Privacy Policy

Who We Are

sorenquilos is a company formation service operating in Australia. We help entrepreneurs and business owners establish their companies while handling the paperwork and compliance requirements. Our registered office is located at 2/6/14 Clarence St, Port Macquarie NSW 2444, Australia.

For privacy-related questions, reach us at info@sorenquilos.com or call +61418938528. We'll respond within two business days—usually faster.

Information We Collect

Company formation requires detailed information. Here's what we gather and why it matters.

Personal Identification Details

When you engage our services, we collect standard identification information. This includes your full name, date of birth, residential address, and contact details (email and phone). We also need government-issued ID documents like passports or driver's licences.

Australian law requires this information for company registration. ASIC (Australian Securities and Investments Commission) mandates that we verify the identity of all company directors and shareholders. Without proper ID verification, we simply can't proceed with formation.

Business Information

We collect details about your proposed company structure: desired company name, business activities, share structure, and registered office address. You'll also provide information about other directors or shareholders if applicable.

This business data helps us prepare accurate formation documents and ensure your company structure matches your actual needs.

Financial and Payment Data

Payment processing requires your credit card details or bank account information. We use secure payment processors and don't store complete card numbers on our servers. Instead, we receive tokenised references that allow us to process transactions without holding sensitive financial data.

We keep records of invoices and payment history for accounting purposes and Australian tax compliance.

Technical Information

Like most websites, we automatically collect certain technical data: IP addresses, browser types, device information, and pages visited. Cookies help us remember your preferences and keep you logged into our client portal.

This technical information helps us improve our website, troubleshoot problems, and protect against security threats. We can see, for example, if someone's trying to access accounts they shouldn't.

How We Use Your Information

Every piece of data we collect serves a specific purpose. Here's where your information actually goes.

We don't use your information for marketing unless you've explicitly opted in. Even then, you can unsubscribe anytime. Business communications related to your actual formation or ongoing compliance needs aren't marketing—those are necessary service notifications.

Legal Basis for Processing

Australian privacy law requires us to have legitimate reasons for collecting and using personal information. Here's our legal justification.

• Contractual necessity: Most data processing happens because we need it to deliver the company formation service you've requested. You can't form a company without providing the required information to regulators.
• Legal obligations: Australian law requires us to verify identities, maintain records, and report certain information to ASIC and the ATO (Australian Taxation Office). These aren't optional requirements.
• Legitimate interests: We process some data to protect our business and yours—fraud prevention, security monitoring, and improving our services fall into this category.
• Consent: For optional activities like marketing emails or sharing testimonials, we ask for your explicit permission first.

Who Sees Your Information

Company formation isn't a solo activity. We share your data with specific parties who need it to complete the process.

Government Agencies

ASIC receives all company formation documents, including director and shareholder details. This information becomes part of the public company register—anyone can search ASIC's database and see basic details about registered companies and their officers.

The ATO receives information when we apply for your Australian Business Number (ABN) and help with tax registration. These are mandatory regulatory disclosures, not optional sharing arrangements.

Service Providers

We work with trusted service providers who handle specific tasks. Payment processors manage financial transactions. Cloud storage providers host our secure document management system. Email services deliver communications. IT security firms monitor our systems for threats.

Every service provider signs contracts requiring them to protect your data and use it only for the specified purposes. We don't work with companies that have questionable privacy practices.

Professional Advisors

Occasionally we consult lawyers, accountants, or other professionals about complex formations. These advisors are bound by their own professional confidentiality obligations and only receive the minimum information necessary for their advice.

Data Security Measures

Security isn't just about having firewalls and encryption—though we have those. It's about building systems that protect your data at every level.

Technical Security

All data transmission uses TLS encryption. Our servers sit behind multiple security layers including firewalls, intrusion detection systems, and regular vulnerability scanning. Databases are encrypted both in transit and at rest.

We use Australian data centres that meet international security standards. Physical access is tightly controlled. Digital access requires multi-factor authentication for all staff members.

Operational Security

Our team members only access the data they need for their specific roles. A support staff member helping with your queries doesn't see payment details. Our accountant doesn't need access to your ID documents beyond what's required for our records.

Regular security training keeps our team alert to phishing attempts and social engineering. We test our security regularly and update our practices when vulnerabilities emerge.

