Website Policy and Privacy Statement
1. Introduction
Excelium Consulting Pty Ltd (“Excelium”, “we”, “us”, “our”) is committed to protecting your privacy and handling personal information in a transparent, secure, and lawful manner. This Privacy Policy outlines how we collect, use, disclose, and safeguard personal information through our website and in connection with our cyber security and advisory services.
We comply with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).
2. Information We Collect
We may collect the following types of personal information:
2.1 Information You Provide Directly
- Name, email address, phone number
- Company name and job title
- Location
- Information submitted via contact forms, request for proposal (RFP) submissions, recruitment applications, or service enquiries
- Any other information you voluntarily provide
2.2 Automatically Collected Information
- IP address
- Browser type and version
- Device and system information
- Pages visited, time spent, and referring URLs
- Cookies and tracking technologies
2.3 Sensitive Information
We do not intentionally collect sensitive personal information unless required for recruitment or specific service delivery purposes, and only with your explicit consent.
3. How We Collect Personal Information
We collect personal information directly from you when you:
- Submit a form on our website (including RFP requests)
- Contact us via email or phone
- Engage with us for services
- Interact with our website
We may also collect limited information automatically through website analytics tools.
4. Purpose of Collection
We collect and use personal information to:
- Respond to enquiries and assess requests for services
- Deliver cyber security and advisory services
- Communicate with clients and prospective clients
- Manage recruitment processes
- Improve our website, services, and user experience
- Maintain security, including detecting and responding to cyber threats
- Comply with legal and regulatory obligations
5. Disclosure of Personal Information
We may disclose personal information to:
- Our personnel and contractors on a need-to-know basis
- Service providers (e.g. CRM platforms, cloud hosting, IT support)
- Professional advisers (legal, financial, or audit)
- Government or regulatory bodies where required by law
We do not sell personal information.
6. Overseas Disclosure
While we operate in Australia and actively monitor our supply chain providers. Some of these providers may be located outside Australia. Where this occurs, we take reasonable steps to ensure that overseas recipients handle personal information in accordance with Australian privacy obligations.
7. Data Storage and Security
We take reasonable steps to protect personal information from misuse, interference, loss, un-authorised access, modification, or disclosure.
These measures include:
- Secure cloud environments
- Access controls and identity management
- Encryption in transit and, where applicable, at rest
- Monitoring and logging
- Security testing and continuous improvement practices
8. Cookies and Analytics
We use cookies and similar technologies to:
- Improve website functionality
- Analyse traffic and usage patterns
- Support security monitoring
You may control cookies through your browser settings.
9. Data Retention
We retain personal information only for as long as necessary to fulfil the purposes outlined in this policy, or as required by law, contractual obligations, or regulatory requirements.
10. Access and Correction
You may request access to, or correction of, your personal information by contacting us. We will respond within a reasonable period.
11. Marketing Communications
We do not use your details for marketing purposes.
12. Complaints
If you believe we have breached the Privacy Act or mishandled your personal information, you may contact us using the details below.
We will investigate and respond to complaints within a reasonable timeframe.
If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner (OAIC).
13. Third-Party Links
Our website may contain links to third-party websites. We are not responsible for their privacy practices.
14. Changes to This Policy
We may update this Privacy Policy from time to time. The latest version will be published on our website with the updated date.
- 25/03/2026 – V1.2