Skip to content
Vigil
Back to Legal

Legal

Privacy Policy

Effective 13 May 2026 · Governed by the laws of New South Wales, Australia

This Privacy Policy (“Policy”) explains how VIGIL TECHNOLOGIES PTY LTD ACN 697 741 692 (“Vigil”, “we”, “us”, or “our”), the operator of the Vigil Security platform and the website located at www.vigilsecurity.io (“Website”), collects, uses, stores, discloses, and otherwise handles your personal information.

Vigil is an Australian cybersecurity company that provides a security awareness and human risk management platform (“Platform”) designed to simulate real-world cyberattacks, including AI-personalised phishing emails, voice-cloned executive calls, deepfake video communications, SMS-based social engineering attacks, and QR code attacks, and to deliver automated security awareness training to employees of subscribing organisations.

This Policy applies to:

  1. visitors to the Website, including individuals who register for a free trial, submit enquiries, or otherwise interact with the Website; and
  2. end users of the Platform, including employees of subscribing customer organisations who participate in simulation exercises, training modules, and risk assessment programs conducted through the Platform.

This Policy forms part of Vigil’s full suite of legal documents, which includes the End User Licence Agreement and SaaS Terms and Conditions (“EULA”), the Website Terms of Use, the Cookie Policy, and the Email Disclaimer. These documents may be made available on the Website, at vigilsecurity.io/legal, or upon request by contacting Vigil at operations@vigilsecurity.io. Capitalised terms used in this Policy that are not defined herein have the meanings given to them in the EULA.

By accessing the Website or voluntarily providing personal information to Vigil, you acknowledge that you have read and understood this Policy. Where Vigil handles personal information of End Users on behalf of a Customer, Vigil does so at the direction of that Customer, and the Customer remains responsible for providing all required notices and obtaining all required consents, authorisations, and approvals from its personnel. If you do not agree with this Policy, you must not access or use the Website. If you are an End User participating in a Simulation arranged by your employer or engaging organisation, you should contact that organisation for further information regarding the basis on which the Simulation is being conducted.

Legislative Framework and Governing Principles

  1. Vigil is committed to handling all personal information in accordance with the Privacy Act 1988 (Cth) (“Privacy Act”) and the thirteen Australian Privacy Principles (“APPs”) contained in Schedule 1 of the Privacy Act.

  2. Where Vigil holds personal information that forms part of a data breach that is likely to result in serious harm to one or more individuals, Vigil is subject to the mandatory notification obligations under Part IIIC of the Privacy Act, commonly known as the Notifiable Data Breaches (“NDB”) scheme. Vigil will comply with all obligations under the NDB scheme, including notifying affected individuals and the Office of the Australian Information Commissioner (“OAIC”) in the manner and within the timeframes required by law.

  3. To the extent that Vigil handles personal information of individuals located in the European Union or the United Kingdom in connection with the offering of goods or services, Vigil acknowledges its potential obligations under the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and the UK GDPR. Vigil will take reasonable steps to ensure compliance with applicable international data protection laws where required. Individuals with questions regarding Vigil’s international privacy obligations should contact Vigil directly using the contact details set out in clause 15.

  4. To the extent that Vigil handles personal information of individuals located in California or other United States jurisdictions in connection with the offering of goods or services, Vigil acknowledges that additional United States privacy laws may apply, including the California Consumer Privacy Act, as amended by the California Privacy Rights Act (“CCPA/CPRA”), where applicable. Where such laws apply to Vigil, Vigil will take reasonable steps to comply with applicable obligations, including obligations relating to notice, access, deletion, correction, opt-out rights, and non-discrimination for the exercise of privacy rights.

  5. This Policy is intended to provide a general privacy framework for Vigil’s Website and Platform. Where a specific United States privacy notice, CCPA/CPRA addendum, customer agreement, or Data Processing Agreement applies, that document will apply in addition to this Policy and will prevail to the extent of any inconsistency.

Definitions

  1. In this Policy, the following terms have the meanings set out below:

    1. Customer” means a subscribing organisation that has entered into the EULA or other applicable customer agreement with Vigil and uses the Platform to conduct simulation exercises, risk assessments, compliance reporting, and security awareness training for its employees, contractors, or authorised personnel.

    2. Customer Data” means all data, including personal information, uploaded to, input into, or generated through the Platform by or on behalf of a Customer.

    3. End User” means an individual employee or authorised user of a Customer who participates in simulation exercises, training modules, or risk assessments conducted through the Platform at the direction of their Customer.

