Transparency by default

Information Security Statement

SolidCo Pty Ltd
ABN 41 680 244 446

Information Security Statement

Version 1.0

1. Our Commitment

SolidCo Pty Ltd (“SolidCo”, “we”, “our” or “us”) takes the security of personal information and client data seriously. We maintain appropriate technical and organisational measures designed to protect data against unauthorised access, disclosure, alteration and loss. This statement provides an overview of those measures. It is not exhaustive and may evolve as our services and the threat landscape change.

2. Governance

Security is managed as part of our day-to-day operations. We aim to apply recognised good practice, keep our policies current, and assign clear responsibility for security matters within the business.

3. Encryption

4. Access Control & Authentication

5. Infrastructure & Hosting

We host services with reputable cloud infrastructure and security providers that maintain robust physical and environmental security and recognised industry certifications. Our current providers are listed in our Subprocessor Policy.

6. Network & Application Security

7. Monitoring & Logging

Relevant systems generate logs to support monitoring, troubleshooting and the detection of suspicious activity. Logs are retained for a reasonable period in line with operational needs.

8. Vulnerability & Patch Management

We keep software and dependencies up to date and apply security patches in a timely, risk-based manner. We monitor for known vulnerabilities affecting the technologies we use.

9. Backups & Continuity

10. Incident Response

We maintain procedures to identify, contain, assess and respond to security incidents and personal data breaches. Where a breach affects client personal data, we will notify affected clients in line with our obligations. Further detail is set out in our Compliance & Data page.

11. Personnel Security

Our personnel are subject to confidentiality obligations and receive guidance on handling data securely. Access to data is limited to those who need it to perform their role.

12. Subprocessor Security

We perform reasonable due diligence on subprocessors and require them to maintain appropriate security measures. Each subprocessor remains independently responsible for the security of its own systems. See our Subprocessor Policy for more information.

13. Responsible Disclosure

If you believe you have found a security vulnerability affecting SolidCo or a service we operate, please contact us so we can investigate. We appreciate responsible disclosure and will work to address confirmed issues promptly.

14. Contact

Privacy Officer
SolidCo Pty Ltd
ABN 41 680 244 446

Contact Us →


Related Documents