At Partspark, security is foundational — not an afterthought. We are committed to protecting your designs, personal information, and transactions with industry-leading practices.
All data in transit is protected with TLS 1.2+ encryption. Data at rest is encrypted using AES-256 across our cloud infrastructure. Your design files, personal information, and payment data are never transmitted in plain text.
Our Platform is hosted on enterprise-grade cloud infrastructure with SOC 2 and ISO 27001 certified providers. We leverage geographically distributed data centres to ensure high availability and redundancy.
We enforce strong authentication mechanisms for all accounts. Internally, access to production systems and customer data is restricted on a least-privilege, need-to-know basis with role-based access controls (RBAC).
We continuously monitor our systems for suspicious activity, unauthorised access attempts, and vulnerabilities. Automated alerting ensures our team can respond rapidly to potential security events.
Design files you upload are stored in isolated, access-controlled environments. Files are processed in sandboxed systems and are only shared with manufacturing partners necessary to fulfil your order. Files are retained only as long as needed and then securely deleted.
All payment processing is handled by Stripe, a PCI DSS Level 1 certified payment provider — the highest level of certification in the payments industry. We never store your full credit card number on our servers.
We conduct regular security assessments of our Platform, including automated vulnerability scanning and code reviews. Dependencies are monitored for known vulnerabilities and patched promptly. We follow responsible disclosure practices and welcome reports from security researchers.
If you discover a potential security vulnerability, please report it responsibly to security@partspark.com.au. We will acknowledge receipt, investigate, and keep you informed of our progress.
We maintain a documented incident response plan to ensure rapid and effective response to security events. In the unlikely event of a data breach, we will comply with the Notifiable Data Breaches (NDB) scheme under Part IIIC of the Privacy Act 1988 (Cth) and notify affected individuals and the Office of the Australian Information Commissioner (OAIC) as required by law.
We are committed to compliance with Australian privacy and data protection legislation, including:
Where data is processed or stored by third-party providers outside Australia, we take reasonable steps to ensure those providers comply with obligations comparable to the APPs, as required by APP 8.
All team members with access to customer data are required to follow our internal security policies. Manufacturing partners in our network are vetted and contractually obligated to maintain appropriate security and confidentiality standards when handling your designs and order information.
We maintain regular, encrypted backups of critical systems and data. Our infrastructure is designed for resilience with automated failover and redundancy to minimise downtime in the event of hardware failure or other disruptions.
For security-related inquiries, vulnerability reports, or concerns, please contact our security team: