Privacy Policy

1. Who this policy applies to

This policy applies to personal information we collect about:

• website visitors
• prospective customers
• customers and account holders
• billing contacts and authorised representatives
• suppliers and contractors
• people who contact us for sales, support or other enquiries

Back to top

2. What personal information we collect

Depending on how you deal with us, we may collect and hold personal information such as:

• name, business name and job title
• postal address, service address, email address and phone number
• account username and account preferences
• billing and transaction details
• support requests, service tickets and correspondence
• IP addresses, device data, browser data and service usage logs
• identity or verification information where reasonably required
• domain registrant, administrative, technical and billing contact details
• information you provide when completing forms, surveys or feedback
• any other information reasonably necessary for us to provide services and meet legal, regulatory or contractual obligations

We generally do not seek to collect sensitive information unless it is reasonably necessary and permitted by law.

Back to top

3. How we collect personal information

We may collect personal information:

• directly from you when you contact us, sign up, order services or submit forms
• through our websites, client portals, cookies and analytics tools
• through support systems, monitoring tools and security systems
• from payment providers, resellers, partners or referral sources
• from domain registries, registrars or other suppliers involved in delivering services
• from publicly available sources where lawful and reasonable

Back to top

4. Why we collect, hold, use and disclose personal information

We collect, hold, use and disclose personal information for purposes including to:

• provide, manage, maintain and improve our services
• set up and administer customer accounts
• process payments, renewals, invoices and refunds
• verify identity, detect fraud and maintain service security
• respond to enquiries, incidents and support requests
• send service notices, technical updates and account-related communications
• register, renew, transfer or manage domain names
• comply with legal, regulatory, contractual and industry requirements
• monitor performance, usage, abuse, spam, malware and network integrity
• market our services where permitted by law
• enforce our agreements, protect our rights and recover debts

If you do not provide certain personal information, we may not be able to provide some or all of our services to you.

Back to top

5. Cookies, analytics and website data

Our websites may use cookies, pixels, server logs and similar technologies to operate the site,
improve performance, remember preferences, understand traffic, detect suspicious activity and
support marketing. Some of these tools may be provided by third parties.

You can usually control cookies through your browser settings, but disabling cookies may affect
site functionality.

Back to top

6. Direct marketing

We may send you marketing communications about our services where we have your consent or are
otherwise permitted by law. Marketing messages may be sent by email, SMS or other electronic means.

You can opt out of marketing communications at any time by using the unsubscribe link or by
contacting us using the details below. We will process unsubscribe requests in accordance with applicable law.

Back to top

7. Who we may disclose personal information to

We may disclose personal information to:

• our employees, contractors and related entities
• data centre, hosting, cloud, network, software and infrastructure providers
• payment gateways, banks and fraud prevention providers
• domain registries, registrars and certificate providers
• IT, security, backup, monitoring and support service providers
• professional advisers such as accountants, auditors, insurers and lawyers
• debt recovery agencies
• government authorities, regulators, law enforcement bodies or courts where required or authorised by law
• another party in connection with a business sale, merger, restructure or asset transfer

Back to top

8. Overseas disclosure

Some of our suppliers, platforms and infrastructure providers may be located outside Australia,
or may store or process personal information outside Australia.

Depending on the services you use, personal information may be disclosed to recipients in
countries such as Australia, New Zealand, Singapore, the United States, the United Kingdom and European Union member states.

Where we disclose personal information overseas, we take reasonable steps to ensure it is handled
in a manner consistent with Australian privacy law, subject to any exceptions permitted by law.

Back to top

9. Domain names, WHOIS and registry data

If you register, renew or transfer a domain name through us, we may collect and disclose registrant
and contact information as required by the relevant registry, registrar, policy authority or licence rules.

This may include disclosure to registry operators, registrars, resellers, dispute providers, escrow
providers, compliance bodies and public registration data services, where applicable.

For some domain namespaces, certain registration data may be publicly available or available to eligible
requestors under applicable registry rules, policy frameworks or law.

Back to top

10. Security of personal information

We take reasonable steps to protect personal information from misuse, interference, loss,
unauthorised access, modification and disclosure. These steps may include:

• access controls and authentication measures
• role-based permissions
• encryption in transit and, where appropriate, at rest
• network and endpoint security controls
• logging, monitoring and alerting
• backup and recovery procedures
• staff confidentiality obligations and training
• supplier due diligence and contractual controls

No system is completely secure. You are responsible for keeping your passwords,
multi-factor authentication methods and account credentials secure.

Back to top

11. Retention and destruction

We retain personal information only for as long as reasonably necessary for the purposes for which it
was collected, including to provide services, resolve disputes, enforce agreements, meet legal and
regulatory obligations, and maintain proper business and financial records.

When personal information is no longer required, we take reasonable steps to destroy it or de-identify it,
unless we are required or authorised by law to retain it.

Back to top

12. Access and correction

You may request access to the personal information we hold about you, and you may request that we correct
inaccurate, out-of-date, incomplete, irrelevant or misleading information.

To make a request, please contact us using the details below. We may need to verify your identity before
processing your request. In some cases, the law allows us to refuse access or correction, and if that applies
we will explain why.

Back to top

13. Privacy complaints

If you believe we have breached the Privacy Act or the Australian Privacy Principles, you may make a complaint
by contacting us using the details below. Please provide enough detail for us to investigate.

We will acknowledge your complaint within a reasonable time and aim to investigate and respond within
30 days, or otherwise let you know if more time is reasonably required.

If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner.

Back to top

14. Data breaches

If we become aware of a data breach involving personal information, we will assess it promptly and take
reasonable steps to contain, investigate and remediate the incident.

Where required by law, including under the Notifiable Data Breaches scheme, we will notify affected individuals
and the OAIC.

Back to top

15. Third-party services and links

Our websites, portals or services may contain links to third-party websites, tools or services.
We are not responsible for the privacy practices of those third parties, and you should review their
privacy policies separately.

Back to top

16. Changes to this policy

We may update this Privacy Policy from time to time to reflect changes to our services, technology,
suppliers, legal obligations or privacy practices. The latest version will be published on our website
with the updated date.

Back to top

17. Contact us

If you have questions, want to access or correct your information, or wish to make a privacy complaint,
contact:

Company: DISKMANDOTNET
ABN: 18 209 695 017
Postal Address: PO Box 85, Doncaster, 3108, Victoria, Australia
Email: clientservices@diskman.net
Phone: 03 9841 8294

Back to top