Due Diligence
Legal Framework & Regulatory Alignment
This page exists for lawyers, government bodies, family offices, and anyone performing due diligence on Australian Data Removal. It is not a marketing page.
What We Do
Australian Data Removal Pty Ltd provides structured personal data remediation services, including identification, documentation, and lawful removal requests directed to third-party data holders.
All work is conducted internally within Australia. No client data or operational tasks are outsourced overseas.
Governing Legislation
Privacy Act 1988 (Cth)
The primary federal legislation governing the handling of personal information in Australia.
Australian Privacy Principles (APPs)
The framework within the Privacy Act that sets out how personal information must be handled, used, and managed.
Notifiable Data Breaches (NDB) scheme
The mandatory reporting framework.
Where data is held by international entities, removal requests are structured in accordance with applicable foreign frameworks — including the GDPR where relevant — while maintaining Australian legal grounding.
Regulator Alignment
Office of the Australian Information Commissioner (OAIC)
oaic.gov.auAustralian Cyber Security Centre (ACSC)
cyber.gov.auIDCARE
idcare.orgPrivacy Act 1988
legislation.gov.auWe donate 5% of revenue to IDCARE. This is structural and ongoing.
Our Process
01
Exposure Identification
Multi-source scan using established OSINT methodology. We identify where a client's personal data appears across data broker platforms, people-search sites, public databases, and aggregator services.
02
Evidence Compilation
Documented record of each exposure point — including URL, platform, data type, and metadata. This forms the evidentiary basis for all subsequent removal actions.
03
Legal Framing
Each removal request is mapped to the applicable legal right — whether under the Privacy Act 1988, the Australian Privacy Principles, GDPR (for EU-held data), or platform-specific terms of service.
04
Removal Request Execution
Direct submissions to data controllers and platform operators. Each request is individually composed, submitted, and tracked.
05
Follow-Up & Escalation
Where initial requests are not actioned within a reasonable timeframe, structured follow-up and escalation processes are applied.
06
Reporting
Documented outcomes provided to the client, including confirmation of each successful removal, status of pending requests, and recommended ongoing actions. All actions are logged and retained as part of a structured case file.
Client Deliverables
Exposure summary
Complete record of identified personal data exposures.
Removal action log
Documented record of every request submitted on their behalf.
Outcome report
Final status of all removal actions, including confirmations and pending items.
Scope & Limitations
Australian Data Removal Pty Ltd does not control third-party data sources and cannot compel removal. All actions are conducted within applicable legal frameworks.
- —Outcomes vary depending on the policies, jurisdiction, and compliance practices of each data holder.
- —Removal timeframes typically range from 7 to 45 days, depending on the platform.
- —Complete removal from all sources globally cannot be guaranteed — data brokers re-collect information, and new exposures may arise over time.
- —Ongoing protection is provided through quarterly removal sweeps for eligible clients.
Confidential Handling
All client information is handled confidentially and is not disclosed to third parties except as required to perform removal actions on the client's behalf.
All services are delivered under Australian jurisdiction and aligned with Australian privacy law and regulatory guidance.
For Legal Representatives & Advisors
If you are engaging on behalf of a client, we accommodate:
Confidential intake
Information provided under professional privilege is handled accordingly.
Documentation handling
All deliverables can be structured for inclusion in legal files.
Formal engagement
Scope, limitations, and process are defined clearly before work begins.