ID Zero Logo
Privacy & Data Protection

Privacy Policy - Id Zero

This Privacy Policy explains how Id Zero collects, uses, and protects your personal information when you visit our website and engage with our cybersecurity services.

Last updated: May 31, 2025

Quick Navigation

1. Introduction2. Information We Collect3. How We Use Your Information4. Information Security5. Information Sharing and Disclosure6. Data Retention7. Your Privacy Rights8. International Data Transfers9. Minors' Privacy10. Changes to Policy11. Australian Privacy Compliance12. Contact Information

1. Introduction

This Privacy Policy explains how Id Zero (“we”, “our”, or “us”) collects, uses, and protects your personal information when you visit our website at https://idzero.com.au and engage with our cybersecurity services. By using our Site or services, you consent to the practices described in this Privacy Policy.

2. Information We Collect

2.1 Website Contact Information

We collect only the information you voluntarily provide through our website contact forms and inquiries:

  • Name: Your first and last name for identification and communication
  • Email Address: Your business email address to respond to inquiries
  • Organization: Your company or organization name
  • Message Content: Any inquiry details, service requests, or information you choose to share

We do not use tracking cookies, analytics tools, or purchase data from third parties for our website.

2.2 Professional Service Data

When providing enterprise cybersecurity services under separate service agreements, we may need to access or process technical data from your systems, including:

  • Identity System Configuration: Active Directory structures, Entra ID configurations, user account hierarchies, and group memberships
  • Security Policy Data: Authentication policies, access controls, privilege assignments, and security settings
  • System Logs: Identity-related logs, authentication events, and security incident data
  • Technical Metadata: System diagnostics, performance data, and configuration backups related to identity management

Important Service Data Notes:

  • Access is provided only under explicit written authorization in service agreements
  • Data is accessed solely to perform contracted cybersecurity services
  • We implement enterprise-grade security controls during all data access
  • Service data handling is governed by individual client contracts and confidentiality agreements

3. How We Use Your Information

3.1 Website Information

We use contact information to:

  • Respond to service inquiries and consultation requests
  • Communicate about our cybersecurity capabilities and services
  • Provide preliminary assessments and recommendations
  • Schedule consultations and service discussions

3.2 Service-Related Data

We use technical system data exclusively to:

  • Perform contracted identity security assessments and implementations
  • Deliver Active Directory and Entra ID hardening services
  • Implement Enterprise Access Model architectures
  • Provide security monitoring and incident response services
  • Generate compliance reports and security documentation
  • Deliver ongoing support for implemented solutions

4. Information Security

4.1 Website Data Protection

We implement appropriate technical and organizational measures to protect your contact information against unauthorized access, alteration, disclosure, or destruction.

4.2 Enterprise Service Data Protection

For client system data, we implement enhanced security controls including:

  • Encrypted connections and secure access protocols compliant with industry standards
  • Multi-factor authentication and privileged access management
  • Role-based access controls on a strict need-to-know basis
  • Compliance with relevant security frameworks (NIST, MITRE ATT&CK, Essential 8)
  • Regular security assessments of our own infrastructure and processes

While we implement comprehensive security measures, no method of data transmission or storage is completely secure.

5. Information Sharing and Disclosure

We do not sell, trade, lease, or share your personal information with third parties, except in the following circumstances:

  • Legal Compliance: When required by law, court order, or legal process
  • Safety Protection: To protect our rights, safety, or property, or that of our clients or others
  • Explicit Consent: With your written authorization for specific purposes
  • Service Providers: With trusted service providers who assist in our operations and are bound by confidentiality agreements

6. Data Retention

6.1 Contact Information

We retain your contact information only as long as necessary to respond to inquiries and maintain our business relationship. You may request deletion of your contact information at any time.

6.2 Service Data

Client system data is handled according to the terms specified in individual service agreements. We typically do not retain client data longer than necessary to complete contracted services, unless ongoing support or compliance requirements necessitate retention.

7. Your Privacy Rights

You have the right to:

  • Access: Request information about personal data we hold about you
  • Correction: Request correction of inaccurate or incomplete information
  • Deletion: Request removal of your personal information from our systems
  • Portability: Request a copy of your data in a commonly used format
  • Objection: Object to certain uses of your personal information
  • Withdrawal: Withdraw consent for us to contact you

To exercise these rights, please contact us at info@idzero.com.au.

8. International Data Transfers

Our services are primarily provided within Australia. If international data transfer becomes necessary for service delivery, we will implement appropriate safeguards and obtain necessary consents as required by applicable privacy laws.

9. Minors' Privacy

Our website and services are intended for business professionals and organizations. We do not knowingly collect personal information from individuals under 18 years of age. If we become aware of such collection, we will take steps to delete the information promptly.

10. Changes to Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or legal requirements. Material changes will be posted on our website with an updated “Last Updated” date. Continued use of our Site or services after changes constitutes acceptance of the revised Privacy Policy.

11. Australian Privacy Compliance

This Privacy Policy is designed to comply with the Australian Privacy Act 1988 and the Australian Privacy Principles (APPs). If you have concerns about our privacy practices, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC).

12. Contact Information

For questions about this Privacy Policy or our privacy practices, please contact us:

Email: info@idzero.com.au

Website: https://idzero.com.au

Address: 2/194 Varsity Parade, 4221

Privacy Officer: Available via the above contact details

Note: This Privacy Policy applies to our website and general business communications. Specific data handling for professional cybersecurity services is governed by individual service agreements and may include additional privacy protections tailored to each engagement.

Questions about privacy?

Our privacy team is available to discuss any questions you may have about our Privacy Policy or data protection practices.

Contact Us
ID Zero Logo

Australia's premier Active Directory and Entra ID security specialists. We protect critical infrastructure, government agencies, and enterprises from identity-based cyber attacks.

    Company

    Resources

    © 2024 ID Zero. All rights reserved.