Privacy Policy

 

What Personal Data We Collect and Why We Collect It

We collect and process limited personal data when you interact with our site. This may include:

  • Contact details (name, email address) if you choose to submit them via our contact form or anonymous story submission form.

  • Technical information such as IP address, browser type, and operating system — collected automatically for security, analytics, and site performance purposes.

  • Anonymous submissions for our blog — no personal data is required, but if you include personal information in your submission, it will be processed as part of the content.

We collect this information:

  • To respond to enquiries.

  • To publish anonymous IT stories (with any personal identifiers removed before posting, unless you have consented to include them).

  • To maintain the security and performance of our site.

We do not collect sensitive personal information (such as health or financial data) unless you choose to provide it voluntarily, and we encourage you not to include unnecessary personal details in your submissions.

 

Comments

Currently, public commenting is disabled. If commenting becomes available, we will collect:

  • The data shown in the comments form.

  • The visitor’s IP address and browser user agent string to help detect spam.

We may also use the Gravatar service to display profile images. Gravatar’s privacy policy is available here: https://automattic.com/privacy/.

 

Media

If you upload images to the website (for example, via a submission form), please ensure they do not contain embedded location data (EXIF GPS). Visitors to the site can download and extract location data from posted images.

 

Contact Forms

When you contact us through our website’s contact form or submit an anonymous story:

  • We collect the details you provide (e.g., name, email address, message content).

  • We retain contact form submissions for up to 12 months for customer service purposes.

  • We do not use information submitted through forms for marketing without your consent.

 

Cookies

Our website may set cookies to:

  • Remember your display preferences.

  • Maintain your session if you log in as a site administrator.

These cookies do not contain personal information unless you are an authenticated user (e.g., an administrator).

 

Analytics

Our hosting provider (Microsoft Azure) and WordPress may collect anonymous analytics and performance data, such as page load times and visitor counts.
No personally identifying information is linked to this data.

 

Who We Share Your Data With

We do not sell or trade your personal data.
We may share data with trusted service providers solely to support our website operations, including:

  • Microsoft Azure (website hosting).

  • Automattic (Gravatar service, if comments are enabled).

These providers are bound by their own privacy policies and applicable data protection laws.

 

How Long We Retain Your Data

  • Contact form submissions: up to 12 months.

  • Anonymous blog submissions: retained indefinitely once published (or until you request removal).

  • Server logs and analytics data: retained for up to 12 months.

 

Your Rights Over Your Data

You can request:

  • A copy of the personal data we hold about you.

  • Correction of any inaccurate information.

  • Deletion of your personal data (subject to legal and security requirements).

To exercise these rights, contact contact@crcyber.com.

 

Where Your Data is Sent

Our website is hosted on Microsoft Azure servers located in Australia. Data may be temporarily transferred to other regions if required for backup or support, and in such cases, we ensure compliance with Australian Privacy Principles.

If you leave a comment in the future, it may be checked through an automated spam detection service.

 

How We Protect Your Data

We use:

  • Secure HTTPS encryption across the site.

  • Firewall and malware protection.

  • Regular software updates.

  • Limited access controls for administrators.

 

What Data Breach Procedures We Have in Place

In the event of a data breach:

  • We will investigate and contain the breach immediately.

  • We will notify affected individuals and the Office of the Australian Information Commissioner (OAIC) where required.

  • We will take corrective action to prevent future breaches.

 

What Third Parties We Receive Data From

We do not currently receive personal data from third parties.

 

Automated Decision-Making and Profiling

We do not use automated decision-making or profiling.

 

Industry Regulatory Disclosure Requirements

We comply with the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth).

Scroll to Top