Privacy Policy for IT Security Services

---

MSI Solutions Pty Ltd ('MSI Solutions', 'we', 'us', 'our') is an IT security company based in Australia. We are dedicated to data protection and safeguarding the privacy of everyone who interacts with our business, website, and services, particularly concerning their personal information. 

This Privacy Policy outlines how we collect, use, disclose, store, and protect your personal information in line with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs) contained in that Act. 

By using our website or engaging our services, you consent to the data protection practices described in this Privacy Policy. If you do not agree, please refrain from using our website or providing us with your personal information.

We collect personal information that is reasonably necessary to provide our IT security services and operate our business in accordance with our privacy policy. The types of information we may collect include: Information you provide to us directly: Full name and job title, business name and ABN, contact details including email address, phone number, and business address, information submitted through contact forms, quote requests, or service enquiries, payment information (processed securely via third-party payment providers), and information provided during security assessments, audits, or service engagements. Information collected automatically includes: IP address and browser type, pages visited and time spent on our website, device type and operating system, referring website or search terms, and cookie data (see Section 7). We collect personal information only by lawful and fair means, ensuring robust data protection practices. We will not collect sensitive information (such as health or financial data beyond what is strictly necessary for service delivery) without your explicit consent.

We use the personal information we collect for the following purposes: To provide, manage, and improve our IT security services and products, ensuring compliance with our privacy policy. To respond to enquiries, support requests, and service proposals. To process payments and manage billing. To send you service updates, security alerts, or information relevant to your engagement with us. To send marketing communications (only where you have opted in or where permitted by law). To comply with legal and regulatory obligations related to data protection. To conduct security assessments and deliver tailored recommendations. To improve the functionality and content of our website. To protect our business and prevent fraud, misuse, or cybersecurity incidents. We will not use your personal information for any purpose that is incompatible with the purposes described above without your consent or unless required by law.

We prioritize the data protection of your personal information with the utmost confidentiality. We do not sell, rent, or trade your personal information to third parties for their marketing purposes. Our privacy policy ensures that your information remains secure. 

We may disclose your personal information to third parties under the following circumstances:

- **Service providers**: Trusted third-party suppliers who assist us in delivering services (e.g., cloud hosting, CRM software, payment processors, email platforms). These parties are bound by confidentiality agreements and are prohibited from using your information for any other purpose.

- **Professional advisers**: Legal, accounting, or insurance professionals where necessary for our business operations.

- **Regulatory authorities**: When we are required by law, court order, or regulatory obligation to disclose information.

- **Business transfers**: In the event of a merger, acquisition, or sale of our business assets, where your information may be transferred as part of that transaction (with appropriate privacy protections in place).

When we disclose your information to overseas recipients, we take reasonable steps to ensure that those recipients handle it in accordance with Australian privacy laws.

As an IT security company, we take the protection of your data extremely seriously, prioritizing data protection in every aspect of our operations. We implement industry-leading technical and organizational measures to safeguard your personal information, including: 

- Encrypted data transmission (TLS/SSL) across all web communications 

- Secure server infrastructure with access controls and monitoring 

- Role-based access - only authorized personnel can access personal information 

- Regular security audits and vulnerability assessments of our own systems 

- Staff security awareness training aligned with our own service standards 

Your data is stored on servers located in Australia, or in jurisdictions with equivalent data protection standards, where cloud services are utilized. 

We retain personal information only for as long as necessary to fulfill the purposes described in our privacy policy or as required by law. When no longer needed, data is securely deleted or de-identified. 

While we implement best-practice security controls, no method of electronic transmission or storage is 100% secure. We encourage you to take steps to protect your own information, including using strong passwords and being aware of phishing.

Under the Australian Privacy Principles, you have the right to: Access the personal information we hold about you; Correct any personal information that is inaccurate, out of date, incomplete, irrelevant, or misleading; Request deletion of your personal information where it is no longer necessary for the purposes for which it was collected (subject to legal retention requirements); Opt out of marketing communications at any time by clicking "unsubscribe" in any email or contacting us directly; Lodge a complaint with us or with the Office of the Australian Information Commissioner (OAIC) if you believe we have mishandled your information in relation to our privacy policy. To exercise any of these rights regarding data protection, please contact our Privacy Officer (see Section 10). We will respond to all access and correction requests within 30 days. We will not charge a fee for access requests unless the request is particularly complex or resource-intensive, in which case we will notify you in advance.

Our website uses cookies and similar technologies to enhance your experience while ensuring data protection and helping us understand how visitors use our site. Cookies are small text files stored on your device by your browser that may collect personal information.

We use the following types of cookies:

Essential cookies: Required for the website to function properly. These cannot be disabled.

Analytics cookies: Help us understand visitor behavior and improve our website (e.g., Google Analytics). These are anonymized where possible to protect your privacy.

Marketing cookies: Used to deliver relevant content and track the effectiveness of our marketing campaigns. These are only activated with your consent.

You can control cookies through your browser settings. Disabling certain cookies may affect the functionality of our website. For more information about our privacy policy, visit www.oaic.gov.au or consult your browser's help documentation.

Our website may contain links to third-party websites, tools, or resources. These links are provided for your convenience and information only. MSI Solutions has no control over the content or privacy practices of these external websites. We are not responsible for the privacy policies, data protection measures, or security of any third-party site. We encourage you to review the privacy policy of any external site you visit before providing your personal information.

We may update this Privacy Policy from time to time to reflect changes in our data protection practices, technology, legal requirements, or business operations. When we make material changes to how we handle personal information, we will: Update the "Last Updated" date at the top of this page, notify existing clients via email if the changes significantly affect their information, and post a notice on our website where appropriate. We encourage you to review this page periodically to stay informed about how we protect your information. Your continued use of our website or services after changes are posted constitutes your acceptance of the updated privacy policy.

If you have any questions, concerns, or complaints regarding this privacy policy or how MSI Solutions manages your personal information and data protection, please reach out to our Privacy Officer: email: support@msisolutions.com.au