Introduction

Ineket is committed to delivering technology solutions that are secure, reliable, and aligned with industry standards. We do not operate as a hosting provider or data centre, but we take full responsibility for ensuring that every solution we design follows security by design and security by default principles.

Security is a shared responsibility between Ineket, our clients, and our technology partners. This policy outlines how we protect information, embed security practices into our work, and help clients maintain strong safeguards.

Our Security Principles

Confidentiality - Access to systems and data is limited to authorised individuals.
Integrity - We ensure data and systems remain accurate, reliable, and resistant to tampering.
Availability - Solutions are designed to ensure business continuity and reliability.
Accountability - Every staff member, contractor, and partner shares responsibility for maintaining security.

Technical and Operational Practices

Secure Architecture - Solutions are built using the Microsoft Security Development Lifecycle and follow OWASP Top 10 and Zero Trust principles.
Access Controls - Role-based access and multi-factor authentication are enforced through platforms like Azure Active Directory.
Encryption and Data Security - All data is encrypted in transit using TLS 1.3 and at rest using industry-standard encryption.
Testing and Review - Code review and security scanning are mandatory. Penetration testing is encouraged before deployment.
Incident Response - Any detected vulnerability is investigated and resolved in collaboration with clients.
Change Management - All updates follow proper approval and version control procedures.

Governance and Compliance

All staff and contractors complete security awareness training and sign confidentiality agreements.
Security measures are reviewed regularly and updated to address emerging risks.
Clients are encouraged to maintain their own hosting and infrastructure security in line with ACSC Essential Eight and Microsoft security recommendations.

Framework Alignment

Ineket aligns with:

ISO/IEC 27001 Information Security Management
ISO/IEC 27017 and 27018 Cloud Security and Data Protection
NIST Cybersecurity Framework
ACSC Essential Eight
OWASP Top 10

Commitment

Security is an ongoing process that requires awareness and collaboration. Ineket remains committed to protecting client information through consistent best practices, transparent communication, and continuous improvement.

Introduction

At Ineket, we respect the privacy and confidentiality of our clients, partners, and users. As a consultancy, we are not a primary data controller or processor for client data, but we may handle business information, project documentation, or limited personal data during our engagements. This policy outlines how we collect, use, and protect that information in line with the Australian Privacy Principles (APPs) and recognised international data protection standards.

Information We Collect

We collect only the information necessary to deliver our services effectively and securely.

Contact Information - Name, company, role, email address, and phone number provided during inquiries or engagements.
Project Information - Business documentation, system configurations, architecture designs, and workflow materials required to deliver or support a solution.
Technical Information - Logs, environment details, or diagnostic data used for troubleshooting or optimisation. We do not collect unnecessary personal data such as consumer, employee, or financial records unless explicitly required for a project and agreed upon in writing.

How We Use Information

Collected information is used strictly for professional and operational purposes, including:

Delivering consultancy, software development, and integration services.
Providing technical assistance, training, or post-deployment support.
Communicating updates, proposals, or administrative information relevant to the engagement.
Meeting contractual, legal, or compliance requirements.

Data Retention and Deletion

Data is retained only for the duration of the project or as required by contract or regulation.
Upon completion, client data is securely deleted or returned, following industry-recognised standards such as NIST SP 800-88.
Backups, logs, and working copies are reviewed and erased once no longer necessary.
Long-term retention only applies when legally required or explicitly requested by the client.

Data Sharing

Ineket does not sell, rent, or trade any client information.
Information may be shared only with trusted third parties—such as cloud service providers or integration partners—strictly for service delivery and under binding confidentiality agreements.
Data may be disclosed to regulatory or legal authorities if required by law, and clients will be notified wherever permissible.

Security and Access Control

All client data is stored using secure, access-controlled environments with encryption in transit and at rest.
Access is restricted to authorised team members based on the principle of least privilege.
Regular reviews and security assessments ensure data integrity and protection across systems.

Rights of Clients

Clients and partners have the right to:

Request access to any data held by Ineket relating to their engagement.
Request corrections or secure deletion of data when no longer necessary.
Be informed of how their information is used, stored, or shared during the course of a project.
Withdraw consent for optional communications at any time.

