Security & Data Protection
Last Updated: 16 July 2026
Our Commitment
We take data security and protection seriously. All information uploaded to PlanSuite is stored securely and is never publicly accessible.
Our systems are designed in accordance with industry best practices to ensure councils and organisations can confidently meet their privacy and compliance obligations.
Secure Cloud Infrastructure
PlanSuite is hosted on Amazon Web Services (AWS) in Sydney, Australia (ap-southeast-2) — a global leader in secure cloud infrastructure used by governments and enterprises worldwide.
This provides:
- Enterprise-grade physical and network security
- Redundant, highly available infrastructure
- Continuous monitoring and threat protection
- Data residency within Australia
Data Encryption
All data is protected using encryption:
- In transit — Data is encrypted when transmitted between users and our servers using HTTPS/TLS.
- At rest — Stored data is encrypted within our cloud infrastructure using AWS-managed encryption.
This ensures uploaded plans, documents, and associated information remain protected at all times.
Access Controls
Access to information is strictly controlled through:
- Authenticated user accounts
- Role-Based Access Controls (RBAC)
- Restricted internal administrative access
- Controlled access keys and credential management
Only authorised users can access uploaded content. Uploaded documents are never publicly accessible.
Data Ownership & Control
- Users retain ownership and control of their data.
- Documents are only accessible to authorised users within the same organisation.
- Users may delete their information at any time.
- We do not make uploaded documents publicly available.
- We do not sell your data.
AI & Your Data
- No AI training on your data — Council and customer content is used to support the requested service, not to train public AI models.
- Planner verification — AI-assisted outputs are preliminary guidance and must be reviewed by a suitably qualified planner before reliance. The planner remains responsible for verification and decisions.
- Authoritative sources — Assessments read from official Victorian government data and current planning scheme ordinances, with full clause citations so outputs can be verified at a glance.
Deployment & Integration
- No installation required — PlanSuite is web-based and works alongside existing council systems. Nothing is installed on council devices or networks.
- No document management integration required — Generated Word documents can be saved into existing records systems in the usual way.
- Optional SSO — Councils can connect single sign-on for user management. See our SSO setup guide.
Privacy & Personally Identifiable Information
We minimise the collection of personally identifiable information wherever possible and handle all data in accordance with applicable privacy obligations.
For full details, see our Privacy Policy.
Ongoing Security Practices
We maintain:
- Automated deployments and version control
- Regular software testing
- Controlled access keys and credential management
- Continuous system monitoring
- Managed database infrastructure (AWS RDS)
Security is reviewed as part of our ongoing development process.
Relevant Standards
Our security practices are informed by the following standards and frameworks:
- Privacy and Data Protection Act 2014 (Vic) — We handle data consistently with the Information Privacy Principles (IPPs) overseen by the Office of the Victorian Information Commissioner (OVIC).
- Victorian Protective Data Security Framework (VPDSF) — Our security controls are consistent with the information security governance and risk management expectations set out by OVIC.
- Privacy Act 1988 (Cth) — We comply with the Australian Privacy Principles (APPs) for the handling of personal information.
- ASD Essential Eight — Our platform is aligned with the Australian Signals Directorate's Essential Eight cybersecurity framework. See our Essential Eight Compliance page for details.
Contact
If you have questions about our security practices or data protection, please contact us:
PlanSuite Pty Ltd (ABN 57 691 312 795)
support@plansuite.com.au
www.plansuite.com.au