Why Data Privacy Matters More Than Ever
As Australian businesses adopt AI-powered software platforms, the question of data privacy and security becomes increasingly important. Your business data — customer records, financial information, employee details, operational data — is among your most valuable and sensitive assets. How your software providers handle that data should be a critical factor in every purchasing decision.
The Australian Privacy Act and the Australian Privacy Principles establish clear obligations for how personal information must be collected, stored, used and disclosed. Businesses that use software platforms have a responsibility to ensure their technology providers comply with these requirements. A data breach or privacy violation can result in significant financial penalties, reputational damage and loss of customer trust.
Our Approach to Data Security
At Veleria, we take a security-first approach to everything we build. Here is how we protect your business data.
Australian Data Hosting
All Veleria data is hosted on Australian servers. We do not store business data offshore. This ensures compliance with Australian data sovereignty requirements and means your data is subject to Australian privacy laws, not the laws of a foreign jurisdiction. For industries with specific data residency requirements, such as healthcare and government, Australian hosting is not just a preference — it is a requirement.
Encryption at Rest and in Transit
Every piece of data stored on our platform is encrypted at rest using AES-256 encryption, the same standard used by banks and government agencies. All data transmitted between your devices and our servers is encrypted in transit using TLS 1.3, preventing interception during transmission. This means your data is protected whether it is sitting in our database or moving across the internet.
Role-Based Access Controls
Not everyone in your organisation needs access to everything. Our platform implements role-based access controls that allow you to define exactly what each user can see and do. Administrators have full access. Support workers see only the information relevant to their assigned participants or jobs. Family members have read-only access to specific care information. This principle of least privilege minimises the risk of unauthorised access.
Authentication and Identity
We support multi-factor authentication to ensure that even if a password is compromised, unauthorised access is prevented. Session management includes automatic timeout for inactive sessions and the ability for administrators to revoke access immediately when an employee leaves the organisation.
Audit Logging
Every significant action on the platform is logged — who did what, when and from which device. This audit trail is essential for compliance, investigation of incidents and demonstrating accountability to regulators and auditors.
Regular Security Assessments
We conduct regular security assessments of our infrastructure, codebase and operational practices. This includes automated vulnerability scanning, dependency monitoring for known security issues and periodic review of access controls and permissions.
What We Never Do
We believe it is equally important to be clear about what we do not do with your data. We never sell your data to third parties. We never use your business data to train AI models that serve other customers. We never share your data with advertisers. We never access your data without your explicit consent, except as required by law. We never store data in jurisdictions outside Australia.
AI-Specific Privacy Considerations
When AI features are used within our platform, such as our AI care assistant or automated workflow tools, all processing occurs within our secure Australian infrastructure. AI interactions are processed in real time and are not stored for training purposes. Your business conversations and data are never used to improve AI models for other customers.
Your Responsibilities
While we provide the technical infrastructure to keep your data safe, security is a shared responsibility. We recommend that all users enable multi-factor authentication, use strong unique passwords, regularly review user access and remove accounts for departed employees, train your team on security best practices, and report any suspicious activity to our support team immediately.
Questions to Ask Any Software Provider
When evaluating any software platform for your business, ask these questions. Where is my data hosted? Is it encrypted at rest and in transit? Who has access to my data and under what circumstances? Do you sell or share my data with third parties? What happens to my data if I cancel my subscription? Can you provide documentation of your security practices? Are you compliant with the Australian Privacy Act?
Any provider that cannot answer these questions clearly and confidently should be approached with caution.