How we handle your information.

Interconnekt Pty Ltd (ABN 52 702 542 839) (“Interconnekt”, “we”, “us”, “our”) is bound by the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). This policy describes how we collect, use, hold, and disclose personal information about individuals who visit this website or interact with our business.

What we collect

We only collect personal information that is reasonably necessary for our business activities. The categories we collect are:

• Contact information (name, email, phone, company) when you submit a ticket through our HaloPSA self-service portal embedded on the contact page, book a consultation, subscribe to our newsletter, or email us directly.
• Email address when you subscribe to our newsletter or blog post notifications. We record the timestamp of your subscription and confirmation for compliance purposes.
• Whitepaper download requests- when you request a whitepaper PDF, we collect your email address; an optional free-text answer to the qualifying question on the download form; your IP address; your browser user agent; and a timestamp. These are collected to deliver the requested PDF by email, to inform our sales conversation if you have indicated a relevant decision context, and to maintain a consent and delivery audit trail. See “Whitepaper downloads” below for storage and retention detail.
• Technical information automatically recorded by our hosting provider and analytics tools - IP address, browser type, pages visited, referring URL. This is aggregated and not used to personally identify individual visitors beyond security monitoring.
• Business contact information of individuals at organisations we work with or communicate with in the course of providing managed IT services. Information about an organisation itself is not personal information, but information about identifiable individuals within it is, and is handled under this policy.

Sensitive information

We do not collect sensitive information (as defined in section 6 of the Privacy Act 1988) such as health information, racial or ethnic origin, political opinions, religious beliefs, sexual orientation, or criminal record. We will only do so with your explicit consent and where it is reasonably necessary for our activities, which we do not anticipate in the ordinary course of running this website.

Government identifiers

In accordance with Australian Privacy Principle 9, we do not adopt, use, or disclose government-related identifiers (such as Tax File Numbers, Medicare numbers, or driver licence numbers) as our own identifiers for individuals.

Why we collect it

• To respond to your inquiries and deliver services you request.
• To send you the newsletter you subscribed to, and to send individual blog posts if you opted in for those.
• To deliver whitepapers you have requested and, where you have indicated a relevant decision context, to follow up with relevant information.
• To operate, secure, and improve this website.
• To meet our legal and contractual obligations.
• To contact existing customers about their services, billing, and related operational matters.

Who we share it with

We do not sell personal information. We share it only with processors who help us run the services you interact with, and only to the extent necessary:

• Microsoft Azure (hosting, storage, logs) - Australia-based data centres where possible.
• Sanity (content management) - United States and EU.
• Resend (newsletter delivery) - United States.
• Plausible Analytics (privacy-focused web analytics) - European Union. Plausible does not use cookies and does not collect personally identifiable information.
• HaloPSA (ticketing, embedded on our contact page) - United Kingdom.
• Microsoft 365 (email, document storage) - Australia.
• Professional advisers (accountants, auditors, lawyers) and government agencies where required by law.

Transfer of personal information to overseas processors is covered by Australian Privacy Principle 8. By using our services or subscribing to our communications, you consent to this transfer. We also take reasonable steps to ensure that overseas recipients handle personal information consistently with the APPs, including selecting providers with strong security postures and contractually binding them to appropriate data handling practices.

How we protect it

• Credentials and API keys are stored in Azure Key Vault, never in application code or configuration files.
• Server-to-server access uses Azure managed identity wherever possible, eliminating shared secrets.
• All traffic to and from this site is encrypted in transit via TLS 1.2+.
• Storage at rest uses provider-level encryption (Azure Storage Service Encryption, Sanity Content Lake encryption, Resend encrypted storage).
• Access to personal information is restricted to Interconnekt staff on a need-to-know basis.
• We comply with the Notifiable Data Breaches scheme (Part IIIC of the Privacy Act 1988). If a data breach occurs that is likely to result in serious harm to affected individuals, we will notify those individuals and the Office of the Australian Information Commissioner as soon as practicable.

Direct marketing

We send marketing communications (newsletter, blog post announcements) only to people who have explicitly opted in via a double opt-in flow. Every marketing email includes a clearly identified sender, our ABN, our registered address, and a one-click unsubscribe link. We do not share or sell our subscriber list. Operational communications to existing customers about their services or billing are separate and not considered direct marketing for the purposes of the Spam Act 2003 (Cth).

Whitepaper downloads

When you request a whitepaper PDF through our website, the following information is collected and stored:

• What is collected: your email address; an optional free-text answer to the qualifying question on the download form; your IP address; your browser user agent; and the request timestamp.
• Why it is collected: to deliver the requested PDF to your inbox via transactional email; to inform our sales conversation if you have indicated a relevant decision context in your answer to the qualifying question; and to maintain a consent and delivery audit trail as required under the Spam Act 2003 (Cth).
• Where it is stored:an audit row is written to Azure Table Storage (Microsoft Azure, Australia-based data centres where possible) at the time of your request. The transactional delivery email is sent via Resend (United States) - see “Who we share it with” for the APP 8 disclosure.
• How long it is retained: the Azure Table audit row is retained indefinitely as a consent and delivery record. To request deletion, email privacy@interconnekt.com.au with your email address and we will remove your record.
• Newsletter opt-in: if you tick the newsletter opt-in checkbox on the download form, that subscription is handled separately under a double opt-in flow and is governed by the newsletter terms described elsewhere in this policy. The whitepaper delivery itself is a transactional message and does not constitute marketing for the purposes of the Spam Act 2003 (Cth).

How long we keep it

We retain personal information only for as long as required for the purposes it was collected, or as required by law (for example, accounting records are retained for seven years under the Corporations Act).

• Newsletter subscribers - until you unsubscribe. After unsubscribe, we retain a suppression record (email hash only) for 12 months to prevent accidental re-subscription via imported lists.
• Whitepaper download audit rows - retained indefinitely as a consent record. Deleted on written request to privacy@interconnekt.com.au.
• Contact form submissions - retained in HaloPSA for the life of the ticket plus 12 months, or longer if the matter is ongoing.
• Server logs - retained for 90 days, then deleted or de-identified for long-term security analytics.

Your rights

Under the Australian Privacy Principles you have the right to:

• Request access to the personal information we hold about you (APP 12).
• Request we correct information that is inaccurate, out of date, incomplete, irrelevant, or misleading (APP 13).
• Request we delete your personal information where we no longer need it for the purposes it was collected (subject to legal retention obligations).
• Opt out of marketing communications at any time. Newsletter emails include an unsubscribe link. You can also email privacy@interconnekt.com.au.

We aim to respond to access and correction requests within 30 days. If a request is complex or requires us to consult with third parties, we may need longer and will keep you informed.

Cookies and tracking

We use Plausible Analytics, which is cookieless and does not personally identify visitors. We set one first-party cookie (or equivalent storage) to remember your theme preference (light or dark). We do not use advertising cookies, tracking pixels, or third-party cookies. More detail in our cookies policy.

Children

This website is directed at business and professional audiences and is not designed for use by children. We do not knowingly collect personal information from people we know to be under 16. If you believe we have inadvertently done so, please contact us to have it removed.

Changes to this policy

We may update this policy from time to time. The effective date at the top of the page reflects the most recent change. Material changes will be communicated via our newsletter if you are subscribed, or via a banner on this website.

Contact and complaints

If you have questions about this policy, or wish to exercise any of your rights above, email privacy@interconnekt.com.au or write to us at:

If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner at oaic.gov.au.