Legal

Privacy
Statement.

Last updated: June 2026

01

Introduction

Midnight Systems ABN 27 481 630 051 ("Midnight Systems", "we", "us", "our") is a web design, development, and SaaS solutions business operating in South Australia, Australia.

We are committed to protecting the privacy of individuals whose personal information we collect, use, and disclose in the course of our business. This Privacy Statement explains how we handle personal information in accordance with the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

By engaging our services, visiting our website, or submitting an enquiry, you consent to the collection and handling of your personal information as described in this statement.

02

What Personal Information We Collect

The types of personal information we may collect include:

  • Contact details: name, email address, phone number, and business address
  • Business information: company name, ABN, and details about your business relevant to the services we provide
  • Technical information: website credentials, hosting details, domain registrar logins, and similar access information provided to us to carry out work on your behalf
  • Financial information: billing address and invoice history (we do not store credit card or bank account details)
  • Communications: emails, messages, and records of instructions provided to us
  • Website usage data: IP address, browser type, pages visited, and session data collected via our website through standard analytics tools

We only collect information that is reasonably necessary for the purposes described in this statement.

03

How We Collect Personal Information

We collect personal information in the following ways:

  • Directly from you when you submit a contact form, respond to an onboarding questionnaire, engage our services, or communicate with us by email or phone
  • From our client portal, where clients log in and interact with project, invoice, and quote data
  • Automatically via our website using cookies and analytics tools (see Section 8)
  • From third parties where you have authorised them to share information with us (e.g. a referral partner or previous service provider)
04

Why We Collect and Use Personal Information

We use personal information to:

  • Provide and manage the services described in our engagement agreement, including web design, development, SaaS application delivery, and ongoing maintenance
  • Communicate with you about your projects, invoices, quotes, and support requests
  • Send service-related emails such as quote acceptance confirmations, invoice notifications, and portal account credentials
  • Manage billing and payment records
  • Comply with our legal and regulatory obligations
  • Improve our services and website

We will not use your personal information for purposes other than those listed above without your consent, except where permitted or required by law.

05

Disclosure of Personal Information

We may disclose your personal information to third parties in the following circumstances:

  • Hosting and infrastructure providers: your data may be stored on servers operated by third-party cloud providers (including Render.com and Cloudflare). These providers are contractually required to maintain appropriate security standards
  • Email service providers: we use AWS Simple Email Service (SES) to send transactional emails. Email content may pass through AWS infrastructure located outside Australia
  • Subcontractors: where we engage subcontractors to assist with delivery of services, we require them to handle your information in accordance with this statement
  • Legal or regulatory bodies: where we are required to disclose information by law, court order, or a lawful request from a government authority

We do not sell, rent, or trade your personal information to third parties for marketing purposes.

06

Overseas Disclosure

Some of our third-party service providers are located or operate infrastructure outside Australia, including in the United States and Singapore. By engaging our services, you consent to your personal information being transferred to these countries.

Where we disclose personal information overseas, we take reasonable steps to ensure the recipient handles that information in a manner consistent with the Australian Privacy Principles. However, we are not responsible for the privacy practices of overseas recipients once data has been transmitted.

07

Storage and Security

We take reasonable technical and organisational measures to protect personal information from misuse, interference, loss, unauthorised access, modification, or disclosure. These measures include:

  • Encrypted storage for sensitive client credentials within our internal systems
  • Access controls limiting data access to authorised personnel only
  • Use of HTTPS for all data in transit
  • Regular review of our security practices

Despite these measures, no system can guarantee absolute security. You provide personal information at your own risk and should take steps to protect credentials and sensitive information on your end, including using strong passwords and keeping access credentials confidential.

We will retain your personal information for as long as necessary to provide our services, meet legal obligations, or resolve disputes. When no longer required, we will take reasonable steps to destroy or de-identify the information.

08

Cookies and Website Analytics

Our website may use cookies and similar tracking technologies to improve your experience and analyse site usage. Cookies are small text files stored on your device.

We may use:

  • Essential cookies necessary for the website to function
  • Analytics cookies (e.g. via privacy-respecting tools) to understand how visitors use our site

You can disable cookies through your browser settings, though this may affect some functionality of our website. We do not use cookies for advertising or to track you across third-party websites.

09

Client Portal

We operate a password-protected client portal at app.midnightsystems.com.au. Portal accounts are created by Midnight Systems on behalf of clients. If you are provided portal access:

  • Your login credentials will be emailed to you when your account is created
  • You are responsible for keeping your credentials secure and should change your password after first login
  • Portal activity including project views, invoice downloads, and change requests may be logged for operational and security purposes

Portal access is strictly limited to the client for whom the account was created. Do not share your portal credentials with third parties.

10

Accessing and Correcting Your Information

Under the Australian Privacy Principles, you have the right to request access to the personal information we hold about you, and to request corrections if that information is inaccurate, out of date, incomplete, or misleading.

To make an access or correction request, please contact us using the details in Section 12. We will respond within a reasonable timeframe (generally within 30 days). In some circumstances we may decline access as permitted by the Privacy Act 1988 (Cth), and if so we will explain our reasons in writing.

There is no charge for making a request, though we may charge a reasonable fee to cover the cost of providing access in some cases.

11

Privacy Complaints

If you believe we have mishandled your personal information or breached the Australian Privacy Principles, please contact us in the first instance using the details in Section 12. We take privacy complaints seriously and will respond within 30 days.

If you are not satisfied with our response, you may lodge a complaint with the Office of the Australian Information Commissioner (OAIC):

  • Website: www.oaic.gov.au
  • Phone: 1300 363 992
  • Mail: GPO Box 5218, Sydney NSW 2001

As a South Australia-based business, our operations are also subject to the Information Privacy Principles applicable under South Australian government contracts where relevant, though as a private business we are primarily governed by the Commonwealth Privacy Act 1988 (Cth).

12

Contact Us

Midnight Systems

Email: info@midnightsystems.com.au

Website: midnightsystems.com.au

Location: South Australia, Australia

13

Changes to This Privacy Statement

We may update this Privacy Statement from time to time to reflect changes in our practices or legal obligations. The current version will always be available upon request or on our website. Continued engagement with Midnight Systems following notification of changes constitutes acceptance of the updated statement.