Data Security Policy

Our Commitment to Data Security

OLYX International is committed to maintaining appropriate physical, electronic, and procedural safeguards to protect personal, business, and confidential information from:

• Unauthorised access
• Loss or theft
• Misuse
• Interference
• Disclosure
• Alteration or destruction
• Cybersecurity threats

We continuously review and improve our security measures to align with industry expectations and operational requirements.

Information We Protect

Our security practices apply to information including:

• Personal information
• Customer records
• Business documentation
• Financial and operational information
• Client communications
• Login credentials and account access information
• Internal company data
• Website and system data

Security Measures

OLYX International implements a range of technical, administrative, and operational safeguards designed to protect information.

Technical Safeguards

• Secure cloud-based systems
• Password-protected devices and applications
• Multi-factor authentication (MFA)
• Data encryption where appropriate
• Firewall and antivirus protection
• Secure email and communication systems
• Access controls and user permissions
• Cybersecurity monitoring and threat detection
• Regular software and system updates

Administrative Safeguards

• Staff training and awareness programs
• Confidentiality agreements
• Internal security policies and procedures
• Restricted access to sensitive information
• Role-based access management
• Background and onboarding procedures for staff and contractors

Physical Safeguards

• Controlled office access
• Secure workstations and devices
• Locked storage for sensitive documents
• Device management procedures

Offshore Operations & Data Handling

As an international outsourcing provider, OLYX International operates across Australia and Nepal. We take reasonable steps to ensure offshore employees, contractors, and service providers follow strict confidentiality and data protection requirements. Our offshore operations may include:

• Controlled system access
• Security training and monitoring
• Restricted permissions based on role requirements
• Confidentiality obligations for all team members
• Supervised operational procedures

We aim to maintain security standards consistent with our operational and client requirements.

Access Control

Access to sensitive information is limited to authorised personnel who require access to perform their duties. We apply the principle of least privilege wherever practical, meaning team members are only granted access necessary for their role. User access may be reviewed periodically and removed when no longer required.

Client Confidentiality

OLYX International treats all client information as confidential. Employees, contractors, and service providers are expected to:

• Maintain confidentiality of client information
• Follow company security procedures
• Use company systems responsibly
• Report any suspected security concerns immediately

Unauthorised disclosure or misuse of confidential information may result in disciplinary action or termination of engagement.

Data Retention & Disposal

We retain information only for as long as reasonably necessary to:

• Deliver services
• Meet contractual obligations
• Comply with legal or regulatory requirements
• Resolve disputes or enforce agreements

When information is no longer required, we take reasonable steps to securely destroy, delete, or de-identify data.

Third-Party Providers

We may use third-party technology providers, cloud platforms, software systems, and business service providers to support our operations. Where third parties are engaged, we take reasonable steps to work with providers that maintain appropriate security and confidentiality standards. However, OLYX International cannot guarantee the security practices of independent third-party providers.

Website Security

Our website may use security technologies and monitoring tools to help protect website users and systems. These measures may include:

• Secure hosting environments
• SSL encryption
• Firewall protection
• Traffic monitoring
• Security plugins and updates
• Spam and malware protection

While we take reasonable steps to protect our website, users acknowledge that no internet transmission or electronic storage system is completely secure.

Cybersecurity Incident Response

OLYX International takes cybersecurity incidents seriously. In the event of a suspected or confirmed security incident, we may:

• Investigate the incident
• Restrict or suspend affected systems
• Engage cybersecurity specialists where necessary
• Notify affected parties where legally required
• Implement remediation measures to reduce future risk

Employee & Contractor Responsibilities

All employees, contractors, and offshore staff are expected to:

• Follow company security procedures
• Protect passwords and login credentials
• Use approved systems and devices
• Avoid unauthorised sharing of information
• Report suspicious activity or security concerns promptly

Failure to comply with security requirements may result in disciplinary action.

Limitation of Liability

While OLYX International takes reasonable steps to protect information and maintain secure systems, no method of transmission over the internet or electronic storage can be guaranteed as completely secure. To the extent permitted by law, OLYX International does not guarantee uninterrupted or error-free security and is not liable for unauthorised access caused by factors outside our reasonable control.

Updates to This Policy

We may update this Data Security Policy from time to time to reflect operational, legal, or technological changes. Updated versions will be published on this page with a revised effective date.

Contact Us

If you have questions regarding this Data Security Policy or our data handling practices, please contact us: