Privacy Policy

Last Modified: May 2024

1. Privacy Statement
TARIAN CYBER PTY LTD (ABN 17 660 153 471) (we/our/us) provides a range of data security and cyber response services.
We consider your privacy to be important and we take our responsibility to protect it seriously. We understand that you are concerned about your privacy, along with the confidentiality and security of any personal information provided to us.

This Privacy Policy describes how we collect, use, process, and disclose (Process) your data (which includes any information you provide that may be able to identify you personally) in conjunction with your access to and use of any of the products, services, websites and platforms that we offer (referred to collectively as our Services).

2. Personal and Sensitive Information

2.1 Personal Information
Personal information is information or an opinion of an individual whose identity is apparent or can be reasonably ascertained. We store personal information that is provided to us as a part of our business, or that is provided to us using our Services.

Due to the nature of some of the services we provide it is generally impractical for us to deal with you without knowing your name and your contact details. However, where it is practical for us to do so, we shall provide you with the option to deal with us anonymously or by using a pseudonym.

The Personal information collected by us may include your:
(a) full name;
(b) contact details such as mobile number, telephone number and email address;
(c) business address;
(d) your reasons for becoming a customer;
(e) your transactional data;
(f) your preferences and opinions relating to our products and services;
(g) your payment details including your credit card information; and
(h) all logs, which may include information such as your internet protocol (IP) address, browser type, browser version, clickstream data, referring URLs, the pages of our Site that you visit, the time spent on any pages of our Site and other log related information relating to your use of our Site.

We endeavour to only collect personal information where it is reasonably required.

2.2 Sensitive information
We do not knowingly collect or use any health-related information or any data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, sex life, or sexual orientation, criminal convictions and offenses, trade union membership, or genetic or biometric data.

2.3 Information about minors
We do not knowingly collect or use data from children under 18. If a parent or guardian becomes aware that his or her child has provided us with data, that parent or guardian should contact us. If we become aware that a child has provided us with Personal Information, we will delete such information from our files.

3. Basis for collection

In general we use Personal Information for providing, evaluating, improving, personalising and developing our business, our website, our platforms and our associated products and services. More specifically we use personal information for:
(a) establishing and maintaining your relationship as our customer;
(b) providing any products and services you have requested from us;
(c) administering and managing products and services provided to you;
(d) answering your inquiries and providing you support;
(e) improving user satisfaction, particularly with regard to our Services;
(f) promoting and marketing our services to you (each person may opt-out of direct marketing and sales communications);
(g) our internal research and statistical purposes;
(h) enabling us to forward to you other information or material which we believe may be of interest to you (each person may opt-out of our information sharing communications);
(i) situations in which we may be required to Process your data to comply with a law or Court order; and
(j) in certain circumstances we may request that you specifically consent to our Processing of your data. Where we do so, we will provide an explanation of the nature of the Processing to which you are consenting. If we have requested your consent, you can withdraw your consent at any time by contacting us using the contact information set out below.

4. Ways that we collect information

4.1 We collect data in a variety of ways from those interacting with us, including:
(a) through our website https://tarian.com.au (Site);
(b) through our account creation processes when you engage with us with respect specific services;
(c) from other interactions with us, whether by telephone, email, ordinary mail or any other electronic or online means;
(d) through any of our other business activities or events;
(e) where your customer, client or personnel data is migrated to our hosting platforms; and/or
(f) where you otherwise voluntarily provide us with your data (for example, where you respond to a survey or feedback request).

4.2 Cookies
We may utilise "cookies" through our Site which enable us to monitor traffic patterns and to serve you more efficiently if you revisit our Site. A cookie does not identify you personally, but it does identify your computer. You can set your browser to disable cookies or to notify you when you receive a cookie and provide you with an opportunity to either accept or reject it in each instance. If you disable cookies, you may not be able to access certain areas or features on our Site.

4.3 Web Beacons
Web beacons (also known as clear gifs, pixel tags or web bugs) are tiny graphics with a unique identifier, similar in function to cookies, and are used to track the online movements of web users or to access cookies.

Unlike cookies which are stored on the user’s computer hard drive, web beacons are embedded invisibly on web pages (or in e-mail). Web beacons may be used to deliver or communicate with cookies, to count users who have visited certain pages and to understand usage patterns.

Like many sites, we use web beacons to collect information which is done in accordance with this Policy.

