Legal

Privacy Policy

How Security Cube collects, uses, discloses, and protects your personal information.

Last updated: [Insert Date]
Company: Security Cube ("ACN: Security Cubes Pty Ltd", "ABN: 69741239488")
Website: https://securitycube.com.au

At a glance

  • We comply with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).
  • We only collect information needed to provide our services.
  • You can request access to, or correction of, your personal information.
  • We take cybersecurity and data protection seriously.

This Privacy Policy describes how Security Cube ("we", "us", "our") manages personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

By using our website or our services, you agree to the collection and use of information in accordance with this Policy.

1. Who we are

Business Name: Security Cubes Pty Ltd
Website: https://securitycube.com.au
ABN: 69741239488

2. Information we collect

We may collect the following types of personal information.

2.1 Information you provide directly

  • Name
  • Email address
  • Phone number
  • Company name, job title, and role
  • Billing and payment details (for paid services or training)
  • Information submitted through forms (e.g. contact, consultation bookings, training registrations)
  • Information provided for consulting work (e.g. policies, documents, or records you choose to share)

2.2 Information collected automatically

When you visit our website, we may automatically collect:

  • IP address and approximate location
  • Browser type, device type, and operating system
  • Pages visited, time spent on pages, and referring websites
  • Cookie data and similar tracking technologies

2.3 Sensitive information

We do not generally require sensitive information (such as health information or information about racial or ethnic origin). If sensitive information is required as part of a consulting engagement, we will only collect it with your informed and explicit consent and will handle it with additional care.

3. How we use your information

We use personal information for the following purposes:

  • To provide cybersecurity consulting, training, and related services
  • To set up and manage your account or engagement with us
  • To respond to your enquiries and support requests
  • To send booking confirmations, invoices, and administrative communications
  • To deliver training materials, resources, and certification-related information
  • To improve our website, services, and customer experience
  • To send newsletters, updates, or marketing communications (you can unsubscribe at any time)
  • To comply with legal and regulatory obligations

4. Legal basis for processing

In Australia, we handle personal information in line with the APPs. Where relevant, and particularly for overseas clients, we may also rely on the following legal bases:

  • Consent - where you have given us permission to use your information.
  • Contract - where processing is necessary to perform an agreement with you.
  • Legitimate interests - where we have a reasonable business purpose and your rights are not overridden.
  • Legal obligation - where we must comply with laws and regulations.

5. Disclosure of personal information

We may disclose your personal information to:

  • IT and cloud service providers (e.g. hosting, backup, email services)
  • Payment processors and accounting systems
  • Professional advisers (lawyers, accountants, auditors) where reasonably necessary
  • Third-party tools used for scheduling, training delivery, or collaboration

We only share information where necessary to deliver our services or comply with legal requirements, and we take reasonable steps to ensure third parties protect your information.

5.1 Overseas disclosure

Some of our third-party service providers may store or process information outside Australia, including in countries such as the United States or the European Union. We take reasonable steps to ensure that any overseas recipients will handle your information in a manner consistent with the APPs.

5.2 Legal and safety requirements

We may disclose personal information if required by law, regulation, court order, or where necessary to prevent or investigate suspected unlawful activity, fraud, or cybersecurity incidents.

6. Data security

As a cybersecurity-focused business, we take the security of personal information seriously. We implement reasonable technical and organisational measures, which may include:

  • Encryption of data in transit and at rest where appropriate
  • Multi-factor authentication for administrative systems
  • Role-based access controls and least-privilege principles
  • Secure configuration and patch management of systems
  • Regular review of logs and security alerts
  • Staff awareness and security training

Despite our efforts, no method of transmission or storage is completely secure. We cannot guarantee absolute security, but we strive to protect your information to a high standard.

7. Data retention

We retain personal information only for as long as necessary to:

  • Provide our services
  • Meet legal, regulatory, or contractual obligations
  • Resolve disputes and enforce our agreements

When personal information is no longer required, we will take reasonable steps to de-identify or securely destroy it.

8. Cookies and website tracking

Our website may use cookies and similar technologies to improve functionality and understand how visitors use the site. Cookies may collect information such as your IP address, browser type, and pages visited.

You can usually configure your browser to refuse cookies or notify you when cookies are used. If you disable cookies, some features of the website may not function properly.

9. Access to and correction of your information

You have the right to request access to the personal information we hold about you and to request that we correct any inaccurate, incomplete, or outdated information.

To make a request, please contact us using the details in section 13. We will respond within a reasonable timeframe and may need to verify your identity before providing access.

10. Marketing communications

We may use your contact details to send you information about:

  • Cybersecurity news and insights
  • Training programs and workshops
  • New services, tools, or content from Security Cube

You can opt out of marketing communications at any time by using the "unsubscribe" link in our emails or by contacting us directly.

11. Third-party websites

Our website may contain links to third-party websites or services. We are not responsible for the privacy practices or content of those websites. We recommend you review their privacy policies before providing them with personal information.

12. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, or legal requirements. The updated version will be posted on this page with the "Last updated" date revised. We encourage you to review this Policy periodically.

13. How to contact us

If you have any questions, concerns, or requests about this Privacy Policy or how we handle your personal information, please contact:

Security Cube
Email: hello@securitycube.com.au
Phone: +61 424 718 773
Location: Melbourne, Australia

14. Complaints

If you believe that we have breached the Australian Privacy Principles or mishandled your personal information, you can contact us using the details above. Please provide as much detail as possible about your concern.

We will investigate your complaint and respond within a reasonable period. If you are not satisfied with our response, you may also lodge a complaint with the Office of the Australian Information Commissioner (OAIC):

OAIC website: https://www.oaic.gov.au