VRISA PTY LTD
Effective Date: 01 Jan 2025
Last Updated: 08 Oct 2025
VRISA PTY LTD (“VRISA”, “we”, “our”, “us”) is an Australian technology company based in Melbourne, providing Software-as-a-Service (SaaS) products and IT consulting services.
We are committed to protecting your privacy and handling personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).
This Privacy Policy explains how we collect, use, disclose, and safeguard personal information in connection with our SaaS platforms, consulting engagements, websites, and related services.
This policy applies to all personal information collected by VRISA in Australia or from individuals outside Australia whose data we manage in connection with our services, including:
Customers, users, and subscribers of our SaaS products;
Clients and their employees during consulting engagements;
Visitors to our website and online services;
Job applicants, suppliers, and partners.
Depending on the service, we may collect the following types of information:
Name, company name, position, business address, email, phone number, and similar identifiers.
Login credentials, billing details, subscription preferences, usage data, and metadata related to SaaS account activities.
Data or documents provided by clients during consulting work, which may include personal or business information about their customers, employees, or systems.
Device information, IP addresses, browser type, log files, cookies, API usage, diagnostic logs, and analytics data to improve our products and user experience.
Payment details, billing history, invoices, and transaction confirmations (processed securely through third-party payment providers).
Resumes, background information, and references if you apply for a role with us.
We do not intentionally collect sensitive information (e.g. health, ethnicity, political opinions), unless it is necessary for a lawful purpose and you have consented.
We collect information:
Directly from you when you register for or use our SaaS platforms;
When you contact us, request demos, subscribe to updates, or submit forms;
Through cookies, analytics tools, and usage tracking within our SaaS systems;
From clients during consulting engagements;
From third parties such as partners, service providers, or publicly available sources.
If we receive unsolicited personal information, we will assess whether we could have lawfully collected it; if not, we will delete or de-identify it.
We collect, hold, and use personal information to:
Provide, operate, and improve our SaaS services and consulting solutions;
Manage user accounts, authentication, and technical support;
Process payments and issue invoices;
Communicate with customers and users about service updates, security, and product improvements;
Conduct research, analytics, and reporting to enhance our offerings;
Fulfil contractual or legal obligations;
Recruit and manage employees and contractors;
Send marketing or promotional material (with your consent, or where permitted by law);
Detect, investigate, and prevent fraud, misuse, or security threats.
We may disclose personal information to:
Our employees, contractors, and service providers who assist in delivering SaaS or consulting services;
Cloud hosting providers, IT support, and software vendors (e.g. AWS, Microsoft Azure, Google Cloud);
Payment processors and financial institutions;
Professional advisors (lawyers, accountants, auditors);
Government authorities or regulators, as required by law;
Our clients (where you are their employee or user of their SaaS account);
Other third parties you authorise or where disclosure is otherwise lawful.
Where disclosure involves overseas parties, we take reasonable steps to ensure those parties comply with privacy standards equivalent to the APPs (APP 8).
As a SaaS company, we may store and process data in cloud infrastructure hosted in Australia or other countries.
Typical hosting or processing locations may include Australia, Singapore, the United States, and the European Union, depending on your service configuration.
We take steps to ensure that any overseas recipients comply with the APPs or equivalent protections, including through contractual terms and due-diligence reviews.
We use industry-standard security practices to protect personal and client data, including:
Encryption at rest and in transit;
Access control, multi-factor authentication, and logging;
Regular vulnerability testing and monitoring;
Segregation of client environments and data;
Secure development lifecycle (SDLC) and code review processes;
Employee confidentiality agreements and security training.
If a data breach occurs that is likely to cause serious harm, we will promptly assess and, if required, notify affected individuals and the Office of the Australian Information Commissioner (OAIC) in accordance with the Notifiable Data Breaches (NDB) scheme.
We retain personal information only for as long as necessary to fulfil the purposes for which it was collected, or as required by law or contract.
After this period, data will be securely deleted or de-identified.
Clients may request deletion of their SaaS account data at any time, subject to legal and backup requirements.
We may send you product updates, newsletters, or marketing material related to our services.
You may opt out at any time by using the unsubscribe link or contacting us at privacy@VRISA.com.au.
We will not sell or rent your personal information to third parties for marketing.
You have the right to request access to or correction of the personal information we hold about you.
Please contact us in writing, and we will respond within a reasonable period.
We may verify your identity before processing your request.
If we decline to provide access or correction, we will explain the reason and inform you of your rights to lodge a complaint.
Where it is lawful and practicable, you may choose to interact with us anonymously or using a pseudonym.
However, in most cases (e.g. SaaS accounts, support, billing) we need identifiable information to provide our services.
Our websites and SaaS platforms may use cookies and similar technologies to:
Recognise users and maintain sessions;
Collect usage statistics and performance metrics;
Personalise content and features.
You may disable cookies through your browser settings, but some features may not function properly.
We may use tools such as Google Analytics to analyse aggregate usage trends; these tools may store data outside Australia. Data is anonymised or pseudonymizsed wherever possible.
If you have questions or concerns about how we handle your personal information, or wish to make a complaint, please contact:
Privacy Officer
VRISA PTY LTD
Address: Melbourne, Australia
Email: privacy@VRISA.com.au
We will acknowledge your complaint within a reasonable time and aim to resolve it within 30 days.
If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner (OAIC):
Website: https://www.oaic.gov.au
Email: enquiries@oaic.gov.au
Phone: 1300 363 992
We may revise this Privacy Policy from time to time. The latest version will always be available on our website.
Material changes will be communicated to our users or clients when appropriate.
Personal Information: Information about an identified individual, or an individual who is reasonably identifiable.
SaaS (Software-as-a-Service): Cloud-based software products or platforms operated by VRISA.
Client Data: Data provided or uploaded by customers or end users into our SaaS systems or consulting deliverables.
Sensitive Information: Includes health data, racial or ethnic origin, religious beliefs, sexual orientation, and similar categories requiring higher protection.