Your data security is our
highest priority

Data Encryption

All data processed by CalibrAIte is protected by robust encryption at every stage:

• At rest: All stored data is encrypted using AES-256, the same standard used by banks and government agencies. Database fields containing sensitive information receive additional field-level encryption.
• In transit: All communications between your browser and our servers are encrypted using TLS 1.3. API connections enforce HTTPS with certificate pinning for mobile and desktop clients.
• Encryption key management: Encryption keys are managed through dedicated key management services with automatic rotation and strict access controls.

Australian Data Sovereignty

CalibrAIte is built with a firm commitment to Australian data sovereignty. We understand that mining safety data is sensitive and must remain under Australian jurisdiction.

• All customer data is stored exclusively on servers located within Australia.
• No customer data is transferred, processed, or replicated outside of Australian borders.
• Our infrastructure providers are contractually bound to maintain data residency within Australia.
• We comply with the Australian Privacy Act 1988 and Australian Privacy Principles.

Access Controls

We enforce strict access controls at every level:

• Role-based access control (RBAC): Users are assigned roles with the minimum permissions required for their function. Administrators can configure custom roles to match their organisational structure.
• Principle of least privilege: Internal CalibrAIte staff access to customer data is strictly limited and monitored. Access is granted on a need-to-know basis and requires approval.
• Audit logging: All access to customer data is logged with timestamps, user identity, and action performed. Logs are immutable and retained for a minimum of 12 months.

Authentication

Secure authentication protects every account:

• Multi-factor authentication (MFA) supported for all accounts and enforced for administrator roles.
• Passwords are hashed using bcrypt with appropriate cost factors — we never store plaintext passwords.
• Session tokens are securely generated with automatic expiry and rotation.
• Brute-force protection with rate limiting and account lockout after repeated failed attempts.
• SSO integration available for enterprise customers via SAML 2.0 and OpenID Connect.

Infrastructure Security

Our infrastructure is designed with defence in depth:

• Hosted on enterprise-grade Australian cloud infrastructure with SOC 2 Type II certification.
• Network segmentation isolates customer environments and critical services.
• Web application firewalls (WAF) protect against OWASP Top 10 vulnerabilities.
• DDoS mitigation with automatic traffic filtering and rate limiting.
• Container-based deployment with immutable infrastructure and automated patching.
• Redundant architecture with automatic failover across availability zones.

Incident Response

We maintain a comprehensive incident response plan:

• Dedicated security incident response team with 24/7 monitoring and alerting.
• Documented incident classification, escalation, and resolution procedures.
• Affected customers are notified within 72 hours of a confirmed data breach, in compliance with the Notifiable Data Breaches (NDB) scheme.
• Post-incident reviews conducted for all security events with findings shared transparently.

Compliance

CalibrAIte is designed to meet the regulatory requirements of the Australian mining industry:

• Australian Privacy Act 1988 and Australian Privacy Principles (APPs).
• Notifiable Data Breaches (NDB) scheme compliance.
• Western Australian mining safety regulations and DMPE requirements.
• Working towards SOC 2 Type II and ISO 27001 certification.

Regular Audits

Continuous improvement is central to our security posture:

• Regular penetration testing conducted by independent third-party security firms.
• Automated vulnerability scanning across all application and infrastructure layers.
• Code security reviews integrated into our development pipeline.
• Dependency monitoring for known vulnerabilities with automated alerting.
• Annual security programme reviews with external audit support.

Have security questions or need to report a vulnerability?