International Transfers

Where client data is stored or processed using trusted cloud environments (such as Microsoft Azure), Ineket ensures that all data residency and transfer controls comply with Australian law and global privacy standards.

Commitment

Privacy is an essential part of trust. At Ineket, we apply strict data handling practices, transparent communication, and ongoing compliance reviews to safeguard every piece of information shared with us. We believe privacy is not just a policy—it is a responsibility that defines how we work.

Introduction

These Terms and Conditions govern the use of Ineket’s services and solutions. By engaging with Ineket, you acknowledge and agree to these terms, as well as any additional terms included in Statements of Work, proposals, or formal agreements. These terms are designed to ensure clarity, protect all parties involved, and maintain fairness throughout every stage of engagement.

Scope of Services

Ineket provides professional technology consulting and development services, including but not limited to:

IT consultancy, enterprise architecture, and digital solution design.
Microsoft Power Platform development, low-code automation, and custom software engineering.
System integration, API development, and workflow automation.
Advisory on governance, data security, privacy, and digital transformation strategies.

Ineket provides professional technology consulting and development services, including but not limited to:

Intellectual Property

Client IP - All custom-developed solutions, designs, code, and deliverables commissioned specifically for the client become the property of the client upon full payment.
Ineket IP - All proprietary tools, frameworks, methodologies, templates, or accelerators developed independently by Ineket remain our intellectual property and may be reused across other projects.
Clients are granted a perpetual, non-exclusive licence to use the deliverables as intended under the agreement.

Client Responsibilities

Clients play an important role in ensuring project success. To enable efficient delivery, clients agree to:

Provide accurate, complete, and lawful information required for service delivery.
Ensure timely access to systems, resources, documentation, and stakeholders.
Designate key contacts for project communication and approvals.
Maintain compliance with all relevant laws and organisational policies during and after the engagement.
Accept responsibility for ongoing system use, administration, and compliance post-delivery unless a support agreement states otherwise.

Limitation of Liability

Ineket’s liability under any engagement is limited to the total amount paid for the specific service or project.
We are not liable for indirect, incidental, or consequential damages, including loss of data, revenue, or business interruption.
Ineket is not responsible for failures caused by third-party systems, services, or client-side configurations outside our control.

Confidentiality

Ineket treats all information shared by clients as confidential. This includes technical data, business documents, designs, and proprietary information.
Confidential information will not be disclosed, shared, or reused without written consent.
Confidentiality obligations remain binding even after a project or agreement ends.

Payment Terms

All invoices are payable according to the terms stated in the project agreement or invoice.
Late payments may result in service suspension or incur reasonable administrative charges.
Ownership of deliverables transfers only after full payment is received.

Termination

Either party may terminate the engagement by providing written notice within the agreed notice period.
Ineket reserves the right to suspend or terminate services if contractual terms, confidentiality, or payment obligations are breached.
Upon termination, all outstanding obligations — including payments and confidentiality commitments — remain enforceable.

Governing Law

These Terms and Conditions are governed by and interpreted in accordance with the laws of New South Wales, Australia. Any disputes arising from engagements with Ineket will be subject to the jurisdiction of Australian courts.

Updates to These Terms

Ineket reserves the right to review and update these Terms and Conditions periodically. Any changes will be posted on our official website, and continued use of our services constitutes acceptance of the updated terms.

Introduction

At Ineket, collaboration is a cornerstone of how we build secure and scalable business solutions. We partner with technology providers, integration specialists, and third-party vendors to extend the capabilities of the Microsoft ecosystem and other modern platforms. Our goal is to deliver solutions that are efficient, compliant, and future-ready — while ensuring every integration remains secure, ethical, and transparent. This policy outlines how we evaluate partners, establish integration standards, and uphold data protection responsibilities across all collaborative projects.

Partner Selection and Evaluation

We carefully evaluate all partners and vendors before any form of collaboration. Each is assessed against defined security, compliance, and performance criteria to ensure they align with Ineket’s standards and client expectations.

Partners must demonstrate adherence to strong compliance, governance, and cybersecurity frameworks.
Preference is given to vendors with industry-recognised certifications such as ISO/IEC 27001, SOC 2 Type II, or equivalent.
All partners are required to sign Non-Disclosure Agreements (NDAs) and Data Processing Agreements (DPAs) to protect client data and intellectual property.
Vendors must maintain transparent documentation of their operational processes, hosting environments, and security practices.
Periodic reviews are conducted to ensure partners continue meeting compliance obligations.