    4. Personal Information” has the meaning given to that term in the Privacy Act, being information or an opinion about an identified individual, or an individual who is reasonably identifiable, whether the information or opinion is true or not, and whether recorded in a material form or not.

    5. Platform” means the Vigil Security security awareness and human risk management platform operated by Vigil, including all simulation engines, training modules, reporting dashboards, and associated software.

    6. Sensitive Information” has the meaning given to that term in the Privacy Act, including health information, biometric information, and information about an individual’s racial or ethnic origin.

    7. Service Provider” means the capacity in which Vigil handles End User personal information on behalf of and at the direction of a Customer. For contractual and international data protection purposes, Vigil may also be described as a data processor, and the Customer may be described as a controller, where applicable.

    8. Simulation” means a simulated cyberattack exercise conducted through the Platform, including simulated phishing emails, deepfake video communications, voice-cloned calls, SMS-based social engineering attacks, and QR code attacks.

    9. Website” means the website operated by Vigil at www.vigilsecurity.io and all associated subdomains.

What Personal Information Vigil Collects

  1. Vigil collects personal information through two distinct streams, each governed by different aspects of this Policy.

  2. Personal Information Collected from Website Visitors: When you visit, access, or interact with the Website, Vigil may collect the following categories of personal information:

    1. your full name;

    2. your business email address;

    3. your telephone number;

    4. the name of your employer or organisation;

    5. your job title or role;

    6. any information you provide through free trial registration forms, contact forms, or other interactive features on the Website; and

    7. technical information collected automatically through cookies and tracking technologies, including your IP address, browser type, operating system, pages visited, and time spent on the Website. This technical information is handled in accordance with Vigil’s Cookie Policy, available at vigilsecurity.io/legal.

  3. Personal Information Collected from Platform End Users: When a Customer deploys the Platform and conducts Simulations or training exercises in respect of its employees, Vigil may collect the following categories of personal information in respect of End Users, on behalf of and at the direction of the Customer:

    1. full name and business email address, as provided by the Customer;

    2. job title, department, and seniority level, as provided by the Customer for the purposes of targeting Simulations;

    3. Simulation participation data, including whether an End User opened a simulated phishing email, clicked a link, submitted credentials, answered a voice-cloned call, responded to a deepfake video communication, or scanned a simulated QR code;

    4. risk scores and human risk ratings generated by the Platform based on Simulation outcomes;

    5. training module completion records and assessment results;

    6. any other data generated through the End User’s interaction with the Platform during Simulations or training exercises; and

    7. audio, visual, voice, image, or video-related data where a Customer elects to use voice cloning, deepfake video, or similar synthetic media features of the Platform, but only to the extent necessary to generate, deliver, monitor, or report on the relevant Simulation.

  4. Vigil does not intentionally collect Sensitive Information about End Users through ordinary Platform use, except where such information is voluntarily provided by a Customer or is necessarily processed in connection with specific Platform features selected by the Customer, including voice cloning, deepfake video, audio, visual, or similar synthetic media functionality. Where any such information is provided to or processed through the Platform, the Customer is responsible for ensuring that all required consents, notices, workplace approvals, and lawful bases have been obtained before the information is provided to Vigil or used in connection with a Simulation. Vigil will process such information only for the purpose of providing the relevant Platform feature and in accordance with the EULA, this Policy, and any applicable DPA.

  5. Biometric, Voice, Image, and Synthetic Media Data

    1. Where a Customer elects to use any Platform feature involving voice cloning, deepfake video, audio processing, visual processing, facial likeness, image-based simulation, or other synthetic media functionality, Vigil may process limited voice, image, audio, video, likeness, or related biometric or biometric-adjacent information solely for the purpose of generating, delivering, monitoring, securing, and reporting on the relevant Simulation.

    2. Vigil will not collect or process biometric information or synthetic media-related Sensitive Information unless there is a lawful basis for doing so under applicable privacy laws. Depending on the relevant feature, jurisdiction, and use case, this lawful basis may include the affected individual’s express written consent, the Customer’s lawful authority to provide the information, the Customer’s workplace policies and notices, or another lawful basis recognised under applicable law.

    3. Where express written consent is required, the Customer is responsible for ensuring that such consent is obtained before any relevant voice, image, likeness, audio, video, or biometric-related information is provided to Vigil or used through the Platform. Such consent should clearly identify the person giving consent, describe the specific type of information to be used, explain the purpose of the use, identify that the information may be used to generate a simulated voice, image, video, or other synthetic media communication, state the period or context for which the consent applies, and be capable of being retained as a written record.

