Lateral Cyber logo
Privacy

Privacy Policy.

This Privacy Policy explains how Lateral Cyber collects, uses, stores and protects information when you contact us, use this website or engage our services.

Last updated: 28 May 2026

Business: Lateral Cyber. When the business registration details are finalised, this page should be updated to include the legal entity name and ABN.

Contact: hello@lateralcyber.com

1. Our approach to privacy

Lateral Cyber takes privacy and confidentiality seriously. We aim to collect only the information we reasonably need to respond to enquiries, provide services, operate the business, meet legal obligations and protect our rights and systems.

Even where we are not legally required to comply with all parts of the Australian Privacy Principles, we aim to handle personal information in a careful, transparent and security conscious way.

2. Information we may collect

Depending on how you interact with us, we may collect:

  • name, role, business name and contact details
  • email messages, enquiry details and booking information
  • billing, proposal and payment related information
  • information about your organisation’s cyber security environment that you choose to provide
  • system and security information needed for an agreed review, such as user lists, admin settings, access settings, audit logs, device information, domain records, email authentication settings, screenshots and configuration details
  • technical website information such as IP address, browser type, device information, pages visited and basic server logs
  • any other information you provide to us directly.

We do not ask you to send passwords. You should not send passwords, recovery codes, secret keys or full credentials by email or website enquiry. If we receive unnecessary sensitive information, we may delete it or ask you to resend information in a safer way.

3. Sensitive information

Cyber security work can sometimes involve information that is sensitive or confidential, including staff names, business records, incident details or access information. We will only collect sensitive information where it is reasonably necessary for an agreed purpose, where you have provided it to us, where you have consented, or where collection is otherwise permitted or required by law.

4. How we collect information

We may collect information directly from you when you email us, call us, complete an enquiry, book a service, provide documents, share access, attend a meeting or otherwise communicate with us.

We may also collect information from your authorised representatives, your staff, your service providers, publicly available sources, domain and website records, cloud admin consoles or security tools where this is part of the agreed service scope.

5. How we use information

We may use information to:

  • respond to enquiries and provide quotes or proposals
  • deliver cyber reviews, reports, recommendations and related services
  • communicate with you about services, findings and next steps
  • manage client records, billing, administration and business operations
  • maintain security, investigate suspected misuse and protect our systems
  • comply with legal, insurance, accounting, tax and regulatory obligations
  • improve our services, templates, processes and website.

6. Disclosure of information

We may disclose information where reasonably necessary to:

  • service providers that help us operate the business, such as email, cloud hosting, storage, accounting, scheduling, document and website providers
  • professional advisers, including legal, accounting, insurance or compliance advisers
  • law enforcement, regulators, courts or government bodies where required or permitted by law
  • another party with your consent or at your direction.

We do not sell personal information.

7. Overseas disclosure and cloud providers

We may use reputable cloud based services to run the business and deliver services. These providers may store or process information in Australia, the United States or other countries where their infrastructure, support teams or subprocessors operate.

Where practical, we choose providers with appropriate security features and access controls. However, by using our website or engaging us, you acknowledge that some information may be processed outside Australia by cloud service providers.

8. Security of information

We take reasonable steps to protect information from misuse, interference, loss, unauthorised access, modification and disclosure. These steps may include access controls, multi factor authentication, secure storage, encryption where appropriate, least privilege access, password management practices and careful handling of client materials.

No method of transmission or storage is completely secure. You are responsible for using secure methods when sending confidential or sensitive material to us.

9. Retention and deletion

We keep information for as long as reasonably needed for the purpose it was collected, for business records, to resolve disputes, to comply with legal, tax, accounting or insurance obligations, or to protect our legal rights.

When information is no longer required, we will take reasonable steps to delete, de identify or securely archive it, subject to lawful retention requirements and backup limitations.

10. Access and correction

You may request access to personal information we hold about you or ask us to correct information you believe is inaccurate, out of date, incomplete, irrelevant or misleading.

To make a request, contact hello@lateralcyber.com. We may need to verify your identity before responding. In some cases, we may refuse access or correction where permitted by law.

11. Privacy complaints

If you have a privacy concern, please contact us first at hello@lateralcyber.com with details of the issue. We will aim to respond within a reasonable time.

If you are not satisfied with our response and the Privacy Act applies, you may be able to contact the Office of the Australian Information Commissioner.

12. Website analytics and cookies

Our website may use basic technical logs and cookies or similar technologies for security, performance and website functionality. If we add analytics, advertising pixels or marketing tracking in the future, this policy should be updated to describe those tools.

13. Third party links

This website may link to third party websites or services. We are not responsible for the privacy practices, content or security of third party websites.

14. Changes to this policy

We may update this Privacy Policy from time to time. The updated version will be posted on this website with the updated date.