Integration Standards

We design integrations with a focus on privacy, interoperability, and resilience. All connections between systems follow secure development practices and data governance principles.

Secure authentication and authorisation standards such as OAuth 2.0, OpenID Connect, and Azure Active Directory (AD) are mandatory.
Only essential data required for a specific business function is exchanged between systems — following a principle of minimum privilege.
Where possible, integrations include audit logging, version control, and monitoring capabilities for traceability.
All data transmissions occur through encrypted channels using protocols such as HTTPS TLS 1.2 + or stronger.
Data residency, retention, and privacy requirements are reviewed before any integration is deployed.

Responsibilities

Partnerships and integrations are shared responsibilities between Ineket, clients, and third-party vendors.

Ineket ensures all integrations are built securely, thoroughly tested, and implemented in line with contractual and client-specific security expectations.
Partners must uphold their compliance obligations, promptly report any vulnerabilities, and maintain the same level of data protection that Ineket provides.
Clients retain full ownership and control over their business data. Ineket does not claim ownership of any client systems, datasets, or intellectual property shared through integrations.

Transparency

Transparency underpins every collaboration we engage in. We maintain open communication with clients about the tools, vendors, and dependencies used within their solutions.

Clients are provided with clear documentation of all integrations, APIs, and third-party services in use.
Any risks, limitations, or dependencies identified during design or implementation are communicated in advance.
Changes to vendor relationships or integration methods are always discussed with the client prior to deployment.

Commitment

Ineket is committed to building partnerships that prioritise trust, accountability, and innovation. Every integration is designed to enhance performance while safeguarding data, ensuring that clients can operate confidently within secure, modern ecosystems.

Introduction

At Ineket, confidentiality is not just a policy; it is a fundamental part of how we operate. We work with sensitive business data, proprietary systems, and technical information from clients across diverse industries. Protecting that information is essential to maintaining trust, professionalism, and compliance. All information shared with us—whether during early consultation, active project delivery, or post-deployment support—is treated as confidential and managed in accordance with strict internal controls.

Our Commitments

Confidential Agreements - Every Ineket employee, contractor, and partner signs a Non-Disclosure Agreement (NDA) before being granted access to client or project data.
Scope of Confidentiality - Confidential information includes but is not limited to business strategies, process documentation, software code, databases, client or customer lists, system credentials, architectural diagrams, and internal communication.
Use Limitation - Any client data or intellectual property shared with us will only be used for the specific project or purpose for which it was provided.
Protection Measures - Access to confidential information is restricted to authorised team members who require it for their role. All systems used for communication and storage are secured through encryption and strict access control.
Non-Disclosure - We will never disclose, share, or reuse client data, technical documentation, or proprietary assets without written consent.

Exceptions

In limited and specific cases, the confidentiality obligations under this policy do not apply to:

Information that is already publicly available and not disclosed through a breach of confidentiality.
Information lawfully known to Ineket prior to disclosure by the client.
Information required to be disclosed by law, regulatory authority, or court order. In such cases, we will, where legally permissible, notify the client prior to disclosure.

Handling and Storage

Confidential materials are transmitted and stored only through approved, secure systems such as Microsoft 365, SharePoint, or encrypted transfer channels. Offline copies, if required, are kept under controlled access and destroyed after use. Version history and document tracking are used to ensure transparency and traceability of all access.

Duration

Confidentiality obligations remain binding indefinitely, even after a contract or engagement ends. The obligation to protect client data does not expire when a project concludes; it continues for as long as the information retains its confidential or proprietary nature.

Breach and Enforcement

Any breach or unauthorised disclosure of confidential information is treated as a serious violation of Ineket policy. Depending on severity, actions may include termination of access, contract suspension, or legal proceedings to recover damages or enforce confidentiality terms.

Commitment

We understand that confidentiality is the foundation of every trusted business relationship. Our commitment extends beyond compliance—it reflects our core belief that technology must empower businesses without compromising privacy, ownership, or control.

