1. Purpose and scope
This Privacy Notice explains how DECNET Pty Ltd, as operator of Helyx, collects, holds, uses and discloses personal information in connection with Helyx websites, landing pages, forms, accounts, subscriptions, watchlists, alerts, reports, onboarding, support, events, marketing and related services.
Helyx is primarily a business-to-business Defence estate intelligence and workflow product. Most information handled by Helyx is business, organisation, role, source and account information. Some of that information may still be personal information where it identifies or can reasonably identify an individual.
2. Privacy law approach
To the extent the Privacy Act 1988 (Cth) and Australian Privacy Principles apply to us, we manage personal information in accordance with those requirements. We also aim to handle personal information in a transparent, minimal and security-conscious way whether or not a particular activity is strictly regulated.
If you are located outside Australia, additional local privacy requirements may apply. This draft is written for an Australian launch and should be reviewed before offering Helyx materially outside Australia.
3. Personal information we collect
The types of personal information we may collect include:
· identity and contact information, such as name, business email, phone number, job title, organisation, office location and professional profile information;
· account information, such as username, authentication details, subscription plan, team membership, account administrator status and support history;
· commercial qualification information, such as organisation type, sector, service lines, regions of interest, timing, subscription readiness and budget range;
· customer capability profile information, such as services, preferred work types, target bases, target regions, account targets, watchlist criteria, saved searches and alert preferences;
· usage information, such as log-in activity, pages viewed, searches, watchlists created, alerts opened, links clicked, exports requested and digest engagement;
· billing and transaction information, such as plan, invoice history, payment status, billing contact and limited payment metadata. We do not intend to store full card numbers;
· communications information, such as emails, form submissions, support requests, webinar participation, meeting notes and feedback;
· technical information, such as IP address, browser type, device information, approximate location, cookie identifiers and security logs;
· public professional information from Source Material, such as names, roles, organisations and publicly available business contact details where relevant to contractor, tender, supplier or market intelligence records.
4. Sensitive information
Helyx is not designed to collect sensitive information, such as health information, biometric information, racial or ethnic origin, political opinions, religious beliefs, union membership, criminal record information or security-clearance details. You should not submit sensitive information into Helyx unless we have expressly requested it and have obtained any consent required by law.
Helyx is also not designed to receive classified, controlled, export-controlled or non-public Defence information. The default Helyx model is public, lawful or licensed source intelligence only.
5. How we collect personal information
We may collect personal information directly from you when you submit a landing page form, create an account, purchase a subscription, attend an event, request a watchlist report, configure alerts, contact support, join a webinar, answer onboarding questions or communicate with us.
We may also collect personal information from your organisation, team administrator, payment provider, CRM/email provider, analytics tools, public sources, government websites, tender notices, company websites, professional profiles and other lawful or licensed sources.
6. Why we use personal information
We may collect, hold, use and disclose personal information to:
· provide, operate, personalise, secure and improve Helyx;
· create and manage accounts, subscriptions, billing, renewals, cancellations and refunds;
· prepare personalised watchlist reports, saved searches, relevance scoring, alerts, digests, opportunity briefs and team dashboards;
· understand customer service lines, regions, project interests and target accounts;
· respond to enquiries, provide support, troubleshoot issues and conduct onboarding;
· send service communications, account notices, security notices, billing notices and product updates;
· send marketing communications where permitted and manage unsubscribe preferences;
· analyse product engagement, conversion, retention, digest performance and feature usefulness;
· detect, prevent and respond to misuse, security incidents, fraud, unauthorised access and legal risks;
· comply with legal obligations, enforce terms, respond to lawful requests and protect rights and interests.
7. AI-assisted processing and automated tools
Helyx may use AI-assisted tools and workflow automation to extract, tag, classify, summarise, compare, rank and score market signals against customer profiles, including by reference to service lines, regions, work types, bases, projects, organisations, source documents and alert preferences.
