-
What Is a Collection Notice? (And Why the OAIC Is About to Start Checking Them)
If your business collects personal information from customers (whether online, over the phone or in person) Australian privacy law requires you to give people certain information at the time you collect it. This explanation is called a collection notice, and it’s a core part of your obligations under Australian Privacy Principle 5 (APP 5).
-
The Risks of In-Person Data Collection (and Why Regulators Are Paying Attention)
The OAIC’s upcoming compliance sweep shines a spotlight on an area of privacy risk that receives far less public discussion: the personal information businesses collect directly from customers in person.
-
Why APP 1.4 Is at the Centre of the OAIC’s January 2026 Privacy Sweep
When the OAIC announced its upcoming privacy compliance sweep, one detail stood out: the regulator will be examining whether organisations comply with APP 1.4, the section of the Privacy Act that governs what must be disclosed in a privacy policy.
Save 100s of hours and slash compliance costs by up to 54%
Our leading compliance platform streamlines certification to global data privacy and cyber security frameworks (like ISO 27001, SOC 2, NIST, GDPR, Essential Eight, Cyber Essentials), country-specific Privacy Acts, and several business management systems (like ISO 9001, ISO 45001, ISO 14001 and ISO 42001).
Our leading compliance platform streamlines certification to global data privacy and cyber security frameworks (like ISO 27001, SOC 2, NIST, GDPR, Essential Eight, Cyber Essentials), country-specific Privacy Acts, and several business management systems (like ISO 9001, ISO 45001, ISO 14001 and ISO 42001).
Features
Get certified in under 12 weeks, for less than $2,000 per month
The de.iterate platform encompasses policies, employee training modules, a risk register, a compliance calendar, reporting tools and more.
Smart Policies
de.iterate Smart Policies can be integrated directly into your onboarding process and regular employee training. Plus, they’re written in natural language that your employees will understand and remember.
Compliance Calendar
Keeping on top of your Assurance Tasks couldn’t be easier with our compliance calendar. See at a glance what’s coming up and quickly identify items missed to make sure there are no surprises at your audit.
Assurance Tasks
Our solution tracks and schedules assurance tasks and notifies the responsible staff member. de.iterate captures evidence to keep auditors happy when it comes time to review your annual compliance program.
Asset Register
Leverage the de.iterate asset register to document the assets and suppliers in-scope for your compliance. Set owners and classifications to help your team understand who is responsible for what, eradicating confusion.
Risk Register
ISO 27001 starts with good risk management. At de.iterate we make it as easy as possible with your very own digital risk register that captures risks, assigns owners, sets review periods and documents treatment plans.
ISMS Scope
Setting the scope for your compliance is one of the most important steps. With de.iterate, you set the scope once, and this is dynamically updates your scoping statement throughout the entire policy framework.
Trusted by leaders across industries
de.iterate is trusted by clients across all sorts of industries—all around the world—to handle their data privacy and cyber security compliance.
Get your ducks in a row with de.iterate
Protect, optimise, and thrive
Safeguard your intellectual property and brand to enhance your reputation, and help win new and retain existing clients.
Improve efficiency by enhancing internal processes to save time and money.
Avoid the cost of remedial action due to breaches or incidents.
Empower your workforce
Instil trust and confidence for your employees in company sustainability and long-term viability.
Provide clear guidelines so your employees understand their role in data protection.
Improve your employees’ understanding of data security generally, extending beyond the workplace to their personal lives.
Elevate client confidence
Enhance trust and assurance of security and confidentiality of their data, fostering stronger client relationships.
Streamline supplier onboarding for your clients, reducing their costs and time.
Lower the risk of costly breaches to mitigate potential financial impacts on your clients.
INTERESTED?
Book a free online consultation
FRAMEWORKS
Certification to sought-after cyber security and business management frameworks within weeks
Whether you want to demonstrate your data security commitment to clients, sell your products and services globally or enhance your credibility, de.iterate is here to help.
ISO 27001
ISO 27001 Information security management systems is an international standard that sets out the requirements for data protection systems. It’s all about keeping data safe and secure.
