This website uses modern construction techniques, which may not render correctly in your old browser.
We recommend updating your browser for the best online experience.

Visit browsehappy.com to help you select an upgrade.

Skip to Content

Privacy policy

Privacy Policy

  1. TrueVault Pty Ltd (ACN 675 825 966)
    Last updated: 23 October 2025

 

1. Our Commitment to Privacy

TrueVault Pty Ltd (“TrueVault”, “we”, “us”, or “our”) is committed to protecting the privacy of your personal information.

This Privacy Policy explains how we collect, use, store, manage and disclose your Personal Information — information that identifies you or from which your identity can reasonably be ascertained, including any opinion about you.

We manage all Personal Information in accordance with this Privacy Policy and the Australian Privacy Principles (APPs) under the Privacy Act 1988 (Cth) (“Privacy Act”).

By providing Personal Information to us (including through our website, TrueVault application, social media channels or otherwise), you consent to our collection, use, disclosure and storage of that information as described in this Privacy Policy.

If you do not agree with any part of this Privacy Policy, please do not provide Personal Information to us or use our services.

2. Updates to this Privacy Policy

We may update this Privacy Policy from time to time. The latest version will always be available at www.truevault.com.au.

Changes take effect immediately upon posting. By continuing to use our website, application or services after an update, you are deemed to have accepted the revised policy.

3. What Personal Information We Collect

The Personal Information we collect depends on your interaction with us and may include:

3.1 General information

  • First, middle and last names
  • Phone number
  • Email address
  • Current and previous addresses
  • Identity documents (e.g. driver’s licence, passport, marriage certificates, change-of-name documentation, other government-issued IDs)
  • Government or bank correspondence
  • Any other Personal Information you provide to us

3.2 Demographic information

  • Date of birth
  • Age
  • Gender
  • Marital status

3.3 Sensitive information

We may collect “sensitive information” as defined under the Privacy Act, including:

  • Biometric information (e.g. facial images for verification)
  • Signature samples
  • Photos captured during verification
  • Health or organ donor information shown on identity documents
  • Professional, religious or political affiliations appearing in documentation
  • Sexual orientation information contained in marriage or divorce certificates

By providing such information, you consent to its collection, use and disclosure as permitted by law and as outlined in this policy.

3.4 Other information

We may also collect:

  • Transaction and service history with TrueVault
  • Records of communications and interactions with us
  • Website analytics data (see Section 6 – Cookies and Tracking Technologies)
  • Technical details such as IP addresses or device identifiers

4. How We Collect Personal Information

We collect Personal Information when you:

  • Create a TrueVault account or use our application or website
  • Communicate with us via phone, email, online chat or social media
  • Participate in surveys or provide feedback
  • Engage with our digital marketing or social media pages

We may also receive information from:

  • Third-party service providers (e.g. document verification, payment processors)
  • Publicly available sources or social media platforms

4.1 Choosing Not to Provide Personal Information

You may choose not to provide Personal Information or use a pseudonym. However, because our services rely on verified identity, we may be unable to provide our services if you withhold necessary details.

5. When You Visit Our Website

When you visit our website without registering, we may collect limited non-personal information such as:

  • IP address and server details
  • Browser type
  • Pages visited and time spent
  • Referring website

This information assists us to analyse traffic and improve your browsing experience.
We do not attempt to identify you unless required by law (for example, through a valid warrant).

6. Cookies and Tracking Technologies

We use cookies and similar technologies to enhance your experience.

Types of cookies we use:

  • Necessary cookies: Essential for basic website functionality.
  • Analytical cookies: Collect aggregated data to improve site performance and user experience (no personally identifiable information).
  • Third-party cookies: Used by integrated services such as social media or analytics tools.

We may also use Facebook Pixel or equivalent tools to measure the effectiveness of our digital advertising campaigns.

You can adjust your browser settings to refuse cookies, though this may limit certain functionality.

7. How We Use Your Personal Information

We may use your Personal Information to:

  • Provide and manage our services
  • Verify your identity and issue credentials
  • Respond to queries, feedback or complaints
  • Improve our systems, products and user experience
  • Conduct internal analysis and reporting
  • Send service updates or notifications
  • Carry out marketing or promotional activities (subject to your opt-in, and with opt-out rights)
  • Comply with our legal and regulatory obligations

We will only share your Personal Information with 3rd party organisations with your express consent for Identification and Identity Verification purposes.

