Privacy policy

We abide by the letter and the spirit of the EU/GDPR-style NZ Privacy Act 2020.

We collect personal information such as your name, email address, phone number and/or IP address when you visit our website, sign-up for our services, contact us or engage and contract with us. We use that information to provide you with the services you have requested, to communicate with you about or to promote our services. However, we do not spam. We utterly detest spam.

We protect and do not share or disclose your personal information with third parties except where necessary for the business purposes and services you want from us. For example, we may use your email address to email you, and your IP address to send you HTTPS traffic from our websites. We use various Google cloud services (such as Gmail, Groups and Meet) and connect to the Internet via Starlink, so our communications with you are available to Google and Starlink, albeit generally encrypted and protected by their privacy policies and other controls.

It is your choice whether to provide your contact information in order to receive communications or services from us. Contact us to request deletion or correction of your personal information.

More broadly, as information risk and security professionals, we are committed to protecting information against unacceptable risks, including privacy risks. Confidentiality, integrity, trust and discretion are more than mere words to us. Protecting your information and your interests, as well as our own, is an intense passion. It’s what makes us tick, a core value.

Environmental policy

To help keep NZ clean and green, we minimise unnecessary travel and emissions. We operate 100% remotely, based in a lifestyle block - a forest clearing in rural Hawkes Bay. We are constantly planting, composting and recycling. Instead of running air conditioning, we open the doors and windows in summer and light a fire in winter, burning windfall trees.

Information risk and security policies

Naturally, as information risk and security professionals, we manage our information risks professionally using an appropriate mix of information, cyber and physical security controls, including a comprehensive suite of policies. Contact us for policy templates and bespoke policies for your organisation.

Full attention policy

In contrast to those offering fractional CISO services, when you engage us for an assignment, you get our full undivided attention for the duration - if that’s what you want anyway. Less intense engagements can work too although it helps to be clear up-front: if you have tight deadlines and high expectations, by all means ask us to keep or set the pace. Otherwise, we’re happy to leave you in the driving seat. Your choice. We’re flexible.

IsecT’s policies

Information risk and
security consulting