(08) 8944 2244 Email Us IT Blog

Privacy Policy

Security and Data Privacy Policy

Northern Technology Holdings T/A Arafura Connect

Effective Date: July 2024

Last Reviewed: July 2025

Applies To: All services provided by Northern Technology Holdings T/A Arafura Connect, including SaaS, Hosting, DaaS, and IaaS offerings.

1. Purpose

This policy outlines Northern Technology Holdings T/A Arafura Connect’ commitment to protecting the confidentiality, integrity, and availability of customer data and systems. It ensures compliance with ISO 27001, the Australian Privacy Principles (APPs), and the Australian Cyber Security Centre’s Essential Eight.

2. Scope

This policy applies to all employees, contractors, systems, and services involved in the delivery of: - SaaS: Exchange Email services - Hosting: Web hosting, application hosting, and co-location - DaaS: Virtual desktops and remote access solutions - IaaS: Virtual machines, storage, networking, and backup

3. Data Collection and Use

- We collect only the data necessary to deliver and support our services. - Personal information is handled in accordance with the Australian Privacy Principles (APPs). - Data is used solely for service delivery, support, billing, and compliance purposes.

4. Data Security Controls

We implement a layered security approach aligned with ISO 27001 and the Essential Eight, including: - Application Control: Only approved applications are allowed to run. - Patch Management: Regular updates and patching of systems and applications. - User Access Control: Role-based access, MFA, and least privilege principles. - Data Encryption: All data is encrypted in transit and at rest using industry-standard protocols. - Backup and Recovery: Regular backups with tested recovery procedures. - Monitoring and Logging: Continuous monitoring and logging of system activity. - Incident Response: A formal incident response plan is in place and regularly tested.

5. Data Hosting and Sovereignty

- All customer data is hosted in secure Australian data centres. - We ensure data sovereignty by not transferring data outside of Australia without explicit consent.

6. Third-Party Providers

- All third-party providers undergo security and privacy assessments. - Data shared with third parties is limited to what is necessary and governed by contractual obligations.

7. Customer Responsibilities

Customers are responsible for: - Managing their own user access and credentials. - Ensuring secure configurations of their environments. - Reporting any suspected security incidents to our support team.

8. Privacy Rights and Requests

Customers may request access to, correction of, or deletion of their personal data in accordance with the APPs. Requests can be made via compliance@techsolutions.com.au

9. Policy Review

This policy is reviewed annually or upon significant changes to services, regulations, or threats.

10. Contact

For questions or concerns regarding this policy, please contact: Email: compliance@techsolutions.com.au Phone: 08 8944 2222 Address: 8 Albatross Street, Winnellie, Northern Territory 0820

www.techsolutions.com.au www.brisbanetechsolutions.com.au www.broometechsolutions.com.au www.arafura.com.au www.connectedoffice.com.au www.connectedphone.com.au www.cctvcloud.com.au www.vbackup.com.au cybersecurity www.itblog.com.au atsg

Follow Us

Facebook Instagram Twitter Linkedin