We will not use your Personal Information for any unrelated purpose without your consent. 

8. Direct Marketing

We may contact you with information about our services or those of related entities that we believe may interest you.

You may opt out of direct marketing at any time by:

  • Using the “unsubscribe” link in our emails; or
  • Contacting us directly using the details in Section 13 – Contact Us.

9. Disclosure of Personal Information

We may disclose your Personal Information to trusted third parties who assist us in delivering our services, including:

  • Document verification service providers
  • Payment processors
  • Hosting and cloud storage providers (within Australia)
  • IT and cybersecurity providers
  • Professional advisers (lawyers, accountants, auditors)
  • Regulatory authorities or law enforcement agencies, where required by law

We take reasonable steps to ensure these third parties comply with the Australian Privacy Principles or equivalent standards.
We do not sell, rent or trade Personal Information.

9.1 Identity Verification and Consent

TrueVault Pty Ltd complies with the Privacy Act 1988 (Cth) and is committed to handling personal information in accordance with Australian privacy law and industry best practices, including our ISO27001-accredited data security framework.

When verifying your identity, we will seek your express consent prior to proceeding. You will be asked to confirm the following:

“I confirm that I am authorised to provide the personal details presented and I consent to my information being checked with the document issuer or official record holder via third-party systems for the purpose of confirming my identity.”

This consent is provided separately and must be actively acknowledged. It is not bundled with other terms and conditions.

Identity information is checked against authoritative government and official records through secure third-party systems. We do not retain identity verification data longer than necessary, and we do not disclose personal information except as required by law or with your consent.

For more information about how we manage personal data, including your rights to access and correction, please refer to the full terms of this Privacy Policy or contact our Privacy Officer.

9.2 International Transfers

We do not generally transfer or store Personal Information outside Australia.
If international disclosure becomes necessary, we will ensure appropriate safeguards are in place consistent with the Privacy Act.

10. Data Security

We take reasonable steps to protect your Personal Information from misuse, interference, loss, and unauthorised access or disclosure, including by:

  • Encrypting sensitive data in transit and at rest
  • Maintaining secure access controls and multi-factor authentication
  • Restricting staff access to authorised personnel only
  • Regularly reviewing and testing security systems
  • Storing data within secure Australian-based servers
  • Secure infrastructure and network isolation
  • Software security and compliance practices
  • Data retention and privacy safeguards

In addition, TrueVault employs per-person encryption keys, segregated AWS environments, continuous infrastructure monitoring, immutable audit logging, and aims for compliance with the Australian Digital ID Act, ISO 27001, and ASD Essential Eight.

While we take these precautions, no system is entirely secure. We cannot guarantee against all unauthorised access or misuse, but we act promptly to investigate and contain any breach.

10.1 Data Retention and Destruction

We retain Personal Information only as long as necessary for the purposes described in this Privacy Policy or as required by law.
When no longer needed, we securely destroy or permanently de-identify the information.

11. Accessing and Correcting Your Information

You may access or correct your Personal Information by:

  • Logging into your TrueVault account; or
  • Contacting us in writing (see Section 13 – Contact Us).

We may need to verify your identity before processing such requests.
We aim to respond within 30 days.

In certain circumstances (e.g. where access would breach another person’s privacy or relate to legal proceedings), we may lawfully refuse access and will explain our reasons.

12. Data Breach Notification

In the event of a data breach likely to cause serious harm, we will comply with the Notifiable Data Breaches Scheme under the Privacy Act by notifying affected individuals and the Office of the Australian Information Commissioner (OAIC) as required.

13. Complaints and Contact Us

If you have a question, concern or complaint about our privacy practices, please contact us:

Privacy Officer
TrueVault Pty Ltd (ACN 675 835 966)
Email: support@truevault.com.au

We aim to investigate and respond within 20 days, and to resolve complaints within 40 days where possible.

If you are not satisfied with our response, you may contact the Office of the Australian Information Commissioner (OAIC) via www.oaic.gov.au.

 

 

© 2025 TrueVault Pty Ltd. All rights reserved.