Who we are?
LokuSec Pty Ltd (LokuSec) is an Australian Company that is committed to taking reasonable steps to ensure we align to the Privacy Act 1988 (Cth). Our website address is: https://www.lokusec.com. Please read this policy carefully. By using this website, it signifies you have read, understood and agree to the conditions outlined within this policy. Please stop using the website if you do not agree.
What is personal information?
The Privacy Act defined ‘personal information’ as:
‘Information or an opinion about an identified individual, or an individual who is reasonably identifiable:
- Whether the information or opinion is true or not; and
- Whether the information or opinion is recorded in a material form or not’
What personal information we may collect?
We may collect certain types of Personal Information as you interact with our website and make use of the website services, such as:
- Information you provide voluntarily through the use of any contact forms, direct enquiries, reports, or other forms such as your name, email address and phone number,
- Technical information such as the Internet Protocol (IP) address of your machine and meta data associated to the IP address (such as country of origin of the machine, browser used, operating systems and platforms),
- The data you input into a search form field on our website and the results that populate from the ratings engine (see www.lokusec.com/security-ratings) which may include personal information populated from other publicly available resources,
- Cookies used for analytics, advertising, navigational or security purposes,
- Information provided by prospective employees.
Why we collect Personal Information?
We may collect this information for the following reasons:
- Enable us to communicate with you, providing support, updates and/or news,
- Internal operations to ensure the website services are functioning correctly, conducting analysis and testing,
- Keeping the website security enhanced,
- Analyse the interactions with our website from users that interact with it,
- Assess the suitability of prospective employees to determine suitability for employment.
Who we share your data with?
We may use the information we collect to provide and/or enhance our services, which can include:
- Providing customer testimonials on the website or promotional material where there is consent from that customer,
- Providing your information to our partners in order to deliver services as part of our contractual agreement with you,
- Providing your information to third parties, who may provide support and/or facilitate operations in order to provide services.
We will not sell your data to third parties.
We will ensure third parties that have a contractual agreement with LokuSec are aware of their responsibility to protect and safeguard the information we share with them, and not use any personal information provided to them outside of the requirements of the agreement.
Third parties used by www.lokusec.com include (but not limited to):
How long we retain your data?
Data retention in the modern world is challenging, and we face this challenge head-on by understanding our digital landscape and footprint.
Where we make use of third-party services in order to provide services to you, the information stored on those third-party systems are subject to the retention policies of those third parties, who may also leverage third parties. We implement guardrails for this scenario where we prioritise third party services that retain data within Australia, selecting third parties with security in-mind, and ensuring the data is retained only for as long as it is required. We follow this same principle but also acknowledge that your information may be processed or stored in jurisdictions outside of your own with different laws applicable.
What rights you have over your data?
What rights an individual has under the Privacy Act can be reviewed by resources made available by the Australian Government Office of the Australian Information Commissioner (OAIC).
You can request that we erase any personal data we hold about you by contacting firstname.lastname@example.org. This does not include any data we are obliged to keep for administrative, legal, or security purposes. We may need to verify your identity before implementing the request.
You also have the option of not identifying yourself, stop receiving unwanted direct marketing, ask for personal information to be corrected or make a complaint. To action any of these requests, please contact us at email@example.com.
How we protect your data
We implement a defence-in-depth approach to securing the information you provide to us. Some of the security controls in place are, but not limited to:
- Selection of appropriate suppliers with security experience and controls,
- Contractual obligations with our suppliers,
- Use of encryption-at-rest and encryption-in-transit,
- Access control processes to access information,
- Physical security controls to access information,
- Handling controls requirements for information,
- Alignment to industry best practice security controls.
What data breach procedures we have in place
Where a data breach is likely to result in serious harm to an individual whose personal information is involved, LokuSec will notify the affected individuals and the OAIC under the Notifiable Data Breaches scheme. LokuSec also maintains their own data breach / incident response policy and procedures.
If you have any concerns or inquiries, please contact us at firstname.lastname@example.org.