Privacy Policy

by | Mar 9, 2026 | LegalMatter | 0 comments

White Rabbit Australia
ABN 39 536 710 768
Registered address: 182 Grafton Street, Cairns CBD QLD 4870, Australia
General contact: cloud@white-rabbit.com.au
Security contact: ian@white-rabbit.com.au
Privacy contact: privacy@white-rabbit.com.au

Last updated: 9 March 2026

1. About this Privacy Policy

White Rabbit Australia (“White Rabbit”, “we”, “us” or “our”) is committed to protecting personal information and handling it in an open and transparent way.

This Privacy Policy explains how we collect, hold, use and disclose personal information in connection with our cloud server, related services, website, support functions, and business operations. It is intended to help individuals understand how their personal information is managed and how they can access or correct it or make a privacy complaint. These are the kinds of matters an APP privacy policy is expected to address under Australian privacy guidance.

2. The kinds of personal information we collect

Depending on the nature of your interaction with us, we may collect and hold personal information such as:

  • your name
  • email address
  • phone number
  • business or organisation name
  • job title or role
  • billing and account information
  • login, authentication, and account identifiers
  • IP address, device identifiers, browser type, operating system, and access timestamps
  • support requests, correspondence, and service communications
  • files, documents, messages, and other content uploaded to or stored in our cloud systems
  • usage, audit, security, and diagnostic logs
  • any other personal information you provide to us directly or through your use of our services

Where the information uploaded to the service contains personal information about other individuals, you are responsible for ensuring you are authorised to provide that information to us and for its use within the service.

3. How we collect personal information

We may collect personal information:

  • directly from you when you create an account, contact us, request support, subscribe to services, or otherwise interact with us
  • when you use our cloud service, website, authentication systems, or support channels
  • when personal information is uploaded to our systems by you or by authorised users within your organisation
  • from cookies, logs, analytics, and security technologies used on our systems
  • from third-party service providers, contractors, payment processors, identity or hosting providers, where reasonably necessary
  • from publicly available sources where lawful and appropriate

Australian privacy guidance expects policies to explain how personal information is collected and held, including whether it may be collected from third parties.

4. Why we collect, hold, use and disclose personal information

We collect, hold, use and disclose personal information for purposes including:

  • providing and administering our cloud services
  • authenticating users and maintaining account security
  • storing, syncing, transmitting, and backing up data
  • providing customer support and responding to enquiries
  • monitoring service performance, availability, and reliability
  • detecting, preventing, and investigating security incidents, fraud, misuse, and unlawful activity
  • maintaining audit trails, logs, and records for operational, legal, and compliance purposes
  • processing payments and managing commercial relationships
  • communicating service notices, updates, and administrative information
  • improving our systems, products, and services
  • complying with legal, regulatory, contractual, and professional obligations
  • establishing, exercising, or defending legal claims

We may also use personal information for related purposes that would reasonably be expected in the circumstances, or otherwise with consent or where authorised or required by law.

5. What happens if you do not provide information

If you do not provide certain personal information, we may be unable to create or manage your account, provide the service, respond to enquiries, verify your identity, or meet our legal and security obligations.

6. Cookies, analytics and system logs

Our website and cloud systems may use cookies, session tokens, local storage, analytics tools, and server logs to:

  • keep users signed in
  • remember preferences
  • maintain system security
  • understand service performance and usage
  • troubleshoot technical issues
  • improve usability and reliability

These technologies may collect technical and usage information such as IP addresses, browser details, timestamps, pages visited, login events, and device information.

7. Disclosure of personal information

We may disclose personal information to:

  • our employees, officers, contractors, and related service providers who need the information to perform their roles
  • cloud, infrastructure, hosting, backup, monitoring, security, identity, email, and support providers
  • payment processors and professional advisers
  • law enforcement bodies, regulators, courts, tribunals, or government agencies where required or authorised by law
  • other persons or entities where you have consented or directed us to do so

We do not sell personal information.

8. Overseas disclosure

Some of our service providers, infrastructure providers, or technical support providers may store or process personal information outside Australia.

