InCheq's approach to data security, privacy, and compliance. Information about how we protect client data and maintain trust in our psychosocial risk intelligence platform.

Trust & Security

InCheq is trusted by enterprise organisations to handle sensitive psychosocial risk data. We hold ourselves to the same governance standards we help our clients achieve.

Request security documentation Privacy Policy

Our commitment

InCheq provides psychosocial risk intelligence to organisations operating in regulated, high-risk, and complex environments. The data our clients entrust to us is sensitive and consequential. We take that responsibility seriously.

Security, privacy, and compliance are not afterthoughts at InCheq. They are embedded in how we design, build, and operate our platform and our business.

How we protect your data

Data Protection

  • Data encrypted in transit using TLS 1.2 or higher
  • Data encrypted at rest using industry-standard encryption
  • Data residency within Australia
  • Strict access controls with least-privilege principles
  • Regular access reviews and audit logging

Infrastructure Security

  • Hosted on enterprise-grade cloud infrastructure
  • Network security controls and monitoring
  • Vulnerability management and patching
  • Automated threat detection and alerting
  • Regular security assessments

Organisational Security

  • Background screening for all personnel
  • Security awareness training
  • Defined incident response procedures
  • Business continuity and disaster recovery planning
  • Secure development practices

Privacy & Compliance

  • Compliant with the Privacy Act 1988 (Cth) and APPs
  • Actively pursuing formal security certification
  • Data processing agreements available for clients
  • Regular compliance reviews and assessments
  • Transparent privacy practices and policies

No tracking. No profiling. No third-party advertising.

This website does not use analytics cookies, tracking pixels, or third-party advertising scripts. We do not profile visitors or share browsing data with advertising networks. Limited technical data is collected through server logs for security and operational purposes only.

Security documentation

The following documentation is available to prospective and current clients to support vendor risk assessments, procurement processes, and ongoing governance requirements.

  • Security questionnaire responses (SIG, CAIQ, custom) Available on request
  • Data Processing Agreement (DPA) Available on request
  • Sub-processor list Available on request
  • Penetration test executive summary Available under NDA
  • Incident response overview Available on request
  • Business continuity summary Available under NDA
  • Platform architecture overview Available on request

InCheq is actively pursuing formal security certification. We welcome questions about our current security posture and certification timeline during evaluation.

Request security documentation

If you are evaluating InCheq as part of a procurement or vendor risk assessment process, we are happy to provide the documentation you need.

Contact us

hello@incheq.com.au

Melbourne, Australia