Website Privacy Policy
Last updated: 31/05/2026
Virtualyst Pty Ltd (“Virtualyst”, “we”, “us”, “our”) is committed to protecting your privacy. This Privacy Policy explains how we collect, hold, use, and disclose personal information when you visit our website or submit information through our forms.
Virtualyst is an Australian business and aligns with the Privacy Act 1988 and the Australian Privacy Principles (APPs).
1. What personal information we collect
We collect personal information that is reasonably necessary to operate our website, distribute solicited communications, respond to enquiries and conduct limited website analytics.
A. Information you provide via website forms
When you submit information via our website forms, we may collect:
-
Identity information: Name
-
Contact information: Email address and/or phone number
-
Business information: Company name
-
Enquiry information: Any details you provide in message or availability fields
B. Information collected automatically
When you visit our website, our hosting provider (Wix) automatically collects limited technical information required to operate, secure, and maintain the website, including but not limited to:
-
IP address
-
Browser and device type
-
Operating system
-
Session activity (e.g., pages visited, visit duration, error logs)
Our website also collects limited analytic information by way of Google Tags, which integrate with our Google Ads account. This tag is used to track when our website is visited via our advertisements and is configured to anonymise individual IP addresses.
Where this information is linked to an identifiable individual, it is treated as personal information under the Privacy Act.
2. Website hosting and data security
Our website is hosted on the Wix platform. Information submitted through website forms may be stored and processed in data centres operated by Wix and its service providers, which may be located outside Australia.
We take reasonable steps to protect personal information from misuse, interference, loss, unauthorised access, modification, or disclosure. Measures include:
-
Encryption of data in transit (HTTPS/TLS)
-
Encryption of data at rest
-
Role-based and least-privilege access controls
-
Logging, monitoring, and audit mechanisms
-
Third-party security assurance: Key service providers are assessed against robust compliance frameworks such as ISO 27001 and SOC 2
3. How we use personal information
We use personal information collected via our website to:
-
Respond to enquiries and service requests submitted through our website forms
-
Maintain records of interactions
-
Distribute solicited communications, including sending email updates to recipients who have subscribed to our newsletter
-
Analyse aggregated website traffic patterns, usage trends and advertising performance metrics to improve promotional marketing efforts, site performance and overall user experience
We do not sell personal information or use it for unsolicited marketing.
4. Disclosure of personal information
We may process and store your personal information within internal systems provided by third-party service providers (such as website hosting and communications platforms) to assist in operating our business.
These providers are authorised to process personal information only for the purpose of delivering services to Virtualyst’s internal operations. We do not grant third parties rights to use your data for their own purposes.
Providers are selected based on adherence to compliance frameworks such as ISO 27001 and SOC 2.
5. Data retention
Information collected via our website is generally retained for up to 12 months and deleted or de‑identified when no longer required.
6. Cookies
Our website uses a combination of essential and limited analytics cookies, required for:
-
Security
-
Session management
-
Platform stability
-
Visitor analytics, including advertisement performance
We do not use advertising pixels or behavioural tracking for profiling or remarketing. Google Tags are used solely to measure aggregate ad performance and do not enable individual targeting.
7. Access, correction, and privacy requests
You may request access to, or correction of, personal information we hold about you.
Requests may be submitted via our website contact form. We will acknowledge and respond within 14 days, subject to identity verification. Complex requests may require additional time.
8. Data breaches
If we become aware of a data breach involving personal information likely to result in serious harm, we will assess the incident and notify affected individuals and the Office of the Australian Information Commissioner (OAIC) in accordance with the Notifiable Data Breaches (NDB) scheme.
9. Privacy complaints
If you believe we have mishandled your personal information, you may lodge a complaint via the website contact form. We will investigate and respond within 14 days.
If you are not satisfied with our response, you may lodge a complaint with the OAIC at www.oaic.gov.au.
10. Changes to this policy
We may update this Privacy Policy over time to reflect changes in our practices or legal obligations. The current version will always be published on our website with the “Last updated” date clearly identified.
11. Contact us
For privacy-related enquiries, including requests to access or correct personal information, please contact us via our website contact form.