Privacy Policy

At ISO 42001, we are committed to protecting the privacy, confidentiality, and security of all personal information shared with us. This policy outlines how we collect, use, store, and safeguard data to ensure transparency and trust.

1. Information We Collect

We collect only the information necessary to deliver our services effectively. This may include contact details, business information, and any data shared with us for audits, assessments, or compliance purposes.

2. Purpose of Data Collection

All information is used strictly for:

Providing our ISO 42001-related services
Managing client communication
Preparing reports, analysis, and documentation
Improving the quality of our services

We do not use your data for any purpose unrelated to your engagement with us.

3. Data Protection and Security

We maintain strong security measures to ensure all client information remains safe and confidential. Access to data is restricted to authorised team members, and all information is handled with care and professional responsibility.

4. Sharing and Disclosure

We do not share, sell, or disclose client data to third parties unless:

Required by Australian law
Necessary for completing work (e.g., secure service providers)
Authorised by the client

Any third-party partners we work with follow strict data protection standards.

5. Client Rights

Clients may request:

Access to their information
Correction of inaccurate data
Removal of data, where applicable
Clarification on how their information is handled

Requests can be submitted via email.

6. Data Storage

All data is stored securely and retained only for as long as required to fulfil service obligations or meet legal requirements.

7. Updates to This Policy

ISO 42001 may update this Privacy Policy when necessary. Any major changes will be communicated to ensure continued transparency.