1. Information Collection and Use
ReSure Pty Ltd (ReSure) provides the ReSure platform. In most cases, our clients decide what information is collected and uploaded into the platform and how it is used within their organisation. ReSure acts as a service provider to our clients and handles information in accordance with our contracts and our information security controls.
We may collect and hold personal information that is necessary to provide and support the service, including (for example): names, email addresses, phone numbers, organisation details, user account details, and support communications. Our clients may also store personal information in the ReSure platform as part of their risk and claims workflows.
We do not ask clients to provide sensitive information unless it is necessary for their use of the platform. If sensitive information is stored in the platform by a client, it will be handled in accordance with the client’s instructions, our contractual obligations, and our security controls.
We do not sell personal information.
2. Cookies and website analytics
Our website may use essential cookies and similar technologies that are required for core site functionality and security. We may also use limited analytics to understand website performance and improve user experience. Where analytics is used, information may include pages viewed, browser type, and approximate location (derived from IP address). We do not use cookies to identify you directly unless you choose to provide your details (for example, via a contact form).
3. Log files, audit logs, and service monitoring
For security, performance, and support purposes, we may collect technical logs such as IP addresses, device/browser information, timestamps, and user activity records. Within the ReSure platform, key actions may be recorded in audit logs (for example, user logons and record creation/modification history) to support traceability and security monitoring.
4. Links to other websites
Our website may contain links to other websites. ReSure is not responsible for the privacy practices of those third-party sites. We encourage you to review the privacy policies of any external sites you visit.
5. Security
ReSure takes information security seriously and applies a combination of people, process, and technical controls to protect information from misuse, interference, loss, unauthorised access, modification, or disclosure.
Security measures include (as applicable): encrypted connections (TLS/SSL) for data in transit, role-based access controls, audit logging, and optional multi-factor authentication for user logons. Access to the platform is limited to authorised users, and clients are responsible for administering user access and permissions within their organisation.
ReSure is delivered on the ibCom EntityOS platform, hosted in Australia on Amazon Web Services (AWS). Core platform security controls and supporting certifications are maintained by ibCom as the platform provider. ReSure manages application configuration, role-based access, and client governance guidance for our service.
If you suspect a security issue relating to ReSure, please contact us using the details in Section 9.
ReSure Online uses ibCom’s entityOS platform to provide an environment with high levels of security against unauthorised access.
ibCom is certified to ISO 27001 standard. ISO/IEC 27001 is the international standard for information security. It sets out the specification for an effective ISMS (information security management system). ISO 27001’s best-practice approach helps organisations manage their information security by addressing people, processes and technology.
ReSure data is hosted in Australia by Amazon Web Services, the leading provider of cloud-based data storage and processing services.
6. Overseas disclosures
ReSure aims to host client data in Australia. Some service providers (such as email, support tooling, or security services) may process limited personal information outside Australia. Where overseas disclosure occurs, ReSure takes reasonable steps to ensure appropriate protections are in place, consistent with applicable privacy obligations.
7. Data retention
Client data retention and deletion requirements are generally defined by the client (and contract) and implemented through agreed system processes where available. ReSure does not retain exported client data longer than required for the task and expects staff to securely delete such data once no longer needed.
8. Accessing and correcting personal information
If your personal information changes, you may be able to update your details within the platform (where enabled). You may also contact ReSure to request access to, or correction of, personal information that we hold about you, subject to legal and contractual requirements.
9. Changes, questions, and complaints
We may update this Privacy Policy from time to time. The current version will be published on our website.
If you have questions about this Privacy Policy, or wish to make a privacy complaint, please contact us at: info@resure.com.au. We will respond within a reasonable timeframe and work with you to resolve any concerns.