Security Policy

    1.    Purpose

Spectrum Networks Pty Ltd (“Spectrum Networks”, “we”, “our”, or “us”) is committed to protecting the privacy and confidentiality of all information we hold about our customers, suppliers, and partners.

This Privacy and Data Handling Policy explains how we collect, use, store, disclose, and manage information in compliance with the Privacy Act 1988 (Cth), the Australian Privacy Principles (APPs), and relevant obligations under the Telecommunications Act 1997, Telecommunications (Interception and Access) Act 1979, and Data Retention Act 2015.

    2.    Scope

This policy applies to:

• All personal and business information collected in the course of our operations

• All data stored or processed by Spectrum Networks

• All services delivered or supported by Spectrum Networks, including internet, hosting, and managed network services

    3.    Collection of Information

We only collect information necessary for our business activities and service delivery. This may include:

• Company details (company name, address, and Australian Business Number)

• Contact details (name, email address, and phone number of relevant contacts)

• Account and billing information

• Technical and network information (IP addresses, traffic data, and service logs)

• Financial information required for establishing credit accounts and performing credit checks

• Support and correspondence records (emails, tickets, and call logs)

We collect this information directly from customers or their authorised representatives through order forms, phone calls, email, and other normal business interactions.

    4.    Use of Information

Spectrum Networks uses collected information for purposes including:

• Provision, billing, and administration of telecommunications and network services

• Conducting credit assessments and verifying financial suitability

• Maintaining service integrity, quality, and network security

• Meeting our legal and regulatory obligations

• Communicating service updates, technical notices, and operational information

We do not use information for unrelated marketing purposes without consent.

    5.    Disclosure of Information

Spectrum Networks does not sell, rent, or trade information to third parties. We may disclose information when necessary to:

• Credit reporting agencies and financial institutions to assess account applications

• Trusted suppliers and contractors directly involved in delivering our services

• Other telecommunications carriers or network operators for interconnection or fault resolution

• Government agencies, regulators, or law enforcement where required under Australian law (including lawful interception and data retention requests)

All third parties are required to handle information securely and in accordance with this policy.

    6.    Data Storage and Security

We take data protection seriously and implement strong security measures, including:

• Secure Australian-based data centres and redundant storage systems

• Encryption of sensitive information and secure access controls

• Regular security audits, monitoring, and incident response procedures

• Restricted internal access based on role and necessity

• Secure destruction or de-identification of information once it is no longer required

These controls are designed to protect against unauthorised access, alteration, loss, or disclosure.

    7.    Data Retention and Compliance with the Data Retention Act 2015

Spectrum Networks retains certain telecommunications data as required under the Telecommunications (Interception and Access) Amendment (Data Retention) Act 2015.

This includes limited metadata such as:

• Subscriber and account identifiers

• Source and destination of communications

• Connection time, duration, and location details

• Assigned IP addresses

Content of communications is not retained. All retained data is stored securely within Australia and made available only to authorised law enforcement and regulatory bodies upon lawful request. Data not subject to retention obligations is securely deleted or anonymised once no longer required.

    8.    Access and Correction

Customers may request access to, or correction of, the information we hold by contacting privacy@spectrum.com.au.

We will respond to such requests within a reasonable timeframe and in accordance with the Privacy Act 1988. Verification of identity or authority may be required before information is released or altered.

    9.    Financial Information and Credit Assessment

Spectrum Networks may collect and store financial information, including trade references and payment history, for the purpose of:

• Assessing new customer credit applications

• Managing billing and account status

• Complying with financial and record-keeping obligations

This information is handled with strict confidentiality and is not disclosed beyond what is necessary for legitimate credit assessment or recovery processes.

    10.    Data Retention Periods

Information is retained for as long as necessary to fulfil its original purpose or as required by law. Retention periods are governed by:

• The Privacy Act 1988

• The Telecommunications Act 1997

• The Data Retention Act 2015

When information is no longer needed, it is securely deleted or destroyed using approved data sanitisation methods.

    11.    Complaints and Enquiries

If you believe your privacy has been compromised, please contact our Privacy Officer at privacy@spectrum.com.au.

We will investigate and respond promptly. If you are not satisfied with our response, you may escalate the matter to the Office of the Australian Information Commissioner (OAIC) at https://www.oaic.gov.au.

    12.    Policy Review

This policy is reviewed periodically to ensure ongoing compliance with Australian privacy and telecommunications laws. The current version is always available at http://www.spectrum.com.au.

    13.    Summary

Spectrum Networks is committed to protecting the privacy, confidentiality, and security of all customer and business information. We handle all data responsibly, lawfully, and transparently in accordance with Australian legislation and industry best practice.