Data Handling Policy
Last updated: April 2026
This document is in first draft and pending review by an Australian legal professional.
1. Scope
This Policy describes how TLK Source, ABN 16 525 180 164, trading as TLK Source, handles client data during the course of a Freight Audit & Recovery Kit engagement. It should be read alongside our Privacy Policy and Terms and Conditions.
2. Data categories
During an engagement, TLK Source collects and processes the following categories of data:
- Freight invoices — PDF, CSV, and Excel formats
- Rate cards and carrier contracts — used for deviation analysis
- Shipment manifests and consignment data — used for volume and benchmark analysis
- Engagement metadata — timestamps, file counts, processing status, audit trail events
3. Infrastructure
| Component | Provider | Location |
|---|---|---|
| Primary file storage | Cloudflare R2 | Australian-region storage controls where available |
| Database | Cloudflare D1 | Oceania region |
| Compute (Workers) | Cloudflare | Edge — request-routed to nearest point of presence |
| DNS and security | Cloudflare | Global (Anycast) |
| AI inference | Anthropic API | United States |
| Payment processing | Stripe | Australia |
| Email delivery | Resend | United States |
4. Encryption
- In transit: All data transmitted between Client and TLK Source is encrypted using TLS 1.3 minimum.
- At rest: All stored data is encrypted using AES-256.
- Per-engagement: Each engagement's files are encrypted with a unique key, stored separately in Cloudflare Secrets Manager. Compromise of one engagement's key does not expose any other engagement's data.
5. Access controls
- No public access to any client data;
- Access restricted to authenticated Worker endpoints;
- Administrator access requires Cloudflare Access authentication, multi-factor authentication, and IP allowlisting;
- All access events logged to immutable audit log;
- Principle of least privilege applied to all service accounts.
6. Data processing
- Document parsing and data extraction performed on Cloudflare Workers (request-routed to nearest point of presence);
- AI-assisted narrative generation uses the Anthropic API (processing on US infrastructure);
- Anthropic API configured with zero data retention and no model training on client data;
- Benchmark comparison uses TLK Source's proprietary dataset stored in Australian-region Cloudflare D1.
7. Sub-processors
| Service | Purpose | Data processed | Location |
|---|---|---|---|
| Cloudflare Pty Ltd | Infrastructure (compute, storage, DNS, security) | All engagement data, metadata, audit logs | Australia |
| Stripe Payments Australia Pty Ltd | Payment processing | Payment card details, billing name, email, ABN | Australia |
| Resend | Transactional email | Email addresses, message content | United States |
| Anthropic PBC | AI inference | Extracted invoice data, rate card data (zero-retention) | United States |
8. Data retention
- Client commercial data: engagement duration + 30 days
- Engagement records: 7 years (tax/record-keeping compliance)
- Audit logs: 12 months
- Deletion certificates: indefinitely (as evidence of deletion)
9. Deletion procedures
Automated deletion:
- A scheduled Cloudflare Worker runs daily to identify engagements past their retention window;
- Matching data is permanently deleted from R2 storage;
- Per-engagement encryption keys are destroyed;
- A deletion certificate (PDF) is generated and stored;
- The deletion event is written to the audit log;
- Engagement status is updated to "deleted."
On-request deletion:
- Clients may request deletion of their data at any time by emailing hello@tlksource.com.au;
- Requests are processed within 24 hours during business days;
- A deletion certificate is provided confirming completion.
Verification:
- Deletion completeness is verified by automated checks against R2 storage and D1 database;
- Verification results are recorded in the audit log.
10. Data breach procedures
In the event of a suspected or confirmed data breach:
- Incident response team is notified immediately;
- Affected data is isolated and access revoked;
- Affected clients are notified within 72 hours if the breach is confirmed to affect their data;
- Regulatory authorities are notified as required under the Notifiable Data Breaches scheme (Privacy Act 1988);
- Remediation actions are taken to contain the breach and prevent recurrence;
- A post-incident report is provided to affected clients.
11. Monitoring and audit
- Comprehensive audit logging of all data access events;
- Weekly automated review of access logs for anomalies;
- Annual security review;
- Penetration testing conducted at least annually;
- Continuous uptime and error-rate monitoring.
12. Insurance
TLK Source maintains the following insurance coverage:
- Professional Indemnity insurance;
- Cyber Liability insurance;
- Public Liability insurance.
13. Client responsibilities
Clients are responsible for:
- Ensuring they have the right to submit the data provided to TLK Source;
- Redacting any data that is not required for freight audit analysis (e.g., employee personal data unrelated to freight operations);
- Maintaining the security of their own systems from which data is exported;
- Securely storing the Deliverables once received.
14. Contact
For detailed security questions or procurement documentation, email hello@tlksource.com.au.
TLK Source
ABN: 16 525 180 164
Australian-owned and operated