Skip to content
Close
Log in
Log in
Screenshot 2025-09-17 at 09.45.57
DekkoCORE
File Sharing & Collaboration
Learn more
Screenshot 2025-09-17 at 16.17.08
DekkoDEMS
Digital Evidence Management
Learn more
Two products. One secure platform.
DekkoCORE and DekkoDEMS both feature:

  Web-based app with no installs

  End-to-end encrypted security

  No file size or type restrictions

  Easy account creation process

  Comprehensive sharing controls

Law Enforcement
Securely collect and share digital evidence across agencies with full chain-of-custody.
Learn more
law-enforcement
Defence Supply Chain
Protect classified designs and supplier data in a sovereign, fully encrypted workspace.
Learn more
defence
National Security
Enable secure inter-agency intelligence collaboration with controlled encrypted access.
Learn more
national-sec
Judiciary Departments
Exchange case files and evidence securely with clients and prosecutors without risk.
Learn more
legal
Professional Services
Collaborate on client documents and financial data securely on a trusted platform.
Learn more
prof-services
Healthcare
Share medical records and research securely across clinics and partners with compliance.
Learn more
health
System Security
Explore the encryption, access controls, and platform protections that safeguard sensitive data across all DekkoSecure services.
Service Compliance
Learn how DekkoSecure aligns with security standards and regulatory requirements to support government and high-assurance workloads.
DekkoCORE guides
Find step-by-step guidance on using the DekkoCORE platform to securely share files, collaborate with partners, and manage critical workflows.
DekkoDEMS guides
Access practical instructions for managing digital evidence in DekkoDEMS while maintaining integrity and strict chain-of-custody controls.
DekkoSecure Glossary
Browse clear explanations of key security, compliance, and encryption terms used throughout the DekkoSecure platform and documentation.
DekkoSecure Blog
Explore practical insights on security, compliance and encrypted collaboration from the DekkoSecure team.
Get DekkoSecure
Connect with our team to discuss your requirements and learn how DekkoSecure can support secure collaboration across your organisation.
headway-5QgIuuBxKwM-unsplash
Request Support
Submit a support request to get assistance with your DekkoSecure tenancy, technical issues, user management, or configuration questions.
tim-van-der-kuip-CPs2X8JYmS8-unsplash

Service Terms & Policies

This page contains our Terms of Service, Privacy Policy and Acceptable Use Policy.

For questions regarding the terms and policies on this page, please contact us by sending an email to terms@dekkosecure.com.

Terms of Service

These Terms of Service (“Terms”) govern the use of DekkoSecure’s software services, including DekkoCore-AU (au.dekko.io), DekkoCore-CA (ca.dekko.io), DekkoCore-US (us.dekko.io), DekkoCore-CH (ch.dekko.io), and DekkoDEMS (fusion.dekko.io) (collectively, the “Services”).

DekkoSecure means Securest Pty Ltd (ABN 31 166 558 676) trading as DekkoSecure (“DekkoSecure”, “we”, “us”, or “our”).

By creating an account, accessing, or using the Services, you agree to comply with and be bound by these Terms. If you do not agree, you may not use the Services.

1. Scope of Users

These Terms apply to all individuals and organisations who access or use the Services, including:

  • Customers who purchase or subscribe to the Services;
  • Authorised Users who access and use the Services under a Customer’s account or licence; and
  • Invited Participants who are granted access to share, view, sign, or collaborate on content within the Services.

Customers are responsible for ensuring that their Authorised Users and Invited Participants comply with these Terms and any applicable policies.

2. User Responsibility and Account Security

Users are responsible for maintaining the confidentiality and security of their account credentials.
You must not share your password, allow unauthorised access to your account, or use another user’s credentials to access the Services.

If you believe your account has been compromised or accessed without authorisation, you must notify your organisation’s administrator or DekkoSecure support immediately.

You are responsible for all activity that occurs under your account, including any actions taken by others who gain access due to your failure to safeguard your credentials.

