Skip to content
DHResources

Legal · Privacy

Privacy policy.

How we handle information from visitors to dhresources.com.au. Plain language, no dark patterns.

At a glance

  • We log anonymised page views and on-site interactions to improve the site. We do not use Google Analytics, Facebook Pixel, or any third-party advertising trackers.
  • IP addresses are never stored in raw form; they are immediately hashed with a daily-rotating salt and the original discarded.
  • We do not set tracking cookies. Our anonymous session identifier lives in browser sessionStorage and is discarded when you close the tab.
  • If you submit a form (audit teardown, contact, demo access), we store the details you give us so we can respond.
  • You can ask us at any time to access, correct or delete the information we hold about you — see Your rights.

Who we are

This site is operated by DHResources, a digital investor communications firm based in Brisbane, Australia. References to “we”, “us” and “our” mean DHResources.

We are bound by the Australian Privacy Principles set out in the Privacy Act 1988 (Cth). We also aim to comply with the EU and UK General Data Protection Regulation (GDPR) for visitors in those regions.

What we collect, and why

Site analytics (anonymous)

When you visit the site, we log a small set of events — page views, time on page, and a handful of in-page interactions (e.g. opening the 3D drill viewer, clicking a project marker on the commodity map, opening a demo). For each event we record:

  • The page URL and the page that referred you to us
  • An anonymous, per-session identifier generated in your browser (lost when you close the tab)
  • A hashed form of your IP address (one-way SHA-256 with a daily-rotating secret — we cannot reverse it to recover the original IP)
  • Country, region and city derived from your IP at the edge before it reaches us
  • Device type, browser and operating system derived from your User-Agent header
  • UTM campaign parameters if you arrived via a tracked link

We use this information to understand how visitors find and use the site, to fix problems, and to decide which content to expand. Legal basis (GDPR): our legitimate interest in operating and improving the site, balanced against the very limited and anonymised nature of the data.

Form submissions

If you submit the audit request form, the contact form, or request access to a client demo, we collect the information you provide — name, email, company, and any message you include. We use this to respond to you and to record the engagement. Legal basis (GDPR): performance of a contract at your request, and our legitimate interest in keeping a record of business enquiries.

Demo access logs

Some pages on the site require a username and password supplied by us. We log each login attempt (the username entered and whether it succeeded), and we log demo page views, so we can audit access to confidential client work.

Cookies and browser storage

We use the smallest possible set of cookies and we do not use any cookies for advertising or third-party tracking.

  • demo_session — only set after you successfully log in to a password-protected demo. HTTP-only, HMAC-signed. Expires after 1 hour or when you close your browser. Necessary for the demo to work.
  • dh_sid (browser sessionStorage, not a cookie) — a random identifier so we can group the events from one tab into a single session. Lost when you close the tab.

Who we share data with

We do not sell your personal information. We do not share it with advertisers, data brokers, or any third party for marketing purposes. We use third-party infrastructure providers to host the site, deliver content and store data; these providers act as processors on our behalf and are contractually bound to handle data only for the agreed purpose. We may also disclose information if compelled to do so by law.

International data transfers

Because we use providers based in the United States and the European Union, your information may be processed outside of Australia. For EU/UK visitors, we rely on the EU Standard Contractual Clauses (and their UK equivalent) implemented by our providers.

How long we keep data

  • Anonymised analytics events: up to 12 months, then aggregated or deleted
  • Demo access logs: up to 24 months, for audit purposes
  • Form submissions and the resulting email correspondence: for the life of the business relationship plus a reasonable period after, unless you ask us to delete them sooner

Security

The site runs over HTTPS only. Demo and admin sessions use HMAC-signed cookies. The analytics event log never contains raw IP addresses, names, or email addresses. Database access is restricted to authenticated requests from the application itself. Despite reasonable safeguards, no system on the internet is ever 100% secure, and we cannot guarantee absolute security.

Your rights

Under the Australian Privacy Act, the GDPR (where it applies to you), and equivalent laws, you have the right to:

  • Ask what personal information we hold about you and request a copy
  • Ask us to correct information that is wrong
  • Ask us to delete information we no longer need
  • Object to processing based on our legitimate interest, or withdraw consent where we relied on it
  • Lodge a complaint with the Office of the Australian Information Commissioner (OAIC) or, if you are in the EU/UK, your local data protection authority

To exercise any of these rights, email us at contactus@dhresources.com.au with the subject line “Privacy request”. We aim to respond within 30 days.

Changes to this policy

We may update this policy as the site changes or as the law evolves. The “last updated” date at the top of the page will always reflect the most recent revision. Material changes will be highlighted in a notice on this page for a reasonable period.

Contact

Privacy questions and requests should be addressed to:

DHResources
Brisbane, Australia
contactus@dhresources.com.au