To ensure clarity and prevent any ambiguity, CIA uses the following definitions throughout these Protocols:

“Agency” / “CIA”
Refers to Compliance & Infrastructure Agency, including its Tech Ops team members, contractors, and authorised representatives.

“Systems”
Refers to any digital workflows, operational frameworks, dashboards, templates, structures, or systemised deployments created or configured by CIA. Examples include—but are not limited to—the Mission Dispatch Grid, Field Intel Uplink, Asset Tracking Matrix, Onboarding Pipeline, Competency Vault, Vehicle Inspection Protocol, and any custom operational system designed for a client.

“Workspace”
A secure digital environment configured for a client within a software platform selected by either the CIA or the client. Workspaces may include dashboards, forms, workflows, user permissions, and operational modules.

“Personal Information”
Any information that identifies, or could reasonably identify, an individual, including but not limited to names, contact details, behavioural data, and digital identifiers.

“Client Data”
Operational or business information provided by a client or their authorised representatives. This may include organisational processes, workflows, asset information, staff data, job site information, vehicle details, or training requirements. Client Data remains the property of the client at all times.

“Third-Party Tools”
External digital platforms, cloud-based services, or software applications that the CIA uses to deliver its services. These may include workforce tools, workflow automation systems, form collection platforms, communications tools, email services, payment processors, analytics platforms, accounting software, and secure storage environments. (CIA does not publicly name or endorse these tools in legal documents.)

“Engagement”
Any interaction with CIA—including visiting our website, submitting a form, joining a waiting list, booking a call, entering into an agreement, completing onboarding, or accessing any of our digital systems.

CIA collects information for operational, communication, and service-delivery purposes. We only collect what is reasonably necessary.

3.1 Personal Information

This includes but is not limited to:

• Names and contact details

• Phone numbers

• Email addresses

• Business information

• Position or role within an organisation

• Application form responses

• Interaction preferences

This information is collected when users join waiting lists, submit inquiry forms, book calls, complete onboarding questionnaires, interact with our funnels, or communicate with us directly.

3.2 Operational Information

This information is typically collected after a client enters into a formal Engagement and is required for system setup:

• Workflow documentation

• Team lists and structure

• Vehicle and asset information

• Training materials

• Internal procedures

• Job site details

• Operational challenges

• Compliance requirements

• Company checklists and SOPs

This data is considered Client Data and is used strictly for operational delivery.

3.3 Usage & Technical Information

We may automatically collect technical information through digital platforms, including:

• IP address

• Device identifiers

• Browser type and version

• Interaction behaviour

• Funnel navigation

• Time on page

• Region or approximate location

This helps the CIA optimise performance, security, user experience, and service improvement.

3.4 Payment Information

Payment data is handled by secure third-party processors.

CIA does not store credit card numbers or financial credentials.

CIA uses collected information for purposes including:

• Reviewing waiting list applications

• Determining service suitability

• Communicating with leads and clients

• Deploying operational Systems

• Setting up digital Workspaces

• Assigning tasks to Tech Ops

• Configuring user access and permissions

• Delivering training or onboarding materials

• Improving overall service quality

• Providing customer support

• Handling billing and account-related communication

• Ensuring compliance with relevant laws

We use Personal Information exclusively for service delivery and administrative communication.
You may unsubscribe from marketing messages at any time. CIA does not use collected information

to make automated decisions that produce legal or similarly significant effects on individuals.

CIA uses a secure digital infrastructure to ensure the confidentiality and integrity of all information collected.

We apply:

• Encrypted storage environments

• Password-protected access

• Strict role-based access controls

• Access logs and monitoring

• Secure communication channels

• Cloud-based backup and redundancy

• Internal audits and access reviews

CIA Tech Ops personnel only access information required for operational tasks and strictly on a need-to-know basis. No physical documents are stored.

CIA may disclose limited data to external service providers when necessary to support our operations.

These disclosures may involve:

• Workspace configuration

• Workflow automation

• Communication processes

• Payment handling

• Data storage

• System hosting

• Analytics or optimisation

• Administrative or operational support

CIA does:

• Only share data required for delivery

• Ensure providers follow appropriate security practices

• Refrain from publicly naming third-party platforms

• Never sell Personal Information

Each provider maintains its own privacy practices and policies.

Some Third-Party Tools used by the CIA may store or process data in jurisdictions outside Australia.

By engaging with CIA, you consent to such transfers where permitted by:

• Australian Privacy Act 1988 (Cth)

• Australian Privacy Principles (APPs)

• GDPR (where applicable)

• CCPA/CPRA (where applicable)

CIA ensures that reasonable measures are taken to protect the integrity of any transferred data.