Privacy Policy — Blu Sky Security & Alarmify

Effective date: 23 January 2026

Version: 3.1

This Privacy Policy explains how Innovative Control Solutions Pty Ltd (ABN 33 602 766 727)
(we, us, our) collects, holds, uses and discloses personal information in Australia when trading as:

  • Blu Sky Security (“Blu Sky”), and
  • Alarmify (“Alarmify”).

This Policy applies to personal information collected through our websites, customer portals, apps, forms,
quoting processes, installation and service operations, monitoring services, and support channels provided
under either brand.

We handle personal information in accordance with the Privacy Act 1988 (Cth), the Australian Privacy Principles (APPs),
and the Notifiable Data Breaches (NDB) scheme.

1) Who we are & how to contact us

Legal entity
Innovative Control Solutions Pty Ltd (ABN 33 602 766 727)
Business names
Blu Sky Security, Alarmify
Privacy Officer
Privacy Officer
Email
privacy@blusky.com.au
Phone
(08) 7123 4177
Address
1/72 Everard Avenue, Keswick SA 5035

If you have questions about this Policy, want access to your information, want to request a correction,
or want to make a privacy complaint, contact our Privacy Officer (details above).

2) Scope

This Policy covers personal information we handle for:

  • enquiries and sales conversations (phone, email, web forms, chat)
  • quotes, proposals, and customised system design (Blu Sky)
  • online orders and package purchases (Alarmify)
  • onsite inspections, installation, commissioning, and training
  • servicing, maintenance, troubleshooting and support
  • alarm monitoring services and alarm response administration (if enabled)
  • billing, payments, accounts management, and customer administration
  • our websites, portals and mobile apps (including cookies/analytics)

3) What personal information we collect

Depending on your relationship with us (customer, prospective customer, monitoring contact, authorised site contact,
supplier, website visitor), we may collect:

A) Identity & contact details

  • name, email, phone, addresses
  • company name, job title, ABN (if provided)

B) Site & service information

  • installation and billing address
  • access instructions (e.g., gate codes, parking, pets, site induction notes)
  • authorised contacts and nominated responders (for monitored services)
  • service records, technician notes, job logs and support tickets
  • device identifiers/serial numbers, configuration and commissioning data
  • alarm event logs (e.g., arming/disarming, sensor activations, system health events)

C) Security imagery & recordings (where applicable)

  • alarm-triggered images or video clips (e.g., Alarm.com video/image services, image sensors)
  • CCTV footage only where you provide it to us for diagnostics/support, or where we manage systems as part of our services

D) Billing & payment information

  • invoices, payment references, transaction identifiers
  • we do not store full card numbers; card data is handled by PCI-compliant payment providers

E) Website/app technical data

  • IP address, device/browser type, operating system
  • cookies and similar technologies, including analytics identifiers
  • If you register an account with us, we may collect login credentials such as a username.
    Passwords are stored securely using industry-standard encryption.

F) Credit-related information (where applicable)

If you authorise it (for example, for post-paid service eligibility), we may handle credit-related personal information
and obtain a credit report from a credit reporting body in accordance with our Credit Reporting Notice and applicable law.

G) Testimonials and reviews

  • We may collect and publish testimonials you provide (e.g., name and comments) with your permission.
  • We may also display publicly available reviews from third-party platforms such as Google Reviews.

4) How we collect personal information

We collect personal information when you:

  • contact us (phone/email/forms/online chat)
  • request a quote, proposal, security evaluation or consultation
  • place an order online or sign up for services
  • book or receive installation, servicing or maintenance
  • use our portals/apps (e.g., Alarm.com user interfaces)
  • interact with our websites (cookies/analytics)
  • are nominated as an authorised contact or monitoring contact by a customer

We may also receive information from third-party service providers (e.g., monitoring centres, Alarm.com, manufacturers)
as required to deliver services.

5) Why we collect, hold, use and disclose personal information

Provide and manage services

  • prepare quotes, proposals and system designs
  • schedule and complete installations, servicing, upgrades and maintenance
  • commission systems and provide user training
  • provide ongoing support and troubleshooting
  • administer monitoring services and alarm response arrangements (if enabled)

Manage accounts & billing

  • process payments, issue invoices and manage accounts
  • administer subscriptions/post-paid services (where applicable)
  • manage failed payments and account administration

Communicate with you

  • send order confirmations, scheduling details and service updates
  • deliver critical service, safety and security notifications
  • respond to enquiries and support requests

Improve and protect our services

  • security monitoring, fraud prevention and risk management
  • auditing, analytics and product/service improvement
  • quality assurance and training (including call recording where used and disclosed)

Comply with legal obligations

  • comply with applicable laws, regulations, standards and lawful requests

6) When we disclose personal information (sharing)

We may disclose personal information to third parties where reasonably necessary to provide and support our services, including:

  • installation technicians and subcontractors
  • monitoring centres and emergency response administrators
  • cloud platforms and technology partners (e.g. Alarm.com)
  • payment processors (Stripe, GoCardless)
  • manufacturers/wholesalers for warranty
  • IT/CRM/job-management providers
  • couriers/logistics
  • professional advisers
  • law enforcement or regulators if legally required

We do not sell your personal information.

7) Overseas disclosures (including cloud services)

Some service providers may store or process information overseas, including cloud infrastructure that supports Alarmify
and Blu Sky systems.

We take reasonable steps to ensure overseas recipients handle personal information in accordance with the APPs.

We do not disclose credit-reporting information overseas.

8) Credit reporting (if applicable)

If you authorise us (for example, during checkout or service onboarding), we may conduct a credit check for post-paid
service eligibility. Full details (including CRBs used and your rights) are in our Credit Reporting Notice.

9) Direct marketing

You may receive updates about products and services. You can opt out at any time via unsubscribe links or by contacting us.

10) Cookies & online technologies

We use cookies and similar tools to operate our sites, secure accounts, improve performance and measure usage.
You may adjust cookie settings via your browser.

11) Security of personal information

We take reasonable steps to protect personal information from misuse, interference and loss, and from unauthorised access,
modification or disclosure. Controls may include:

  • encryption
  • access controls
  • MFA for admin systems
  • logging & monitoring
  • staff training
  • supplier due-diligence and contractual safeguards

No method of transmission or storage is completely secure, but we work to maintain safeguards appropriate to the sensitivity
of the information.

12) Data retention & deletion

We keep data only as long as necessary to provide services or meet legal obligations.

When information is no longer required, we take reasonable steps to destroy or de-identify it,
unless we are required by law to retain it.

13) Access and correction

You may request access to or correction of personal information we hold.
We will respond within a reasonable time and explain if we cannot comply.

14) Anonymity and pseudonymity

Where lawful and practicable, you may interact anonymously (e.g., general enquiries).
We may require identity confirmation to provide certain services.

15) Children’s privacy

Our services are intended for adults and businesses.
We delete personal information collected from children where required by law.

16) Notifiable Data Breaches (NDB) scheme

If an eligible data breach occurs, we will notify affected individuals and the OAIC as required under the NDB scheme.

17) Complaints

If you have a privacy complaint, contact our Privacy Officer. We will acknowledge your complaint and aim to resolve it within 30 days.

If unresolved, you may complain to the Office of the Australian Information Commissioner (OAIC) at
https://www.oaic.gov.au

18) Updates to this Policy

We may update this Policy to reflect changes to our practices or the law.
A new effective date will be posted.

19) Related documents

This Policy should be read alongside:

  • Credit Reporting Notice (where applicable)
  • relevant product/service terms, including monitoring/service terms (where applicable)

Scroll to Top