    4. Vigil does not use biometric, voice, image, audio, video, or synthetic media-related information for general identification, surveillance, profiling unrelated to the Customer’s cybersecurity training program, or training Vigil’s artificial intelligence models, unless expressly authorised in writing and permitted by applicable law.

  6. Children and Minors

    1. The Website and Platform are intended for use by business customers, authorised organisational users, and personnel of subscribing customer organisations. Vigil does not knowingly direct the Website or Platform to individuals under the age of eighteen (18), and the Platform is not intended for use by children or minors.

    2. Customers must not provide personal information relating to individuals under the age of eighteen (18) to Vigil or use the Platform to conduct Simulations involving children or minors unless the Customer has obtained all legally required consents, notices, approvals, and lawful bases under applicable law and Vigil has expressly agreed to such use in writing.

    3. If Vigil becomes aware that it has collected personal information from a child or minor without appropriate authority or lawful basis, Vigil will take reasonable steps to delete or de-identify that information, unless retention is required by law.

How Personal Information Is Collected

  1. Vigil collects personal information through the following means:

    1. Directly from you: when you complete a free trial registration, submit a contact form, subscribe to Vigil’s communications, or otherwise voluntarily provide information to Vigil through the Website;

    2. From Customers: when a Customer provides End User personal information to Vigil for the purposes of configuring and conducting Simulations, training exercises, reporting, and risk assessments through the Platform. In this context, Vigil handles End User personal information as a service provider to the Customer and in accordance with the Customer’s instructions. For contractual and international data protection purposes, Vigil may also be described as a processor, and the Customer may be described as a controller, where applicable. The Customer is responsible for ensuring it has all necessary consents, notices, workplace approvals, and authorisations to provide that information to Vigil and to conduct Simulations in respect of its employees, contractors, or authorised personnel, in accordance with clause 7 of the EULA; and

    3. Automatically: through cookies, web beacons, and similar tracking technologies when you access the Website. Vigil’s use of these technologies is described in detail in the Cookie Policy, available at vigilsecurity.io/legal.

  2. Vigil will only collect personal information by lawful and fair means and, where reasonable and practicable, only directly from the individual to whom the information relates, in accordance with APP 3.

Purpose of Collection and Use of Personal Information

  1. Vigil collects, holds, and uses personal information for the following primary purposes:

    1. to provide, operate, maintain, and improve the Platform and the Website;

    2. to process free trial registrations and manage customer accounts;

    3. to configure, deploy, and conduct Simulations on behalf of Customers;

    4. to generate risk reports, compliance dashboards, and training completion records for Customers;

    5. to generate, deliver, monitor, and report on simulated cyberattack communications, including simulated phishing emails, SMS messages, QR code attacks, voice-cloned calls, deepfake video communications, and other synthetic media-based Simulations selected by the Customer;

    6. to communicate with Website visitors and Customers in connection with their use of the Website and Platform, including the provision of technical support;

    7. to send you marketing communications regarding Vigil’s products and services, where you have consented to receive such communications or where Vigil is otherwise permitted to do so under applicable law, including the Spam Act 2003 (Cth);

    8. to comply with Vigil’s legal obligations, including obligations under the Privacy Act, the NDB scheme, and other applicable legislation; and

    9. for internal business operations including record-keeping, auditing, and risk management.

  2. Vigil will not use personal information for a purpose that is unrelated to the primary purpose of collection unless:

    1. you have consented to the secondary use; or

    2. the secondary use is directly related to the primary purpose and you would reasonably expect the information to be used in that way, in accordance with APP 6.

  3. Vigil will not use Customer Data, including End User personal information, for the purpose of training Vigil’s artificial intelligence models, improving underlying machine learning systems, or developing unrelated products or services, without the Customer’s prior written consent. Vigil may use de-identified and aggregated data only where such data cannot reasonably identify the Customer, any End User, or any other individual, and only in accordance with the EULA.

Data Storage and Data Residency

  1. Vigil’s primary production storage environment for Customer Data and End User personal information is hosted on Google Cloud Platform in the United States (us-east1 region). Vigil takes reasonable steps to ensure that overseas data storage and processing is subject to privacy, confidentiality, and security obligations that are substantially consistent with this Policy, the Australian Privacy Principles, and applicable Australian and international privacy laws, including through contractual safeguards with subprocessors.

