Information Security Policy

Purpose

Your Marketing Machines (YMM) is committed to protecting the confidentiality, integrity, and availability of information entrusted to us.  This Information Security Policy outlines our high-level approach to safeguarding information and supporting secure business operations. It is non-contractual and supports, but does not replace, obligations contained in Client Services Agreements or applicable law.

Scope

This policy applies to:

  • YMM systems, devices, and information;
  • employees, contractors, and authorised users; and
  • information handled in the course of business operations.

Information We Protect

We take reasonable steps to protect information, including:

  • personal information;
  • confidential business information;
  • client materials and intellectual property; and/or
  • operational and strategic information.

Detailed handling of personal information is governed by our Privacy Policy.

Information Security Controls

YMM applies a tiered, risk-based approach to information security controls, designed to be proportionate to the nature of our operations, the information we handle, and the risks we face.

Tier 1 Controls – Foundational Security Measures

Tier 1 controls represent the baseline security measures implemented across YMM to protect information and systems.  These controls focus on:

  • governance and accountability for information security;
  • access control and user authentication;
  • secure configuration and maintenance of systems and devices;
  • awareness and training to support secure behaviours; and
  • basic monitoring, backup, and incident awareness processes.

Tier 1 controls are designed to reduce the likelihood of common threats and support day-to-day secure operations.

Tier 2 Controls – Enhanced & Risk-Based Measures

Tier 2 controls are additional safeguards applied where higher risk is identified, such as:

  • handling of sensitive or confidential information;
  • reliance on third-party technology providers;
  • increased exposure to cyber or operational threats; and
  • regulatory or contractual obligations.

Tier 2 controls may include enhanced monitoring, detection, response, and recovery measures, informed by recognised industry frameworks and risk management practices.

5.Internal Standards and Continuous Improvement

Detailed technical requirements, procedures, and operational standards supporting Tier 1 and Tier 2 controls are maintained internally and reviewed periodically.  These internal standards may align with recognised frameworks and guidance, including Australian and international cyber security best practice, without being limited to any single framework.  This public policy is intended to provide transparency regarding YMM’s security approach and does not create contractual warranties or guarantees.

Third-Party Systems

We use third-party technology providers to support our operations.  Where third-party platforms are used:

  • their own security and privacy practices apply;
  • YMM does not control their systems; and
  • reasonable steps are taken to select reputable providers.

Responsibilities

All personnel and authorised users are expected to:

  • use systems responsibly;
  • protect access credentials;
  • report suspected security incidents promptly; and
  • comply with applicable policies and procedures.

Security Incidents

If a security incident is suspected, YMM will take reasonable steps to:

  • assess the situation;
  • limit potential impact; and
  • comply with any legal notification requirements. 

Limitations

While YMM takes information security seriously, no system can be guaranteed to be completely secure.  This policy does not constitute a guarantee of security and does not create contractual warranties or service commitments.

Governance and Review

This policy is reviewed periodically to reflect changes in technology, risk, and regulatory requirements.

Contact Us

If you have a question regarding this Information Security Policy, or you would like to make a complaint, please contact the Director at:  

Email:                     support@yourmarketingmachines.com.au

Phone:                   0401 304 662

Address:               Unit 29/81 Annerley Rd, Woolloongabba, QLD 4102

Contact:                 Andrea Anderson

Last Updated: 30 December 2025

          Feel free to contact us if you need any further assistance you can contact us: support@yourmarketingmachines.com.au