Where we disclose personal information overseas, we will take reasonable steps to ensure the recipient handles the information in a manner consistent with applicable privacy obligations, unless an exception under law applies. Australian privacy guidance expects privacy policies to state whether overseas disclosure is likely and, if practicable, the countries involved.

Current position: Personal information may be processed or backed up in Australia and other jurisdictions used by our service providers from time to time. On request, we will take reasonable steps to provide further information about known hosting or processing locations relevant to your service arrangement.

9. Storage and security of personal information

We hold personal information in electronic systems, cloud infrastructure, backups, communications platforms, support systems, and administrative records.

We take reasonable steps to protect personal information from misuse, interference and loss, and from unauthorised access, modification, or disclosure. These steps may include:

  • access controls and user authentication
  • password protection and account management controls
  • encryption in transit and, where implemented, encryption at rest
  • firewalls, monitoring, and security logging
  • role-based access restrictions
  • backup and recovery procedures
  • staff and contractor confidentiality obligations
  • incident response and breach management processes

No method of transmission or storage is completely secure. We cannot guarantee absolute security.

10. Data breaches

If we experience a data breach involving personal information, we will assess the incident and respond in accordance with applicable law. Where the Privacy Act and the Notifiable Data Breaches scheme apply and an eligible data breach is likely to result in serious harm, affected individuals and the OAIC must be notified.

If you believe your account or personal information has been compromised, contact us immediately at ian@white-rabbit.com.au and privacy@white-rabbit.com.au.

11. Access to and correction of personal information

You may request access to personal information we hold about you, and you may request correction if you believe the information is inaccurate, out-of-date, incomplete, irrelevant, or misleading.

We will respond to such requests within a reasonable time. In some circumstances, the law permits us to refuse access or correction, in whole or in part. If that happens, we will generally provide written reasons and explain available complaint mechanisms, where required.

Requests should be sent to privacy@white-rabbit.com.au.

12. Privacy complaints

If you have a concern or complaint about how we have handled your personal information, please contact us in writing using the details below and provide enough information for us to investigate.

Privacy contact: privacy@white-rabbit.com.au
Security contact: ian@white-rabbit.com.au
Postal address: White Rabbit Australia, 182 Grafton Street, Cairns CBD QLD 4870, Australia

We will review your complaint and respond within a reasonable period.

If you are not satisfied with our response, you may be able to complain to the Office of the Australian Information Commissioner (OAIC). Australian privacy guidance expects APP entities to explain how an individual may complain and how the complaint will be handled.

13. Anonymity and pseudonymity

Where lawful and practicable, you may interact with us anonymously or using a pseudonym. However, for most cloud account, support, billing, and security functions, this will usually not be practicable because we need identifying information to provide and secure the service. The APP framework recognises anonymity and pseudonymity in appropriate cases.

14. Direct marketing

We may send service-related and administrative communications that are necessary for operating your account or providing services.

We may also send marketing or promotional communications where permitted by law. You can opt out of non-essential marketing communications at any time by using the unsubscribe function or contacting us at cloud@white-rabbit.com.au.

15. Retention and destruction

We keep personal information only for as long as reasonably necessary for the purposes for which it was collected, including service delivery, security, backup, dispute resolution, legal compliance, and record-keeping.

When personal information is no longer required, we will take reasonable steps to destroy it or de-identify it where appropriate and lawful.

16. Third-party services and user-controlled content

Our service may integrate with or rely on third-party products, hosting providers, email systems, authentication systems, or software components. Those providers may handle personal information under their own privacy terms and security controls.

Users are responsible for the legality, accuracy, and authorisation of content they upload, store, or share using the service.

17. Children

Our services are not directed to children, and we do not knowingly collect personal information from children except where provided by an authorised adult or organisation with lawful authority to do so.

18. Changes to this Privacy Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal obligations, or services. The latest version will be made available through our website or service.

19. Contact us

White Rabbit Australia
ABN 39 536 710 768
182 Grafton Street, Cairns CBD QLD 4870, Australia

General: cloud@white-rabbit.com.au
Security: ian@white-rabbit.com.au
Privacy: privacy@white-rabbit.com.au