Privacy Statement

1. Introduction

Sharktech Global Pty Ltd (ABN 54 672 825 731) ("we", "us", "our") is committed to protecting the privacy of personal information collected through our websites, platforms, and services. This Privacy Statement outlines how we collect, hold, use, and disclose personal information in accordance with the Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (Cth) and the Disability Discrimination Act 1992 (Cth) (DDA 1992) accessibility requirements.

2. Australian Privacy Principles (APPs) Compliance

We comply with the 13 Australian Privacy Principles (APPs) under Schedule 1 of the Privacy Act 1988. These principles regulate how we manage personal information, including how it is collected, used, disclosed, stored, and accessed.

In particular, we adhere to:

• APP 1. Open and transparent management: We manage personal information in an open and transparent way, as outlined in this Privacy Statement.
• APP 3. Collection of solicited personal information: We only collect personal information that is reasonably necessary for our business functions and activities.
• APP 5. Notification of collection: At or before the time of collection, we take reasonable steps to notify individuals of the matters required by APP 5.
• APP 6. Use or disclosure: We only use or disclose personal information for the purpose for which it was collected, unless an exception applies.
• APP 8. Cross-border disclosure: Before disclosing personal information to an overseas recipient, we take reasonable steps to ensure the recipient complies with the APPs.
• APP 11. Security of personal information: We take reasonable steps to protect personal information from misuse, interference, loss, and unauthorised access.
• APP 12. Access to personal information: Individuals may request access to their personal information held by us.
• APP 13. Correction of personal information: We take reasonable steps to correct personal information to ensure it is accurate, up-to-date, and complete.

3. Information We Collect

We may collect the following types of personal information:

• Name, email address, phone number, and business details
• Job title, organisation name, and professional contact information
• Website usage data, IP addresses, and browser information
• Information provided through forms, enquiries, and support requests
• Payment and billing information (processed via secure third-party payment processors)
• Usage analytics and platform interaction data for our products (VCPility, eTakeaway Max, Flagman)

4. How We Use Your Information

We use personal information for the following purposes:

• Providing, operating, and improving our platforms and services
• Responding to enquiries, support requests, and sales communications
• Processing transactions and managing billing
• Sending product updates, newsletters, and marketing communications (with consent)
• Complying with legal obligations and regulatory requirements
• Internal analytics and business improvement

5. Data Storage & Location

All primary data is stored in Sydney, Australia (AWS ap-southeast-2 region). We use Australian-hosted infrastructure to ensure compliance with data sovereignty requirements for enterprise and institutional clients.

Specific data storage details:

• Primary Region: ap-southeast-2 (Sydney, NSW, Australia)
• Infrastructure Provider: Amazon Web Services (AWS)
• Encryption: All data encrypted at rest (AES-256) and in transit (TLS 1.2+)
• Backups: Automated daily backups with 30-day retention, stored within the ap-southeast-2 region
• Data Sovereignty: Personal information of Australian residents is stored within Australian borders unless explicitly consented otherwise

6. Disclosure of Information

We may disclose personal information to:

• Third-party service providers who assist in operating our platforms (subject to confidentiality agreements)
• Professional advisors (legal, accounting, auditing)
• Regulatory authorities or law enforcement where required by law
• Related entities within the Sharktech Global group of companies

We do not sell, rent, or trade personal information to third parties for marketing purposes.

7. Your Rights

Under the Australian Privacy Principles, you have the right to:

• Access your personal information held by us
• Request correction of inaccurate or outdated information
• Request deletion of your personal information (subject to legal retention requirements)
• Opt out of marketing communications at any time
• Lodge a complaint with the Office of the Australian Information Commissioner (OAIC)

8. GDPR Note

While Sharktech Global is an Australian company and primarily operates under Australian privacy law, we recognise and respect the rights of individuals under the European Union General Data Protection Regulation (GDPR). Where we process personal data of individuals located in the EU/EEA, we commit to:

• Processing personal data only with a lawful basis (consent, contract, legitimate interest)
• Providing clear information about data processing activities
• Facilitating data subject rights including access, rectification, erasure, and portability
• Implementing appropriate technical and organisational security measures
• Notifying relevant authorities and affected individuals of data breaches within required timeframes

For GDPR-related enquiries, contact us at info@sharktech.com.au.

9. Changes to This Statement

We may update this Privacy Statement from time to time to reflect changes in our practices or applicable law. Material changes will be communicated via our website. We encourage you to review this statement periodically.

10. Contact Us

If you have questions about this Privacy Statement or wish to exercise your privacy rights, contact us:

• Email: info@sharktech.com.au
• Address: Sydney, NSW, Australia
• OAIC: www.oaic.gov.au