information

We collect Sensitive Information only with your explicit consent and solely for the primary or directly related secondary purposes for which it was obtained, or where required or authorised by law.

1.3 Non-Personal Information

Non-Personal Information includes data that does not identify you personally, such as:

  • Website Usage Data: IP address, device type, browser type, and pages visited.
  • Aggregated Data: Statistical information about user interactions with the Website.

2. How Do We Collect Your Information?

2.1 Direct Collection

We collect Personal Information directly from you when you:

  • Submit a contact form or enquiry on our Website.
  • Communicate with us via email, phone, or social media.
  • Register for events, subscribe to newsletters, or use our services.
  • Participate in surveys, promotions, or competitions.

2.2 Automated Technologies

We may automatically collect technical data about your device and browsing actions using technologies such as cookies, web beacons, and similar tools.

2.3 Third Parties and Public Sources

We may receive Personal Information about you from:

  • Third-party service providers (e.g., analytics providers, payment processors).
  • Publicly accessible sources.
  • Business partners and affiliates.

3. Cookie Policy

We use cookies and similar technologies to enhance your browsing experience. The types of cookies we use include:

  • Essential Cookies: Necessary for core Website functionality and cannot be disabled. They help with navigation and basic features.
  • Analytical Cookies: Used to improve Website performance and user experience by collecting anonymous usage data (e.g., Google Analytics).
  • Preference Cookies: Store your settings and choices to enhance your browsing experience.
  • Marketing Cookies: May be set by our advertising partners to build a profile of your interests and show relevant advertisements (e.g., Facebook Pixel).
  • Third-Party Cookies: Set by external services integrated into our Website (e.g., social media plugins).

3.1 Managing Cookies

You can manage your cookie preferences through your browser settings by:

  • Accessing browser settings
  • Selecting 'Privacy' or 'Cookie' settings
  • Choosing to accept, block, or delete specific cookie types

Please note that disabling certain cookies may affect the functionality of the Website. Third-party cookies are subject to their respective privacy policies, which we encourage you to review. We are not responsible for third-party cookies but ensure our partners comply with applicable privacy laws.

3.2 Cookie Retention

Cookies are typically stored for up to 180 days, after which they are automatically deleted unless renewed.

3.3 Cookie Consent

Before using any non-essential cookies, we will obtain your explicit consent through a prominent cookie banner that allows you to:

  • Accept All Cookies
  • Reject Non-Essential Cookies
  • Manage Preferences for each cookie category

Your consent choices will be stored and honoured for 180 days, after which renewed consent will be requested. You may modify your cookie preferences at any time through our Cookie Management Centre accessible via the Website footer.

4. Purpose of Collection

We collect Personal Information to:

  • Provide and manage our services to you.
  • Communicate with you and respond to your inquiries.
  • Conduct security clearance assessments where applicable.
  • Improve our Website and services based on your feedback.
  • Engage in marketing and promotional activities (with your consent).
  • Comply with legal obligations and regulatory requirements.

4.1 Security Clearance Processing

  • To facilitate introductions to authorised security clearance partners
  • To assist in the preliminary assessment of security clearance eligibility
  • To maintain records of security clearance referrals and outcomes

5. Data Retention Periods

We retain your Personal Information for the periods specified below, after which it is securely deleted or anonymized:

  • Active Account Data: Retained while your account remains active.
  • Transaction Records:7 years, as required by law.
  • Marketing Preferences:2 years from your last interaction.
  • Website Usage Data:12 months.
  • Complaint Records:2 years after resolution.
  • Inactive Accounts: Deleted or anonymized 12 months after the last activity.
  • Digital Records:30 days for active data and 7 years for archived data, after which automated purge protocols permanently remove the information using government-approved secure deletion standards.

6. How Do We Use Your Information?

We may use your Personal Information for the following purposes:

  • Service Provision: To provide and manage our services.
  • Communication: To communicate with you and respond to your inquiries.
  • Security: To conduct security clearance assessments and protect against fraud.
  • Improvement: To improve our Website and services based on your feedback and usage data.
  • Marketing: To send you marketing and promotional materials (with your consent).
  • Compliance: To comply with legal obligations and regulatory requirements.

