Privacy Policy

1. Introduction

This policy applies to all visitors and customers of:

• secureaz.com
• secureaz.co.nz
• secureaz.com.au
• The SecureAZ web application at app.secureaz.com

By using our websites or platform you agree to the collection and use of information in accordance with this policy.

2. Information We Collect

Information you provide directly:

• Name, work email address, phone number, and company name when you contact us or sign up
• Team size and enquiry type submitted via our contact form
• Payment information processed securely via our third-party payment provider (we do not store card details)
• Communications you send us by email or through our platform

Information collected automatically:

• IP address, browser type, device type, and operating system
• Pages visited, time spent on pages, and referring URLs
• Cookies and similar tracking technologies (see Section 5)

Information about your team members:

• When you enrol staff in training, we collect their name and email address for the purpose of delivering training and tracking completion

3. How We Use Your Information

We use the information we collect to:

• Provide, operate, and improve the SecureAZ platform and services
• Process your account registration and manage your subscription
• Send training invitations and progress notifications to enrolled staff
• Respond to enquiries and provide customer support
• Send product updates, security tips, and relevant communications (you may opt out at any time)
• Generate compliance reports and cyber insurance documentation on your behalf
• Comply with our legal obligations
• Detect and prevent fraud and security incidents

We will not use your information for purposes other than those described above without your consent.

4. Sharing Your Data

We do not sell your personal information. We may share data with trusted third parties only where necessary:

• Service providers — including hosting, email delivery, CRM, and payment processing providers who are bound by confidentiality obligations
• Analytics providers — to help us understand how our platform is used (data is aggregated and anonymised where possible)
• Legal requirements — if required by law, court order, or to protect the rights and safety of SecureAZ or others
• Business transfers — in the event of a merger, acquisition, or sale of assets, your data may be transferred as part of that transaction

All third-party providers are required to handle your data in accordance with applicable privacy laws.

5. Cookies

Our websites use cookies and similar technologies to:

• Keep you logged in to the SecureAZ platform
• Remember your preferences
• Analyse website traffic and usage patterns
• Improve our marketing and understand which content is most relevant

You can control cookie settings through your browser. Disabling certain cookies may affect the functionality of our platform. We do not use cookies to track you across unrelated third-party websites.

6. Data Storage & Security

Your data is stored on secure servers. We implement industry-standard security measures including encryption in transit (TLS), access controls, and regular security reviews.

While we take reasonable steps to protect your information, no method of transmission over the internet is 100% secure. We encourage you to use a strong, unique password for your SecureAZ account.

Our servers are located in Australia and/or New Zealand. If your data is transferred internationally, we ensure appropriate safeguards are in place.

7. Data Retention

We retain personal information for as long as your account is active or as needed to provide services. Specifically:

• Account and training data is retained for the duration of your subscription plus 12 months
• Contact form submissions are retained for up to 24 months
• Financial records are retained for 7 years as required by law
• You may request deletion of your data at any time (see Section 8)

8. Your Rights

Under the New Zealand Privacy Act 2020 and Australian Privacy Act 1988, you have the right to:

• Access — request a copy of the personal information we hold about you
• Correction — ask us to correct inaccurate or incomplete information
• Deletion — request that we delete your personal information (subject to legal obligations)
• Objection — object to the processing of your data for marketing purposes
• Portability — receive your data in a machine-readable format
• Withdraw consent — where processing is based on consent, you may withdraw it at any time

To exercise any of these rights, please contact us at [email protected]. We will respond within 20 working days.

9. Children's Privacy

SecureAZ is a business-to-business platform intended for use by organisations and their adult employees. We do not knowingly collect personal information from individuals under the age of 18. If you believe we have inadvertently collected such information, please contact us immediately.

10. Third-Party Links

Our websites may contain links to third-party websites. We are not responsible for the privacy practices of those sites and encourage you to review their privacy policies before providing any personal information.

11. Changes to This Policy

We may update this Privacy Policy from time to time. When we make significant changes, we will notify you by email or via a prominent notice on our platform. Your continued use of SecureAZ after changes are posted constitutes acceptance of the updated policy.

Previous versions of this policy are available on request.

12. Contact Us

If you have any questions about this Privacy Policy or how we handle your personal information, please contact us:

If you are not satisfied with our response, you have the right to complain to the Office of the Privacy Commissioner (NZ) or the Office of the Australian Information Commissioner (AU).