Tesseract Cloud Technologies (“Tesseract Cloud Technologies”, “we”, “us”, or “our”) is a technology agency operating in Port Moresby, National Capital District, Papua New Guinea. This Privacy Policy explains how we collect, use, disclose, and safeguard information when you visit our website, submit an enquiry, request a quote, or otherwise interact with us online (the “Site”). It applies to visitors, prospective clients, and members of the public who use the Site. It does not replace or override the confidentiality, data-handling, or intellectual property terms of any executed Project Proposal or Client Service Agreement, which govern the separate handling of data belonging to engaged clients and their end-users.

Please read this Policy carefully. By using the Site, you agree to the collection and use of information in accordance with this Policy. If you do not agree with any part of this Policy, please discontinue use of the Site.

1. Who We Are

Tesseract Cloud Technologies is a Papua New Guinea-based technology partnership (Registration No. 6-142861194), with its principal place of business at A3, AMODE Compound, Kennedy Estate, 8 Mile, Port Moresby, NCD, Papua New Guinea. For the purposes of this Policy, Tesseract Cloud Technologies is the controller responsible for the personal information described below.

Contact details:

  • Email: cytrus.kili@tesseract-pg.com or malai.kiap@tesseract-pg.com
  • Phone: +675 7589 5650 | +675 7810 9252
  • Postal address: C/- P.O. Box 330, Vision City, NCD, Port Moresby, Papua New Guinea

2. Information We Collect

2.1 Information You Provide Directly

We collect information you voluntarily submit through contact forms, enquiry or quote-request forms, newsletter sign-ups, job applications, or correspondence by email or phone. This may include:

  • Name, business or organisation name, and job title
  • Email address and telephone number
  • Postal or physical address
  • Details of the services you are enquiring about, project requirements, or messages you send us
  • Any documents, files, or attachments you choose to share with us

2.2 Information Collected Automatically

When you visit the Site, certain information is collected automatically through standard web server logs, cookies, and similar technologies, including:

  • IP address, browser type and version, and device or operating system information
  • Pages visited, time and date of visit, time spent on pages, and referring/exit pages
  • General geographic location inferred from IP address

2.3 Cookies and Similar Technologies

The Site may use cookies and similar tracking technologies to operate correctly, remember preferences, and understand how visitors use the Site (for example, through analytics tools). You can control or disable cookies through your browser settings; however, doing so may affect the functionality of the Site.

3. How We Use Your Information

We use the information we collect for the following purposes:

  • To respond to enquiries, quote requests, and general correspondence
  • To prepare and present Project Proposals and Client Service Agreements
  • To operate, maintain, secure, and improve the Site
  • To send administrative communications, and, where you have opted in, marketing or promotional communications
  • To comply with applicable legal obligations, and to detect, prevent, and address fraud, security, or technical issues
  • For internal record-keeping, business analysis, and service improvement

4. Legal Basis for Processing

Papua New Guinea’s national data protection and governance framework is under active development at a national level. Pending the commencement of comprehensive PNG legislation specifically governing personal data, Tesseract Cloud Technologies voluntarily applies internationally recognised data protection principles — lawfulness, fairness, transparency, purpose limitation, data minimisation, accuracy, storage limitation, and security — to its handling of personal information under this Policy. We process personal information on the basis that it is necessary to respond to your enquiry or provide requested information, to take steps toward a prospective service engagement at your request, to pursue our legitimate business interests in operating and promoting the Site, or, where applicable, on the basis of your consent (such as for marketing communications, which you may withdraw at any time).

5. How We Share Information

We do not sell your personal information. We may share information with the following categories of recipients, strictly as necessary to operate our business and the Site:

  • Hosting and infrastructure providers — our website and email infrastructure is hosted with Namecheap, Inc., which operates data centres located in the United States. This means information collected through the Site may be stored or processed outside Papua New Guinea.
  • Security and performance service providers, including Cloudflare (traffic protection and content delivery) and Imunify360 (server-side security monitoring)
  • Professional advisers, including legal, accounting, or IT contractors bound by confidentiality obligations, where reasonably necessary
  • Regulatory or law enforcement authorities, where disclosure is required by applicable law or to protect our legal rights
  • A successor entity in the event of a merger, acquisition, or sale of business assets, subject to equivalent confidentiality protections

6. International Data Transfers

Because our hosting partner maintains infrastructure in the United States, personal information submitted through the Site may be transferred to, stored, and processed in a jurisdiction outside Papua New Guinea, which may apply different data protection standards. We take reasonable steps to ensure that any such provider maintains appropriate technical and organisational safeguards to protect your information consistently with this Policy.

7. Data Retention

We retain personal information only for as long as reasonably necessary to fulfil the purposes described in this Policy, including to respond to your enquiry, to maintain business records, to comply with legal, accounting, or reporting obligations, or to establish, exercise, or defend legal claims. Where information is no longer required, we take reasonable steps to securely delete or anonymise it.

8. Data Security

We maintain reasonable technical and organisational security measures designed to protect personal information against unauthorised access, alteration, disclosure, or destruction. These measures include SSL/TLS encryption (PositiveSSL and Let’s Encrypt certificates), firewall and DDoS mitigation, malware scanning, and restricted access controls. However, no method of transmission over the internet or electronic storage is completely secure, and we cannot guarantee absolute security.

9. Your Rights

Depending on the applicable legal framework at the time, you may have rights to request access to, correction of, or deletion of the personal information we hold about you, to object to or restrict certain processing, or to withdraw consent where processing is based on consent. To exercise any of these rights, please contact us using the details in Section 1. We will respond to legitimate requests within a reasonable timeframe. You may also raise concerns with the relevant Papua New Guinea regulatory authority once a designated data protection authority is formally established.

10. Children’s Privacy

The Site is intended for business and professional audiences and is not directed at children. We do not knowingly collect personal information from individuals under the age of 16. If you believe a child has provided us with personal information, please contact us so that we can take appropriate steps to remove it.

11. Third-Party Links

The Site may contain links to third-party websites, including social media platforms and partner or client sites. We are not responsible for the privacy practices or content of third-party websites, and we encourage you to review the privacy policies of any third-party site you visit.

12. Changes to This Policy

We may update this Privacy Policy from time to time to reflect changes in our practices, technology, legal requirements, or other operational factors. Any update will be posted on this page with a revised “Last Updated” date. We encourage you to review this Policy periodically. Continued use of the Site after changes are posted constitutes acceptance of the revised Policy.

13. Contact Us

If you have questions, concerns, or requests regarding this Privacy Policy or our handling of your personal information, please contact us: