Information Security Specialists.
News: Microsoft hopes free security means less malware
News: Researchers find more flaws in wireless security
News: Secure hash competition kicks off
News: TJX employee fired for exposing shoddy security
News: Thoughts of a Teenage Bot Master
We are governed by the Federal Privacy Act and its National Privacy Principles (NPP’s), which set out standards for collection, use, disclosure and handling of personal information.
Personal information is essentially information or an opinion about a living individual whose identity is apparent or can reasonably be ascertained from the information or opinion (e.g. a name and address).
Our Privacy Policy applies to any personal information we collect, use or disclose after 21 December 2001. It does not apply to our employee records.
We collect personal information either directly from the relevant individuals or indirectly from third parties.
For example, our clients may not only provide us with information on themselves for the purpose of obtaining our services but also on others who they represent. We may also obtain personal information indirectly via our security services, such as attack & penetration etc.
We collect personal information to be able to perform and provide our various services. These include, risk consulting, attack & penetration, application review and other risk assessment services.
We do not use or disclose personal information for any purpose that is unrelated to our services and that you would not reasonably expect (except with your consent).
We have a duty to maintain the confidentiality of our clients’ affairs, including personal information. Our duty of confidentiality applies except where disclosure of your personal information is with your consent or compelled by law.
We usually disclose personal information to third parties who assist us or are involved in the provision of our services.
We take reasonable steps to ensure that your personal information is accurate, complete and up-to-date whenever we collect or use or disclose it.
If the required personal information is not provided, we or any involved third parties may not be able to provide appropriate services.
When you provide us with personal information about other individuals, we rely on you to have made them aware that you will or may provide their information to us, the purposes we use it for, the types of third parties we disclose it to and how they can assess it (as described in this document). If it is sensitive information we rely on you to have obtained their consent to the above. If you have not done either of these things, you must tell us before you provide the relevant information.
If we give you personal information, you and your representatives must only use it for the purposes we agreed to.
Where relevant, you must meet the requirements of the National Privacy Principles set out in the Privacy Act 1988, when collecting, using, disclosing and handling personal information on our behalf;
You must also ensure that your agents, employees and contractors meet the above requirements.
We endeavour to protect any personal information that we hold from misuse and loss, and to protect it from unauthorised access, modification and disclosure.
We may transfer your personal information overseas where such is necessary for us to provide our service. For example, we sometimes use the internet to collect and process information. In addition, some specialised personnel are based overseas and we may need to provide your personal information to them.
Security Technology Science may change this policy. If we make changes this Privacy Policy, we will post those changes here.
If you wish to gain access to you your personal information, or you want us to correct or update it, or if you have any other query relating to our Privacy Policy, contact our Privacy Officer:
privacy [at] securitytechscience [dot] com