Privacy policy.

Black Shard is a privately held Australian cybersecurity firm based in Brisbane. This privacy policy applies to blackshard.com.au and its subdomains.

We collect only what you give us. The two routes are:

• Contact form submissions: name, email, the track you selected, and the brief you write. We log the request timestamp and your browser user-agent string for spam-resistance.
• Direct email: anything you send to info@blackshard.com.au arrives at our mailbox and is handled like ordinary correspondence.

We do not run third-party analytics, advertising trackers, or behavioural cookies on this site. The only cookies set are the Next.js framework session cookies required to render pages.

Submissions are routed to the Black Shard mailbox so a partner can reply, typically inside 48 hours. We do not sell, rent, or share contact submissions with any third party. We retain correspondence for as long as is needed to respond and meet our record-keeping obligations.

The site is hosted on infrastructure operated by Black Shard and served behind Cloudflare. Email is handled by Microsoft 365 on the blackshard.com.au tenant. Form submissions are processed by Resend for transactional email delivery. None of these processors receive analytics or advertising data from us.

You can request a copy of the data we hold about you, ask us to correct it, or ask us to delete it. Email info@blackshard.com.au with the request. We will respond within 30 days, as required by the Australian Privacy Principles under the Privacy Act 1988.

If you are unhappy with how we have handled your data, you can complain to us first. If we cannot resolve it, you can complain to the Office of the Australian Information Commissioner (OAIC).

When we update this policy, the "last updated" date at the top of the page changes. Material changes get an explicit note alongside that date.