  2. Australian data residency is available to Enterprise Customers on request. Where an Enterprise Customer elects Australian data residency, Vigil will store Customer Data and End User personal information in an Australian region of Vigil’s hosting provider, subject to the terms set out in the applicable Customer agreement, Data Processing Addendum, or order form. Vigil’s data residency arrangements are particularly relevant to Customers operating in regulated sectors, including financial services, legal, accounting, professional services, and other compliance-sensitive industries.

  3. Where Vigil engages subprocessors or third-party service providers located outside the storage region elected by the Customer, or who may access personal information from outside that region, Vigil will take reasonable steps to ensure that the overseas recipient is subject to privacy, confidentiality, and security obligations that are substantially consistent with this Policy and the APPs, including through contractual safeguards where appropriate. Vigil will notify Customers of any proposed cross-border transfer of Customer Data before such transfer occurs, where required by the EULA, applicable DPA, or applicable law.

  4. Where an overseas transfer requires consent or additional authorisation under applicable privacy laws, Vigil will obtain the relevant consent or authorisation from the Customer or, where legally required, from the affected individual before making the transfer.

Disclosure of Personal Information to Third Parties

  1. Vigil does not sell, rent, or trade personal information to third parties for any purpose.

  2. Vigil may disclose personal information to third parties in the following limited circumstances:

    1. Service Providers and Subprocessors: Vigil may engage third-party service providers and subprocessors to assist in the operation of the Website and the Platform. These may include cloud infrastructure and hosting providers, email delivery platforms, analytics services, customer relationship management tools, customer support tools, cybersecurity vendors, payment processors, logging/error monitoring tools, and artificial intelligence or synthetic media service providers. Vigil requires such service providers to handle personal information in accordance with appropriate confidentiality, privacy, and security obligations. Where Vigil maintains a Subprocessor Schedule, the schedule will identify material categories of subprocessors and, where applicable, named subprocessors, and will be made available at vigilsecurity.io/legal or upon written request.

    2. Customers: In the context of Platform services, Vigil discloses End User risk scores, Simulation participation data, training completion records, and compliance reports to the Customer that deployed the relevant Simulation or training exercise. Customers are contractually obligated under the EULA to handle such information in accordance with applicable privacy laws.

    3. Legal and Regulatory Requirements: Vigil may disclose personal information where required to do so by law, court order, subpoena, legal process, or the direction of a governmental, regulatory, law enforcement, or supervisory authority, including the Office of the Australian Information Commissioner.

    4. Business Transfers: In the event of a merger, acquisition, restructure, or sale of all or part of Vigil’s business, personal information may be disclosed to the acquiring entity as part of that transaction, subject to the acquiring entity assuming obligations consistent with this Policy.

    5. With Your Consent: Vigil may disclose personal information to other third parties where you have expressly consented to such disclosure.

  3. Vigil will take all reasonable steps to ensure that third parties who receive personal information from Vigil handle that information in a manner consistent with the APPs.

Simulation-specific Privacy Considerations

  1. The Platform operates by sending simulated cyberattack communications, including simulated phishing emails, voice-cloned telephone calls, deepfake video messages, SMS-based social engineering messages, and QR code attacks, to End Users at the direction and on behalf of Customers.

  2. In the context of Simulations, Vigil handles End User personal information as a service provider to the Customer and in accordance with the Customer’s instructions. For contractual and international data protection purposes, Vigil may also be described as a processor, and the Customer may be described as a controller, where applicable. The Customer is solely responsible for:

    1. ensuring that it has all necessary authorisations, workplace policies, and employee consents in place before deploying Simulations through the Platform, in accordance with clause 7 of the EULA;

    2. ensuring that the conduct of Simulations complies with all applicable employment laws, industrial instruments, and privacy obligations owed by the Customer to its employees; and

    3. notifying its employees, through appropriate workplace policies or other mechanisms, that security simulation exercises may be conducted from time to time as part of the organisation’s cybersecurity program; and

    4. ensuring that any use of voice cloning, deepfake video, audio, visual, or similar synthetic media features is supported by all required consents, authorisations, workplace notices, and lawful bases, including consent from any individual whose voice, image, likeness, or other personal attribute is used to generate a Simulation.

  3. Vigil does not directly communicate personal information about individual End Users to any party other than the Customer on whose behalf the Simulation was conducted. End User Simulation results are reported to the Customer in an identifiable form solely for the purposes of managing that Customer’s human risk profile and delivering targeted training.

  4. End Users who receive a communication that they believe may be a simulated communication sent on behalf of their employer through the Vigil Security platform should refer to Vigil’s Email Disclaimer, available at vigilsecurity.io/legal, for further information.

