Data security and privacy is obviously a massive concern for many people and businesses. While we take this concern seriously, our philosophy for data security and privacy is based on what we would consider “Common Sense Security”.

That is to say…

Only collect the information we need:

This may include more obviously information like contact details and potentially sensitive commercial details. It may also include more hidden information in the form of website cookies.

What it is unlikely to include is sensitive personal information, but may if that is bundled inside say, the performance data of your business for example.

Frankly, we would rather not have your personally sensitive data if we can avoid it, it’s just not worth the trouble. We only really want your commercially sensitive data because we absolutely, truly need it. Give us authenticated, temporary access to your sharepoint or google drive site instead.

Sharing your data: Explicit Permission vs Partner Collaboration

For the most part, your data is well… your data. Our general principle is not to share any aspects of that data without your permission.

The exception is with partners and subcontractors where it is necessary to do so for the performance of engaged activities between us. In such circumstances an explicit commercial trust relationship should exist between us and the third party in question.

We abhor spamming. With a telecommunications background, we’re pretty sensitive to the legislation in this space. We also value the relationships across our ecosystem.

In short, we would never intentionally share data for the purpose of direct marketing or petty financial gain. The loss of trust and brand reputation is just not worth it.

Sharing your data: Cloud Technologies

We use a bunch of cloud based technologies from big named and small time players. The data for those technologies is stored in Australia and elsewhere (including places like Singapore and the United States)

This is both a good thing and a bad thing. Effectively we’ve outsourced our main data security issues to household names. If they have a breach, then well, we’re all stuffed. It does mean however if there is a breach, your recourse retribution outside of the laws of Australia may be limited.

Common Sense is King

If it’s your commercially sensitive financial information, then a different risk profile exists over the webcopy you used for that last blog post. We understand that, we hope you do to!

Common sense also extends to what we would consider normal accepted practices on things like Antivirus software and account passwords.

Contractual & Legal Obligations

Whatever we write here does not shirk our responsibilities under Australian legislation or our contract with you. In some circumstances that may include quite strict data governance and security processes.

If that’s something you need, then please discuss this with us as we scope your engagement. We happen to know a thing or two about such processes. Or alternatively we can harness your existing frameworks and solutions as we have done in the past.

All care given, we might get it wrong

Regardless of whatever care we might take with your data, we might get it wrong. There are lots of baddies out there thinking about these sorts of things and only a few of us. More over, either us, one of our cloud providers or one of partners could simply slip up. It happens more frequently than many of us would like.

To that end, as much as permissible by law, we accept no liability for damages to you should there be a breach or disclosure of data.

Changes & Questions

This policy may also change from time to time. Unless you’ve expressed some sort of direct desire to know about such changes, we probably won’t tell you. If you want to know what our policy is at any given point, your best bet is to come here.

Finally if there are any questions about this policy, please feel free to contact us either through our website, or at the email below:

enquiries@kcarmour.com.au