IIS Partners Privacy Policy

This privacy policy was last updated in June 2026.

What this policy covers

This Privacy Policy tells you how IIS Partners (Information Integrity Solutions Pty Ltd (IIS)) handles personal information. It includes our website www.iispartners.com.

Personal information is any information or opinion about you in which you are identified, or from which you are reasonably identifiable.

The Privacy Act applies to IIS

IIS has a deep commitment to privacy. Even though many small businesses are exempt from complying with the Privacy Act 1988 (Cth), we formally opted in September 2006 to be covered by the Privacy Act in all of our activities. We also seek to exceed the requirements of other law that protects personal information such as the Spam Act 2003 (Cth) and the Do Not Call Register Act 2006 (Cth).

Why we collect personal information

We don’t collect much personal information, but when we do, we use it to provide services to you and to help us to carry out our business.

How we collect your personal information

The main ways we collect your personal information are:

  • When you give it directly to us, for example when you contact us via the website, send us email, subscribe to receive IIS communications, exchange business cards with us, or apply for employment

  • In the course of discharging any commercial arrangements between IIS and you or your organisation

  • Indirectly in the course of normal business, for example, when a third party gives us information about you, or we seek information about you from a third party. We might do this if we are finding people to invite to an event or to offer a service.

Personal information that we collect or hold

We collect minimal types of personal information and we do not collect sensitive information (including health information). We collect and hold the following kinds of personal information:

  • Information relevant to your business interactions with us such as your name and position, email address, phone number, business postal and street address, and information about our interactions

  • The fact that you receive our newsletter and information about your interactions with the newsletter such as the fact that you opened the newsletter and that you clicked the link inside it.

How we use or share personal information

We only use or share personal information to:

  • Provide the agreed service to a client, including when using Microsoft Teams recording functionality with participant consent.

  • Send email newsletters to people we have been in contact with and who have not opted out of receiving it.

  • Put an organisation hosting privacy-related meetings in touch with people we know might be interested.

We don’t use or share your personal information for any other purpose without your permission, unless the law requires it.

We don’t use Microsoft Copilot or any other artificial intelligence (AI) tool to make automated decisions about individuals.

Subcontactors

If we share personal information with a subcontractor to help us with our work, we make them sign a confidentiality agreement and enter into a contractual agreement to keep the information private and secure. We check from time to time that they have complied with their agreement.

Our internal functions and activities

We handle personal information in the following primary ways as part of our internal functions and activities.

Work tools – Microsoft 365

We use Microsoft 365 to conduct our work, which includes handling documents and correspondence that contain personal information. We only use the following products and services: Exchange, OneDrive, SharePoint, Teams, Planner, Office, Copilot, Entra ID, Defender, Intune, and Purview Data Loss Prevention.

We have set up reasonable security safeguards including real-time protection against viruses, malware, ransomware, and phishing attacks across devices, multi-factor authentication (MFA), end-to-end encryption, and unified endpoint management (UEM) to control user access to data across mobile devices, desktop computers, and virtual endpoints, and to promptly applying patches to applications and devices.

As an Australian consultancy servicing primarily Australian clients, we have designed our use of Microsoft 365 to support Australian data sovereignty expectations. This includes storing Microsoft 365 customer data in Australia to align with Commonwealth, state and territory privacy and information‑handling requirements.

Microsoft’s Trust Center has further information.

Marketing emails and newsletter

We use Mailchimp, an organisation based in the USA, to manage our email newsletter campaigns. When you subscribe to receive communications from us, Mailchimp collects your email and the IP address and location from which you opted in.

You may opt out of our communications and also ask us to delete your subscriber profile from the mailing list.

Mailchimp logs both individualised and aggregate information on how many subscribers open a message or click the links inside. We use this information to evaluate and improve the effectiveness of our communications.

Mailchimp’s full privacy policy has further information.

IIS website analytic, session and cookie tools

The IIS website uses Google Analytics, a web analytics service provided by Google Inc. (Google). Google Analytics uses cookies and JavaScript to collect website traffic data. The following information is transmitted to and stored on Google’s servers for analysis:

  • The time the current visit occurred

  • Whether the visitor has been to the site before

  • What site referred the visitor to the web page

  • The visitor’s IP address.

IIS uses the statistics provided by Google Analytics to evaluate the effectiveness of our website and improve its functionality. We do not install any other cookies, local shared objects or other web bugs to research the habits of individual visitors.

You can opt out of Google Analytics by visiting here.

Your right to access and delete personal information we hold about you

You may ask us for access to personal information we hold about you. Please tell us whether you would like access to all or just a particular part of your personal information. We will respond to you within a reasonable time, which generally will be within five working days.

In line with our commitment to protect your privacy, we may ask you to verify your request.

You may ask us to delete personal information we hold about you and your organisation and we will take reasonable steps to do so.

Accuracy of personal information

We take reasonable steps to ensure that the personal information we hold is accurate, up-to-date and complete. This includes:

  • Recording information in a consistent format

  • Confirming the accuracy of information we collect from a third party

  • Periodically checking and updating our contact lists.

If you think that personal information we hold about you is inaccurate, please contact us at inquiries@iispartners.com and we will correct any identified inaccuracies or let you know why we cannot do so.

Complaints and inquiries

If you have a complaint about the way we have treated your personal information, please contact us and we will respond as soon as possible to resolve the issue. We also welcome any questions and comments you may have about our privacy practices.

Email: inquiries@iispartners.com

Telephone: +61 2 8303 2438

Write to: Information Integrity Solutions Pty Ltd, PO Box 978, Strawberry Hills NSW 2012 Australia

We will:

  • Acknowledge your complaint within a reasonable period

  • Take reasonable steps to investigate and respond to your complaint, typically within 30 days of receiving it

  • Notify you of the outcome of our investigation and any actions we will take in response.

If you are not satisfied with our response you can lodge a complaint to the Office of the Australian Information Commissioner.