Privacy Policy

Last updated: June 2026

MiiiA Pty Ltd (ABN 87 119 486 118), referred to as “MiiiA”, “we”, “us” or “our”, respects your privacy.

This Privacy Policy explains how we collect and handle personal information through our website and general business enquiries. Our website is primarily an information website. We do not sell products through the website, take online payments, operate a public SaaS platform, or host customer data through the website.

The main way we collect personal information through the website is when you choose to submit it to us, for example by completing our Contact Us form or contacting us by email or phone.

Where we provide consulting, support, implementation or related services to a customer, our handling of customer systems, customer data and project information is governed by the relevant Service Agreement, Statement of Work, Master Services Agreement or other contract with that customer.

Where the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs) apply to us, we handle personal information in accordance with those requirements. We also use the APPs as a practical standard for how we manage personal information. You can read more about the APPs on the Office of the Australian Information Commissioner (OAIC) website.

The short version

  • We collect limited personal information through the website, mainly information you choose to provide when you contact us.
  • We don’t sell your personal information.
  • We do not sell products through the website, take online payments, or operate a public SaaS platform through the website.
  • We use trusted service providers to operate our website, protect our forms from spam and manage business communications.
  • Customer project work, support services and access to customer systems are governed by the relevant customer agreement, not this website Privacy Policy alone.
  • You can contact us to ask about, access or correct personal information we hold about you.

The rest of this policy sets out the detail.

What personal information we collect

The personal information we collect depends on how you interact with us. For website visitors and general enquiries, it may include:

  • Contact details, such as your name, organisation, job title, email address and phone number.
  • Enquiry information, such as the details you include in a Contact Us form, email or phone enquiry.
  • Technical information, such as your IP address, browser type, device information and website usage information collected through our website security and analytics tools.

We do not collect payment information through the website.

Where we provide services to a customer organisation, we may access or process information in that customer’s systems as part of delivering those services. That work is governed by the relevant customer agreement.

How we collect it

We collect personal information:

  • Directly from you - when you contact us, complete a form on our website, subscribe to our updates, engage us for services, or communicate with us by email or phone.
  • Automatically - through cookies and similar technologies when you use our website.
  • From third parties - for example from our clients in the course of an engagement, or from publicly available sources, where it is reasonable to do so and permitted by law.

If you provide us with personal information about another person, please ensure you are authorised to do so and that they are aware of this policy.

Why we collect and how we use it

We use personal information to:

  • respond to your enquiries and provide the products, services and support you have requested;
  • manage our engagements, projects and ongoing support arrangements;
  • improve our website, services and customer experience;
  • send you updates, insights or marketing about our services where you have opted in (you can opt out at any time); and
  • meet our legal, regulatory and contractual obligations.

We will only use your personal information for the purpose it was collected, a directly related purpose you would reasonably expect, or where you have consented or the law otherwise permits.

Cookies and analytics

To understand how our website is used so we can improve it, we use Cloudflare Web Analytics, a privacy-focused analytics tool. It collects aggregated, de-identified usage statistics (such as page views, referrers and general device or browser type) without using cookies and without tracking you across other websites. It does not build a profile of you or identify you personally.

Our website may use a small number of cookies or similar technologies that are necessary for it to function and to remember your preferences. You can disable or delete cookies through your browser settings, though some parts of the website may not work as intended if you do.

Bot and spam protection

To protect our website forms (such as our contact form) from spam and automated abuse, we use Cloudflare Turnstile, a privacy-focused alternative to traditional CAPTCHAs. Turnstile runs in the background and may process limited technical information (such as your IP address and browser or device characteristics) to tell genuine visitors apart from bots. It does not ask you to solve puzzles and does not track you across websites.

This processing is carried out by Cloudflare, Inc. on our behalf, and your information may be processed on Cloudflare infrastructure located outside Australia. For details of how Cloudflare handles this information, please see the Cloudflare Privacy Policy and the Cloudflare Turnstile Privacy Addendum.

When we disclose your information

We do not sell your personal information. We may disclose it to:

  • Service providers who help us operate our website and run our business - for example our website hosting, spam-protection, analytics and email providers - under appropriate confidentiality and data-protection arrangements;
  • Professional advisers such as our lawyers and accountants, where reasonably required;
  • Government, regulatory or law-enforcement bodies where required or authorised by law; and
  • A purchaser or successor in the event of a sale, merger or restructure of our business, on the basis that they continue to handle your information in line with this policy. We will take reasonable steps to notify you of any such transfer.

Overseas disclosure and cloud storage

Some of the providers we use to operate our website and manage enquiries - including our spam-protection, analytics and email providers - may store or process information on servers located outside Australia. Where we disclose personal information overseas, we take reasonable steps to ensure it is handled consistently with the Australian Privacy Principles.

Where we deliver services to a customer, any storage or processing of that customer’s data (including its location) is governed by the relevant customer agreement.

Data security

We take reasonable steps to protect personal information from loss, misuse, interference, and unauthorised access, modification or disclosure. These steps include access controls, authentication, encryption in transit where appropriate, and staff confidentiality obligations. No method of transmission or storage is completely secure, but we work to protect your information and to respond promptly if an issue arises.

When personal information is no longer needed, we take reasonable steps to securely destroy or de-identify it.

Data retention

We keep personal information only for as long as we need it for the purposes described in this policy, or as required by law (for example, to meet tax, contractual or record-keeping obligations).

Direct marketing and opt-out

If you have opted in, we may send you news, insights and information about our services. Every marketing email includes an unsubscribe option, and you can opt out at any time by using that link or by contacting us. We send marketing communications in line with the Spam Act 2003 (Cth) and the guidelines of the Australian Communications and Media Authority (ACMA).

Access and correction

You can ask us to access the personal information we hold about you, or to correct it if it is inaccurate, out of date or incomplete. Please contact us and we will respond within a reasonable period. In limited circumstances we may be unable to provide access (for example, where doing so would affect another person’s privacy or is prevented by law); if so, we will explain why.

Complaints

If you believe we have breached the Australian Privacy Principles or mishandled your personal information, please contact us first so we can try to resolve it. We take privacy concerns seriously and will respond promptly.

If you are not satisfied with our response, you can contact the Office of the Australian Information Commissioner (OAIC):

Changes to this policy

We may update this policy from time to time to reflect changes in our practices or legal obligations. The current version will always be available on our website, with the “last updated” date shown above.

How to contact us

If you have any questions about this policy or about how we handle your personal information, please get in touch with our Privacy Officer:

  • MiiiA Pty Ltd (ABN 87 119 486 118)
  • Email: [email protected]
  • Phone: +61 403 315 025
  • Post: 17/31 Queen St, Melbourne VIC 3000