Arxium PTY LTD. ("Arxium", "the Company", "we" "us" or "our") is a software consultancy that provides technology solutions, advisory services, and software development for clients. We are committed to respecting and protecting the privacy of individuals and organisations whose data we process.
This Privacy Policy explains the types of information we collect, how we use and share it, and the steps we take to keep it secure. By engaging our services or interacting with the Arxium website at arxium.com.au ↗ (out "Site"), you agree to the collection and use of information in accordance with this Policy.
1. Scope
This Policy applies to information collected through:
- Our website(s) and online platforms,
- Our professional and consulting services,
- All related communications, such as email correspondence or phone calls,
- Any other engagement or interaction with our Company where personal data or confidential information may be involved.
Because we work with highly regulated industries, we uphold strict security measures and confidentiality practices to meet relevant legal and regulatory standards.
2. Information We Collect
We may collect both personal and non-personal information in the course of providing our services or operating our website. The specific data collected may include:
2.1. Personal Identifiable Information (PII)
- Name, email address, phone number, and other contact details.
- Job title and employer information when relevant to the project.
- Identification details required by government contracts or security-clearance processes (where applicable).
2.2. Organisational Data
- Company or agency name, address, and related information.
- Financial and operational data necessary to carry out consulting services or projects, especially for banks and financial institutions.
- Project requirements, requests, communications, and deliverables..
2.3. Technical Information
- IP address, browser type, operating system, and other usage details when you access our websites or online portals.
- Log information (e.g., server logs, internal audits) for security and performance monitoring.
2.4. Sensitive Data
- Depending on our engagement, we may handle sensitive information such as financial records, regulatory filings, or personally identifiable data associated with government or banking operations. We process such data strictly under appropriate lawful bases and confidentiality agreements.
3. Legal Basis for Processing
Depending on the jurisdiction, we may rely on one or more of the following legal grounds to process personal data:
- Consent: When you have given clear consent for processing your personal data for a specific purpose.
- Contractual Necessity: Where processing is necessary to fulfill a contractual obligation or to enter into a contract with you or your organisation.
- Legal Obligation: Where processing is required to comply with applicable legal, regulatory, or governmental obligations (e.g., anti-fraud measures, audit requirements for banks or government clients).
- Legitimate Interests: Where processing is necessary for the purposes of our legitimate interests (e.g., internal administrative purposes, security, product development) unless overridden by your fundamental rights and freedoms.
4. How We Use the Information
We use the collected information to:
- Provide our services (e.g., software development, systems integration, consulting projects).
- Communicate with you regarding project updates, service offerings, and legal or policy changes.
- Maintain and improve our website, platforms, and infrastructure.
- Comply with government regulations and security requirements, particularly when working with sensitive data for government or financial institutions.
- Prevent fraud, enhance security, and address technical or security issues.
5. Information Sharing and Disclosure
We only share information with third parties under these circumstances:
- Service Providers: We may partner with trusted third-party vendors (such as data storage, hosting, or payment processing services) who help us deliver our services. These providers are bound by confidentiality and data protection obligations.
- Legal and Regulatory Requirements: We may disclose information to governmental authorities, law enforcement, or as required by law, regulation, or court order to comply with legal processes and regulations (e.g., under national security or anti-money-laundering requirements).
- Business Transactions: In the event of a merger, acquisition, bankruptcy, or other corporate reorganisation, your information may be transferred to the acquiring entity or its advisors.
- Consent: We may share your data with other third parties if you have provided explicit consent for such disclosure.
6. Data Retention
We retain personal data only for as long as necessary to fulfill the purposes for which it was collected and to meet any legal, contractual, or regulatory obligations. The specific retention period may vary based on the nature of the data and the requirements of government or financial sector regulations.
7. Data Security
We employ strict administrative, technical, and physical security measures to protect data, including but not limited to:
- Encrypted data transmission (e.g., SSL/TLS) and secure storage solutions.
- Access controls and authentication protocols (including multi-factor authentication).
- Regular system monitoring, vulnerability scanning, and security assessments.
- Employee training on confidentiality, data protection, and compliance.
Where projects involve handling classified or highly sensitive data, we follow stringent government or financial regulatory requirements (e.g., Federal Information Security Management Act, PCI-DSS, or other standards as applicable).
8. International Data Transfers
If your personal data is transferred to and processed in countries outside your country of residence, we will ensure that appropriate safeguards or legal mechanisms are in place in compliance with applicable data protection laws.
9. Your Rights
Depending on applicable laws, you may have the right to:
- Access, correct, or request deletion of your personal data.
- Restrict or object to the processing of your personal data.
- Withdraw consent where processing is based on consent (without affecting the lawfulness of processing prior to withdrawal).
- Lodge a complaint with a relevant data protection authority, if applicable.
To exercise your rights or make inquiries about your personal data, contact us at legal@arxium.com.au ↗.
10. Children's Privacy
Our services are typically offered to business and government entities and are not directed to children under the age of [13/16, depending on local regulations]. We do not knowingly collect personal information from children. If you become aware that a child has provided us with personal data, please contact us immediately, and we will take steps to delete such information.
11. Third-Party Websites
Our website or communications may contain links to third-party websites. This Privacy Policy does not apply to those third-party websites, and we are not responsible for their content, practices, or privacy policies. We encourage you to review the privacy policies of any third-party sites you visit.
12. Changes to This Policy
We may update this Privacy Policy to reflect changes to our practices, legal obligations, or industry standards. We will post any updates to our website with a revised “Last Updated” at the top. Continued use of our services after changes take effect indicates acceptance of the updated Policy.
13. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us at legal@arxium.com.au ↗.