Trust Center

Last reviewed: 2026-05-25 Operated by: AAR GEE PTY LTD (ABN 56 682 972 685) trading as Compliance Care.

This page is a single source for prospects, customers, and auditors to verify how Compliance Care hosts, processes, and protects data. It is public and intentionally plain. If the honest answer to a question is "not yet," it is stated with the date by which it will be true.

Sections

SectionWhat it covers
Hosting and data residencyEvery region in which we run compute, store data, or process content. Named exceptions to AU-only and how they are handled.
EncryptionEncryption at rest, in transit, and the application-layer encryption used for offline PWA drafts.
AI handlingHow Claude is used, what is sent and what is not, version pinning, human-in-the-loop affirmation, and the audit log.
Sub-processorsEvery third party that may process customer data, the region in which they operate, and the data class involved.
NDB and incident responseNotifiable Data Breaches Scheme readiness and the incident response runbook.
Penetration testingExternal pentest cadence, scope, and the summary of findings and remediation status.
ISO 27001 postureOperating control set, internal self-assessment status, and the target date for third-party certification.

Out of scope for this page

How to contact us about this page

Acknowledged within two business days.

How this page is maintained

Every section carries a "Last reviewed" date. Sections are reviewed on change and at minimum every quarter. Material changes to sub-processors, hosting regions, or AI-handling defaults are recorded in the section's change log.