Skip to main content
Legal

Security

Last updated June 2026

BA ICON is designed with security measures intended to protect customer data, personal information and the integrity of the platform.

Rose Technology Group Pty. Ltd. As Trustee For Rose Technology Unit maintains technical and organisational safeguards to reduce the risk of unauthorised access, loss, misuse, alteration, disclosure or disruption of customer information.

Security approach

BA ICON applies layered security controls across its systems, processes and personnel practices. These controls are maintained and updated as part of the ongoing operation of the service and are intended to support security expectations aligned with SOC 2 requirements.

Technical safeguards

Security measures may include secure system architecture, access controls, authentication controls, encrypted connections, logging, monitoring, software maintenance, and other reasonable technical protections appropriate to the nature of the service.

Access to systems and information is limited to authorised personnel and service providers who require that access to perform their duties.

Organisational safeguards

Rose Technology Group Pty. Ltd. As Trustee For Rose Technology Unit maintains internal policies, procedures and confidentiality obligations designed to support secure handling of customer and personal information.

Personnel and contractors with access to sensitive systems or information are expected to comply with privacy, confidentiality and security obligations relevant to their role.

Security incidents

If BA ICON becomes aware of a security incident involving unauthorised access, compromise, malicious code, corruption, service disruption or a privacy breach affecting customer data or services, it will take reasonable steps to investigate, contain and respond to the incident.

Where required, affected customers will be notified promptly and provided with relevant information available at the time, together with reasonable cooperation in addressing the issue.

Customer responsibilities

Security is a shared responsibility. Customers are responsible for managing user access, protecting passwords and devices, maintaining appropriate internal controls, and using the platform in a lawful and secure manner.

Customers should ensure that information entered into BA ICON is handled in accordance with their own legal, privacy and professional obligations.

Audits and changes

Where provided for under an applicable agreement, customers may request reasonable information about BA ICON security practices, and BA ICON may notify customers of material changes to services or infrastructure where relevant to performance, functionality or security.

Insurance

Rose Technology Group Pty. Ltd. As Trustee For Rose Technology Unit maintains insurance coverage relevant to its operations, including general liability, professional indemnity or cyber liability cover, and workers compensation cover as required by law.