Privacy Policy

Redfox Digital respects your privacy and is committed to protecting personal information.

We approach privacy as part of our broader digital operating model. Personal information is not handled in isolation. It is managed within structured systems that govern access, storage, security, and lifecycle control.

This Privacy Policy explains how we collect, use, store, and protect personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles.

1. Who we are

Redfox Digital is a digital growth architecture partner for reputation-led organisations.

Entity: Redfox Media Pty Ltd trading as Redfox Digital
ABN: 77 117 621 815
Address: Suite 203/71 Longueville Road, Lane Cove NSW 2111
Email: thefox@redfoxmedia.com.au
Phone: 0405 419 755

2. What information we collect

We collect only the information required to deliver our services and maintain business operations.

  • Contact details (name, email, phone)
  • Company and role information
  • Project and website-related data
  • Communication records
  • Billing and account information
  • Website interaction and analytics data

We intentionally avoid collecting sensitive or high-risk personal information unless required for a specific engagement.

3. How we collect information

  • Directly from you through forms, email, or meetings
  • During onboarding and service delivery
  • Through websites and digital platforms we manage
  • From trusted third-party platforms and service providers

4. Why we collect information

  • To provide digital strategy, website, and marketing services
  • To manage client relationships and communication
  • To operate, secure, and improve our systems
  • To meet legal and contractual obligations

5. How we manage data within our systems

Personal information is managed within a structured system architecture rather than isolated tools.

  • Access is controlled through role-based permissions
  • Authentication is enforced using multi-factor authentication where available
  • Systems are centrally managed and monitored
  • Data is limited to what is required for service delivery

This approach reduces exposure, limits unnecessary access, and ensures accountability across systems.

6. Security and protection

We take reasonable and structured steps to protect personal information from misuse, loss, and unauthorised access.

  • Secure hosting infrastructure (including AWS-based environments)
  • Encryption of data in transit and, where applicable, at rest
  • System logging and monitoring
  • Regular software updates and patching
  • Vendor and platform security assessment
  • Staff training and confidentiality obligations

Our security controls are aligned to recognised frameworks including ISO 27001 principles, Australian Privacy Principles, and the Essential Eight.

Our approach to security is structured and system-led. For a detailed overview of how Redfox manages data, access, infrastructure, and incident response, view our Security and Data Governance Overview.

7. Third-party providers

We use trusted third-party providers to deliver infrastructure and services, including hosting, analytics, CRM, and communication platforms.

These providers may include platforms such as AWS and managed hosting providers. We take reasonable
steps to ensure providers meet appropriate security standards.

8. Overseas data handling

Some data may be processed or stored outside Australia through third-party providers.

Where this occurs, we take reasonable steps to ensure data is handled in accordance with Australian privacy requirements.

9. Data retention

We retain personal information only as long as required for operational, legal, and security purposes.

  • System logs are retained for security and audit purposes
  • Backups are maintained based on system-level recovery requirements
  • Deleted data may persist temporarily within backup systems before permanent removal

10. Data lifecycle and termination

When client relationships end, data is managed through a controlled offboarding process.

  • Access to systems is revoked
  • Data is reviewed and removed from active systems
  • Data destruction is handled in a controlled and auditable manner

11. Data breaches and incidents

We maintain a structured incident management process to respond to any actual or suspected data breach.

  • Incidents are identified, reported, and assessed immediately
  • Response plans are defined and executed
  • Impacted parties are notified where required
  • Incidents are reviewed to improve systems and controls

12. Access and correction

You may request access to or correction of your personal information by contacting us.

13. Complaints

If you have concerns about how your information is handled, please contact us.

If unresolved, you may contact the Office of the Australian Information Commissioner.

14. Updates to this policy

This policy may be updated periodically to reflect changes in systems, regulations, or operations.

15. Contact

Redfox Media Pty Ltd
Email: thefox@redfoxmedia.com.au
Phone: 0405 419 755
Address: Suite 203/71 Longueville Road, Lane Cove NSW 2111

Last updated: 19th March 2026