Privacy Policy

Effective Date from 08 Dec 2024

SafeSpace@elevate ("we," "our," "us") is committed to protecting your privacy and ensuring the security of your data. This Privacy Policy explains how we collect, use, disclose, and safeguard your information when you visit our website (the "Website"). Please read this Privacy Policy carefully. If you do not agree with the terms of this Privacy Policy, please do not access the Website.

1. Information We Collect

We may collect information about you in a variety of ways, including:

  • Personal Data:
    Information that you voluntarily provide to us, such as your name, email address, and any other details you share through forms or other interactive features on our Website.

  • Automatically Collected Data:
    Information that is automatically collected when you visit our Website, such as your IP address, browser type, operating system, access times, and pages viewed.

  • Cookies and Tracking Technologies:
    We may use cookies and other tracking technologies to improve your browsing experience. For more information, please refer to our Cookie Policy.

2. How We Use Your Information

We use the information we collect to:

  • Provide, operate, and improve our Website and services.

  • Respond to inquiries or customer service requests.

  • Enhance security and monitor compliance with data protection standards.

  • Comply with legal obligations and enforce our terms.

3. Cybersecurity and Data Confidentiality

SafeSpace@elevate employs a multi-layered approach to cybersecurity and data protection, ensuring compliance with leading security standards:

  • Certified Database:
    Our database is hosted on Amazon Web Services (AWS) and certified under ISO 27001, ISO 9001, SOC 2, and CSTAR standards. These certifications ensure a high level of data confidentiality and integrity.

  • End-to-End Encryption:
    All data in transit is encrypted using Transport Layer Security (TLS). Data at rest is encrypted via AWS RDS server-side encryption and managed by AWS Key Management Service (KMS).

  • Role-Based Access Controls (RBAC):
    Access is restricted by precise permissions, ensuring individuals access only the information necessary for their roles.

  • Data Loss Prevention:

    • Bulk data exports are prohibited.

    • Personally Identifiable Information (PII) is anonymised during database exports.

    • Database access is limited to authorised system components, with all staff activities monitored.

  • Infrastructure Security:
    We integrate multiple layers of security, including:

    • Infrastructure and Web Application Firewalls to protect against threats such as SQL injection and cross-site scripting.

    • Virtual Private Clouds (VPCs) on AWS for controlled network access.

4. Sharing Your Information

We do not sell or trade your personal information. However, we may share it:

  • With trusted service providers who support our operations.

  • To comply with legal obligations or enforce our rights.

5. Your Rights

Depending on your location, you may have the following rights regarding your data:

  • Access, update, or delete your data.

  • Restrict or object to its processing.

  • Withdraw consent at any time, where applicable.

6. Updates to This Privacy Policy

We may update this Privacy Policy periodically. Changes will be posted on this page with an updated "Effective Date."

7. Contact Us

If you have any questions or concerns, please contact us at:
support@elevateconsultingpartners.com.au

 .