7. Disclosure of Your Information

We may disclose your Personal Information to third parties for the purposes outlined above. These third parties include:

7.1 Third-Party Disclosures

  • Service Providers: Assisting with data processing, IT support, marketing, and other operational functions. They are bound by strict contractual safeguards to protect your information.
  • Government Agencies: As required by law or regulatory authorities.
  • Business Partners: Involved in the delivery of our services (e.g., background check providers for security clearance).
  • Security Clearance Partners: We may share your information with our authorised security clearance partners when you request security clearance services. This sharing will only occur:
    • After receiving your explicit consent
    • For the specific purpose of facilitating security clearance applications
    • With partners bound by strict confidentiality agreements
    • Limited to information necessary for the security clearance process
  • Security Clearance Sponsorship: Important Notice: While AusClear is working toward full accreditation, we operate solely as a referral service for security clearance sponsorship. This means:
    • We facilitate clearances exclusively through our established partnership with an accredited Australian security clearance sponsor
    • Your information will be shared with our accredited sponsor partner only after receiving your explicit consent
    • Information shared is limited to what is necessary for security clearance sponsorship processing
    • Our partner is bound by strict confidentiality agreements and privacy protocols
    • We maintain detailed records of all referrals and information transfers

7.2 Security Clearance Information

Due to the sensitive nature of security clearance processes, additional privacy protections apply to information collected for these purposes:

  • Enhanced verification procedures
  • Strict access controls
  • Specialised handling protocols
  • Secure destruction methods for sensitive documentation

8. Data Security

We take the security of your Personal Information seriously and implement robust measures to protect it:

  • Encryption: All data transmitted to and from our Website is encrypted using 256-bit SSL technology.
  • Access Controls: Multi-factor authentication is required for accessing user accounts.
  • Secure Data Centers: We use secure data centers with industry-standard security measures.
  • Regular Audits: Conduct regular security audits and penetration testing to identify and address vulnerabilities.
  • Employee Training: Employees with access to Personal Information are trained on data protection and security protocols.
  • Automated Threat Detection: Utilize automated systems to monitor for potential threats and vulnerabilities 24/7.
  • Data Backups: Perform daily backups to ensure data can be recovered in the event of a system failure.
  • Incident Response Plan: Have a comprehensive incident response plan that includes a policy to notify affected individuals within 24 hours of detecting a breach.
  • Secure Erasure: Use secure erasure methods, including digital shredding and physical destruction of storage media, to delete Personal Information when required.

When we no longer require your Personal Information for the purpose for which we obtained it, we will take reasonable steps to destroy and anonymize or de-identify it using secure erasure methods.

9. Accessing and Correcting Your Information

Under the Australian Privacy Principles, you have the right to:

  • Access: Request access to the Personal Information we hold about you.
  • Correction: Request correction of any inaccurate or incomplete Personal Information.

9.1 How to Request Access or Correction

To exercise these rights, please contact our Privacy Officer using the details provided below. We will respond to your request in accordance with the Privacy Act 1988 (Cth).

10. Complaint Procedure

If you have a complaint about how we handle your Personal Information, please follow our complaint procedure:

10.1 How to File a Complaint

  • Contact Details: Use the contact information provided at the bottom of this Privacy Policy.
  • Responsible Person: All complaints will be considered by Matthias Bradman.

10.2 Complaint Handling Process

  1. Acknowledgment: We will acknowledge receipt of your complaint within 2 business days and provide you with a reference number.
  2. Investigation: Our privacy team will investigate your complaint and maintain detailed records of all communications and findings. We aim to resolve complaints within 30 business days.
  3. Resolution Communication: Communicate our findings and any actions taken within 5 business days after completing the investigation.
  4. Appeal Period: You have 14 days from receiving our resolution to request a review if you are unsatisfied.
  5. Escalation: If we cannot resolve your complaint within these timeframes, we will:
    • Provide a written explanation for the delay.
    • Offer a new estimated resolution timeline.
    • Update you weekly on the progress.
    • The Privacy Officer will personally review your case within 7 business days of the escalation request.

10.3 Documentation and Response Timeline

  • Complaint Documentation: All complaint documentation will be retained for 12 months following resolution.
  • Record-Keeping: Maintain detailed records of all communications and findings related to the complaint.

If you remain dissatisfied with the outcome, you may refer the matter to the Office of the Australian Information Commissioner.

11. Overseas Transfer

Your Personal Information will not be disclosed to recipients outside Australia unless you expressly request us to do so. If you request us to transfer your Personal Information to an overseas recipient, we ensure that:

  • Recipients are Bound by Equivalent Protections: Overseas recipients must comply with privacy protections equivalent to Australian standards.
  • Explicit Consent: We obtain your explicit consent for such transfers.
  • Compliance: Implement standard contractual clauses and conduct impact assessments to ensure ongoing compliance.

We are not liable for any mishandling of your information by overseas recipients.

12. Changes to This Privacy Policy

We may update this Privacy Policy periodically to reflect changes in our practices or legal requirements. We will:

  • Post Updates: Any changes will be posted on this page.
  • Notify Users: Where appropriate, notify you by email about significant changes.

We encourage you to review this policy regularly to stay informed about how we manage your personal information.

13. Contact Us

If you have any questions about this Privacy Policy or our privacy practices, or if you wish to access, update, or correct your personal information, please contact our Privacy Officer:

Matthias Bradman

Privacy Officer

Email:mattias@ausclear.com.au

Phone:0469 755 606 (Temporary)

Postal Address: 82 Onkaparinga Valley Road, Woodside, SA, 5244, Australia