Privacy Policy

Effective Date: 12 September 2025

This Privacy Policy explains how Consulting CIO ("we," "our," or "us") collects, uses, and protects your personal information when you visit our website or use our services.

1. Information Controller

The data controller responsible for your personal information is:

2. Information We Collect

We may collect the following types of personal information:

• Contact Information: Name, email address, phone number, company name, job title
• Website Usage Data: IP address, browser type, pages visited, time spent on site
• Diagnostic Assessment Data: Responses to our technology health diagnostic questionnaire
• Communication Records: Records of our communications with you
• Newsletter Data: Email address and preferences for our newsletter

3. How We Use Your Information

We use your personal information for the following purposes:

• Providing our fractional CIO and advisory services
• Responding to your inquiries and providing customer support
• Conducting technology health diagnostics and providing reports
• Sending newsletters and marketing communications (with your consent)
• Improving our website and services
• Complying with legal obligations

4. Legal Basis for Processing

We process your personal information based on:

• Consent: When you provide explicit consent (e.g., newsletter subscription)
• Contract Performance: To provide our services to you
• Legitimate Interests: To improve our services and communicate about our business
• Legal Compliance: To meet our legal and regulatory obligations

5. Information Sharing

We do not sell your personal information. We may share your information with:

• Service Providers: Third-party providers who help us operate our website and services (e.g., email service providers, analytics providers)
• Legal Requirements: When required by law or to protect our rights
• Business Transfers: In connection with any merger, sale, or transfer of our business

6. Data Retention

We retain your personal information only for as long as necessary to fulfill the purposes outlined in this policy, comply with our legal obligations, resolve disputes, and enforce our agreements. Typically, this means:

• Contact information: 7 years from last contact
• Website analytics: 26 months
• Newsletter subscriptions: Until you unsubscribe
• Service records: 7 years after service completion

7. Your Rights

Under Australian privacy law, you have the following rights:

• Access: Request access to your personal information
• Correction: Request correction of inaccurate information
• Deletion: Request deletion of your personal information in certain circumstances
• Objection: Object to processing of your personal information
• Portability: Request transfer of your information to another provider
• Withdraw Consent: Withdraw consent for marketing communications

To exercise these rights, contact us at enquiries@theconsultingcio.com or 1800 920 289.

8. Cookies and Tracking

Our website uses cookies and similar technologies to:

• Ensure proper website functionality
• Analyze website traffic and user behavior
• Improve user experience
• Provide relevant content and advertisements

You can control cookie settings through your browser preferences. However, disabling cookies may affect website functionality.

9. Third-Party Services

Our website integrates with the following third-party services:

• Google Analytics: Website analytics and performance monitoring
• Plausible Analytics: Privacy-friendly website analytics
• Calendly: Appointment scheduling
• Resend: Email delivery services
• Vercel: Website hosting and content delivery

These services have their own privacy policies, which we encourage you to review.

10. Data Security

We implement appropriate technical and organizational security measures to protect your personal information against unauthorized access, alteration, disclosure, or destruction. This includes encryption, secure servers, and regular security assessments.

11. International Transfers

Some of our service providers may be located outside Australia. When we transfer your information internationally, we ensure appropriate safeguards are in place to protect your privacy rights.

12. Children's Privacy

Our services are not directed to children under 18. We do not knowingly collect personal information from children under 18. If you believe we have collected such information, please contact us immediately.

13. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices or applicable law. We will notify you of any material changes by posting the updated policy on our website and updating the effective date.

14. Complaints

If you have concerns about how we handle your personal information, please contact us first. If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC) at www.oaic.gov.au.

15. Contact Information

If you have any questions about this Privacy Policy or our privacy practices, please contact us: