Protecting your data, systems, and trust across every New Horizon Code platform.
Last updated: 17 October 2025 (AEST)
At New Horizon Code PTY LTD ("New Horizon Code", "we", "us", or "our"), security is embedded into every layer of our organisation — from the way we build our software to the way we operate internally.
This Security Policy outlines the principles, technical measures, and operational safeguards that protect our platforms and customers, including Diversity Sync'd, Carey, TobyHR, Syrup, and Profile Dock.
We view security as a shared responsibility. Our goal is to ensure every customer, partner, and employee plays an active role in maintaining a safe, compliant, and trusted environment.
Our security framework is built on fundamental pillars that ensure comprehensive protection across all our services and operations.
We apply a Zero-Trust security model across all systems. Every request—whether from inside or outside our network—requires verification before access is granted. No user, device, or system is inherently trusted.
All data is protected using industry-standard encryption methods:
We conduct regular security audits, penetration testing, and internal code reviews to identify and remediate vulnerabilities proactively. Results are reviewed by our engineering leadership and incorporated into our secure development lifecycle.
Our practices align with leading privacy and security frameworks, including:
We implement comprehensive safeguards across all layers of our technology stack to protect customer data, intellectual property, and system availability.
Our technical infrastructure is protected by:
Our operational practices minimise risk from human and process factors:
Each New Horizon Code product has unique requirements. While all adhere to company-wide security standards, additional safeguards are applied where required by sensitivity, regulatory environment, or customer expectations.
| Stage | Focus Area | Purpose |
|---|---|---|
| 01 – Risk Assessment | Individual risk analysis for each application | Identify data sensitivity, compliance scope, and threat profile |
| 02 – Specialised Controls | Context-specific measures | Apply additional encryption, data segregation, or logging as needed |
| 03 – Continuous Monitoring | Real-time alerting and anomaly detection | Detect and respond to emerging threats |
| 04 – Regular Updates | Security patching and dependency management | Maintain resilience against evolving risks |
Security is not a feature—it's a fundamental part of how we design, build, and operate every product.
From initial design through deployment and ongoing maintenance, we embed security principles at every stage of our development process.
Our commitment includes:
We believe security is a shared responsibility. We work collaboratively with our clients to ensure that our controls complement their own policies, compliance requirements, and organisational risk frameworks.
For more detail on how we protect user data and manage information lifecycle:
See how we manage technical incidents, including security-related tickets.
View Policy →For all security-related enquiries, vulnerability reports, or concerns, please contact our dedicated security team:
Security Team
New Horizon Code PTY LTD
Suite 121, Level 14, 167 Eagle Street
Brisbane QLD 4000, Australia
Email: security@newhorizoncode.io
Phone: 1300 980 034
We greatly value responsible disclosure and have a dedicated program for security researchers.
If you identify a potential vulnerability:
Your cooperation helps us maintain the safety and integrity of our systems, and we deeply appreciate your contribution to platform security.