5. Why We Collect Your Data

5.1 Purposes of collecting data from your interactions with us
Generally, we only use data for providing, evaluating, improving, personalising and developing the Services and our Site. More specifically we use data to:
(a) enable you to interact with and use our Site;
(b) provide Services;
(c) perform internal research and statistical analysis;
(d) promote and market our Services;
(e) improve our Services or the Site;
(f) deal with your enquiries; and
(g) prosecute and defend any allegations of wrongdoing or unlawfulness.

5.2 Ancillary use of data from your interactions with us
Typically, we will only Process data for the reasons set out in clause 5. However, in some circumstances, we may use data for reasons other than those specifically identified above. We will only do so where:
(a) you would reasonably expect us to use or disclose the data;
(b) you have consented to our Processing of your data for some other purpose; or
(c) the use or disclosure of the data is required or authorised by law, the order of a regulatory authority, or a court or tribunal.

5.3 Anonymising personal data obtained from interactions with us
When using data for the purposes contemplated in clauses 6.1.and 6.2, we use our best endeavors to anonymise that data such that any personally identifiable information is removed wherever it is not strictly necessary to pursue our legitimate business interests.

5.4 Direct Marketing
Where data is being used for direct promotional or marketing purposes, whether provided by us or an associated entity or a third party, we will obtain your consent. You may at any time decline to receive further offers by opting out.

Please be aware that opting out of a direct marketing communication will only unsubscribe you from the enterprise that have contacted you directly. Please let us know if you want to unsubscribe from all direct marketing that originates from us (excluding our associated entities) by emailing us using the contact information provided in this Privacy Policy.

6. Disclosure

6.1 Disclosure Generally
We do not disclose your Personal Information to any third party without your personal consent. However, if you are an employee of a company that has created a personal account or signed up to utilise one of our Services, we will make any personal information that you have provided to us available to your employer.

Aside from the above, we will only disclose personal information as legally required – either upon valid court order, as required under the Privacy Act, to external service providers so that they can provide financial, administrative, or other service in connection with the operation and improvement of our business, or where compelled by a law enforcement or governmental agency.

6.2 Data Storage Location
We store all personal information that we collect on cloud servers that are hosted in Australia. We store information in multiple locations for both security and resiliency purposes. We have implemented security measures to protect the security of your data. However, as with any transfer of data, there are still risks of data breaches.

6.3 Use of Google Analytics
We may from time to time use Google Analytics on our Site, a web analysis service operated by Google Inc. (“Google“). Google Analytics uses cookies (text files) which are sorted on your computer and which allow for analysis of your visits to be conducted. Information concerning your visit produced through cookies (including IP address) will be transferred to and stored on a server in the United States of America operated by Google. Google will analyse this information to produce a report for the operator on Site usage and online usage of associated services. Google may also transfer this information to third parties either where this is required by law or where third parties are contracted by Google to Process data. Google will not allow your IP address to be linked to any other data.

You can find Google's privacy policy here: http://www.google.com.au/policies/privacy/.

7. Security
We use industry best practices to protect data that we deal with from:
(a) misuse, interference and loss; and
(b) unauthorised access, modification or disclosure.

The precautionary steps we take to protect personal information include:
(a) adopting appropriate and up-to-date technological protection measures to protect our computer systems and networks for storing, processing and transmitting personal information;
(b) adoption of procedural and personnel measures for limiting access to personal information by our staff;
(c) reviewing our information collection, storage and processing practices; and
(d) such other security measures we consider reasonable and appropriate from time to time.

All staff and third-party providers with access to data, including third-party data storage providers, are required to comply with appropriate information security industry standards.

Although we work to ensure our security systems align with industry best standard, there is always risk associated with the transmission of information via the internet.

You acknowledge that we cannot guarantee the security of any data transmission, and as such all data transmissions are entirely at your risk. Once we have received your data, we will take reasonable steps to use procedures and security features to try to prevent unauthorised access, modification or disclosure.

8. Third parties
Our Site and promotional material may contain links to other sites that are not operated by us. If you click on a third party link, you will be directed to that third party's site. We strongly advise you to review the privacy policy of every site you visit.

We have no control over, and assume no responsibility for, the content, privacy policies, or practices of any third party sites, products or services whatsoever, including those of our clients.

We enter into legal contracts with each of our clients which contractually require them to adhere to applicable privacy laws and self-regulatory advertising codes. Ultimately, the collection, processing, use and disclosure of your information by our clients is managed by our client’s under their own privacy policies.

