Securitribe respects your privacy. This Privacy Policy explains how we collect, use, disclose and protect personal information when you visit our websites, use our services, contact us, or interact with our content and ads.
We are an Australian business and manage personal information in line with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). If you are in the EU, UK, California or other jurisdictions with specific data rights, the Regional Rights section applies to you as well.
This policy describes our use of cookies, analytics and tracking technologies, including Microsoft Clarity, HubSpot, LinkedIn Insight Tag, Meta Pixel and Google (Analytics, Ads and Tag Manager), with links to each provider’s documentation.
Controller: [Securitribe Pty Ltd]
ABN: [ABN]
Registered address: Level 19, 10 Eagle Street, Brisbane QLD 4000
Email: [[email protected]]
Website: https://securitribe.com
Products and services: Cybersecurity advisory and managed services.
We collect information in three ways.
Contact details when you enquire or book a meeting (name, email, phone, company, job title).
Content of messages, support requests, or forms submitted.
Billing details when you become a customer.
Device and browser information, IP address, pages viewed, referring URLs, timestamps, and basic interaction data used for security, performance and analytics.
Server logs for troubleshooting and security.
We use cookies, pixels, local storage, tags and SDKs to operate the site, measure performance, improve user experience, and run privacy‑respectful marketing. See Cookies & online tracking below for details.
Provide and improve our websites and services
Security and fraud prevention
Analytics and measurement to understand content performance and improve usability
Direct marketing by email or on third‑party platforms, where permitted and subject to your choices
Compliance with applicable laws and requests from regulators
We aim to collect only what we need and to use de‑identified or aggregated data where practical. Australian Privacy Principles govern open and transparent management of personal information, notification at or before collection, use and disclosure, security safeguards, access and correction, and cross‑border disclosures.
We use the following categories of cookies:
Strictly necessary cookies required for core functionality and security.
Performance and analytics cookies to measure use of our site and improve content.
Functional cookies to remember choices.
Advertising and social cookies to measure campaigns and show more relevant content.
You can control cookies via our Cookie banner and Preference Centre linked in the site footer [insert “Cookie settings” link]. You can also change your browser settings to block or delete cookies. The Office of the Australian Information Commissioner (OAIC) provides guidance on tracking pixels, transparency and consent expectations in Australia.
We use GA4 to understand website usage. GA4 states it does not log or store IP addresses and provides regional privacy controls. We configure data retention and, where applicable, Consent Mode.
Data retention: GA4 user‑level data in Explorations can be retained for 2 or 14 months, depending on our settings.
Consent Mode v2: We support Consent Mode. In Basic mode, no Google tags load or send data until consent; in Advanced mode, tags load with defaults set to denied and may send cookieless pings until consent is granted. We respect your selection in our banner.
We use GTM to deploy tags. Google indicates GTM may collect aggregated data about tag firing for diagnostics and does not include user IP addresses or measurement identifiers.
We use Clarity for behaviour analytics like heatmaps and session replays to help improve usability. By default Clarity masks sensitive content and does not capture input field text; you can increase masking using data-clarity-mask attributes. Microsoft documents cookies used by Clarity and how masking works.
We use HubSpot for our CRM, forms and website analytics. HubSpot sets cookies such as hubspotutk, __hstc, __hssc, and __hssrc to associate visits with our contacts when you submit forms and to track sessions. See HubSpot’s cookie documentation for names, purposes and lifespans.
We use LinkedIn’s Insight Tag for campaign measurement and website audiences. LinkedIn states it may collect URL, referrer, IP address, device and browser info, and timestamps. LinkedIn also documents cookie use and supports first‑party cookie settings.
We use the Meta Pixel to measure campaign effectiveness and build audiences. Meta provides GDPR resources and requires site owners to implement appropriate consent.
Cookie banner and Preference Centre: Use the controls in our footer to accept, reject or customise non‑essential cookies at any time.
Browser controls: You can block or delete cookies via your browser.
Platform ad settings:
Google My Ad Centre to turn off personalised ads.
LinkedIn ad settings to manage interest‑based advertising.
Meta provides resources and implementation guidance for consent and pixel use.
Email marketing: Every marketing email includes an unsubscribe link. Under the Spam Act 2003, unsubscribe requests must be actioned within five working days.
We may use your contact details for direct marketing where permitted, for example with your consent or as otherwise allowed by APP 7. You can opt out at any time by using the unsubscribe link or contacting us.
Many of our service providers store data outside Australia, including in the United States, the European Union and other countries. Before disclosing personal information overseas, we take reasonable steps to ensure recipients will handle it in accordance with the APPs as required by APP 8.
We use technical and organisational measures including access controls, encryption in transit where appropriate, logging and monitoring, and vendor due diligence. Under APP 11, we take reasonable steps to protect personal information from misuse, interference and loss, and from unauthorised access, modification or disclosure.
Customer and CRM records: retained while we have an ongoing business need and as required by law.
Analytics data: subject to provider limits and our configuration. For GA4, user‑level data in Explorations is retained for 2 or 14 months depending on settings.
Marketing preferences: kept to honour your choices.
You may request access to or correction of your personal information. Contact us at [[email protected]]. We will respond within a reasonable period.
If you are not satisfied with our response, you can lodge a complaint with the Office of the Australian Information Commissioner (OAIC). See OAIC’s contact page and complaint form.
If a data breach is likely to result in serious harm, we will assess and notify affected individuals and the OAIC in line with the Notifiable Data Breaches (NDB) scheme.
If you are in the EU or UK, our processing of your personal data may rely on the following lawful bases: consent, contract performance, legitimate interests, legal obligation and vital interests where applicable. You may have rights to access, rectification, erasure, restriction, portability and objection. Please contact us to exercise these.
If you are a California resident, you may have rights to know, delete, correct, and opt out of certain sharing for cross‑context behavioural advertising. We do not sell personal information as that term is defined by CPRA, and we honour opt‑out preferences signalled via our cookie controls.
Below are key references from the vendors we use. These links explain what data they collect and provide settings or guidance for privacy and consent:
Microsoft Clarity: Data collection and masking, cookie list, and sample privacy wording.
HubSpot: Cookies set by HubSpot on visitor browsers.
LinkedIn Insight Tag: Data collected by the tag, cookie table, and first‑party cookie setting.
Meta Pixel: GDPR guidance and policy requirements for Pixel users.
Google: GA4 privacy (no IP logging), data retention, Consent Mode, Tag Manager privacy.
Australian law and guidance: Privacy Act and APPs overview and OAIC tracking pixel guidance.
Our websites and services are not directed to children, and we do not knowingly collect personal information from children.
We may update this policy to reflect changes to our practices, technologies or legal requirements. We will post the updated version with a new “Last updated” date.
