Who is required to be compliant?
The Privacy Act and its subsequent APPs apply to most Australian and Norfolk Island Government agencies and some private sector organisations.
The NDB scheme applies to all organisations applicable under the Privacy Act.
The EU GDPR applies to organisations within the EU, and any organisation that offers goods and services or monitors the behaviour of EU data subjects. This also means that if an organisation holds and/or processes personal information of data subjects residing in the EU they must meet the GDPR requirements.
Scope of the Service
What Our Customers Say
“We chose to engage an Australian company called Shearwater to lead that (IRAP) assessment
because of their reputation for rigour and expertise.”
“Security is an on-going process, and as an IT Security Advisor, I am comfortable with having a peer company like Shearwater to rely upon. If I have an issue or need advice I am confident that Shearwater can provide a pragmatic and cost-effective solution.”