  5. Vigil accepts no liability to any individual End User for any claim arising from the receipt of a Simulation conducted by Vigil on behalf of a Customer, to the extent that such liability arises from the Customer’s failure to comply with its obligations under clause 7 of the EULA. Nothing in this clause limits Vigil’s obligations under the Privacy Act or the NDB scheme.

Automated Analysis and Risk Scoring

  1. The Platform may use automated systems to generate Simulation outcomes, training recommendations, risk scores, human risk ratings, compliance dashboards, and related reports based on End User interactions with Simulations and training modules.

  2. These outputs are intended to assist Customers with cybersecurity awareness, employee training, human risk management, and internal compliance reporting. Vigil does not make employment, disciplinary, promotion, termination, compensation, or similar workplace decisions about End Users.

  3. Customers are responsible for ensuring that any use of Platform outputs in an employment, disciplinary, performance management, compliance, or workplace context complies with applicable employment laws, privacy laws, workplace surveillance laws, industrial instruments, internal policies, and procedural fairness obligations.

  4. End Users who have questions about how their Simulation results, risk scores, or training records are used by their employer or engaging organisation should contact that organisation directly.

Security of Personal Information

  1. Vigil takes the security of personal information seriously and implements appropriate technical, administrative, and physical safeguards to protect personal information against loss, unauthorised access, use, modification, disclosure, and other misuse.

  2. Vigil’s security measures include, without limitation:

    1. encryption of personal information in transit and at rest using industry-standard encryption protocols;

    2. access controls and role-based permissions restricting access to personal information to authorised personnel who require such access in the performance of their duties;

    3. multi-factor authentication requirements for access to the Platform and internal systems holding personal information;

    4. regular security assessments, penetration testing, and vulnerability management procedures; and

    5. incident response procedures for the detection, containment, and remediation of data security incidents.

  3. In the event that Vigil becomes aware of a data breach that is likely to result in serious harm to one or more individuals, Vigil will comply with its mandatory notification obligations under the NDB scheme, including:

    1. taking immediate steps to contain the breach and assess the risk of serious harm;

    2. notifying the OAIC as soon as practicable after becoming aware that a notifiable data breach has occurred; and

    3. notifying affected individuals as soon as practicable, except where the OAIC directs otherwise.

  4. Vigil will notify the relevant Customer as soon as practicable, and where required under the EULA, applicable DPA, or applicable law, within seventy-two (72) hours of becoming aware of a data breach affecting Customer Data or End User personal information.

  5. Whilst Vigil takes all reasonable steps to protect personal information, no method of electronic storage or transmission is completely secure. Vigil does not warrant that personal information will be secure against all possible threats.

Retention and Deletion of Personal Information

  1. Vigil retains personal information for no longer than is necessary for the purposes for which it was collected, or as required by law.

  2. In respect of Customer Data and End User personal information:

    1. Vigil retains Customer Data for the duration of the Customer’s subscription and for such further period as is necessary to comply with Vigil’s legal obligations or to resolve any outstanding disputes;

    2. upon termination or expiry of a Customer’s subscription, Vigil will delete, return, or de-identify Customer Data in accordance with the EULA, any applicable DPA, and applicable law, unless retention is required for legal, regulatory, dispute resolution, backup, security, or legitimate business record-keeping purposes;

    3. Vigil will confirm in writing to the Customer upon completion of the deletion process.

  3. In respect of Website visitor personal information:

    1. contact form and free trial registration data will be retained for a period of twenty-four (24) months from the date of collection, or for such further period as is necessary in connection with an ongoing commercial relationship or legal obligation; and

    2. technical data collected through cookies will be retained in accordance with the periods specified in the Cookie Policy, available at vigilsecurity.io/legal.

  4. When personal information is no longer required to be retained, Vigil will take reasonable steps to destroy or permanently de-identify that information in a secure manner, in accordance with APP 11.2.

Your Rights - Access, Correction, and Complaints

  1. Access and Correction

    1. You have the right to request access to the personal information that Vigil holds about you, and to request the correction of any personal information that is inaccurate, out of date, incomplete, irrelevant, or misleading, in accordance with APPs 12 and 13.

    2. To make an access or correction request, please contact Vigil using the details set out in clause 15. Vigil will respond to your request within a reasonable time, and in any event within thirty (30) days of receipt of your request.