DekkoSecure is not liable for any loss or damage resulting from unauthorised account access arising from your actions or omissions.

3. Service Updates and Modifications

DekkoSecure may update, enhance, or modify the Services from time to time, including by introducing, changing, or removing features, tools, or policies.

These changes may be made to improve performance, usability, security, or compliance, or to reflect technology and operational developments.

Where practicable, DekkoSecure will provide notice of material updates or feature changes through in-app notifications, release notes, or other communications.

Continued use of the Services after notice of an update constitutes acceptance of the revised Terms.

4. Acceptable Use

Your use of the Services is subject to DekkoSecure’s Acceptable Use Policy, which forms part of these Terms.

All users must comply with the rules and restrictions described in that Policy, including responsible use, data handling, and fair service utilisation.

DekkoSecure may suspend or terminate access where use of the Services violates the Acceptable Use Policy, applicable law, or poses a security or operational risk.

Customers are responsible for ensuring that all authorised and invited users within their tenancy comply with the Acceptable Use Policy.

 

5. Service Availability and Third-Party Providers

The Services are hosted and operated using a combination of third-party infrastructure and service providers, including but not limited to Microsoft Azure, Oracle Cloud Infrastructure, and other managed service partners (collectively, the “Service Providers”).

DekkoSecure takes reasonable measures to maintain secure, reliable, and performant operation of the Services.
However, availability and performance may be affected by outages or incidents experienced by these Service Providers or by events beyond DekkoSecure’s reasonable control.

Such events do not constitute a breach of these Terms. Unless otherwise stated in a separate, written agreement, no specific service-level agreement (SLA) or uptime guarantee is provided. Any availability targets or recovery times published publicly are for reference only.

6. Data Storage and Backup Architecture

DekkoSecure does not maintain traditional point-in-time backups of customer files or messages. The Services are designed for continuous high availability and fault tolerance using Microsoft Azure Zone-Redundant Storage (ZRS), which replicates encrypted data across three physically separate availability zones within the same region.

Because of DekkoSecure’s zero-knowledge architecture, all customer content remains fully encrypted and under the customer’s control at all times.
DekkoSecure cannot access, modify, or delete customer data. Customers are responsible for maintaining any long-term archives of their own files.

To maintain overall service resilience, DekkoSecure performs encrypted backups of critical service components—such as application code, configurations, and operational databases—to support recovery in the event of a major operational incident.

7. Privacy and Data Collection and Retention

DekkoSecure collects and processes only the limited personal information necessary to operate, secure, and support the Services.

Information collected may include user-provided details (such as name and email), authentication and activity logs, and technical metadata used for performance, diagnostic, and security purposes.

All customer-generated content—including files, messages, and meetings—is protected by end-to-end encryption (E2EE). DekkoSecure cannot access or view customer content in plaintext form.

Personal information is used solely for account administration, service operation, compliance, and security monitoring. DekkoSecure does not sell, rent, or share personal information for marketing or unrelated purposes.

Account information is retained for as long as your organisation maintains an active tenancy. Activity logs are retained for operational and compliance purposes in accordance with applicable laws and regional regulations. When an account or tenancy is deleted, associated data is securely erased following DekkoSecure’s defined retention and destruction schedule. Encrypted customer files are permanently deleted upon user or administrator removal and cannot be recovered.

DekkoSecure may retain limited records or metadata as required to meet legal, regulatory, or audit obligations within each operational jurisdiction. All retained information is minimal, access-controlled, and automatically purged once the retention period expires.

For full details on how DekkoSecure collects, protects, and manages personal information, please refer to our Privacy Policy.

8. Termination

You may stop using the Services at any time. DekkoSecure may suspend or terminate access to the Services, in whole or in part, if you violate these Terms, if required by law, or if continued access would cause harm or liability to DekkoSecure, other users, or third parties.

Upon termination, your right to access the Services ceases immediately. Certain provisions of these Terms that by their nature should survive termination (including confidentiality, intellectual property, and limitation of liability) will remain in effect.