Document Handling

Physical documents (if you send any) are scanned, digitally stored, and then securely shredded. Digital documents live in encrypted storage with access logs tracking who viewed what and when.

How Long We Keep Your Data

We don't keep information longer than necessary, but "necessary" can mean different things depending on the data type and legal requirements.

• Company formation documents: Retained for seven years after formation, matching Australian business record-keeping requirements.
• Financial records: Kept for seven years to comply with taxation laws and accounting standards.
• Identity verification documents: Retained for seven years after the end of our client relationship, as required by anti-money laundering regulations.
• Communication records: Email correspondence and call notes are kept for three years for customer service quality and dispute resolution.
• Marketing consent records: Maintained as long as you remain subscribed, plus three years after you unsubscribe to demonstrate compliance.
• Technical logs: Server logs and security data are typically kept for 90 days unless needed for investigating security incidents.

After retention periods expire, we securely delete or anonymise data so it can't be traced back to you. Some statistical information might be retained in aggregated form where individual identification is impossible.

Your Rights and How to Exercise Them

Australian privacy law gives you specific rights regarding your personal information. Here's what you can do and how to actually do it.

Access Your Information

You can request a copy of the personal data we hold about you. Email us at info@sorenquilos.com with "Data Access Request" in the subject line. We'll provide a comprehensive report within 30 days, free of charge for your first request in any 12-month period.

Correct Inaccurate Information

Found an error in your details? Let us know and we'll update it. Some information can't be changed after company formation (like registered director details) without going through ASIC's formal change process, but we'll guide you through that.

Request Deletion

You can ask us to delete your data. However, legal obligations often prevent immediate deletion—we must retain company formation records and financial documents for regulatory compliance. We'll delete what we legally can and explain what we must keep and why.

Object to Processing

If you believe we're processing your information inappropriately, you can object. We'll review your concerns and stop processing unless we can demonstrate compelling legitimate grounds or legal requirements to continue.

Data Portability

Want to take your data to another service provider? We'll provide your information in a structured, commonly used format (typically PDF or CSV files) that makes this possible.

Cookies and Website Tracking

Our website uses cookies—small text files stored on your device that help the site function and remember your preferences.

Essential Cookies

These cookies make the website work. They handle things like keeping you logged into the client portal, remembering items in your service selection during the checkout process, and maintaining security settings. You can't disable these without breaking core functionality.

Analytics Cookies

We use analytics to understand how people use our website—which pages are most helpful, where people get confused, how long typical sessions last. This helps us improve the site experience. These cookies don't identify you personally; they track aggregate patterns.

Preference Cookies

These remember your choices like language preferences or whether you've dismissed certain notices. They make the site more convenient on repeat visits.

You can control cookies through your browser settings. Most browsers let you block or delete cookies, though this might affect website functionality. Our cookie banner (when you first visit) explains exactly what we're using and lets you manage preferences.

International Data Transfers

We primarily store data within Australia using Australian data centres. However, some service providers operate internationally, which means your information might occasionally be accessed from overseas.

When data leaves Australia, we ensure adequate protection through contractual safeguards and only work with providers in countries with strong privacy laws. Cloud storage providers, for instance, might replicate data across multiple regions for reliability, but all access remains encrypted and tightly controlled.

Government agency submissions (like ASIC filings) remain entirely within Australian systems. Financial data stays with Australian payment processors wherever possible.

Changes to This Privacy Policy

Privacy laws evolve. Our practices improve. Sometimes we need to update this policy to reflect changes in either.

When we make significant changes, we'll notify you by email if you're an active client. We'll also post a notice on our website. Minor clarifications or formatting changes won't trigger notifications, but the "Last Updated" date at the top of this page will always reflect the most recent revision.

We recommend checking this page occasionally if you're curious about how we handle data. The principles remain consistent—transparency, minimal collection, strong security—but the specific details might shift as technology and regulations change.

Complaints and Disputes

If you're unhappy with how we've handled your personal information, we want to know about it and make it right.

First, contact us directly at info@sorenquilos.com with details of your concern. We'll investigate thoroughly and respond within 30 days. Most issues can be resolved through direct communication.

If you're not satisfied with our response, you can lodge a complaint with the Office of the Australian Information Commissioner (OAIC). They're the independent regulator for privacy matters in Australia. Visit oaic.gov.au for information about their complaint process.