Yes. Different users can be assigned various permission levels.

No.

No.

Usernames and email addresses may be classified as personal information.

No sensitive or health information is collected.

No passwords are stored. Clever Logger uses one-time passcode login.

Clever Logger does not collect or store sensitive information or Protected Health Information (PHI).

User email and name are the only personal information collected.

Access is protected through controls, encryption in transit, and encryption at rest.

No.

Anonymised customer data may be used internally for debugging and testing.

Anonymised error logs and performance metrics may be sent to Sentry. This can be disabled with browser extensions or firewall rules.

Data is stored for at least two years and is currently stored indefinitely.

Customers can export temperature data as CSV, XLSX or PDF.

Retention beyond two years can be arranged upon request.

Temperature and humidity logs, usernames, email addresses, device IP addresses, Wi-Fi SSID name, and organisation contact details if entered.

No passwords are accessible within the system.

Yes. It complies with the Australian Privacy Act 1988 (Cth), the Australian Privacy Principles (APPs), and various Australian State Health Acts.

Computers used to administer Clever Logger apply operating system and software patches within two weeks.

Cloud platform patches are tested and prioritised.

Third-party software is regularly reviewed for security patches.

Operating system and application patches from AWS are applied as soon as notifications are received.

Gateways update to the latest firmware or operating system automatically if security patches are available.

Sydney, Australia.

AWS – Australia and USA.

Australia and USA.

The Lead Developer has full system access.

Other developers only access the code they are working on.

Version control is managed within Git.

Yes.

Yes. Developers without production system requirements do not have access.

Cloud accounts, such as AWS, are fully segregated with unique credentials.

All staff use a password manager and are encouraged to generate complex passwords.

Password audits are conducted periodically.

Passwords are audited and reset upon termination of employment.

Immediately.

Developers do not store local copies of data.

Data is accessed remotely with 2FA.

Access can be removed remotely if hardware is lost or employment is terminated.

Development occurs on local machines.

Builds are tested on a staging server.

Only the senior developer has access to deploy to production.

Yes. Data is regularly backed up to ensure reliability.

Yes. There are distinct environments for testing and live operations.

Yes.

Yes. We have a 99.9% uptime.

AWS is used for databases, API nodes, and file storage.

Cloudflare provides DNS and DDoS protection.

AWS provides compliance information through AWS Compliance.

Cloudflare provides compliance information through Cloudflare Compliance.