9. Governing Law

These Terms and any related agreements are governed by and construed in accordance with the laws of Australia. Users accessing regional instances (such as DekkoCore-CA or DekkoCore-US) acknowledge that the governing jurisdiction remains Australia, unless otherwise required by local law.

10. Entire Agreement

These Terms, together with any applicable policies or user guides referenced herein, constitute the entire agreement between you and DekkoSecure regarding your use of the Services. They supersede any prior versions or communications, whether oral or written. Any ambiguity in interpretation shall not be construed against DekkoSecure as the drafting party.

 

Show more

Privacy Policy

Applies to: DekkoCore-AU (au.dekko.io), DekkoCore-CA (ca.dekko.io), DekkoCore-US (us.dekko.io), DekkoCore-CH (ch.dekko.io), and DekkoDEMS (fusion.dekko.io)

Entity: Securest Pty Ltd (ABN 31 166 558 676) trading as DekkoSecure (“DekkoSecure”, “we”, “us”, or “our”)

1. Purpose

This Privacy Policy explains how DekkoSecure collects, uses, stores, and protects personal information when you use our software services (the “Services”).

DekkoSecure is committed to maintaining your privacy and protecting all information processed through the Services in accordance with applicable privacy and data-protection laws, including the Privacy Act 1988 (Cth) and, where applicable, GDPR, PIPEDA, HIPAA, and equivalent frameworks.

DekkoSecure’s systems are designed around zero-knowledge end-to-end encryption. This means that your files, messages, and other content remain fully encrypted and accessible only to you and other authorised users.

2. Information We Collect

DekkoSecure collects only the minimum information required to operate, secure, and support the Services.

2.1. Information You Provide

  • Name and email address when creating an account or accepting an invitation.

  • Organisation details (if applicable) such as department, tenancy name, or domain.

  • Information contained in support requests or correspondence.

  • Optional profile or configuration data you choose to provide.

2.2. Automatically Collected Information

To maintain performance, security, and compliance, we collect limited technical and operational data:

  • Login activity, timestamps, and IP address (for audit and security logging).

  • Browser and device information (e.g., user-agent string, operating system).

  • Error reports, performance diagnostics, and usage telemetry for reliability monitoring.

  • System events such as uploads, downloads, and collaboration actions (event records only — not file contents).

2.3. Information We Do Not Collect

  • DekkoSecure does not access or store your decrypted files, chat messages, videos, or documents.

  • We do not collect biometric, financial, or sensitive personal data unless voluntarily supplied through authorised customer workflows.

  • We do not use tracking cookies, behavioural analytics, or third-party advertising identifiers.

3. How We Use Information

We process collected information only for purposes directly related to operating and improving the Services, including:

  • Account authentication and access control.

  • Service maintenance, performance optimisation, and reliability monitoring.

  • Security auditing, threat detection, and incident response.

  • User support and troubleshooting.

  • Legal compliance and enforcement of Terms of Service and Acceptable Use Policy.

4. Data Encryption and Storage

All customer content (files, messages and meetings) is protected by end-to-end encryption (E2EE).

This means that only authorised users within your organisation, or invited participants you explicitly share content with, can decrypt and view it.

In limited circumstances, users may choose to share content with DekkoSecure personnel — for example, to assist with technical troubleshooting or verify a workflow outcome. Such access occurs only when explicitly authorised by the customer or user, applies only to the specific content shared, and is governed by strict confidentiality, logging, and time-limited access controls.

Operational metadata, account information, and encrypted customer data (including files, messages, and stored collaboration content) are held within sovereign cloud environments located in the jurisdiction associated with each system instance:

  • DekkoCore-AU (au.dekko.io): Australia

  • DekkoCore-CA (ca.dekko.io): Canada

  • DekkoCore-US (us.dekko.io): United States

  • DekkoCore-CH (ch.dekko.io): Switzerland

  • DekkoDEMS (fusion.dekko.io): United States

Data is replicated within each jurisdiction for resilience and availability but is never transferred outside its originating region unless explicitly authorised by the customer or as required by law.

