Privacy Policy

ViCyber Pty Ltd (“ViCyber”, “we”, “us”, or “our”) is committed to protecting the privacy of individuals and managing personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). This Privacy Policy outlines how we collect, use, disclose, store, and protect personal information. It also describes your rights to access and correct your information and how to lodge a privacy complaint.

We review our privacy practices regularly to ensure compliance with applicable laws and to incorporate changes in technology or business practices. The most current version of this policy will always be available on our website: https://vicyber.com.au/privacy. 

1. Open and Transparent Management of Personal Information (APP 1)

ViCyber ensures that personal information is handled transparently and securely. This policy outlines: 

• The types of personal information we collect; 

• How it is collected, used, and disclosed; 

• How you can access and correct it; 

• How to make a privacy complaint; 

• Whether information is likely to be disclosed overseas.

2. Anonymity and Pseudonymity (APP 2) 

Where lawful and practicable, ViCyber allows individuals to interact anonymously or via pseudonym. However, in most circumstances—such as delivering services or fulfilling regulatory obligations—identifying information is necessary. 

3. Collection of Personal Information (APP 3)

Types of personal information we may collect include: 

• Name, address, email, and phone number; 

• Employment and background information (e.g. CV, references, criminal record); 

• Financial details such as bank account or payment information; 

• Information submitted via forms, portals, or during service delivery. 

Sensitive information: 
ViCyber does not collect sensitive personal information unless required by law or consented to for a specific, lawful purpose. This includes racial or ethnic origin, political opinions, religious beliefs, sexual orientation, and health data. 

How we collect information: 

• Directly from you via our website, client portals, forms, meetings, phone calls, and emails; 

• Through recruitment or contractual engagement processes; 

4. Dealing with Unsolicited Personal Information (APP 4) 

If ViCyber receives personal information that was not requested and it is not reasonably necessary for our functions or activities, we will take steps to destroy or de-identify it as soon as practicable, unless required by law to retain it. 

5. Notification of Collection (APP 5) 

ViCyber takes reasonable steps to notify individuals about: 

• The fact and purpose of the collection; 

• The types of information collected; 

• Our contact details; 

• Any disclosure to overseas recipients; 

• Their rights to access and correct information; 

• How to lodge a complaint. 

This notice may be provided via this policy, online forms, or direct communications at or before the time of collection. 

6. Use or Disclosure of Personal Information (APP 6) 

ViCyber may use or disclose personal information for: 

• Delivering cybersecurity and advisory services; 

• Engaging contractors or consultants; 

• Maintaining client relationships; 

• Complying with legal obligations. 

7. Direct Marketing (APP 7) 

ViCyber does not use personal information for direct marketing unless explicit consent is obtained. You may opt out of receiving such communications at any time. 

8. Cross-border Disclosure of Personal Information (APP 8) 

ViCyber may disclose personal information to overseas service providers when necessary to provide services. Before doing so, we: 

• Notify affected individuals; 

• Ensure the recipient adheres to privacy protections substantially similar to the APPs or seek your consent; 

Take reasonable steps to ensure compliance with Australian privacy standards. 

9. Adoption, Use or Disclosure of Government Identifiers (APP 9)

ViCyber does not use government-related identifiers (e.g. TFNs, Medicare numbers) as internal identifiers. Such identifiers are only used when required by law or to interact with government agencies. 

10. Quality of Personal Information (APP 10) 

ViCyber takes reasonable steps to ensure that personal information is accurate, complete, and up-to-date. We encourage individuals to notify us of any changes or inaccuracies. 

11. Security of Personal Information (APP 11) 

We protect personal information using: 

• Access controls and authentication protocols; 

• Staff training in secure data handling; 

• Regular audits of data protection systems; 

• Secure storage and data retention policies. 

Data retention: 
We retain personal data only for as long as necessary to fulfill its purpose or comply with legal obligations. Once no longer needed, data is securely destroyed or de-identified. 

In case of a data breach: 
ViCyber follows a documented Cyber Incident Response Plan. If a breach is likely to cause serious harm, we notify affected individuals and report the breach to the Office of the Australian Information Commissioner (OAIC). 

12. Access to Personal Information (APP 12) 

To request access to the personal information ViCyber holds about you, contact: 

Privacy Officer 
Prateek Shrivastava 
ViCyber Pty Ltd 
Level 1.07, 29 Lexington Drive, Bella Vista NSW 2153 
📧 Email: [email protected] 

We will respond to all requests within 30 days in accordance with privacy laws. 

13. Correction of Personal Information (APP 13) 

You may request correction of your personal information if it is inaccurate, incomplete, or outdated. Please contact our Privacy Officer using the details above. We will take reasonable steps to correct the information promptly. 

For further information on privacy rights and protections, visit the Office of the Australian Information Commissioner at: www.oaic.gov.au