Secure My Treasures

Cyber Security and Privacy Policy

Your Cyber Security

We are committed to ensuring that Secure My Treasures provides strong and robust security and safety, that complies with industry standards, when you are online. The following security protocols are implemented.

Three Factor Identification

We use three factor authentication to protect your information, ensuring that only authorised persons have access to Secure My Treasures.

Every time you log on to securemytreasures.com.au, you will be asked to provide your username and password/passphrase. A 6 digit number will be sent to your phone or email. You will type this number into the space provided on the log in screen.

You will then be asked to verify your identity. This takes a few minutes. Have one form of photo identification handy eg passport or driver’s license and be ready to take a selfie.

Once you have passed your identity check, you will be taken to the Chest building page.

We  use bank grade security to verify the identity of every person, whether it is yourself or each of your Trustees, who logs onto www.securemytreasures.com. If the identity check fails that person will be prevented from accessing Secure My Treasures.

We encourage you to learn about common cyber threats and how to stay safe on the Australian Cyber Security Centre website https://www.cyber.gov.au/learn-basics/explore-basics/threats

Each year, we will remind you to update your Chests and pay your subscription fee online.

You must also be vigilant about security. We will never phone, SMS or email you to ask for your credit card information or payment or request that you provide additional information to substantiate your identity. We will never ask you to download a program from the Secure My Treasures website. We will never redirect you to any other website for any reason.

If you are contacted by anyone claiming to represent Secure My Treasures while asking for your password and/or money, we urge you to not respond. If the demand comes by phone, hang up, and call the police immediately.

Encryption

Industry standard data encryption is used in the Secure My Treasures database and all communication messages between your PC or laptop and the database will also be encrypted. This will ensure that valuable data is not accessed by those unauthorised to do so. The encrypted data will only be decrypted for viewing on your PC or laptop.

Security Protocols

Secure My Treasures is hosted by the world’s leading cloud provider, Amazon Web Services (AWS) and architected for the best security using leading industry standards.

Additional security protocols will be implemented for staff and contractors; independent security audits will be undertaken and there will be properly maintained separation between the production and development and testing environments including firewalls.

Protecting Our Clients

To protect our client’s privacy, the Secure My Treasures website does not provide any functionality that permits wild card searching of the database.

What You Must Not Store on Our Website

While we encourage you to store all the information that is important to you in your chests, you may not enter our website, securemytreasures.com.au, any content that is deemed illegal and harmful.

You must neither enter nor store the following content:

  • images and videos of child sexual abuse
  • content that advocates terrorist acts
  • content that promotes, incites, or instructs in crime or violence
  • footage of real violence, cruelty, and criminal activity.

If a breach of the above requirements is discovered because of a Court Order, we will immediately suspend your access to your account. We will report any suspected illegal and harmful activity to the Australian Government eSafety Commissioner and the relevant law enforcement agency. We will not refund any part of your subscription fee.

Disclaimers

We encourage you to choose your Trustees wisely. Choose people that you know well and trust implicitly.

We take no responsibility and will not compensate you if:

  • you authorise a Trustee to access any part of your Secure My Treasures account and that Trustee breaches your trust or commits a criminal offence against you
  • you share your username and password with any third party
  • you allow any third party to use your identification information to access your Secure My Treasures account and the information held in your Chests
  • for any criminal act or loss through fraud or theft that results from you sharing any personal information, username, password or identification document or any other information that compromises in anyway the integrity of your account with Secure My Treasures.

We will not involve ourselves in disputes between Clients and Trustees other than to suspend the account at the Client’s request where there is a perceived breach of trust.

Privacy Policy

Secure My Treasures is committed to protecting your privacy, and this policy outlines our ongoing obligations to you in managing your personal information.

The Australian Privacy Principles (APPs) contained in the Privacy Act 1988 (Commonwealth Government) (the Privacy Act) have been adopted for Secure My Treasures. The APPs govern the way in which your personal information is collected, used, disclosed, stored, secured, and disposed of.

A copy of the Australian Privacy Principles may be obtained from the website of The Office of the Australian Information Commissioner at www.aoic.gov.au

What is Personal Information and why is it collected?

Personal information is information that identifies an individual. Examples of personal information collected by Secure My Treasures includes names, postal addresses, email addresses and phone numbers.

Your personal information is collected for the purpose of providing Secure My Treasure’s very secure services to you.

When we collect personal information, we will, where appropriate and where possible, explain to you why we are collecting the information and how we plan to use it.

Sensitive Information

Sensitive information is defined in the Privacy Act to include information, or opinion, about such things as an individual’s racial or ethnic origin, political opinions, membership of a political association, religious or philosophical beliefs, membership of a trade union or other professional body, criminal record, or health information.

Secure My Treasures does not collect sensitive information at any time for any reason.

Disclosure of Personal Information

Your personal information will only be disclosed in the following circumstances:

  • To third parties where you consent to the use or disclosure; and
  • Where required or authorised by law.

Security of Personal Information

Your personal information is stored in a manner that reasonably protects it from misuse and loss and from unauthorized access, modification, or disclosure.

When your personal information is no longer needed for the purpose for which it was obtained, reasonable steps will be taken to destroy or permanently de-identify it.

However, most of the personal information is, or will be stored, in client files which will be kept by us for a minimum of 7 years.

Should you cancel your subscription and then resume it, the information held in your chests will be available for 7 years from the date of cessation.

Access to your Personal Information

You may access the personal information we hold about you, update and/or correct it, at any time, subject to your identity being successfully verified.

Maintaining the Quality of your Personal Information

It is important to us that your personal information is up to date. We will take reasonable steps to make sure that your personal information is accurate, complete, and up to date. We will ask you to check client details and update the information encrypted in your chests each year at the time you are invited to renew your subscription.

Policy Updates

This policy may change from time to time and all updates will be posted on our website.

Secure My Treasures