5. Data Access and Disclosure

DekkoSecure does not have access to your encrypted content and will never view, share, or sell personal information.

Limited access to system information may occur only in the following circumstances:

  • Authorised Support: When you request technical support, limited metadata or, where you explicitly share it, specific content may be accessed solely for diagnostic or troubleshooting purposes.

  • Legal Obligations: When required by law, subpoena, or regulatory order, and only to the minimum extent necessary to comply with that obligation.

  • Service Providers: Trusted infrastructure or security partners engaged by DekkoSecure (such as cloud and email service providers) who operate under strict confidentiality and data-processing agreements.

All such access is explicitly controlled, time-limited, logged, and subject to audit.

6. Data Retention

Account information is retained for as long as your organisation maintains an active tenancy.

Activity logs are retained for operational and compliance purposes in accordance with applicable laws and regulatory requirements in each jurisdiction where the Services operate.

When an account or tenancy is deleted, associated data is securely erased following DekkoSecure’s defined retention and destruction schedule.

Encrypted customer files are permanently deleted upon user or administrator removal — they cannot be recovered by DekkoSecure after deletion.

DekkoSecure may retain limited records or metadata for the period required to comply with legal, regulatory, or audit obligations in the relevant operational jurisdiction (for example, for financial reporting, security investigations, or statutory data-retention requirements). Such retained information is minimal, access-controlled, and automatically purged once the retention period expires.

7. Cookies and Tracking

DekkoSecure uses only essential session cookies required for authentication and security (for example, maintaining a logged-in session). We do not use advertising, cross-site, or behavioural tracking cookies.

8. Data Subject Rights

Depending on your jurisdiction, you may have rights to:

  • Access and correct your personal information;

  • Request deletion of your account or related data;

  • Request a copy of personal data held about you; and

  • Restrict or object to certain processing.

Requests can be submitted to privacy@dekkosecure.com.

We may verify your identity before fulfilling a request and may retain limited records where required by law.

9. Security and Compliance

DekkoSecure implements technical and organisational measures consistent with recognised frameworks such as:

  • Australian ISM (PROTECTED)

  • GO-ITS 25.21 (Ontario)

  • CJIS Security Policy

  • HIPAA Security Rule

  • GDPR (General Data Protection Regulation)

Controls include encryption, network isolation, audit logging, vulnerability management, malware scanning, and multi-factor authentication.

Access to operational systems is restricted to vetted personnel under least-privilege principles.

The cloud infrastructure services utilised by DekkoSecure also maintain their own independent security, privacy, and compliance certifications, including ISO 27001, SOC 2, and regional government accreditations. This provides additional assurance that the underlying hosting environments meet or exceed industry and jurisdictional security standards.

10. Children’s Privacy

DekkoSecure is an enterprise service and is not intended for individuals under the age of 18.

We do not knowingly collect personal information from minors. If such data is identified, it will be securely deleted.

11. International Transfers

DekkoSecure maintains data within the customer’s selected jurisdiction.

If cross-border transfer is ever required (for example, by a multinational customer), it will occur only with explicit authorisation and under appropriate safeguards consistent with GDPR, PIPEDA, and other applicable regulations.

12. Policy Updates

We may update this Privacy Policy from time to time to reflect changes in laws, technology, or our operations.

Updates will be posted on this page and will take effect upon publication.

Material changes will be communicated through in-app notifications or email where appropriate.

13. Acknowledgement

By creating an account or using the Services, you acknowledge that you have read and understood this Privacy Policy and consent to the collection and handling of information as described above.

Show more

Acceptable Use Policy

Applies to: DekkoCore-AU (au.dekko.io), DekkoCore-CA (ca.dekko.io), DekkoCore-US (us.dekko.io), DekkoCore-CH (ch.dekko.io), and DekkoDEMS (fusion.dekko.io) (the “Services”).

