A51 Software Asia Pacific

A51 Software Asia PacificA51 Software Asia PacificA51 Software Asia Pacific

A51 Software Asia Pacific

A51 Software Asia PacificA51 Software Asia PacificA51 Software Asia Pacific
  • Home
  • About Us
  • Experience
  • Contact Us
  • Privacy Policy
  • More
    • Home
    • About Us
    • Experience
    • Contact Us
    • Privacy Policy
  • Home
  • About Us
  • Experience
  • Contact Us
  • Privacy Policy

Privacy Policy

 A51 Software Pty Ltd – Privacy Policy (Australia)


Last updated: 3 January 2026


Applies to: A51 Software Pty Ltd ACN [164 257 069], Office: Milsons Point, NSW, Australia


1. Who we are and how to contact us

A51 Software Pty Ltd (“A51 Software”, “we”, “us”, “our”) is an Australian distributor of cyber security products and related services. We manage personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). 


Contact:

  • Email:      info@a51software.com
  • Postal:      6A Glen St, Milsons Point, 2061, NSW, Australia
  • Phone:     +61 2 9922  3799
  • Privacy Officer: Greg Wyman


We make this policy available free of charge via our website and will provide it in other formats on request (e.g., PDF, large print).

  

2. The kinds of personal information we collect

Depending on your relationship with us (e.g., customer, reseller, vendor, supplier, job applicant), we may collect:

  • Identification & contact: name, business title, employer, email, position, phone,      postal and billing addresses.
  • Account & transactional: purchase history, licence keys, products used, support      tickets, device identifiers relevant to product provisioning, audit logs tied to your organisation’s use of our products.
  • Professional information: role, certifications, and product preferences.
  • Support diagnostics (B2B): limited technical telemetry required to deliver support (e.g., error codes, versioning), generally de‑identified where practicable.
  • Recruitment: CV/resume, references, right‑to‑work details.
  • Marketing preferences: subscriptions, events/webinars, and opt‑out choices.


“Personal information” and “sensitive information” have the meanings under the Privacy Act (e.g., health information is sensitive and handled with heightened care). 


We do not intentionally collect children’s data in the course of B2B distribution. If we ever offer a consumer‑facing service, we will implement measures consistent with emerging Children’s Online Privacy Code requirements.

  

3. How we collect personal information

We collect information directly from you (web forms, emails, phone, events), from your employer (if you are our customer contact), and from trusted partners (e.g., vendors/distributors/resellers/MSPs) where lawful and necessary. We may also collect limited information from publicly available sources to verify business contact details.


When information is collected, we will notify you of relevant matters (APP 5), either at or before the time of collection (or as soon as practicable afterwards), tailored to the context (e.g., online form notices, email footers, event registrations). 

  

4. Purposes: why we collect, use and disclose personal information

We use personal information to:

  • Provide and support products/services you (or your organisation) acquire.
  • Manage accounts (billing, renewals, licence administration, support).
  • Operate our business (supplier management, compliance, governance).
  • Communicate (service updates, important notices, product advisories).
  • Marketing (with controls): send relevant updates; you can opt out at any time.
  • Legal and compliance: meet reporting, audit, and regulatory obligations.


We only use or disclose personal information for the primary purpose of collection, for a related secondary purpose you would reasonably expect, or otherwise with consent or as permitted by law (APP 6 & APP 7).

  

5. Direct marketing and your choices

We may use your business contact details for B2B direct marketing about relevant A51 Software offerings, consistent with APP 7. You can opt out at any time via unsubscribe links or by contacting us. We will respect your preferences promptly.

  

6. Cross‑border disclosures (APP 8)

A51 Software may disclose limited personal information to overseas recipients in the course of distribution, support, or cloud service operations (e.g., vendors /distributors headquartered overseas; secure infrastructure providers). Before disclosing, we take reasonable steps (contractual safeguards, technical and organisational measures) to ensure overseas recipients do not breach the APPs, and we remain accountable for mishandling overseas unless an exception applies (s 16C). Where practicable, we will identify destination countries (typically limited to Australia, USA, Israel, New Zealand, EU and UK) in this policy or upon request.


