jarrah

Legal

Data Hosting & Retention Policy

Last updated: April 8, 2026

When this policy applies. Jarrah Consulting Group Pty Ltd ("Jarrah") is primarily a processor-only performance-marketing agency. We normally analyse data that remains inside a client-controlled environment (e.g. Google Ads, BigQuery). This policy applies only when a client expressly requests Jarrah to host or stage a copy of their data in Jarrah-managed cloud resources.

1. Hosting Environment

  • Platform of record. Hosted data lives exclusively in Google Cloud Platform (GCP) under Jarrah's master billing account, using BigQuery (data warehouse) and Cloud Storage (object storage).
  • Region. Unless the client specifies otherwise, data is stored in the us-central1 multi-region for redundancy. Clients with data residency requirements (e.g. Australian data sovereignty) may request australia-southeast1 at no additional cost.

2. Security Controls

Control Implementation
Encryption at rest GCP default AES-256; Customer-Managed Keys available on request
Encryption in transit All traffic forced over TLS 1.2+
Access management GCP IAM roles scoped least-privilege; identities federated via Google Workspace SSO with 2FA mandated
Credential handling Service-account keys and client credentials stored in 1Password vaults; never transmitted via email
Network security VPC Service Controls + private IP ranges; public IP access disabled by default
Third-party tools Any connectors or ETL utilities reviewed for ISO 27001/SOC 2 credentials before use

3. Data Governance

  • Aggregated or de-identified by default. Clients should provide aggregated datasets. Where user-level data is required, any PII must be hashed (e.g. SHA-256) or tokenised prior to upload.
  • Sensitive-field scans (optional). On request, Jarrah can run Google Cloud Data Loss Prevention (DLP) to validate that no raw PII was inadvertently uploaded.
  • No resale or secondary use. Hosted data is used solely for services defined in the Statement of Work (SOW). Jarrah will not share or monetise client data.

4. Retention & Deletion

Phase Standard practice Client options
Active project Data retained for the duration of the analytics engagement. Client may request rolling deletions older than N days.
Post-termination holding 60-day retention clock starts on the date either party terminates the contract (or as required by the SOW). Window can be shortened (e.g. 30 days) or extended (max 180 days) by mutual agreement.
Secure deletion At end of retention, datasets are wiped using the GCP secure-delete workflow and verified via audit log. Mandatory — no exceptions.
Anonymisation alternative Client may opt for irreversible hashing/tokenisation instead of deletion so aggregated benchmarking remains possible. Methodology (e.g. k-anonymity thresholds) agreed in writing.
Data return Upon request within the retention window, Jarrah will export data (BigQuery export or GCS ZIP) back to the client. Processing or egress fees billed at cost plus standard hourly rate.

5. Logging & Monitoring

  • Access logs. BigQuery and Cloud Audit Logs retained for 90 days for forensic purposes.
  • Alerting. The security lead receives alerts on permission changes, failed login attempts, or network egress anomalies.

6. Incident Response

Incidents involving hosted data follow Jarrah's internal Incident Response process. Clients are notified within 24 hours of a confirmed incident with impact on their data. Notifications include the nature of the incident, data affected, and remediation steps taken.

7. Insurance

Jarrah Consulting Group Pty Ltd holds Professional Indemnity, Cyber, and Public Liability insurance underwritten by CFC Underwriting Ltd (Overseas), arranged through SMART Business Insurance. Cover period: 31 October 2025 – 31 October 2026.

Cover type Sum insured Excess
Professional Liability $500,000 $2,500
Cyber and Privacy $250,000 $2,500
Cyber Crime $250,000 $5,000
Cyber Extortion $250,000 $5,000
Multimedia Liability & Advertising Injury $500,000 $2,500
General Liability $10,000,000 $2,500

A copy of the certificate of currency is available to clients on request.

8. Governing Law

This policy is governed by the laws of Western Australia and the Commonwealth of Australia, including the Privacy Act 1988 (Cth) and the Australian Privacy Principles (APPs).

9. Policy Review

This policy is reviewed annually or when changes to hosting architecture occur. Clients will receive updated versions if material changes impact data residency, retention, or security controls.

10. Contact

For questions about this policy or to exercise data rights, contact us at:
security@jarrahgrowthmarketing.com