Privacy policy

Effective: 1st May 2025

This Privacy Policy explains how Australian Security Compay Pty Litited (ABN 87 010 449 555) (“we”, “us”, “our”) collects, uses, discloses, stores and protects personal information.

This policy is designed to align with the information security principles of ISO/IEC 27001 (including access control, encryption, logging, incident management, supplier security and retention). It should be read together with any service agreement you have with us.

Website: https://aussec.com.au
Privacy contact: asc@aussec.com.au | (07) 5532 6644
Postal address: P.O. Box 626, Southport MC QLD 4215

1) What personal information we collect

We may collect the following types of personal information:

A) Identity and contact details

  • Name, job title, business name
  • Email address, phone number
  • Billing and service addresses

B) Account, service and job information

  • Quote and job details, site notes, equipment details
  • Installation, maintenance and service history
  • Communications with us (emails, phone calls, messages)

C) Monitoring and security-related information (24/7 monitoring)

Depending on your services, we may collect and process:

  • System status and health information (e.g., device connectivity, faults, alerts)
  • Event/incident information generated by security systems (e.g., alarm events, access events, notification triggers)
  • User and administrative activity logs (e.g., remote access logs, configuration changes)

Footage / video data: Where CCTV services involve access to or handling of video footage (live view or recordings), we treat this as highly sensitive operational data and apply additional access controls. Whether we store footage ourselves or only access it for monitoring/support depends on the service design and customer configuration.

D) Payments and transactions

  • Invoice and payment status information
  • Card payments are processed via third-party providers such as Stripe and/or an EFTPOS/credit card terminal provider. We do not intentionally store full card numbers or CVV details.

E) Website and online identifiers

  • IP address and device identifiers
  • Browser type and general usage information (pages visited, referral sources)
  • Cookies and advertising identifiers (see Section 6)

2) How we collect personal information

We collect personal information when you:

  • submit an enquiry via Google, our website contact forms, or other lead channels,
  • contact us by phone or email,
  • engage us for quotes, installations, monitoring, maintenance, or support,
  • use systems we monitor/support (where logs or alerts are generated),
  • browse our website (cookies/analytics/advertising).

We may also collect information from your authorised representatives (e.g., site contacts) and from suppliers/partners involved in service delivery.

3) Why we collect and use personal information

We collect and use personal information to:

  • respond to enquiries and provide quotes,
  • deliver security services (including 24/7 monitoring) and customer support,
  • configure, maintain and troubleshoot security systems,
  • manage job scheduling, site access and communications,
  • manage invoicing, payments and accounts,
  • improve our services, processes and website performance,
  • detect, prevent and respond to security incidents, misuse or fraud,
  • comply with legal obligations and enforce agreements.

4) Disclosure of personal information (who we share it with)

We may disclose personal information to:

  • our employees and contractors on a need-to-know basis,
  • our technicians and subcontractors to perform installations and service work,
  • business systems and service providers we use to operate our business, including Simpro (job management/CRM), plus hosting, communications and support tools,
  • monitoring and remote-access platforms (where used for support and monitoring),
  • payment providers including Stripe and EFTPOS/terminal providers,
  • professional advisers (accountants, lawyers, insurers),
  • law enforcement, regulators, or emergency services where required or authorised by law, or where necessary to protect safety.

We take reasonable steps to ensure third parties handle information securely and only for authorised purposes.

5) Overseas disclosure

Some third-party providers (e.g., cloud software platforms, analytics and payment processors) may store or process data outside Australia.

Where personal information is disclosed overseas, we take reasonable steps to ensure appropriate safeguards are in place, which may include contractual commitments, vendor security reviews, and the use of reputable providers with recognised security certifications.

6) Cookies, analytics and advertising

We may use cookies and similar technologies to:

  • operate the website and improve performance,
  • measure traffic and page effectiveness,
  • measure advertising performance (including Google Ads).

You can manage cookies through your browser settings. Blocking cookies may affect website functionality.

7) Marketing communications

We may contact you about services you request and, where permitted, send marketing communications.

You can opt out of marketing at any time by using an unsubscribe option (if provided) or by contacting us at asc@aussec.com.au.

8) Information security

We maintain an information security program aligned to ISO/IEC 27001 principles to protect personal information against misuse, interference, loss, unauthorised access, modification or disclosure. Controls may include:

  • Governance & policies: documented security responsibilities and procedures
  • Access control: least-privilege access, role-based permissions, MFA where available
  • Encryption: encryption in transit (TLS) and encryption at rest where supported
  • Logging & audit trails: monitoring and review of access and administrative actions
  • Secure configuration & change management: controlled updates and hardening practices
  • Vendor/supplier security: due diligence and security obligations for key service providers
  • Incident response: processes to identify, respond to, and learn from security incidents
  • Backups & continuity: backups and recovery planning for availability of key systems
  • Training & awareness: staff awareness of privacy, phishing and data handling requirements

While we take reasonable steps to protect information, no system is guaranteed to be completely secure.

9) Data retention and disposal

We keep personal information only for as long as necessary to:

  • provide services and support,
  • comply with legal and financial recordkeeping requirements,
  • manage disputes and enforce agreements,
  • maintain security and audit records where appropriate.

When information is no longer required, we take reasonable steps to securely delete, de-identify, or destroy it.

10) Access and correction

You may request access to personal information we hold about you and request corrections if it is inaccurate, incomplete or out of date.

To make a request, contact asc@aussec.com.au. We may need to verify your identity before processing the request.

11) Complaints

If you have a privacy complaint, contact us and we will investigate and respond within a reasonable time.

If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner (OAIC)https://www.oaic.gov.au/

12) Changes to this Privacy Policy

We may update this Privacy Policy from time to time. The current version will be published on our website with the updated effective date.

Still have a question?

Call us Today

Contact