Trust & Security Center

Your data privacy and security are fundamental to our mission. Learn how we protect your information and maintain Australian data sovereignty.

Australian Data Residency

All data is processed and stored exclusively within Australia using Australian-owned infrastructure. No data crosses international borders.

✓ 100% Australian Hosted

Automatic Data Deletion

Personal information and report data are automatically deleted after 90 days. No long-term storage or profiling.

✓ 90-Day Auto-Delete

No Third-Party Sharing

We don't sell, share, or distribute your information to third parties. Your data is used solely for generating your requested reports.

✓ Zero Third-Party Sharing

Encryption & Security

End-to-end encryption for data transmission and AES-256 encryption at rest. Multi-factor authentication for all system access.

✓ Enterprise-Grade Encryption

Data Collection & Processing

What We Collect

  • • Company name and industry (for report personalization)
  • • Contact email address (for report delivery)
  • • Technology stack information (tools, costs, usage)
  • • Organizational priorities and preferences
  • • Basic technical metadata (timestamps, IP addresses for security)

How We Use Your Data

  • • Generate personalized sovereignty and margin analysis reports
  • • Calculate cost savings and migration recommendations
  • • Provide sovereign alternative suggestions based on your stack
  • • Deliver reports via email and store temporarily for download
  • • Aggregate anonymous statistics to improve our service (optional)

What We Don't Do

  • • Store data beyond 90 days without explicit consent
  • • Share information with vendors, partners, or advertisers
  • • Use your data for marketing or promotional purposes
  • • Cross-reference your data with external databases
  • • Process data outside of Australia

Compliance & Certifications

✓ Compliant
Privacy Act 1988 (Australia)
✓ Compliant
Australian Consumer Law
✓ Aligned
OAIC Privacy Guidelines
✓ Following
ISM Security Controls
In Progress
ISO 27001 Certification
Planned
SOC 2 Type II
Planned
IRAP Assessment

Compliance Roadmap

We're actively working towards formal certifications to support enterprise and government customers. Current compliance measures exceed requirements for most commercial use cases.

Infrastructure & Security

Data Storage

  • Location: Sydney, Australia (AWS ap-southeast-2)
  • Backup: Melbourne, Australia (secondary region)
  • Encryption: AES-256 at rest, TLS 1.3 in transit
  • Access: Role-based with MFA requirement

Application Security

  • Authentication: Multi-factor required
  • Network: VPC with private subnets
  • Monitoring: 24/7 security event logging
  • Updates: Automated security patches

Sovereign Infrastructure

Our infrastructure is hosted exclusively with Australian providers using Australian-owned facilities. This ensures your data remains subject only to Australian law and jurisdiction.

Your Rights & Controls

Access & Correction

Request access to your personal information or corrections to inaccurate data at any time.

Data Deletion

Request immediate deletion of your data before the automatic 90-day deletion period.

Data Portability

Receive a copy of your data in a structured, machine-readable format.

Complaint Resolution

Lodge complaints with our privacy officer or the Office of the Australian Information Commissioner (OAIC).

Legal Documents

Privacy Policy

Comprehensive privacy practices

Terms of Service

Platform usage terms

DPA Template

Data Processing Agreement

Security Disclosure

Vulnerability reporting process

Questions or Concerns?

Our privacy officer is available to address any questions about our data practices, your rights, or to process any requests you may have.

Privacy Officer: privacy@twnsystems.com

General Inquiries: info@twnsystems.com

Security Issues: security@twnsystems.com