CodeCaliber

Legal

Privacy Policy

Effective date: 5 April 2026  ·  Last updated: 5 April 2026

1. Introduction

CodeCaliber (“we”, “us”, or “our”) is committed to protecting your personal information and respecting your privacy. This Privacy Policy explains how we collect, use, disclose, and safeguard personal information in accordance with:

  • The Privacy Act 1988 (Cth) and the 13 Australian Privacy Principles (APPs); and
  • The General Data Protection Regulation (EU) 2016/679 (GDPR), to the extent it applies to our processing of personal data of individuals in the European Economic Area (EEA) or United Kingdom.

By using our website (www.codecaliber.com) or engaging with our services, you agree to the practices described in this policy. If you do not agree, please do not use our website or services.

2. Personal Information We Collect

We may collect the following categories of personal information:

Information you provide directly:

  • Name, email address, and phone number
  • Company name and your role within that company
  • Project details and enquiry information submitted via our contact form or direct correspondence
  • Information provided during the course of a professional services engagement (contracts, project scopes, etc.)

Information collected automatically:

  • IP address, device type, and operating system
  • Browser type and version
  • Pages visited, time on page, and navigation paths
  • Referring website or source
  • Cookie and similar tracking technology data (see Section 10)

3. How We Collect Personal Information

We collect personal information through:

  • Enquiry and contact forms on our website
  • Direct email and telephone communications
  • Contracts, statements of work, and service agreements for professional engagements
  • Automated technologies such as cookies and web analytics (where consented to or permitted)

We collect personal information only by lawful and fair means, and not in an unreasonably intrusive manner. Where practicable, we collect personal information directly from the individual concerned.

4. Why We Collect Personal Information

We collect and use personal information for the following purposes:

  • Responding to your enquiries and providing requested information
  • Providing custom software development, consulting, and related professional services
  • Preparing and issuing quotations, proposals, invoices, and related business documents
  • Administering service agreements and ongoing engagements
  • Improving our website, services, and business operations
  • Complying with legal, regulatory, and tax obligations
  • Sending service-related communications (e.g., project updates, support)

GDPR lawful basis for processing (where applicable)

If you are located in the EEA or UK, we process your personal data on the following legal bases under Article 6 GDPR:

  • Legitimate interests (Art. 6(1)(f)) — responding to business enquiries, improving our website, maintaining business records
  • Contractual necessity (Art. 6(1)(b)) — performing and administering service agreements with you or your organisation
  • Legal obligation (Art. 6(1)(c)) — complying with applicable laws and regulations
  • Consent (Art. 6(1)(a)) — where you have given explicit consent (e.g., optional marketing communications). You may withdraw consent at any time.

5. How We Use Personal Information

We use personal information strictly for the purposes described in Section 4. We will not use your personal information for purposes that are unrelated to those for which it was originally collected without your consent, unless required by law.

We do not sell, rent, or trade your personal information to third parties.

6. Disclosure of Personal Information

We may disclose personal information to:

  • Service providers who assist us in operating our business, including cloud hosting providers, email service providers, and project management tools — subject to appropriate confidentiality and data processing obligations
  • Professional advisers such as accountants, lawyers, and financial advisers, on a strictly confidential basis
  • Government bodies or law enforcement where required or authorised by law
  • Successors in the event of a business acquisition, merger, or restructure, subject to appropriate confidentiality obligations

We require all third-party service providers to maintain appropriate technical and organisational security measures and to process personal information only on our documented instructions.

7. International Data Transfers

Some of our third-party service providers are located or store data outside Australia. Before disclosing personal information to an overseas recipient, we take reasonable steps to ensure that the recipient does not breach the APPs in relation to that information.

For individuals in the EEA or UK, where personal data is transferred outside of those regions, we implement appropriate safeguards such as standard contractual clauses approved by the European Commission, or rely on adequacy decisions where applicable.

8. Data Retention

We retain personal information for as long as necessary to fulfil the purposes for which it was collected, or as required by law. Our general retention periods are:

  • Enquiry and pre-engagement data: up to 2 years from the date of last contact
  • Client engagement and contractual records: 7 years following the end of an engagement, in accordance with Australian taxation and accounting requirements
  • Website analytics data: as configured with our analytics provider (typically 14–26 months)
  • Financial and invoice records: 7 years as required by the Income Tax Assessment Act 1997 (Cth)

When personal information is no longer required, we take reasonable steps to destroy or de-identify it securely.

9. Security of Personal Information

We implement appropriate technical and organisational security measures to protect personal information from unauthorised access, loss, misuse, alteration, or disclosure. These measures include:

  • Encrypted HTTPS connections for all website communications
  • Access controls, authentication, and least-privilege principles
  • Use of reputable, security-certified cloud infrastructure providers
  • Regular review of our data handling practices and third-party providers

No method of transmission over the internet or electronic storage is completely secure. While we take reasonable and proportionate steps to protect your information, we cannot guarantee absolute security.

If we become aware of a data breach that is likely to result in serious harm, we will notify affected individuals and the Office of the Australian Information Commissioner (OAIC) as required under the Notifiable Data Breaches (NDB) scheme.

10. Cookies and Tracking Technologies

Our website may use cookies and similar tracking technologies to enable website functionality and analyse traffic and usage patterns. Cookies are small text files stored on your device.

You can control or disable cookies through your browser settings. Disabling cookies may affect the functionality of our website. We do not currently use cookies for advertising or cross-site behavioural tracking purposes.

If you are located in the EEA or UK, we will seek your consent before placing non-essential cookies on your device, in accordance with applicable cookie consent requirements.

11. Your Rights

Under the Australian Privacy Act:

  • Access (APP 12): You may request access to the personal information we hold about you.
  • Correction (APP 13): You may request correction of personal information that is inaccurate, out-of-date, incomplete, or misleading.

Under the GDPR (where applicable to EEA/UK individuals):

  • Right of access (Art. 15) — to obtain a copy of your personal data and information about how it is processed
  • Right to rectification (Art. 16) — to have inaccurate or incomplete data corrected
  • Right to erasure (Art. 17) — to request deletion of your data in certain circumstances
  • Right to restriction of processing (Art. 18) — to request restriction of processing in certain circumstances
  • Right to data portability (Art. 20) — to receive your data in a structured, machine-readable format
  • Right to object (Art. 21) — to object to processing based on legitimate interests or for direct marketing
  • Rights related to automated decision-making (Art. 22) — we do not currently make solely automated decisions that produce legal effects

To exercise any of these rights, please contact us using the details in Section 13. We will respond within 30 days of receipt of your request. We may need to verify your identity before processing certain requests.

12. Complaints and Enquiries

If you have a concern about how we have handled your personal information, please contact us first (see Section 13) and we will endeavour to resolve the matter promptly.

Australian residents:

If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC):

  • Website: www.oaic.gov.au
  • Phone: 1300 363 992
  • GPO Box 5218, Sydney NSW 2001

EEA / UK residents:

You have the right to lodge a complaint with your local data protection supervisory authority. A directory of EU data protection authorities is available at: ec.europa.eu/justice/article-29/structure/data-protection-authorities/

13. Contact Us

For privacy enquiries, access or correction requests, or to exercise any of your rights under this policy, please contact us:

CodeCaliber

Australia

Email: info@codecaliber.com

Website: www.codecaliber.com

14. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or for other operational reasons. When we make material changes, we will update the “Last Updated” date at the top of this page. We encourage you to review this policy periodically. Your continued use of our website or services following any changes constitutes acceptance of the updated policy.

Back to home