Privacy Policy

1. Who we are

Vanguard Cyber is the website operator and service provider described in this policy. If you have questions or wish to exercise your privacy rights, please contact us using the details in section 9.

2. What personal information we collect

We may collect personal information that you provide to us, such as:

• Your name and contact details (e.g., email and phone number)
• Information included in messages you send to us (e.g., service enquiries)
• Business and professional information you provide when requesting services
• Information about your use of our website (e.g., device/browser details and pages viewed)

We may also collect other information where it is reasonably necessary for the purposes described below.

3. How we collect personal information

We collect personal information in a number of ways, including:

• When you submit enquiries or forms on this website
• When you contact us by email or other communication channels
• When you engage our services (e.g., to schedule consultations or engagements)
• Automatically when you access our website (e.g., via standard web server logs and cookies/technologies, where applicable)

4. Purposes for collecting, using and disclosing personal information

We use personal information for purposes including:

• Providing and managing services such as penetration testing, security assessments, and compliance audits
• Responding to your enquiries and communications
• Managing business relationships (including scheduling, administration, and support)
• Improving our website and services
• Meeting legal and regulatory obligations

The legal basis for processing depends on the circumstances and the APPs (e.g., where we have consent, where the processing is required for performance of a contract, or where it is otherwise permitted under the Privacy Act).

5. Disclosure to others

We may disclose personal information to:

• Professional advisers and contractors who assist with our services
• Service providers that support our operations (e.g., website hosting and IT systems)
• Entities authorised or required by law (e.g., regulators)

Where disclosures are made, we aim to do so in a manner consistent with the Privacy Act and the APPs.

6. Overseas disclosure

We may disclose personal information to overseas recipients, including service providers. When we do, we take reasonable steps to ensure that the handling of that personal information is protected in accordance with the Privacy Act (including APP 8 obligations where relevant).

7. Direct marketing

We may send you marketing communications where permitted by law. You can opt out of receiving direct marketing at any time by using the unsubscribe/contact option in the relevant communication or by contacting us (see section 9).

8. Access, correction and complaints

Under the Privacy Act, you may request:

• Access to your personal information
• Correction of your personal information
• Information about how we handle your personal information

If you have a privacy complaint, we will investigate and respond. If you are not satisfied with our response, you may be able to complain to the Office of the Australian Information Commissioner (OAIC).

9. Security

We take reasonable steps to protect personal information from misuse, interference, and loss, and from unauthorised access, modification or disclosure. No security measure is perfect, and we cannot guarantee absolute security.

10. Retention

We retain personal information only for as long as necessary for the purposes described in this policy, or as required by law.

11. Changes to this policy

We may update this privacy policy from time to time. The updated version will be posted on this page.