Introduction

The way data is handled defines how much clients can trust us. At Ineket, data protection is central to every engagement. We apply strict standards to how information is collected, stored, shared, and ultimately destroyed. Our goal is to ensure clients remain fully in control of their data throughout every stage of a project.

Data Handling Rules

Only information essential to a project’s delivery is collected.
All data is transferred and stored using secure, encrypted channels such as Microsoft OneDrive, SharePoint, or approved cloud services.
Access to client data is restricted to authorised team members directly involved in the project.
Sensitive or confidential data is handled according to agreed client security requirements.
Any use of personal data complies with Australian privacy laws and the Australian Privacy Principles (APPs).

Retention

Project data is retained only for as long as necessary to complete the engagement or meet contractual obligations.
Regular audits and reviews ensure unnecessary data or duplicates are securely deleted.
Retention timelines can be extended only if required by law or with explicit client consent.

Deletion

Upon project completion, data is either returned securely to the client or deleted according to approved procedures.
All deletions follow internationally recognised standards such as NIST SP 800-88 or equivalent secure erasure methods.
Backup and residual copies are reviewed and purged once verification of completion is confirmed.
Clients can request proof of deletion or data return at any time after project closure.

Purpose

This policy outlines how Ineket’s systems, platforms, and digital solutions must be used by both internal team members and external clients. Its goal is to ensure that every system is used responsibly, securely, and in line with legal, ethical, and contractual obligations.

Acceptable Use

To maintain the integrity and safety of our environment, users must:

Use Ineket’s systems and resources only for lawful, authorised business purposes.
Respect intellectual property rights, licences, and confidentiality agreements.
Handle data and information responsibly, following all applicable security and privacy standards.
Use testing or sandbox environments only for approved development or evaluation activities.
Report any suspected vulnerabilities, misuse, or breaches to the appropriate contact immediately.

Prohibited Use

To protect our systems and clients, users must not:

Attempt to bypass or disable security measures.
Upload or distribute malicious, harmful, or unauthorised code.
Use Ineket’s systems to access, transmit, or store unlawful or abusive content.
Share confidential information or credentials with unauthorised individuals.
Engage in activities that could damage systems, disrupt services, or compromise security.

Enforcement

Misuse of Ineket systems may result in immediate termination of access, suspension of services, or contract termination. Where appropriate, violations may be reported to authorities or pursued through legal action. Ineket reserves the right to monitor usage for compliance and investigate suspected policy breaches.

Introduction

At Ineket, integrity and professionalism form the foundation of everything we do. We are committed to maintaining a culture of trust, transparency, and respect in all relationships — with clients, partners, and each other. Our Code of Conduct and Ethics outlines the principles that guide how we work, communicate, and deliver solutions responsibly.

Professional Integrity

We act honestly and transparently in every engagement. All communication and decision-making are guided by fairness, accountability, and accuracy. We never make promises we cannot keep, and we deliver every solution with care, attention to detail, and respect for client confidentiality.

Respect and Inclusion

We treat everyone with respect and dignity, regardless of background, role, or experience. We promote a workplace culture that values collaboration, inclusion, and equal opportunity. Differences in ideas and perspectives make our work stronger.

Data and Confidentiality

Protecting client information is a shared responsibility. All data handled by Ineket staff or contractors is managed securely, with access restricted to authorised personnel. We comply with relevant privacy laws, security standards, and internal policies that safeguard data integrity and confidentiality.

Compliance and Legal Responsibility

We comply with all applicable Australian laws, regulations, and industry standards. Our work aligns with ethical business practices, and we ensure that all contracts, partnerships, and software deliveries meet regulatory requirements and respect intellectual property rights.

Fair Business Practices

We avoid conflicts of interest and conduct business with transparency and professionalism. We do not engage in unfair competition, misuse of information, or unethical influence. Our actions must always reflect the trust placed in us by our clients and partners.

Responsibility and Accountability

Every member of Ineket shares responsibility for maintaining high ethical standards. We hold ourselves accountable for our actions and decisions. When challenges arise, we communicate openly and resolve them constructively and in good faith.

Commitment to Continuous Improvement

We continually review and improve our ethical standards, operational policies, and communication practices. As technology evolves, we adapt our methods to uphold the same values of integrity, privacy, and accountability that define Ineket.