Privacy Policy

Morrisec values the trust placed in us by those we deal with and respects their privacy. Morrisec is committed to protecting your privacy and complying with the Privacy Act 1988 (Cth) (Privacy Act) and other applicable privacy laws and regulations.

This Privacy Policy (Policy) describes how we collect, hold, use and disclose your personal information, and
how we maintain the quality and security of your personal information.

What is Personal Information

“Personal information” means any information or opinion, whether true or not, and whether recorded in a material form or not, about an identified individual or an individual who is reasonably identifiable. In general terms, this includes information or an opinion that personally identifies you either directly (e.g. your name) or indirectly.

What Personal Information Do We Collect?

The personal information we collect about you depends on the nature of your dealings with us or what you choose to share with us.

The personal information we collect about you may include:

  • Name
  • Email address
  • Phone number

You do not have to provide us with your personal information. Where possible, we will give you the option to interact with us anonymously or by using a pseudonym. However, if you choose to deal with us in this way or choose not to provide us with your personal information, we may not be able to provide you with our services or otherwise interact with you.

What Information is Collected By MRP

The Morrisec Risk Platform (MRP) is a self-contained Power Platform solution that is installed and resides within your Microsoft 365 tenancy. As such, Morrisec has no access to your MRP instance nor any data held within your MRP instance.

Any information collected in relation to MRP usage is via MRP licensing agreements and is addressed below.

How Do We Collect Your Personal Information?

We collect your personal information directly from you when you:

  • Interact with us over the phone
  • Interact with us in person
  • Interact with us online
  • Enter into a licensing agreement for the Morrisec Risk Platform (MRP)
  • Participate in surveys or questionnaires
  • Attend a Morrisec event
  • Subscribe to our mailing list
  • Apply for a position with us as an employee, contractor or volunteer

Collecting Personal Information From Third Parties

We may also collect your personal information from third parties or through publicly available sources, for example when performing open-source intelligence as part of our threat intelligence services. We collect your personal information from these third parties to effectively deliver services that require this information.

How Do We Use Your Personal Information?

We use personal information for many purposes in connection with our functions and activities, including the following purposes:

  • Provide you with information or services that you request from us
  • Deliver to you a more personalised experience and service offering
  • Improve the quality of the services we offer
  • Internal administrative purposes
  • Marketing and research purposes

Disclosure of Personal Information to Third Parties

We may disclose your personal information to third parties in accordance with this Policy in circumstances where you would reasonably expect us to disclose your information. For example, we may disclose your personal information where required or authorised by law.

Transfer of Personal Information Overseas

We do not disclose any personal information to overseas third parties.

How Do We Protect Your Personal Information?

Morrisec will take reasonable steps to ensure that the personal information that we hold about you is kept confidential and secure, including by:

  • Having robust physical security of our premises
  • Taking measures to restrict access to only personnel who need that personal information to effectively provide services to you
  • Having technological measures in place, such as anti-malware software and multi-factor authentication

Online Activity

The Morrisec website uses cookies. A cookie is a small file of letters and numbers the website puts on your device if you allow it. These cookies recognise when your device has visited our website before, so we can distinguish you from other users of the website. This improves your experience and the Morrisec website.

We do not use cookies to identify you, just to improve your experience on our website. If you do not wish to use the cookies, you can amend the settings on your internet browser so it will not automatically download cookies. However, if you remove or block cookies on your computer, please be aware that your browsing experience and our website’s functionality may be affected.

Our website uses Google Analytics to help us better understand visitor traffic, so we can improve our services. Although this data is mostly anonymous, it is possible that under certain circumstances, we may connect it to you.

We may send you direct marketing communications and information about our services, opportunities, or events that we consider may be of interest to you if you have requested or consented to receive such communications. These communications may be sent in various forms, including mail and email, in accordance with applicable marketing laws, such as the Australian Spam Act 2003 (Cth). You consent to us sending you those direct marketing communications by any of those methods. If you indicate a preference for a method of communication, we will endeavour to use that method whenever practical to do so.

You may opt-out of receiving marketing communications from us at any time by following the instructions to “unsubscribe” set out in the relevant communication, or by contacting us using the details set out in the “How to Contact Us” section below.

Retention of Personal Information

We will not keep your personal information for longer than we need to. In most cases, this means that we will only retain your personal information for the duration of your relationship with us unless we are required to retain your personal information to comply with applicable laws, for example, record-keeping obligations.

How to Access and Correct Your Personal Information

Morrisec will endeavour to keep your personal information accurate, complete and up to date. If you wish to make a request to access and/or correct the personal information we hold about you, you should make a request by contacting us and we will usually respond within three (3) days. We will deal with such a request by following the procedure outlined below:

  • Contact you directly to confirm your identity
  • If requested, provide the information we hold about you verbally or via email
  • If you are requesting to have your information updated, record new information from you and update the required records

Links to Third Party Sites

The Morrisec website may contain links to websites operated by third parties. If you access a third party website through our website, personal information may be collected by that third party website. We make no representations or warranties in relation to the privacy practices of any third party provider or website and we are not responsible for the privacy policies or the content of any third party provider or website. Third party providers / websites are responsible for informing you about their own privacy practices and we encourage you to read their privacy policies.

Inquiries and Complaints

For complaints about how Morrisec handles, processes or manages your personal information, please contact privacy@morrisec.com.au. Note we may require proof of your identity and full details of your request before we can process your complaint.

Please allow up to five (5) working days for Morrisec to respond to your complaint. It will not always be possible to resolve a complaint to everyone’s satisfaction. If you are not satisfied with Morrisec’s response to a complaint, you have the right to contact the Office of the Australian Information Commissioner (at www.oaic.gov.au) to lodge a complaint.

How to Contact Us

If you have a question or concern in relation to our handling of your personal information or this Policy, you can contact us for assistance as follows: