Security Policy
SECURITY POLICY
Includ Accessibility Pty Ltd
Effective Date: 13th February 2026
Includ is committed to maintaining reasonable and appropriate security safeguards to protect client data, platform integrity, and service delivery.
This Security Policy outlines our general approach to information security.
1. Security Approach
We apply security practices appropriate to the nature of our services, including:
- Accessibility auditing
- Accessibility monitoring
- Platform-based service delivery
Security is a shared responsibility between Includ and our clients.
2. Technical Safeguards
We implement measures including:
- Encrypted connections (SSL/TLS) for data in transit
- Secure cloud hosting environments
- Role-based access controls
- Strong authentication practices
- Monitoring for unusual activity
- Regular system patching and updates
3. Organisational Safeguards
We maintain internal controls including:
- Access restricted to authorised personnel
- Confidentiality obligations for staff and contractors
- Security awareness practices
- Controlled handling of client deliverables and reports
4. Data Handling Practices
Client audit materials and platform outputs are handled in accordance with:
- Contractual confidentiality obligations
- Privacy Policy commitments
- Reasonable data minimisation principles
5. Incident Response
In the event of a suspected security incident, Includ will:
- Investigate promptly
- Take reasonable steps to mitigate impact
- Notify affected clients where appropriate and legally required
6. Client Responsibilities
Clients are responsible for:
- Maintaining security of their own systems
- Controlling access to credentials
- Implementing remediation securely
- Ensuring appropriate internal governance
7. Limitations
While we take reasonable steps to maintain security, no system can be guaranteed to be completely secure.
Includ does not warrant that unauthorised access will never occur.
8. Updates to This Policy
We may update this Security Policy from time to time as practices evolve.