We encourage you to read the terms and policies of all third-party sites, apps or services that you visit or interact with.

9. Data Rights and Retention

9.1 Destruction and Erasure of data
(a) We will only retain your data whilst it is required for the purpose for which it was collected (for example, to provide our contractual services to you, or for our legitimate business purposes). When we no longer require the data, we will take all reasonable steps to destroy the information, or to ensure the information is deidentified (unless we are required to retain the data by law, a regulatory authority or the order of a court or tribunal).
(b) Notwithstanding the above, you have the right to request the erasure of your data. If you wish to have your data erased, please let us know and we will take all reasonable steps to destroy it, unless we need to keep it to comply with a law, or the order of a regulatory authority, court or tribunal. Where we have provided your data to a third party, we will take reasonable steps to ensure that party also deletes your data.

9.2 Access to data
We will provide you with access to your personal information held by us unless:
(a) giving access would be unlawful;
(b) giving access would result in a breach of our contractual obligations to another party; or
(c) denying access is required under the Privacy Act or any other applicable law.

9.3 Request for Access
If you would like access to your personal information aside from your account information, you must contact us in writing making such a request. You may contact us via email at privacy@tarian.com.au We will respond to your request and either provide you with the data you have requested, or notify you when we will provide you with your data. Any data requested will be provided within 30 days of your request, unless we are unable to provide you with access to the data because, for example, doing so would breach the law, the ruling of a regulatory authority, or a court or tribunal order. If this is the case we will advise you of the reasons we cannot provide your data.

9.4 Use of Intermediaries
If you have requested access to your data and we are unable to provide you with that access, you may request that, where it is reasonable for us to do so, we engage a mutually agreed intermediary to deal with the data you have requested and that would allow you sufficient access to your data to meet your requirements.

9.5 Costs
We will not charge for providing an initial copy of your data. However, we reserve the right to charge for providing additional copies of data. If we do decide to charge you fees, such fees will not be excessive, and we will notify you of those costs prior to providing you with the data. We may require anticipated costs to be paid prior to providing you with additional copies of your data.

9.6 Data portability
Insofar as it does not adversely affect the rights and freedoms of others and where you have communicated a request to us:
(a) we will provide you with such data that we have collected about you in a structured, commonly used and machine-readable format; or
(b) after receiving your request, where technically feasible, we will transmit your data directly to another data processor or controller.

9.7 Correction of Personal Information
(a) We are obligated to ensure that data that we are Processing is kept accurate and up to date. Please notify us if any of your data changes, so that we may update our records.
(b) If at any time you wish to correct any data held by us, please contact us using the contact information contained in this Privacy Policy. We will correct your data to ensure that the information is accurate, up to date, complete, relevant and not misleading.
If we advise that we are unable to correct your data, for example due to a law, order of a regulatory authority or court or tribunal, we will notify you in this regard.
(c) If we correct data about you that we previously disclosed to another party, we will take reasonable steps in the circumstances to give that party notification that the data has been corrected, unless it is impracticable or unlawful to do so.

9.8 Restriction of Processing
You may request that we limit or restrict the way we Process your data. Where we are satisfied grounds for restriction exist, we will only Process your data:
(a) with your consent;
(b) for the establishment, exercise or defense of legal claims against us; or
(c) for the protection of the rights of another natural or legal person.

10. Complaints
If you believe that we have used or disclosed your data in a manner which is contrary to this Privacy Policy or otherwise breaches an applicable law, then you should contact us using the contact information in this Privacy Policy. We will happily work with you to address any concerns that you may have.

Within 30 days of receipt of your complaint we will notify you in writing as to what action we propose to take in relation to your complaint and will provide you with details of what further action you can take if you are not satisfied with our response.

You also have the right to lodge a complaint with the relevant supervisory authority in your jurisdiction. If you are in Australia, you may lodge your complaint with the Office of the Australian Information Commissioner. Information on making a privacy complaint can be found on their website at http://www.oaic.gov.au/privacy/making-a-privacy-complaint.

If you are unsure who your relevant supervisory authority may be, please contact us so that we may provide you with assistance.

11. Variations
We reserve the right to vary this Privacy Policy from time to time to ensure that we remain up to date with market expectations, the law and technological advances. Any variations to this Privacy Policy will be published on our Site.

It is your responsibility to check our Privacy Policy periodically to ensure you are aware of any changes made to it.