From 11 December 2024, reforms clarified that “reasonable steps” to protect personal information include technical and organisational measures; we incorporate those measures into our vendor due diligence and data transfer controls.


Note: Australia has enabled ministerial powers to establish a “whitelist” of jurisdictions with substantially similar protections; we will monitor and align with any such list as it is published.

  

7. Security of personal information (APP 11)

We take reasonable steps to protect personal information from misuse, interference, loss, and unauthorised access, modification, or disclosure. Our programme includes:

  • Governance: privacy management framework, designated privacy officer, policies, training. 
  • Technical & organisational measures: role‑based access; MFA; encryption in      transit/at rest; endpoint protection; secure logging; immutable backup for critical business systems; vendor assessments; contractual controls; incident response plans. The 2024 reforms confirm these measures are part of the “reasonable steps” expectation.
  • Data minimisation & retention: collect only what is needed; retain for defined periods then securely encrypt that data once it becomes inactive. Transparency about destruction is an APP 1.4 focus area for OAIC’s compliance sweeps.

  

8. Retention and destruction

We keep personal information only for as long as needed to fulfil the purpose(s) of collection or as required by law (e.g., financial record keeping). We then encrypt the information using methods appropriate to the format and sensitivity. 

  

9. Automated decision‑making transparency (from 10 December 2026)

If, in the future, we arrange for a computer program to use personal information to make decisions that could reasonably be expected to significantly affect an individual’s rights or interests (e.g., eligibility decisions), we will include additional information in this policy as required by new APP 1 obligations commencing 10 December 2026 (e.g., types of decisions, data used, rights to obtain information).

  

10. Access and correction (APP 12 & APP 13)

You can request access to the personal information we hold about you, and request corrections if it is inaccurate, out‑of‑date, incomplete, irrelevant or misleading. We will respond within a reasonable time and explain any lawful grounds for refusal.

  

11. Notifiable Data Breaches (NDB) scheme

If a data breach occurs that is likely to result in serious harm, we will notify affected individuals and the OAIC as required, including recommendations for steps individuals should take.

  

12. Complaints and enquiries

If you have a privacy enquiry or wish to make a complaint:

  1. Contact us (Section 1);
  2. We will acknowledge your complaint and aim to resolve it within 30 days;
  3. If you are not satisfied, you may contact the Office of the Australian Information Commissioner (OAIC). See: oaic.gov.au.

Privacy policies must include how to lodge complaints and how they will be handled (APP 1.4).

  

13. Disclosures to law enforcement and regulatory bodies

We may disclose personal information where required or authorised by law, including responding to court/tribunal orders or enforcement‑related activities (APP 6 exceptions; APP 8.2 contains parallel exceptions for cross‑border disclosures).

  

14. Overseas recipients and service providers (illustrative list)

We primarily operate in Australia; however, some trusted providers may host or process data in other jurisdictions. On request, we will provide a list of material third‑party processors and data location(s), and the safeguards applied (APP 8 “reasonable steps”). 

  

15. Penalties, enforcement, and our commitment

Australia has significantly increased penalties for privacy breaches and expanded OAIC enforcement powers since December 2022 and December 2024 (e.g., up to A$50 million for serious interferences with privacy; tiered civil penalties and infringement/compliance notices—including penalties up to A$66,000 for certain foundational contraventions such as failing to have an APP‑compliant privacy policy). We treat compliance as a governance priority and continuously uplift our practices.

  

16. Changes to this policy

We may update this policy to reflect changes in our practices or the law. We will publicise updates (e.g., website notice, email to subscribers) and make the updated policy available free of charge, consistent with APP 1.5/1.6 expectations.

  

APP 1.4 Checklist – How this policy meets the required topics

APP 1.4 requires privacy policies to cover specific topics (e.g., what is collected, how used/disclosed, security, access/correction, complaints, overseas disclosures). The sections above correspond to these items and reflect OAIC guidance.

Copyright © 2019 A51 Software Asia Pacific - All Rights Reserved.

Powered by