Skip to main content

Legal

Privacy Policy

Last updated: February 2026 · Cliffside Cybersecurity Pty Ltd

Overview

Cliffside Cybersecurity Pty Ltd (ACN 600 983 140) ("Cliffside", "we", "us") is committed to protecting your personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

This policy explains what personal information we collect, how we use it, when we disclose it, and how you can access and correct it. By using our website or engaging our services, you agree to the collection and use of information as described in this policy.

What personal information we collect

We collect personal information that is reasonably necessary for our business functions. This may include:

  • Contact information: full name, business email address, phone number, organisation name, and role or title
  • Enquiry information: details you provide when completing the Lighthouse Assessment consultation request form or contacting us directly, including your primary driver for engagement and any project details you share
  • Technical information: IP address, browser type, referring URL, pages visited, and time on site — collected automatically via website analytics tools
  • Service delivery information: information collected during engagement scoping, assessment activities, and report delivery, to the extent personal information is involved

We do not collect sensitive information (such as health, financial account, or government identifier information) unless it is directly relevant to a specific engagement and you have consented.

How we collect it

We collect personal information primarily through:

  • The Lighthouse Assessment consultation request form on our website
  • Direct email and phone enquiries
  • Business card exchange and in-person meetings
  • Engagement letters, statements of work, and service delivery documentation
  • Automated website analytics (see Cookies section below)

Where practicable, we collect personal information directly from you. In some cases we may receive it from third parties (for example, a referral from a partner organisation), in which case we will take reasonable steps to notify you.

How we use your information

We use your personal information to:

  • Respond to your consultation requests and enquiries
  • Provide cybersecurity advisory, assessment, and implementation services
  • Send service-related communications, including assessment reports and recommendations
  • Send occasional updates about Cliffside services, insights, and events — you can opt out at any time
  • Improve our website and understand how visitors engage with our content
  • Meet our legal and regulatory obligations

We will not use your personal information for a purpose that you would not reasonably expect, and we will not use it for direct marketing from third parties.

Disclosure to third parties

We do not sell, rent, or trade your personal information. We may share it in limited circumstances:

  • Service providers: we use third-party tools for email delivery, website analytics, and CRM. These providers process data on our behalf under contractual data protection obligations
  • Professional advisers: lawyers, accountants, and auditors where necessary for our business operations
  • Legal requirements: if required by law, court order, or regulatory authority
  • Business transfers: in the event of a merger or acquisition, subject to appropriate confidentiality obligations

Where we disclose personal information to overseas recipients (for example, cloud infrastructure providers with servers outside Australia), we take reasonable steps to ensure those recipients handle information consistently with the APPs.

Security

We take the security of personal information seriously — as you would expect from a cybersecurity consultancy. We implement technical and organisational controls appropriate to the sensitivity of the information held, including access controls, encryption in transit and at rest, and staff security awareness training.

No transmission over the internet is completely secure. If you believe your information has been compromised, please contact us immediately at our contact form.

Cookies and analytics

Our website uses cookies and similar tracking technologies to understand how visitors use the site. This may include analytics tools (such as Google Analytics) that collect anonymised data about page views, session duration, and navigation paths.

You can control cookies through your browser settings. Disabling cookies will not prevent you from using the site but may affect the quality of your experience.

Access and correction

Under the Privacy Act 1988 (Cth), you have the right to access the personal information we hold about you and to request corrections if it is inaccurate, incomplete, or out of date. To make a request, contact us using the details below. We will respond within 30 days. We may decline access in limited circumstances permitted by the APPs, and will explain our reasons if we do.

Complaints

If you believe we have breached the APPs or otherwise mishandled your personal information, please contact us in the first instance so we can attempt to resolve the matter. If we are unable to resolve your complaint satisfactorily, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au (opens in new tab) or by calling 1300 363 992.

Changes to this policy

We may update this policy from time to time to reflect changes in our practices or applicable law. The current version will always be available at cliffside.com.au/privacy/. Material changes will be notified via a notice on our website.

Contact us

For privacy enquiries, access requests, or complaints, contact our Privacy Officer:

Cliffside Cybersecurity Pty Ltd
Level 1, 66 King Street, Sydney NSW 2000
our contact form
(02) 8916 6389