Privacy Policy

How we collect, use, and protect your information

Effective Date: January 15, 2025

Information We Collect

At norilathuveso, we're committed to being transparent about what information we collect and why. When you use our budget risk management services, we gather different types of data to provide you with personalised financial insights.

Personal Information

This includes your name, email address, phone number, and postal address when you create an account or contact us. We also collect your date of birth and employment details to better understand your financial situation.

Financial Data

To provide accurate risk assessments, we collect information about your income, expenses, savings goals, and investment preferences. This data helps us create meaningful budget analysis and risk management strategies.

Usage Information

We track how you interact with our platform, including pages visited, features used, and time spent on different sections. This helps us improve our services and identify which tools are most valuable to our users.

How We Use Your Information

Your data powers our budget risk management platform. Here's exactly how we use what we collect, and why each piece matters for your financial planning experience.

Provide personalised budget analysis and risk assessments based on your financial profile

Send you important updates about your account, security alerts, and service changes

Improve our platform features and develop new tools that address common financial challenges

Comply with Australian financial regulations and reporting requirements

Prevent fraud and protect your account from unauthorised access

Provide customer support and respond to your queries about our services

We never use your personal financial data for marketing purposes without explicit consent. Your budget information stays private and is only used to enhance your experience with our risk management tools.

Information Sharing and Disclosure

We understand that financial privacy is crucial. We don't sell your personal information to third parties, and we're very selective about when and why we might share your data.

Recipient	Information Shared	Purpose
Service Providers	Encrypted financial data	Technical infrastructure and data processing
Regulatory Bodies	Required reporting data only	Compliance with Australian financial laws
Legal Authorities	Specific requested information	Court orders or legal investigations

All third-party service providers we work with must meet strict data protection standards and are contractually bound to protect your information. We conduct regular security audits of these partnerships.

Your Rights Under Australian Privacy Laws

The Australian Privacy Act gives you significant control over your personal information. We've made it straightforward to exercise these rights through your account dashboard or by contacting our privacy team.

Access and Correction Rights

You can request a copy of all personal information we hold about you. If any details are incorrect or outdated, you have the right to have them corrected promptly. Most corrections can be made directly through your account settings.

Data Portability

Want to take your financial data elsewhere? You can request an export of your personal information in a structured, commonly used format. This includes your budget history, risk assessments, and account preferences.

Deletion Rights

You can request deletion of your personal information, though we may need to retain certain records for legal compliance. We'll clearly explain what can be deleted and what must be kept, along with the timeframe for each.

Data Security Measures

Financial data deserves the highest level of protection. We employ multiple layers of security to keep your information safe from unauthorised access, modification, or disclosure.

AES-256 encryption for all data transmission and storage

Multi-factor authentication requirements for account access

Regular security penetration testing by independent auditors

Secure data centres with 24/7 monitoring and access controls

Employee background checks and privacy training programs

Automated threat detection and response systems

Despite our comprehensive security measures, no online service can guarantee 100% protection. We recommend using strong passwords and enabling all available security features on your account.

Data Retention and Deletion

We keep your information only as long as necessary to provide our services and meet legal requirements. Different types of data have different retention periods based on their purpose and regulatory obligations.

Account Information

Basic account details are retained for seven years after account closure, as required by Australian financial regulations. This includes your name, contact details, and account creation date.

Financial Data

Budget information and risk assessments are kept for five years after your last interaction with our platform. This allows us to provide historical context if you return to our service.

Communication Records

Customer service interactions and support tickets are retained for three years to help us improve our service quality and resolve any ongoing issues.

International Data Transfers

While our primary servers are located in Australia, some of our technology partners operate internationally. When we transfer your data overseas, we ensure it receives equivalent protection to Australian privacy standards.

We use approved transfer mechanisms including Standard Contractual Clauses and adequacy decisions recognised by Australian authorities. Countries we may transfer data to include New Zealand, Singapore, and select European Union member states.

Before any international transfer, we conduct thorough assessments of the receiving country's privacy laws and our partner's data protection practices. You'll be notified of any significant changes to our international data transfer practices.

Cookies and Tracking Technologies

Our website uses cookies and similar technologies to enhance your browsing experience and provide personalised features. You can control most cookie settings through your browser preferences.

Essential cookies that enable core website functionality

Performance cookies that help us understand how visitors use our site

Functional cookies that remember your preferences and settings

Security cookies that protect against fraud and unauthorised access

We don't use advertising cookies or share cookie data with advertising networks. Our tracking is focused solely on improving your experience with our budget risk management tools.

Changes to This Privacy Policy

We review and update this privacy policy annually, or whenever there are significant changes to our data practices or Australian privacy laws. Material changes will be communicated through email and prominent website notices.

We'll provide at least 30 days' notice before implementing changes that affect how we use your personal information. During this period, you can review the changes and decide whether to continue using our services.

Previous versions of our privacy policy are archived and available upon request. This helps you understand how our privacy practices have evolved and ensures complete transparency about our data handling.

Privacy Questions and Concerns

For any privacy-related questions, data access requests, or concerns about how we handle your information, contact our Privacy Officer:

Email: privacy@norilathuveso.com

Phone: +61414376917

Address: 7/423 Bourke St, Melbourne VIC 3000, Australia

We aim to respond to all privacy inquiries within 5 business days.