phyraxiontel

Introduction

phyraxiontel operates under Australian privacy legislation, including the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs). This privacy policy explains how we collect, use, disclose, and protect your personal information when you interact with our financial record services.

When you choose to use our services, you're trusting us with information that matters. We don't take that lightly. This policy walks you through what we collect, why we need it, and what rights you have over your data.

Information We Collect

Personal Information

We collect several types of personal information depending on how you interact with our services. Some of this we get directly from you, while other data comes from how you use our platform.

Identity details including your full name, date of birth, and government-issued identification numbers when required for verification purposes
Contact information such as email addresses, phone numbers, and postal addresses for communication and service delivery
Financial data including account details, transaction history, income information, and tax file numbers where necessary for our services
Technical information like IP addresses, browser type, device identifiers, and access times when you use our platform
Usage data showing how you navigate our services, which features you use, and your interaction patterns

How We Collect Information

Most of the time, we collect information directly from you. When you fill out forms, upload documents, or communicate with us, you're providing data intentionally. But we also gather some information automatically through cookies and similar technologies as you use our platform.

Important Note: We only collect information that's necessary for providing our financial record services or that's required by law. If we need something from you, there's a legitimate reason behind it.

How We Use Your Information

The personal information we collect serves specific purposes. We're not in the business of collecting data just to have it. Everything we gather helps us deliver better financial record services or meets legal requirements we're bound by.

Purpose	Legal Basis
Providing and maintaining our financial record services	Contract performance and legitimate interests
Processing transactions and managing your account	Contract performance
Complying with tax laws and financial reporting obligations	Legal compliance
Detecting and preventing fraud or unauthorized access	Legitimate interests and legal compliance
Improving our services through data analysis	Legitimate interests with your consent where required
Communicating with you about your account and services	Contract performance and legitimate interests

We might also use aggregated, de-identified data for research and development purposes. This type of data can't be traced back to you individually, so it doesn't carry the same privacy implications.

Sharing Your Information

We don't sell your personal information. Period. However, we do share data with certain third parties when it's necessary for our service delivery or required by law.

Service Providers

We work with third-party service providers who help us operate our platform. These include cloud storage providers, payment processors, and IT support services. They only get access to information needed for their specific function, and they're contractually bound to protect your data.

Legal and Regulatory Bodies

Sometimes we're legally required to share information with government agencies, regulators, or law enforcement. This might include the Australian Taxation Office, ASIC, or other regulatory bodies. We only disclose what's legally required in these situations.

Business Transfers

If phyraxiontel were to be acquired or merged with another company, your information would likely be transferred as part of that transaction. We'd notify you before this happens and explain any changes to how your data is handled.

Data Security

Protecting your financial information is something we think about constantly. We use industry-standard security measures, but no system is completely foolproof, and we're upfront about that.

Encryption for data in transit and at rest using TLS 1.3 and AES-256 standards
Regular security audits and penetration testing by independent third parties
Multi-factor authentication requirements for accessing sensitive account areas
Strict access controls limiting who within our organization can view your data
Regular staff training on data protection and privacy best practices
Incident response procedures to quickly address any potential security breaches

If we ever experience a data breach that affects your information, we'll notify you within 72 hours as required by Australian law, along with steps you can take to protect yourself.

Your Privacy Rights

Under Australian privacy law, you have several rights regarding your personal information. These aren't just theoretical — we've built processes to make exercising these rights straightforward.

Access Your Data

You can request a copy of all personal information we hold about you. We'll provide this within 30 days, free of charge for the first request each year.

Correction Rights

If any information we hold is inaccurate or outdated, you can request corrections. We'll update our records promptly and notify any third parties if necessary.

Erasure Requests

You can ask us to delete your personal information, subject to certain legal and contractual limitations around financial record retention.

Data Portability

You have the right to receive your data in a structured, commonly used format that you can transfer to another service provider.

Restrict Processing

You can ask us to limit how we use your information in certain circumstances, though this might affect our ability to provide some services.

Lodge a Complaint

If you're unhappy with how we've handled your data, you can complain to us directly or to the Office of the Australian Information Commissioner.

To exercise any of these rights, contact us using the details at the bottom of this policy. We'll respond to your request within 30 days and verify your identity before processing any requests involving personal data.

Data Retention

We don't keep your information longer than necessary. However, financial record services come with legal retention requirements that affect how long we must store certain data.

Financial transaction records are retained for seven years as required by Australian tax law
Account information remains active while you use our services and for two years after account closure
Communication records are kept for three years to help resolve any disputes or queries
Technical logs and usage data are typically deleted after 18 months unless needed for security investigations
Marketing data is retained until you withdraw consent or for three years of inactivity, whichever comes first

Once the retention period expires and there's no legal reason to keep your data, we securely delete or anonymize it. Deletion doesn't happen overnight — it can take up to 90 days to completely remove data from all our systems, including backups.

Cookies and Tracking

Our website uses cookies and similar technologies. Some are essential for the site to function, while others help us understand how people use our services so we can improve them.

Types of Cookies We Use

Essential cookies: These keep you logged in and remember your preferences during your session. You can't opt out of these without losing basic functionality.
Analytics cookies: We use these to see which features are popular and where people get stuck. This helps us make better design decisions.
Security cookies: These help us detect suspicious activity and protect against fraud or unauthorized access attempts.

You can control cookies through your browser settings. Keep in mind that blocking certain cookies might affect how well our platform works for you.

International Data Transfers

Most of your data stays within Australia, but some of our service providers operate internationally. When we transfer data overseas, we ensure appropriate safeguards are in place.

Our cloud infrastructure primarily uses Australian data centers, but backup systems may store encrypted copies in other jurisdictions including Singapore and the United States. These locations meet Australian privacy standards through adequacy agreements or contractual protections.

Before we transfer your data to any country without an adequacy finding, we'll ensure Standard Contractual Clauses or equivalent protections are in place, and we'll conduct a transfer impact assessment as required by Australian law.

Children's Privacy

Our services aren't intended for anyone under 18. We don't knowingly collect information from children. If you're a parent or guardian and believe your child has provided us with personal information, contact us immediately and we'll delete it.

In some cases, parents or legal guardians might use our services to manage financial records on behalf of minors. In these situations, the adult is responsible for the information provided, and we process it under the adult's account.

Changes to This Policy

Privacy laws evolve, and so do our practices. We update this policy periodically to reflect changes in how we handle data or in legal requirements. The "Last Updated" date at the top shows when we last made changes.

If we make significant changes that affect how we use your personal information, we'll notify you by email and give you 30 days to review the updated policy. Continuing to use our services after that period means you accept the new terms.

For minor updates like clarifying existing practices or fixing typos, we'll just update the policy here without sending individual notifications.

Privacy Policy