ISO 27701
ISO 27701 Security techniques is an extension to ISO 27001. It provides guidance around systems to support compliance with the GDPR and other data privacy requirements.
SOC 2
Developed by the Institute of American Institute of Certified Public Accountants, SOC 2 is a framework that outlines how service based organisations should protect their data.
NIST
Developed by the US Department of Commerce, the NIST cybersecurity framework helps businesses better manage and reduce their cybersecurity risk and protect their data.
GDPR
The General Data Protection Regulation (GDPR) is a comprehensive data protection law that governs the protection of personal data of European Union citizens.
Privacy Acts
Privacy Acts regulate how businesses and government agencies handle data to ensure privacy is protected. de.iterate supports compliance with various global Privacy Acts.
Essential Eight
Developed by the ACSC, the Essential Eight are a set of mitigation strategies that can be used by organisations to protect against cyber attacks in line with the Australian Privacy Act.
Right Fit for Risk
The Australian Government’s Department of Employment and Workplace Relations uses the Right Fit for Risk program to assess and accredit third party service providers and systems.
ISM
Published by the Australian Signals Directorate, the Information Security Manual (ISM) is a cyber security framework designed to protect systems and data.
ISO 9001
ISO 9001 Quality management systems is all about ensuring your business consistently delivers high-quality products and services, helping ensure long-term client satisfaction.
ISO 45001
ISO 45001 Occupational health & safety management systems specifies the requirements for effective occupational health and safety. It’s all about creating safer, healthier workplaces.
ISO 14001
ISO 14001 Environmental management systems is focused on helping organisations reduce their environmental impact and improve their sustainability.
ISO 42001
ISO 42001 Artificial Intelligence Management Systems specifies the requirements for managing AI systems responsibly for the transparent and trustworthy development and use of AI.
Testimonials
Don’t just take our word it…
Hear what some of our valued clients have to say.
Simplified compliance
“de.iterate really simplified our ISO 27001 compliance program rollout. The clear and memorable policies were great for staff, and the assurance calendar keeps us on track with our commitments throughout the year.”
Cameron Exley
CISO @ Syntric
Simply no question
“If you’re considering ISO 27001 and don’t have countless days to plan and document every policy, train staff and do all the other tasks, there is simply no question—you must have de.iterate on your team.”
John Fison
Chairman @ Zudello
So much easier
“The best thing about the de.iterate platform is that you have everything in one spot: policies, supporting documents, assurance tasks. It made the audit process so much easier.”
Indra Palanimalai
CEO @ onUgo
Unlock the secret to success
Discover the latest insights, trends and tips for top notch data privacy and cyber security.
Our pricing
Our simple monthly subscription model is built to be affordable for everyone from small start-ups, through to huge enterprises.
BASIC
The starting line for cyber defence. Perfect for start ups and small companies embarking on compliance.
- 1 x compliance framework
- BYO policies
- BYO assurance program
- 1 x user
- 1 x domain name
- Risk register
- Asset register
- Incident register
- Compliance calendar
- Evidence store
- ISMS scope and manual
- Compliance reports
- AI-powered assistant
- Admin panel
- Microsoft and Google SSO
*Certification audit fees are not included in monthly subscription. Contact us for details.
COMPLETE
Our most popular package, offering expansive tools and templates for businesses ready to boost their compliance.
Everything in Basic, plus…
- Access to all compliance frameworks
- Templated policies
- Automated assurance program with itemised tasks
- Unlimited users
- Library of ready-to-use controls
- Templated key documents
- Dedicated auditor portal
- Dynamic privacy policy
- Customised trust centre
- Smart policies for employee training
- Automated onboarding for easy set-up
*Certification audit fees are not included in monthly subscription. Contact us for details.
ADVANCED
The ultimate in tailored cyber security compliance, offering fortified, bespoke solutions for complex enterprise needs.
Everything in Advanced, plus…
- Custom compliance standards
- Import an unlimited number of policies
- Dedicated help and advice
- Personalised one-on-one onboarding and set up with a de.iterate expert
- Certification assistance
- Personalised audit support from a de.iterate expert
*Certification audit fees are not included in monthly subscription. Contact us for details.