These tools are intended to support Helyx intelligence workflows and customer relevance. They are not intended to make decisions with legal or similarly significant effects about individuals. Where Helyx uses automated tools, we aim to preserve source context, confidence indicators and human review controls for high-value outputs.
8. Disclosure of personal information
We may disclose personal information to:
· our personnel, contractors, advisers and service providers who need it to operate, support or improve Helyx;
· hosting, database, CRM, email, analytics, AI processing, authentication, file storage, payment and workflow providers;
· payment processors, banks and accountants for billing, tax and financial administration;
· team administrators or authorised users within your organisation, where relevant to account management and team usage;
· professional advisers, insurers, auditors and legal representatives;
· regulators, courts, government agencies or law enforcement where required or permitted by law;
· a buyer, investor or successor in connection with a merger, acquisition, financing, restructuring or sale of all or part of our business, subject to appropriate confidentiality arrangements.
We do not sell personal information as a standalone product. Helyx may provide business intelligence that includes publicly available names, roles or organisation details where that information is relevant to public source market intelligence.
9. Overseas disclosure and processing
Some service providers used to operate Helyx may store or process information outside Australia. Likely locations may include Australia, the United States, the United Kingdom, the European Economic Area, Singapore or other countries used by our cloud, CRM, email, analytics, AI or payment providers.
10. Cookies, analytics and marketing technologies
Helyx websites and emails may use cookies, pixels, analytics tags and similar technologies to operate the website, remember preferences, measure traffic, understand landing page conversion, monitor email engagement, secure accounts and improve the product.
You may be able to control cookies through your browser settings. Some features may not work properly if cookies are disabled. Marketing emails will include an unsubscribe mechanism where required.
11. Direct marketing
We may use business contact information to send newsletters, product updates, launch offers, event invitations, insights and marketing communications where permitted by law. You can opt out of marketing communications by using the unsubscribe link or contacting us. We may still send non-marketing service, billing, support and security communications.
12. Security
We take reasonable technical and organisational measures to protect personal information from misuse, interference, loss, unauthorised access, modification and disclosure. Measures may include access controls, authentication, encryption, secure hosting, backups, audit logs, staff/contractor controls, security monitoring, vulnerability management and incident response procedures.
No online service is completely secure. You are responsible for using strong credentials, limiting authorised users, protecting your devices and notifying us promptly of suspected unauthorised access.
13. Retention
We keep personal information for as long as reasonably needed for the purpose for which it was collected, including to provide Helyx, manage accounts, comply with legal and tax obligations, resolve disputes, enforce agreements, maintain security logs and preserve business records.
When personal information is no longer needed, we will take reasonable steps to delete, destroy or de-identify it, unless we are required or permitted by law to retain it. Some information may remain in backups, archives or logs for a limited period before deletion is technically practicable.
14. Access and correction
You may request access to personal information we hold about you or ask us to correct inaccurate, out-of-date, incomplete, irrelevant or misleading personal information. We may need to verify your identity before responding. We may refuse a request where permitted by law, in which case we will explain our reasons where required.
15. Complaints
If you have a privacy concern or complaint, contact us using the details below. We will acknowledge the complaint within a reasonable time and aim to resolve it promptly. If you are not satisfied with our response, you may be able to contact the Office of the Australian Information Commissioner or another relevant regulator.
16. Notifiable data breaches
If the Privacy Act applies to us and a data breach involving personal information is likely to result in serious harm, we will assess the incident and, where required, notify affected individuals and the Office of the Australian Information Commissioner.
17. Children
Helyx is not intended for children or people under 18. We do not knowingly collect personal information from children. If we become aware that a child has provided personal information, we will take reasonable steps to delete it unless we are required or permitted by law to retain it.
18. Changes to this Privacy Notice
We may update this Privacy Notice from time to time. The updated version will be published on our website or otherwise made available. Material changes may be notified through the website, account portal or email.
19. Contact details
Operator: DECNET Pty Ltd
Product: Helyx
ABN/ACN: 35 670 900 259
Address: 23 Covelee Cct, Middle Cove NSW 2068
Support and privacy contact email: [email protected]