← Back to portal

Privacy Policy

Last updated: 20 May 2026

1. Who we are

This portal is operated by Adept IT Solutions (ABN 92 603 162 607), an Australian managed service provider. We built this portal to give our clients visibility into their IT budget, devices, projects, and lifecycle data.

For privacy enquiries, contact us at privacy@adept-it.com.au.

2. What data we collect

Account data

When you sign in via Microsoft Entra ID, we receive your name, email address, and Microsoft Azure Object ID. We store these in our database to identify your account and associate it with your organisation.

IT environment data

The portal displays data sourced from your managed IT environment, including device names, operating system versions, security scores, software licence information, warranty dates, and IT project details. This data originates from integrations with third-party platforms we use to deliver your managed services. We cache subsets of this data to improve performance.

Usage data

We record the time and nature of actions you take in the portal (for example, approving a project or submitting a service request) to maintain an audit log. We also capture your IP address in server logs for security and rate-limiting purposes.

Session data

We store an encrypted session token in an HTTP-only cookie to keep you signed in. No passwords are stored for standard accounts — authentication is delegated entirely to Microsoft Entra ID.

3. Why we collect it

  • To authenticate you and control access to your organisation's data.
  • To display your IT budget, project pipeline, device health, and lifecycle status.
  • To allow you to submit service requests and callback requests to our team.
  • To maintain an audit trail of portal activity for your organisation.
  • To protect the portal against abuse, brute-force attacks, and unauthorised access.

We do not use your data for advertising, do not sell it, and do not use it to train machine learning models.

4. Who we share it with

We share data with third-party platforms that provide hosting, identity and authentication, device management, security monitoring, IT service management, and software licensing services. These platforms process data only to the extent necessary to deliver your managed services. Sign in to view the full list of recipients and data locations.

We do not share your personal information with any other third parties except as required by law.

5. How long we retain data

  • Account records — retained for the duration of your organisation's engagement with Adept IT Solutions, then deleted within 90 days of offboarding.
  • Audit logs — retained for 12 months.
  • Server logs (including IP addresses) — retained for 30 days.
  • Rate-limit records (IP in Redis) — expire automatically within 15 minutes to 1 hour.
  • Session tokens — expire on sign-out or after 30 days of inactivity.

6. Your rights

Depending on your location, you may have rights under the GDPR, the Australian Privacy Act 1988, or other applicable laws, including the right to:

  • Access the personal data we hold about you.
  • Request correction of inaccurate data.
  • Request deletion of your account and associated personal data.
  • Request a machine-readable export of your data.
  • Object to or restrict certain processing.

To exercise any of these rights, email privacy@adept-it.com.au with the subject line Privacy Request. We will respond within 30 days.

Note: because this portal is a business-to-business service, most personal data is processed under a legitimate interest or contractual basis rather than consent. Deleting your account will remove your portal access but does not affect data held by the third-party integrations listed above, which are governed by their own privacy policies.

7. Security

The portal is hosted on Microsoft Azure App Service with TLS enforced on all connections. Authentication is handled by Microsoft Entra ID — we do not store passwords. Session tokens are stored in HTTP-only, Secure, SameSite cookies. Access to the portal is restricted to invited users belonging to your organisation.

8. Cookies

We use one session cookie to maintain your signed-in state. We do not use advertising cookies, tracking pixels, or third-party analytics cookies.

9. Changes to this policy

We may update this policy from time to time. Material changes will be communicated via the portal's announcement system. Continued use of the portal after a change constitutes acceptance of the updated policy.

10. Contact

Adept IT Solutions
privacy@adept-it.com.au