Skip to main content
Back to Policies

POLICIES

Privacy Policy

TrueCMS handles personal information in line with the Privacy Act 1988 (Cth) and the Australian Privacy Principles.

Effective
2025-10-18
Last updated
2025-10-18

Who we are

TrueCMS Pty Ltd (ABN 63 133 456 005) provides Drupal and GovCMS services. This policy explains how we manage personal information collected through our website, marketing, support channels, and client engagements.

Personal information we collect

We collect the minimum personal information needed to deliver our services, including:

  • Contact details such as name, email, phone number, and organisation.
  • Information about projects, platforms, and needs that you share when you contact us.
  • Support credentials or environment details provided for managed services.
  • Website analytics (including IP address and device data) gathered via cookies or similar technologies.
  • Employment details if you apply to work with us.

How we use personal information

We use personal information to:

  • Respond to enquiries and provide proposals.
  • Deliver projects, managed services, and support.
  • Send service updates or marketing communications (you can opt out at any time).
  • Improve our website, offerings, and security controls.
  • Meet legal, regulatory, and contractual obligations.

We do not sell personal information and we only use it for the purposes described above.

Legal and contractual obligations

Our handling of personal information follows the Australian Privacy Principles, the Privacy Act 1988 (Cth), and any data handling clauses agreed in client contracts. When clients supply personal information, they confirm they have the right to share it with us for the agreed services.

Disclosure and overseas transfers

  • We share personal information with employees, contractors, and vetted suppliers who need it to support delivery (for example, secure hosting, analytics, or collaboration tools).
  • Some suppliers may store data in other countries. We choose vendors with robust security controls and privacy commitments, and we ensure contractual safeguards are in place before data is transferred overseas.
  • We may disclose information if required by law, court order, or government authority.

Marketing communications

We send marketing content only when you consent or when it is related to services you have previously purchased. Each message contains an unsubscribe link, or you can email [email protected] to opt out.

Protecting your information

  • Access to personal information is role-based and reviewed regularly.
  • We apply security controls such as encryption in transit, secure hosting, logging, and vulnerability management.
  • Staff and contractors complete privacy and security training.

Accessing or correcting your information

You can request access to the personal information we hold about you, ask us to correct inaccuracies, or request deletion where permitted by law. Email [email protected] and we will respond within 30 days.

Notifiable data breaches

We follow the Office of the Australian Information Commissioner’s Notifiable Data Breaches scheme. If a breach is likely to result in serious harm, we will notify affected individuals and the OAIC as required.

Contact us

For privacy queries, requests, or complaints, email [email protected]. We aim to resolve complaints within 30 days and will provide you with a written response.