top of page
Grey Brick Wall

Terms & Conditions

Dark-Background

Cornerstone Group Investments Pty Ltd trading as Cornerstone Cyber
ABN: 57613786075 | ACN: 613786075

Purpose

Cornerstone Group Investments Pty Ltd trading as Cornerstone Cyber (referred to as “Cornerstone Cyber”, “we”, “us” or “our”) is committed to protecting the privacy of all individuals whose personal information we collect, use, disclose, and store. This Privacy Policy outlines how we manage personal information in accordance with the Privacy Act 1988 (Cth), including the Australian Privacy Principles (APPs), and applicable Queensland legislation.

This Policy applies to all personal information collected by Cornerstone Cyber in the course of its operations as a provider of cyber security and IT services within Australia.

Collection of Personal Information

We collect only personal information that is necessary for our business activities, functions, and regulatory obligations. Personal information collected may include, but is not limited to:

  • Full name and contact details (email address, telephone number)

  • Employment details and professional affiliations

  • Information relating to services requested or provided

  • IP address, browser information, and website usage data

  • Billing, payment, and transactional records

  • Any other information provided to us by clients, suppliers, or users of our services

We collect personal information directly from individuals wherever possible. In some cases, we may also collect information from publicly available sources, third parties, or authorised representatives.

We do not collect sensitive information unless it is necessary for our business functions and you have consented, or we are otherwise authorised or required by law to do so.

Use of Personal Information

Cornerstone Cyber will only use personal information for the primary purpose for which it was collected or for secondary purposes where:

  • You have provided consent;

  • You would reasonably expect us to use or disclose the information for that purpose; or

  • The use or disclosure is otherwise authorised or required by law.

The primary purposes for which we use personal information include:

  • Delivering our cyber security and IT services

  • Responding to enquiries and service requests

  • Conducting identity verification and due diligence

  • Communicating with clients, stakeholders, and business contacts

  • Providing updates, newsletters, and marketing communications (where consented)

  • Complying with legal and regulatory obligations

Disclosure of Personal Information

We may disclose personal information to third parties, including but not limited to:

  • Contractors and service providers assisting us in business operations

  • Professional advisors including legal, accounting, and IT consultants

  • Regulatory bodies, law enforcement agencies, and government authorities, as required by law

  • Entities engaged by us to provide cloud hosting, data storage, software, and communication platforms

  • Any party with your consent or at your direction

All third parties to whom we disclose personal information are required to comply with Australian privacy laws or equivalent standards and maintain the confidentiality and security of such information.

Security of Personal Information

We take reasonable steps to ensure the security of all personal information we collect. This includes protection against misuse, interference, unauthorised access, modification, or disclosure. Our security measures include:

  • Secure servers and data centres

  • Access controls and authentication processes

  • Data encryption and secure communication protocols

  • Regular system monitoring and security audits

  • Staff training on privacy and confidentiality obligations

We retain personal information only for as long as necessary to fulfil the purposes for which it was collected or as otherwise required by law. When personal information is no longer required, we take reasonable steps to destroy or de-identify it securely.

Access and Correction

You have the right to request access to personal information we hold about you, and to request correction if you believe the information is inaccurate, incomplete, or out of date.

To make a request, please contact us via the details provided below. We may require proof of identity before releasing any personal information. In certain circumstances, we may lawfully refuse access, in which case we will provide written reasons.

Marketing and Communications

Where you have consented, we may use your personal information to provide you with information about our services, industry updates, or promotional material. You may withdraw your consent or opt out of marketing communications at any time by contacting us directly or using the unsubscribe function included in our emails.

We will not use sensitive information for direct marketing without your explicit consent.

Website Usage and Cookies

Our website may collect information through the use of cookies and similar technologies to improve functionality, monitor usage, and enhance your experience. Cookies may also be used for security and analytics purposes.

You can manage your cookie preferences through your browser settings; however, disabling cookies may affect website functionality.

Overseas Disclosure

In the course of our operations, personal information may be disclosed to or stored with third-party service providers located outside of Australia, including providers of cloud services and data hosting.

We take reasonable steps to ensure that such overseas recipients handle personal information in a manner consistent with the Australian Privacy Principles and our contractual obligations. By engaging with us, you consent to such overseas disclosures.

Complaints and Enquiries

If you have any concerns or complaints about our handling of your personal information, or if you wish to make an access or correction request, please contact our Privacy Officer at:

Email: info@cornerstonecyber.com.au

We take all complaints seriously and will respond to your enquiry promptly, in accordance with applicable laws. If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner (OAIC).

Changes to this Policy

We may amend this Privacy Policy from time to time. Any changes will be published on our website and will be effective from the date of publication. We recommend that you review this Privacy Policy periodically to stay informed of how we manage your personal information.

bottom of page