    3. Vigil may refuse access to personal information in the limited circumstances permitted under APP 12, including where providing access would pose a serious threat to the life, health, or safety of any individual, or where access would unreasonably impact the privacy of other individuals. Where Vigil refuses access, Vigil will provide written reasons for the refusal.

    4. Where Vigil holds End User personal information on behalf of a Customer, Vigil may refer the End User’s access, correction, or deletion request to the relevant Customer, or may require the End User to submit the request directly to that Customer, where appropriate. This is because the Customer is responsible for determining how End User personal information is used in connection with workplace Simulations and training records.

  2. Opting Out of Marketing Communications

    1. Vigil may send marketing communications regarding its products and services where you have consented to receive such communications or where Vigil is otherwise permitted to do so under applicable law.

    2. Vigil will take reasonable steps to ensure that commercial electronic messages sent by or on behalf of Vigil comply with the Spam Act 2003 (Cth), including requirements relating to consent, accurate sender identification, and functional unsubscribe facilities.

    3. If you have received marketing communications from Vigil and no longer wish to receive them, you may opt out at any time by using the unsubscribe link included in the communication or by contacting Vigil at operations@vigilsecurity.io.

    4. Vigil will take reasonable steps to process unsubscribe requests within the timeframe required by applicable law. Even if you opt out of marketing communications, Vigil may still send you transactional, service-related, legal, security, privacy, or administrative communications where necessary.

  3. Complaints

    1. If you believe that Vigil has interfered with your privacy or has failed to comply with its obligations under the Privacy Act or the APPs, you have the right to lodge a complaint with Vigil. Vigil will investigate all privacy complaints and respond in writing within thirty (30) days.

    2. If you are not satisfied with Vigil’s response to your complaint, or if Vigil fails to respond within the required timeframe, you may lodge a complaint with the Office of the Australian Information Commissioner:

      1. Website: www.oaic.gov.au

      2. Telephone: 1300 363 992

      3. Post: GPO Box 5218, Sydney NSW 2001

Cookies and Tracking Technologies

  1. Vigil uses cookies and similar tracking technologies on the Website to analyse website traffic, understand user behaviour, and improve the Website’s functionality and user experience.

  2. A comprehensive description of the cookies Vigil uses, the purposes for which they are used, their duration, and your options for managing cookie preferences is set out in Vigil’s Cookie Policy, available at vigilsecurity.io/legal.

  3. You may manage or disable cookies through your browser settings or, where available, through any cookie preference tool provided on the Website. Disabling certain cookies may affect the functionality, performance, or availability of parts of the Website.

Amendments to This Policy

  1. Vigil reserves the right to update or amend this Policy at any time to reflect changes in Vigil’s data handling practices, changes in applicable law, or for any other reason. The updated version of this Policy will be posted on the Website, at vigilsecurity.io/legal, or otherwise made available upon request at operations@vigilsecurity.io, with the revised effective date and version number. Where Vigil holds your email address in connection with a free trial registration, active subscription, or other interaction with the Website or Platform, Vigil may also notify you of material amendments by email.

  2. Your continued use of the Website after the publication of any amended version of this Policy will be treated as your acknowledgement of the updated Policy. Where amendments affect Platform Customers or End Users, Vigil will handle notification in accordance with the EULA, any applicable DPA, this Policy, and applicable law.

  3. Where an amendment materially affects the rights of a Customer or End User in a manner that is adverse to that party, Vigil will provide no less than thirty (30) days’ prior written notice before the amendment takes effect, consistent with the amendment provisions of the EULA.

Contact Information

  1. For all privacy-related enquiries, access and correction requests, complaints, or questions about this Policy, please contact Vigil’s Privacy Officer using the following details:

VIGIL TECHNOLOGIES PTY LTD

Attention: Privacy Officer

Address: 22 Appletree Drive, Cherrybrook NSW 2126, Australia

Email: operations@vigilsecurity.io

Website: www.vigilsecurity.io

  1. Vigil aims to respond to all privacy enquiries and complaints within thirty (30) days of receipt. Where a complaint or enquiry is complex, Vigil will acknowledge receipt within five (5) business days and provide a substantive response within a reasonable period.

  2. If you are not satisfied with Vigil’s response to a privacy complaint, you may refer your complaint to the Office of the Australian Information Commissioner at www.oaic.gov.au.

This Policy is published as part of Vigil’s legal document suite at vigilsecurity.io/legal.

VIGIL TECHNOLOGIES PTY LTD ACN 697 741 692 | 22 Appletree Drive, Cherrybrook NSW 2126, Australia | operations@vigilsecurity.io