Entity: Securest Pty Ltd (ABN 31 166 558 676) trading as DekkoSecure (“DekkoSecure”, “we”, “us”, or “our”)

1. Purpose

This Acceptable Use Policy (“Policy”) sets out the rules for using DekkoSecure’s services (the “Services”).

It ensures all users act responsibly, lawfully, and in a manner consistent with DekkoSecure’s security, privacy, and operational standards.

This Policy applies to all individuals and organisations who access or use the Services, including Customers, Authorised Users, and Invited Participants (“Users”).

2. Responsible Use

Users must:

  • Use the Services only for lawful and authorised purposes;

  • Take reasonable measures to protect the confidentiality of all information shared through the Services;

  • Comply with applicable laws, contracts, and organisational policies;

  • Follow DekkoSecure’s published documentation and security requirements; and

  • Immediately report any suspected misuse, data breach, or unauthorised access to your organisation’s administrator or DekkoSecure Support.

3. Prohibited Activities

Users must not use the Services to:

  • Break the law – including storing, transmitting, or sharing unlawful, defamatory, discriminatory, or obscene content.

  • Compromise security – such as attempting to bypass encryption, authentication, or access controls, or introducing malware or harmful code.

  • Access without authorisation – including attempting to access other users’ data or the Service’s underlying infrastructure.

  • Disrupt or degrade the Service – including denial-of-service attacks, automated scraping, excessive traffic generation, or interference with system performance.

  • Infringe on rights – including intellectual property, privacy, or data protection rights of others.

  • Misuse communication tools – including spamming, phishing, harassment, or using chat, messaging, or video tools to intimidate or deceive others.

  • Circumvent controls – including removing or altering security mechanisms or metadata, or using workarounds to avoid usage limits.

4. Data Handling

Users are responsible for ensuring that any content they upload, share, or distribute complies with applicable privacy, confidentiality, and data-handling obligations.

Sensitive or classified data must only be uploaded to authorised environments and handled by authorised personnel.

DekkoSecure’s platform uses end-to-end encryption (“zero-knowledge”) meaning only authorised users can access their own data.
DekkoSecure cannot view or modify user content but may restrict or disable access to a user account where required by law or to protect system integrity.

5. Fair Use and Service Utilisation

DekkoSecure’s Services are provided for secure collaboration and information exchange within defined service capacities.

All users, including invited participants and external stakeholders, share responsibility for using the Services efficiently and within reasonable operational limits.

You must avoid unnecessary or excessive activity that may affect your organisation’s or others’ access to the Services — including repeated large transfers, automated retrievals, or high-volume sharing not related to legitimate business use.

DekkoSecure monitors aggregate usage to maintain service quality and may notify customer administrators or restrict certain activities if usage levels indicate abnormal or excessive consumption.

Customers remain responsible for managing their organisation’s overall use of the Services.

DekkoSecure reserves the right to apply technical or administrative controls to prevent service degradation or misuse.

6. Monitoring and Enforcement

DekkoSecure does not inspect encrypted content but may monitor metadata and activity logs for operational, security, and compliance purposes.

We may suspend or terminate access, without notice, if we reasonably believe a user’s actions:

  • Violate this Policy,

  • Compromise system security or stability, or

  • Pose a risk to other users or DekkoSecure’s operations.

Serious or unlawful activity may be referred to appropriate authorities.

7. Reporting Misuse

To report abuse or a suspected violation of this Policy, please contact us by sending an email to terms@dekkosecure.com.

8. Policy Updates

DekkoSecure may update this Policy periodically to reflect legal, security, or operational changes.

Where practicable, notice of updates will be provided via notification, in-app messages or the DekkoSecure Knowledge Base site(s).

Continued use of the Services after an update constitutes acceptance of the revised Policy.

9. Acknowledgement

By creating an account or using the Services, you acknowledge that you have read, understood, and agree to comply with this Acceptable Use Policy and the DekkoSecure Terms of Service.

Show more